From f7a0bb1a348f68314f4a3f9a0525fd26350b9615 Mon Sep 17 00:00:00 2001 From: Kelly Rauchenberger Date: Fri, 22 Aug 2008 20:39:21 +0000 Subject: Update: Added pasword protection to Subversion Closes #40 --- .../com/fourisland/instadisc/update/svn/Main.java | 132 ++++++++++++++++++++- 1 file changed, 129 insertions(+), 3 deletions(-) (limited to 'update') diff --git a/update/plugin/subversion/trunk/src/com/fourisland/instadisc/update/svn/Main.java b/update/plugin/subversion/trunk/src/com/fourisland/instadisc/update/svn/Main.java index 16e2dd1..45c7485 100644 --- a/update/plugin/subversion/trunk/src/com/fourisland/instadisc/update/svn/Main.java +++ b/update/plugin/subversion/trunk/src/com/fourisland/instadisc/update/svn/Main.java @@ -3,9 +3,18 @@ package com.fourisland.instadisc.update.svn; import java.io.IOException; import java.net.MalformedURLException; import java.net.URL; +import java.security.InvalidAlgorithmParameterException; +import java.security.InvalidKeyException; +import java.security.NoSuchAlgorithmException; import java.util.Random; import java.util.logging.Level; import java.util.logging.Logger; +import javax.crypto.BadPaddingException; +import javax.crypto.Cipher; +import javax.crypto.IllegalBlockSizeException; +import javax.crypto.NoSuchPaddingException; +import javax.crypto.spec.IvParameterSpec; +import javax.crypto.spec.SecretKeySpec; import org.apache.xmlrpc.XmlRpcException; import org.apache.xmlrpc.client.XmlRpcClient; import org.apache.xmlrpc.client.XmlRpcClientConfigImpl; @@ -39,15 +48,54 @@ public class Main { { Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex); } - } + } String message = messBuilder.toString(); message = message.substring(0, message.indexOf("\n")); + String path = pathScheme.replace("__REV__", revision); + Random r = new Random(); int verID = r.nextInt(Integer.MAX_VALUE); + int encID = 0; - String path = pathScheme.replace("__REV__", revision); + if (args.length > 7) + { + encID = r.nextInt(Integer.MAX_VALUE); + MD5 md5 = new MD5(padright(args[7], new Integer(encID).toString(), 16).substring(0, 16)); + String key = md5.hash().substring(0, 16); + String iv = reverse(key); + + try + { + Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding"); + SecretKeySpec keySpec = new SecretKeySpec(key.getBytes(), "AES"); + IvParameterSpec ivSpec = new IvParameterSpec(iv.getBytes()); + cipher.init(Cipher.ENCRYPT_MODE, keySpec, ivSpec); + + message = new String(bytesToHex(cipher.doFinal(pad(message.getBytes())))).trim(); + author = new String(bytesToHex(cipher.doFinal(pad(author.getBytes())))).trim(); + path = new String(bytesToHex(cipher.doFinal(pad(path.getBytes())))).trim(); + } catch (IllegalBlockSizeException ex) + { + Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex); + } catch (BadPaddingException ex) + { + Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex); + } catch (InvalidKeyException ex) + { + Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex); + } catch (InvalidAlgorithmParameterException ex) + { + Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex); + } catch (NoSuchAlgorithmException ex) + { + Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex); + } catch (NoSuchPaddingException ex) + { + Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex); + } + } XmlRpcClientConfigImpl config = new XmlRpcClientConfigImpl(); config.setServerURL(new URL(centralServer)); @@ -60,7 +108,8 @@ public class Main { message, author, path, - "a:0:{}" + "a:0:{}", + encID }); if (resp == 2) @@ -85,4 +134,81 @@ public class Main { return args[arg]; } + + public static String reverse(String in) { + String out = ""; + int i = 0; + + for (i = 0; i < in.length(); i++) + { + out = in.charAt(i) + out; + } + + return out; + } + + public static String padright(String in, String pad, int len) { + while (in.length() < len) + { + in += pad; + } + + if (in.length() > len) + { + in = in.substring(0, len); + } + + return in; + } + + public static String bytesToHex(byte[] buffer) { + if (buffer == null) + { + return null; + } else + { + StringBuilder result = new StringBuilder(); + for (int i = 0; i < buffer.length; i++) + { + String hex = Integer.toHexString(Integer.decode(new Byte(buffer[i]).toString())); + result.append(padleft(hex.substring(max(hex.length() - 2, 0)), "0", 2)); + } + + return result.toString(); + } + } + + public static int max(int x, int y) { + return (x > y ? x : y); + } + + public static String padleft(String in, String pad, int len) { + while (in.length() < len) + { + in = pad + in; + } + + if (in.length() > len) + { + in = in.substring(0, len); + } + + return in; + } + + public static byte[] pad(byte[] buffer) + { + while (buffer.length % 16 != 0) + { + byte[] tmp = new byte[buffer.length+1]; + int i=0; + for (i=0;i