Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
xxadev
jenkins
提交
2066157d
J
jenkins
项目概览
xxadev
/
jenkins
与 Fork 源项目一致
从无法访问的项目Fork
通知
3
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
J
jenkins
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
2066157d
编写于
3月 18, 2011
作者:
K
Kohsuke Kawaguchi
浏览文件
操作
浏览文件
下载
差异文件
Merge branch 'oss'
上级
dfead9c3
04584b80
变更
2
隐藏空白更改
内联
并排
Showing
2 changed file
with
38 addition
and
19 deletion
+38
-19
core/src/main/java/hudson/model/UsageStatistics.java
core/src/main/java/hudson/model/UsageStatistics.java
+35
-12
test/src/test/java/hudson/model/UsageStatisticsTest.java
test/src/test/java/hudson/model/UsageStatisticsTest.java
+3
-7
未找到文件。
core/src/main/java/hudson/model/UsageStatistics.java
浏览文件 @
2066157d
...
...
@@ -38,6 +38,7 @@ import javax.crypto.CipherOutputStream;
import
javax.crypto.KeyGenerator
;
import
javax.crypto.SecretKey
;
import
javax.crypto.CipherInputStream
;
import
javax.crypto.spec.IvParameterSpec
;
import
javax.crypto.spec.SecretKeySpec
;
import
java.io.IOException
;
import
java.io.OutputStreamWriter
;
...
...
@@ -47,8 +48,11 @@ import java.io.FilterInputStream;
import
java.io.InputStream
;
import
java.io.DataInputStream
;
import
java.security.GeneralSecurityException
;
import
java.security.Key
;
import
java.security.KeyFactory
;
import
java.security.PublicKey
;
import
java.security.interfaces.RSAKey
;
import
java.security.interfaces.RSAPublicKey
;
import
java.security.spec.X509EncodedKeySpec
;
import
java.util.ArrayList
;
import
java.util.List
;
...
...
@@ -64,7 +68,7 @@ public class UsageStatistics extends PageDecorator {
/**
* Lazily computed {@link PublicKey} representation of {@link #keyImage}.
*/
private
volatile
transient
PublicKey
key
;
private
volatile
transient
RSA
PublicKey
key
;
/**
* When was the last time we asked a browser to send the usage stats for us?
...
...
@@ -99,16 +103,13 @@ public class UsageStatistics extends PageDecorator {
return
false
;
}
private
Cipher
getCipher
()
{
private
RSAPublicKey
getKey
()
{
try
{
if
(
key
==
null
)
{
KeyFactory
keyFactory
=
KeyFactory
.
getInstance
(
"RSA"
);
key
=
keyFactory
.
generatePublic
(
new
X509EncodedKeySpec
(
Util
.
fromHexString
(
keyImage
)));
key
=
(
RSAPublicKey
)
keyFactory
.
generatePublic
(
new
X509EncodedKeySpec
(
Util
.
fromHexString
(
keyImage
)));
}
Cipher
cipher
=
Secret
.
getCipher
(
"RSA"
);
cipher
.
init
(
Cipher
.
ENCRYPT_MODE
,
key
);
return
cipher
;
return
key
;
}
catch
(
GeneralSecurityException
e
)
{
throw
new
Error
(
e
);
// impossible
}
...
...
@@ -166,7 +167,7 @@ public class UsageStatistics extends PageDecorator {
ByteArrayOutputStream
baos
=
new
ByteArrayOutputStream
();
// json -> UTF-8 encode -> gzip -> encrypt -> base64 -> string
OutputStreamWriter
w
=
new
OutputStreamWriter
(
new
GZIPOutputStream
(
new
CombinedCipherOutputStream
(
baos
,
get
Cipher
(),
"AES"
)),
"UTF-8"
);
OutputStreamWriter
w
=
new
OutputStreamWriter
(
new
GZIPOutputStream
(
new
CombinedCipherOutputStream
(
baos
,
get
Key
(),
"AES"
)),
"UTF-8"
);
o
.
write
(
w
);
w
.
close
();
...
...
@@ -187,16 +188,21 @@ public class UsageStatistics extends PageDecorator {
super
(
out
);
// create a new symmetric cipher key used for this stream
SecretKey
symKey
=
KeyGenerator
.
getInstance
(
algorithm
).
generateKey
();
String
keyAlgorithm
=
getKeyAlgorithm
(
algorithm
);
SecretKey
symKey
=
KeyGenerator
.
getInstance
(
keyAlgorithm
).
generateKey
();
// place the symmetric key by encrypting it with asymmetric cipher
out
.
write
(
asym
.
doFinal
(
symKey
.
getEncoded
()));
// the rest of the data will be encrypted by this symmetric cipher
Cipher
sym
=
Secret
.
getCipher
(
algorithm
);
sym
.
init
(
Cipher
.
ENCRYPT_MODE
,
symKey
);
sym
.
init
(
Cipher
.
ENCRYPT_MODE
,
symKey
,
keyAlgorithm
.
equals
(
algorithm
)
?
null
:
new
IvParameterSpec
(
symKey
.
getEncoded
())
);
super
.
out
=
new
CipherOutputStream
(
out
,
sym
);
}
public
CombinedCipherOutputStream
(
OutputStream
out
,
RSAKey
key
,
String
algorithm
)
throws
IOException
,
GeneralSecurityException
{
this
(
out
,
toCipher
(
key
,
Cipher
.
ENCRYPT_MODE
),
algorithm
);
}
}
/**
...
...
@@ -211,16 +217,33 @@ public class UsageStatistics extends PageDecorator {
public
CombinedCipherInputStream
(
InputStream
in
,
Cipher
asym
,
String
algorithm
,
int
keyLength
)
throws
IOException
,
GeneralSecurityException
{
super
(
in
);
String
keyAlgorithm
=
getKeyAlgorithm
(
algorithm
);
// first read the symmetric key cipher
byte
[]
symKeyBytes
=
new
byte
[
keyLength
/
8
];
new
DataInputStream
(
in
).
readFully
(
symKeyBytes
);
SecretKey
symKey
=
new
SecretKeySpec
(
asym
.
doFinal
(
symKeyBytes
),
a
lgorithm
);
SecretKey
symKey
=
new
SecretKeySpec
(
asym
.
doFinal
(
symKeyBytes
),
keyA
lgorithm
);
// the rest of the data will be decrypted by this symmetric cipher
Cipher
sym
=
Secret
.
getCipher
(
algorithm
);
sym
.
init
(
Cipher
.
DECRYPT_MODE
,
symKey
);
sym
.
init
(
Cipher
.
DECRYPT_MODE
,
symKey
,
keyAlgorithm
.
equals
(
algorithm
)
?
null
:
new
IvParameterSpec
(
symKey
.
getEncoded
())
);
super
.
in
=
new
CipherInputStream
(
in
,
sym
);
}
public
CombinedCipherInputStream
(
InputStream
in
,
RSAKey
key
,
String
algorithm
)
throws
IOException
,
GeneralSecurityException
{
this
(
in
,
toCipher
(
key
,
Cipher
.
DECRYPT_MODE
),
algorithm
,
key
.
getModulus
().
bitLength
());
}
}
private
static
String
getKeyAlgorithm
(
String
algorithm
)
{
int
index
=
algorithm
.
indexOf
(
'/'
);
return
(
index
>
0
)?
algorithm
.
substring
(
0
,
index
):
algorithm
;
}
private
static
Cipher
toCipher
(
RSAKey
key
,
int
mode
)
throws
GeneralSecurityException
{
Cipher
cipher
=
Cipher
.
getInstance
(
"RSA"
);
cipher
.
init
(
mode
,
(
Key
)
key
);
return
cipher
;
}
/**
...
...
test/src/test/java/hudson/model/UsageStatisticsTest.java
浏览文件 @
2066157d
...
...
@@ -30,11 +30,10 @@ import net.sf.json.JSONObject;
import
org.apache.commons.io.IOUtils
;
import
org.jvnet.hudson.test.HudsonTestCase
;
import
javax.crypto.Cipher
;
import
java.io.ByteArrayInputStream
;
import
java.io.InputStreamReader
;
import
java.security.KeyFactory
;
import
java.security.PrivateKey
;
import
java.security.
interfaces.RSA
PrivateKey
;
import
java.security.spec.PKCS8EncodedKeySpec
;
import
java.util.zip.GZIPInputStream
;
...
...
@@ -54,14 +53,11 @@ public class UsageStatisticsTest extends HudsonTestCase {
System
.
out
.
println
(
data
);
KeyFactory
keyFactory
=
KeyFactory
.
getInstance
(
"RSA"
);
PrivateKey
priv
=
keyFactory
.
generatePrivate
(
new
PKCS8EncodedKeySpec
(
Util
.
fromHexString
(
privateKey
)));
Cipher
cipher
=
Cipher
.
getInstance
(
"RSA"
);
cipher
.
init
(
Cipher
.
DECRYPT_MODE
,
priv
);
RSAPrivateKey
priv
=
(
RSAPrivateKey
)
keyFactory
.
generatePrivate
(
new
PKCS8EncodedKeySpec
(
Util
.
fromHexString
(
privateKey
)));
byte
[]
cipherText
=
Base64
.
decode
(
data
.
toCharArray
());
InputStreamReader
r
=
new
InputStreamReader
(
new
GZIPInputStream
(
new
CombinedCipherInputStream
(
new
ByteArrayInputStream
(
cipherText
),
cipher
,
"AES"
,
1024
)),
"UTF-8"
);
new
CombinedCipherInputStream
(
new
ByteArrayInputStream
(
cipherText
),
priv
,
"AES"
)),
"UTF-8"
);
JSONObject
o
=
JSONObject
.
fromObject
(
IOUtils
.
toString
(
r
));
System
.
out
.
println
(
o
);
assertEquals
(
1
,
o
.
getInt
(
"stat"
));
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录