shiro-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From lhazlew...@apache.org
Subject svn commit: r1209665 - in /shiro/trunk/core/src/main/java/org/apache/shiro/crypto: AesCipherService.java BlowfishCipherService.java DefaultBlockCipherService.java
Date Fri, 02 Dec 2011 19:53:43 GMT
Author: lhazlewood
Date: Fri Dec  2 19:53:43 2011
New Revision: 1209665

URL: http://svn.apache.org/viewvc?rev=1209665&view=rev
Log:
SHIRO-328: implemented change and updated RELEASE-NOTES to capture any potential breaking
changes impacting applications.

Modified:
    shiro/trunk/core/src/main/java/org/apache/shiro/crypto/AesCipherService.java
    shiro/trunk/core/src/main/java/org/apache/shiro/crypto/BlowfishCipherService.java
    shiro/trunk/core/src/main/java/org/apache/shiro/crypto/DefaultBlockCipherService.java

Modified: shiro/trunk/core/src/main/java/org/apache/shiro/crypto/AesCipherService.java
URL: http://svn.apache.org/viewvc/shiro/trunk/core/src/main/java/org/apache/shiro/crypto/AesCipherService.java?rev=1209665&r1=1209664&r2=1209665&view=diff
==============================================================================
--- shiro/trunk/core/src/main/java/org/apache/shiro/crypto/AesCipherService.java (original)
+++ shiro/trunk/core/src/main/java/org/apache/shiro/crypto/AesCipherService.java Fri Dec 
2 19:53:43 2011
@@ -24,7 +24,7 @@ package org.apache.shiro.crypto;
  * The AES algorithm can support key sizes of {@code 128}, {@code 192} and {@code 256} bits<b>*</b>.
 This implementation
  * defaults to 128 bits.
  * <p/>
- * Note that this class retains the parent class's default {@link OperationMode#CFB CFB}
mode of operation
+ * Note that this class retains the parent class's default {@link OperationMode#CBC CBC}
mode of operation
  * instead of the typical JDK default of {@link OperationMode#ECB ECB}.  {@code ECB} should
not be used in
  * security-sensitive environments because {@code ECB} does not allow for initialization
vectors, which are
  * considered necessary for strong encryption.  See the {@link DefaultBlockCipherService
parent class}'s JavaDoc and the
@@ -59,7 +59,7 @@ public class AesCipherService extends De
      * </tr>
      * <tr>
      * <td>{@link #setMode mode}</td>
-     * <td>{@link OperationMode#CFB CFB}<b>*</b></td>
+     * <td>{@link OperationMode#CBC CBC}<b>*</b></td>
      * </tr>
      * <tr>
      * <td>{@link #setPaddingScheme paddingScheme}</td>
@@ -75,12 +75,12 @@ public class AesCipherService extends De
      * </tr>
      * </table>
      * <p/>
-     * <b>*</b> The {@link OperationMode#CFB CFB} operation mode is used instead
of the JDK default {@code ECB} to
+     * <b>*</b> The {@link OperationMode#CBC CBC} operation mode is used instead
of the JDK default {@code ECB} to
      * ensure strong encryption.  {@code ECB} should not be used in security-sensitive environments
- see the
      * {@link DefaultBlockCipherService DefaultBlockCipherService} class JavaDoc's &quot;Operation
Mode&quot; section
      * for more.
      * <p/>
-     * <b>**</b>In conjunction with the default {@code CFB} operation mode, initialization
vectors are generated by
+     * <b>**</b>In conjunction with the default {@code CBC} operation mode, initialization
vectors are generated by
      * default to ensure strong encryption.  See the {@link JcaCipherService JcaCipherService}
class JavaDoc for more.
      */
     public AesCipherService() {

Modified: shiro/trunk/core/src/main/java/org/apache/shiro/crypto/BlowfishCipherService.java
URL: http://svn.apache.org/viewvc/shiro/trunk/core/src/main/java/org/apache/shiro/crypto/BlowfishCipherService.java?rev=1209665&r1=1209664&r2=1209665&view=diff
==============================================================================
--- shiro/trunk/core/src/main/java/org/apache/shiro/crypto/BlowfishCipherService.java (original)
+++ shiro/trunk/core/src/main/java/org/apache/shiro/crypto/BlowfishCipherService.java Fri
Dec  2 19:53:43 2011
@@ -25,7 +25,7 @@ package org.apache.shiro.crypto;
  * modern cryptanalysis techniques render keys of 80 bits or less mostly worthless - use
{@code 128} or more whenever
  * possible.
  * <p/>
- * Note that this class retains the parent class's default {@link OperationMode#CFB CFB}
mode of operation
+ * Note that this class retains the parent class's default {@link OperationMode#CBC CBC}
mode of operation
  * instead of the typical JDK default of {@link OperationMode#ECB ECB}.  {@code ECB} should
not be used in
  * security-sensitive environments because {@code ECB} does not allow for initialization
vectors, which are
  * considered necessary for strong encryption.  See the {@link DefaultBlockCipherService
parent class}'s JavaDoc and the
@@ -61,7 +61,7 @@ public class BlowfishCipherService exten
      * </tr>
      * <tr>
      * <td>{@link #setMode mode}</td>
-     * <td>{@link OperationMode#CFB CFB}<b>*</b></td>
+     * <td>{@link OperationMode#CBC CBC}<b>*</b></td>
      * </tr>
      * <tr>
      * <td>{@link #setPaddingScheme paddingScheme}</td>
@@ -77,12 +77,12 @@ public class BlowfishCipherService exten
      * </tr>
      * </table>
      * <p/>
-     * <b>*</b> The {@link OperationMode#CFB CFB} operation mode is used instead
of the JDK default {@code ECB} to
+     * <b>*</b> The {@link OperationMode#CBC CBC} operation mode is used instead
of the JDK default {@code ECB} to
      * ensure strong encryption.  {@code ECB} should not be used in security-sensitive environments
- see the
      * {@link DefaultBlockCipherService DefaultBlockCipherService} class JavaDoc's &quot;Operation
Mode&quot; section
      * for more.
      * <p/>
-     * <b>**</b>In conjunction with the default {@code CFB} operation mode, initialization
vectors are generated by
+     * <b>**</b>In conjunction with the default {@code CBC} operation mode, initialization
vectors are generated by
      * default to ensure strong encryption.  See the {@link JcaCipherService JcaCipherService}
class JavaDoc for more.
      */
     public BlowfishCipherService() {

Modified: shiro/trunk/core/src/main/java/org/apache/shiro/crypto/DefaultBlockCipherService.java
URL: http://svn.apache.org/viewvc/shiro/trunk/core/src/main/java/org/apache/shiro/crypto/DefaultBlockCipherService.java?rev=1209665&r1=1209664&r2=1209665&view=diff
==============================================================================
--- shiro/trunk/core/src/main/java/org/apache/shiro/crypto/DefaultBlockCipherService.java
(original)
+++ shiro/trunk/core/src/main/java/org/apache/shiro/crypto/DefaultBlockCipherService.java
Fri Dec  2 19:53:43 2011
@@ -67,7 +67,7 @@ import org.apache.shiro.util.StringUtils
  * guarantees that the mode name will be recognized by the underlying JCA Provider.
  * <p/>
  * <b>*</b>If no operation mode is specified, Shiro defaults all of its block
{@code CipherService} instances to the
- * {@link OperationMode#CFB CFB} mode, specifically to support auto-generation of initialization
vectors during
+ * {@link OperationMode#CBC CBC} mode, specifically to support auto-generation of initialization
vectors during
  * encryption.  This is different than the JDK's default {@link OperationMode#ECB ECB} mode
because {@code ECB} does
  * not support initialization vectors, which are necessary for strong encryption.  See  the
  * {@link org.apache.shiro.crypto.JcaCipherService JcaCipherService parent class} class JavaDoc
for an extensive
@@ -117,9 +117,8 @@ import org.apache.shiro.util.StringUtils
  * for all three streaming configuration parameters.  The defaults are:
  * <ul>
  * <li>{@link #setStreamingBlockSize(int) streamingBlockSize} = {@code 8} (bits)</li>
- * <li>{@link #setStreamingMode streamingMode} = {@link OperationMode#CFB CFB}</li>
- * <li>{@link #setStreamingPaddingScheme(PaddingScheme) streamingPaddingScheme} = {@link
PaddingScheme#NONE none} (since
- * the block size is already the most atomic size of a single byte)</li>
+ * <li>{@link #setStreamingMode streamingMode} = {@link OperationMode#CBC CBC}</li>
+ * <li>{@link #setStreamingPaddingScheme(PaddingScheme) streamingPaddingScheme} = {@link
PaddingScheme#PKCS5 PKCS5}</li>
  * </ul>
  * <p/>
  * These attributes have the same meaning as the {@code mode}, {@code blockSize}, and {@code
paddingScheme} attributes
@@ -154,7 +153,7 @@ public class DefaultBlockCipherService e
      * Creates a new {@link DefaultBlockCipherService} using the specified block cipher {@code
algorithmName}.  Per this
      * class's JavaDoc, this constructor also sets the following defaults:
      * <ul>
-     * <li>{@code streamingMode} = {@link OperationMode#CFB CFB}</li>
+     * <li>{@code streamingMode} = {@link OperationMode#CBC CBC}</li>
      * <li>{@code streamingPaddingScheme} = {@link PaddingScheme#NONE none}</li>
      * <li>{@code streamingBlockSize} = 8</li>
      * </ul>
@@ -165,12 +164,12 @@ public class DefaultBlockCipherService e
     public DefaultBlockCipherService(String algorithmName) {
         super(algorithmName);
 
-        this.modeName = OperationMode.CFB.name();
+        this.modeName = OperationMode.CBC.name();
         this.paddingSchemeName = PaddingScheme.PKCS5.getTransformationName();
         this.blockSize = DEFAULT_BLOCK_SIZE; //0 = use the JCA provider's default
 
-        this.streamingModeName = OperationMode.CFB.name();
-        this.streamingPaddingSchemeName = PaddingScheme.NONE.getTransformationName();
+        this.streamingModeName = OperationMode.CBC.name();
+        this.streamingPaddingSchemeName = PaddingScheme.PKCS5.getTransformationName();
         this.streamingBlockSize = DEFAULT_STREAMING_BLOCK_SIZE;
     }
 
@@ -367,7 +366,7 @@ public class DefaultBlockCipherService e
      * {@link #decrypt(java.io.InputStream, java.io.OutputStream, byte[])}).
      * <p/>
      * Note that unlike the {@link #getModeName modeName} attribute, the default value of
this attribute is not
-     * {@code null} - it is {@link OperationMode#CFB CFB} for reasons described in the class-level
JavaDoc in the
+     * {@code null} - it is {@link OperationMode#CBC CBC} for reasons described in the class-level
JavaDoc in the
      * {@code Streaming} section.
      *
      * @return the transformation string mode name to be used for streaming operations only.
@@ -384,7 +383,7 @@ public class DefaultBlockCipherService e
 
     /**
      * Sets the transformation string mode name to be used for streaming operations only.
 The default value is
-     * {@link OperationMode#CFB CFB} for reasons described in the class-level JavaDoc in
the {@code Streaming} section.
+     * {@link OperationMode#CBC CBC} for reasons described in the class-level JavaDoc in
the {@code Streaming} section.
      *
      * @param streamingModeName transformation string mode name to be used for streaming
operations only
      */
@@ -400,7 +399,7 @@ public class DefaultBlockCipherService e
 
     /**
      * Sets the transformation string mode to be used for streaming operations only.  The
default value is
-     * {@link OperationMode#CFB CFB} for reasons described in the class-level JavaDoc in
the {@code Streaming} section.
+     * {@link OperationMode#CBC CBC} for reasons described in the class-level JavaDoc in
the {@code Streaming} section.
      *
      * @param mode the transformation string mode to be used for streaming operations only
      */
@@ -461,7 +460,7 @@ public class DefaultBlockCipherService e
     }
 
     private String buildStreamingTransformationString() {
-        return buildTransformationString(getStreamingModeName(), getStreamingPaddingSchemeName(),
getStreamingBlockSize());
+        return buildTransformationString(getStreamingModeName(), getStreamingPaddingSchemeName(),
0);
     }
 
     private String buildTransformationString(String modeName, String paddingSchemeName, int
blockSize) {



Mime
View raw message