Find Usages Diff Raw Download HTML Widget
Start line:  
End line:  

Snippet Preview

Snippet HTML Code

Stack Overflow Questions 
1
  /*
2
   * The MIT License
3
   * 
4
   * Copyright (c) 2004-2009, Sun Microsystems, Inc., Kohsuke Kawaguchi
5
   * 
6
   * Permission is hereby granted, free of charge, to any person obtaining a copy
7
   * of this software and associated documentation files (the "Software"), to deal
8
   * in the Software without restriction, including without limitation the rights
9
   * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10
  * copies of the Software, and to permit persons to whom the Software is
11
  * furnished to do so, subject to the following conditions:
12
  * 
13
  * The above copyright notice and this permission notice shall be included in
14
  * all copies or substantial portions of the Software.
15
  * 
16
  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17
  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18
  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
19
  * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20
  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21
  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
22
  * THE SOFTWARE.
23
  */
24
 package hudson.util;
25
 
32
 import  hudson.model.Hudson;
33
 import  hudson.Util;
34
 
Glorified String that uses encryption in the persisted form, to avoid accidental exposure of a secret.

Note that since the cryptography relies on Hudson.getSecretKey(), this is not meant as a protection against code running in the same VM, nor against an attacker who has local file system access.

Author(s):
Kohsuke Kawaguchi
49
 
50
 public final class Secret {
    
Unencrypted secret text. 
53
 
54
     private final String value;
55
 
56
     private Secret(String value) {
57
         this. = value;
58
     }

    
Obtains the secret in a plain text.

See also:
getEncryptedValue()
64
 
65
     public String toString() {
66
         return ;
67
     }
68
 
69
     public boolean equals(Object that) {
70
         return that instanceof Secret && .equals(((Secret)that).);
71
     }
72
 
73
     public int hashCode() {
74
         return .hashCode();
75
     }

    
Turns Hudson.getSecretKey() into an AES key. 
79
 
80
     private static SecretKey getKey() throws UnsupportedEncodingExceptionGeneralSecurityException {
81
         String secret = ;
82
         if(secret==null)    return Hudson.getInstance().getSecretKeyAsAES128();
83
         return Util.toAes128Key(secret);
84
     }

    
Encrypts value and returns it in an encoded printable form.

See also:
toString()
90
 
91
     public String getEncryptedValue() {
92
         try {
93
             Cipher cipher = Cipher.getInstance("AES");
94
             cipher.init(.getKey());
95
             // add the magic suffix which works like a check sum.
96
             return new String(Base64.encode(cipher.doFinal((+).getBytes("UTF-8"))));
97
         } catch (GeneralSecurityException e) {
98
             throw new Error(e); // impossible
99
         } catch (UnsupportedEncodingException e) {
100
            throw new Error(e); // impossible
101
        }
102
    }

    
Reverse operation of getEncryptedValue(). Returns null if the given cipher text was invalid. 
108
    public static Secret decrypt(String data) {
109
        if(data==null)      return null;
110
        try {
111
            Cipher cipher = Cipher.getInstance("AES");
112
            cipher.init(.getKey());
113
            String plainText = new String(cipher.doFinal(Base64.decode(data.toCharArray())), "UTF-8");
114
            if(plainText.endsWith())
115
                return new Secret(plainText.substring(0,plainText.length()-.length()));
116
            return null;
117
        } catch (GeneralSecurityException e) {
118
            return null;
119
        } catch (UnsupportedEncodingException e) {
120
            throw new Error(e); // impossible
121
        } catch (IOException e) {
122
            return null;
123
        }
124
    }

    
Attempts to treat the given string first as a cipher text, and if it doesn't work, treat the given string as the unencrypted secret value.

Useful for recovering a value from a form field.

Returns:
never null
135
    public static Secret fromString(String data) {
136
        Secret s = decrypt(data);
137
        if(s==nulls=new Secret(data);
138
        return s;
139
    }
141
    public static final class ConverterImpl implements Converter {
142
        public ConverterImpl() {
143
        }
145
        public boolean canConvert(Class type) {
146
            return type==Secret.class;
147
        }
149
        public void marshal(Object sourceHierarchicalStreamWriter writerMarshallingContext context) {
150
            Secret src = (Secretsource;
151
            writer.setValue(src.getEncryptedValue());
152
        }
154
        public Object unmarshal(HierarchicalStreamReader readerfinal UnmarshallingContext context) {
155
            return Secret.decrypt(reader.getValue());
156
        }
157
    }
159
    private static final String MAGIC = "::::MAGIC::::";

    
For testing only. Override the secret key so that we can test this class without Hudson. 
164
    /*package*/ static String SECRET = null;
New to GrepCode? Check out our FAQ X