01: /**
02: * Licensed to the Apache Software Foundation (ASF) under one or more
03: * contributor license agreements. See the NOTICE file distributed with
04: * this work for additional information regarding copyright ownership.
05: * The ASF licenses this file to You under the Apache License, Version 2.0
06: * (the "License"); you may not use this file except in compliance with
07: * the License. You may obtain a copy of the License at
08: *
09: * http://www.apache.org/licenses/LICENSE-2.0
10: *
11: * Unless required by applicable law or agreed to in writing, software
12: * distributed under the License is distributed on an "AS IS" BASIS,
13: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14: * See the License for the specific language governing permissions and
15: * limitations under the License.
16: */package org.apache.geronimo.crypto;
17:
18: import java.io.ByteArrayOutputStream;
19: import java.io.ObjectOutputStream;
20: import java.io.Serializable;
21: import java.io.ObjectInputStream;
22: import java.io.ByteArrayInputStream;
23: import javax.crypto.spec.SecretKeySpec;
24: import javax.crypto.Cipher;
25: import javax.crypto.SealedObject;
26: import org.apache.geronimo.crypto.encoders.Base64;
27: import org.apache.commons.logging.Log;
28: import org.apache.commons.logging.LogFactory;
29:
30: /**
31: * This class protects some value BY ENCRYPTING WITH A KNOWN KEY. That is
32: * to say, it's only safe against anyone who can't read the source code.
33: * So the main idea is to protect against casual observers.
34: *
35: * If someone has a better idea for how to implement encryption with a
36: * non-obvious key that the user isn't likely to change during the normal
37: * course of working with the server, I'd be happy to hear it. (But I
38: * assume the SSL keystore is likely to be changed, which would result
39: * in losing all the "encrypted" data.
40: *
41: * @version $Rev: 617737 $ $Date: 2008-02-01 17:39:58 -0800 (Fri, 01 Feb 2008) $
42: */
43: public final class SimpleEncryption extends AbstractEncryption {
44:
45: public final static SimpleEncryption INSTANCE = new SimpleEncryption();
46: private final static SecretKeySpec SECRET_KEY = new SecretKeySpec(
47: new byte[] { (byte) -45, (byte) -15, (byte) 100,
48: (byte) -34, (byte) 70, (byte) 83, (byte) 75,
49: (byte) -100, (byte) -75, (byte) 61, (byte) 26,
50: (byte) 114, (byte) -20, (byte) -58, (byte) 114,
51: (byte) 77 }, "AES");
52:
53: private SimpleEncryption() {
54: }
55:
56: protected SecretKeySpec getSecretKeySpec() {
57: return SECRET_KEY;
58: }
59: }
|