/** * Scrambles a char array overwriting all characters with random characters, used for scrambling * plain text passwords after usage to avoid keeping them around in memory. */ public static void scramble(char[] ch) { if (ch == null) return; RandomPasswordProvider rpp = new RandomPasswordProvider(); rpp.getRandomPassword(ch); }
/** * Creates initial key entries auto generated keys {@link #CONFIGPASSWORDKEY} * * @throws IOException */ protected void addInitialKeys() throws IOException { // TODO:scramble RandomPasswordProvider randPasswdProvider = getSecurityManager().getRandomPassworddProvider(); char[] configKey = randPasswdProvider.getRandomPasswordWithDefaultLength(); setSecretKey(CONFIGPASSWORDKEY, configKey); }
/** * Creates a random password of the specified length, if length <=0, return <code>null</code> */ public char[] getRandomPassword(int length) { if (length <= 0) return null; char[] buff = new char[length]; getRandomPassword(buff); return buff; }
getSecurityManager() .getRandomPassworddProvider() .getRandomPasswordWithDefaultLength()); prov.storeKeyStore();
public char[] getRandomPasswordWithDefaultLength() { char[] buff = new char[DefaultPasswordLength]; getRandomPassword(buff); return buff; }
@Override public void initializeFromConfig(SecurityNamedServiceConfig config) throws IOException { this.name = config.getName(); SecurityUserGroupServiceConfig ugConfig = (SecurityUserGroupServiceConfig) config; passwordEncoderName = ugConfig.getPasswordEncoderName(); GeoServerPasswordEncoder enc = getSecurityManager().loadPasswordEncoder(passwordEncoderName); if (enc.getEncodingType() == PasswordEncodingType.ENCRYPT) { KeyStoreProvider prov = getSecurityManager().getKeyStoreProvider(); String alias = prov.aliasForGroupService(name); if (prov.containsAlias(alias) == false) { prov.setUserGroupKey( name, getSecurityManager() .getRandomPassworddProvider() .getRandomPasswordWithDefaultLength()); prov.storeKeyStore(); } } enc.initializeFor(this); passwordValidatorName = ugConfig.getPasswordPolicyName(); toBeEncrypted = (((MemoryUserGroupServiceConfigImpl) config).getToBeEncrypted()); } }
/** * Scrambles a byte array overwriting all characters with random characters, used for scrambling * plain text passwords after usage to avoid keeping them around in memory. */ public static void scramble(byte[] ch) { if (ch == null) return; RandomPasswordProvider rpp = new RandomPasswordProvider(); rpp.getRandomPassword(ch); } /** Builds the write query based on the access limits class */
} else { message = "The generated master password is: "; masterPasswordArray = getRandomPassworddProvider().getRandomPassword(8); writeMasterPasswordInfo(info, message, masterPasswordArray);
protected ICrypt getEncrypterFromSession(HttpSession s) { ICrypt result = (ICrypt) s.getAttribute(ICRYPT_ATTR_NAME); if (result != null) return result; GeoServerSecurityManager manager = GeoServerApplication.get().getSecurityManager(); char[] key = manager.getRandomPassworddProvider().getRandomPasswordWithDefaultLength(); StandardPBEByteEncryptor enc = new StandardPBEByteEncryptor(); enc.setPasswordCharArray(key); // since the password is copied, we can scramble it manager.disposePassword(key); if (manager.isStrongEncryptionAvailable()) { enc.setProvider(new BouncyCastleProvider()); enc.setAlgorithm("PBEWITHSHA256AND128BITAES-CBC-BC"); } else // US export restrictions enc.setAlgorithm("PBEWITHMD5ANDDES"); result = new CryptImpl(enc); s.setAttribute(ICRYPT_ATTR_NAME, result); return result; } }
keyStoreProvider.reloadKeyStore(); keyStoreProvider.setUserGroupKey( XMLUserGroupService.DEFAULT_NAME, randomPasswdProvider.getRandomPassword(32)); keyStoreProvider.storeKeyStore();
protected ICrypt getEncrypterFromSession(HttpSession s) { ICrypt result = (ICrypt) s.getAttribute(ICRYPT_ATTR_NAME); if (result !=null) return result; GeoServerSecurityManager manager = GeoServerApplication.get().getSecurityManager(); char[] key = manager.getRandomPassworddProvider().getRandomPasswordWithDefaultLength(); StandardPBEByteEncryptor enc = new StandardPBEByteEncryptor(); enc.setPasswordCharArray(key); // since the password is copied, we can scramble it manager.disposePassword(key); if (manager.isStrongEncryptionAvailable()) { enc.setProvider(new BouncyCastleProvider()); enc.setAlgorithm("PBEWITHSHA256AND128BITAES-CBC-BC"); } else // US export restrictions enc.setAlgorithm("PBEWITHMD5ANDDES"); result= new CryptImpl(enc); s.setAttribute(ICRYPT_ATTR_NAME, result); return result; } }
if (prov.containsAlias(alias)==false) { prov.setUserGroupKey(name, getSecurityManager().getRandomPassworddProvider().getRandomPasswordWithDefaultLength()); prov.storeKeyStore();
char[] urlKey = rpp.getRandomPasswordWithDefaultLength(); char[] urlKey2 = rpp.getRandomPasswordWithDefaultLength();