From 4dae9931f6d05a6c7a17ea01854dbb7c97cc2c14 Mon Sep 17 00:00:00 2001 From: j-dimension Date: Tue, 27 Aug 2024 18:24:19 +0200 Subject: [PATCH] speedup / refactoring --- .../jlawyer/client/ConnectionProfiles.java | 21 +- .../client/ImportConnectionProfileDialog.java | 12 +- .../jlawyer/client/LoginDialog.java | 45 +- .../jlawyer/client/bea/BeaInboxPanel.java | 4 +- .../jlawyer/client/bea/BeaLoginDialog.java | 4 +- .../jlawyer/client/cloud/CloudInstance.java | 4 +- .../configuration/AddressBookSetupDialog.java | 6 +- .../AssistantPromptSetupDialog.java | 1 - .../configuration/AssistantSetupDialog.form | 3 - .../configuration/AssistantSetupDialog.java | 6 +- .../configuration/CalendarSetupDialog.java | 8 +- .../configuration/MailboxSetupDialog.java | 10 +- .../UserAdministrationDialog.java | 16 +- .../configuration/WebHookSetupDialog.java | 6 +- .../client/editors/AutoUpdateTimerTask.java | 4 +- .../jlawyer/client/mail/EmailInboxPanel.java | 4 +- .../jlawyer/client/mail/EmailUtils.java | 16 +- .../jlawyer/client/mail/SendAction.java | 6 +- .../client/mail/SendEncryptedAction.java | 6 +- .../jlawyer/client/voip/EpostTeaserPanel.java | 4 +- .../jlawyer/security/CachingCrypto.java | 782 ++++++++++++++++++ .../jlawyer/security/CryptoProvider.java | 691 ++++++++++++++++ .../jlawyer/events/CustomHooksService.java | 4 +- .../jlawyer/services/CalendarSyncService.java | 5 +- .../jlawyer/services/ContactSyncService.java | 4 +- .../jlawyer/services/DrebisService.java | 8 +- .../jlawyer/services/IntegrationService.java | 12 +- .../jlawyer/services/VoipService.java | 16 +- .../jlawyer/timer/MailboxScannerTask.java | 6 +- 29 files changed, 1608 insertions(+), 106 deletions(-) create mode 100644 j-lawyer-server-common/src/com/jdimension/jlawyer/security/CachingCrypto.java create mode 100644 j-lawyer-server-common/src/com/jdimension/jlawyer/security/CryptoProvider.java diff --git a/j-lawyer-client/src/com/jdimension/jlawyer/client/ConnectionProfiles.java b/j-lawyer-client/src/com/jdimension/jlawyer/client/ConnectionProfiles.java index 2d11f978f..e236ae9fc 100644 --- a/j-lawyer-client/src/com/jdimension/jlawyer/client/ConnectionProfiles.java +++ b/j-lawyer-client/src/com/jdimension/jlawyer/client/ConnectionProfiles.java @@ -663,12 +663,14 @@ You should also get your employer (if you work as a programmer) or school, */ package com.jdimension.jlawyer.client; -import com.jdimension.jlawyer.security.Crypto; +import com.jdimension.jlawyer.security.CachingCrypto; +import com.jdimension.jlawyer.security.CryptoProvider; import java.awt.Component; import java.io.File; import java.io.FileInputStream; import java.io.FileOutputStream; import java.io.StringReader; +import java.security.GeneralSecurityException; import java.util.ArrayList; import java.util.Collections; import java.util.List; @@ -686,15 +688,17 @@ public class ConnectionProfiles { private static ConnectionProfiles instance = null; private final String connectionDir = System.getProperty("user.home") + File.separator + ".j-lawyer-client" + File.separator + "connections"; + private CachingCrypto crypto=null; - private ConnectionProfiles() { + private ConnectionProfiles() throws GeneralSecurityException { File dir = new File(connectionDir); if (!dir.exists()) { dir.mkdirs(); } + this.crypto=CryptoProvider.newCrypto(System.getProperty("user.name").toCharArray()); } - public static synchronized ConnectionProfiles getInstance() { + public static synchronized ConnectionProfiles getInstance() throws GeneralSecurityException { if (instance == null) { instance = new ConnectionProfiles(); } @@ -756,7 +760,7 @@ private ConnectionProfile loadProfile(Properties props, Component caller) { String pwd = props.getProperty("sshpwd").trim(); try { if (pwd.length() > 0) { - pwd = Crypto.decrypt(pwd, System.getProperty("user.name").toCharArray()); + pwd = getCrypto().decrypt(pwd); } } catch (Throwable t) { log.error("Unable to decrypt tunnel SSH password", t); @@ -851,7 +855,7 @@ private Properties toProperties(ConnectionProfile profile) throws Exception { props.setProperty("securitymode", profile.getSecurityMode()); props.setProperty("server", profile.getServer()); props.setProperty("sshhost", profile.getSshHost()); - String pwd=Crypto.encrypt(profile.getSshPassword(), System.getProperty("user.name").toCharArray()); + String pwd=getCrypto().encrypt(profile.getSshPassword()); props.setProperty("sshpwd", pwd); props.setProperty("sshport", profile.getSshPort()); props.setProperty("sshtargetport", profile.getSshTargetPort()); @@ -860,4 +864,11 @@ private Properties toProperties(ConnectionProfile profile) throws Exception { return props; } + /** + * @return the crypto + */ + public CachingCrypto getCrypto() { + return crypto; + } + } diff --git a/j-lawyer-client/src/com/jdimension/jlawyer/client/ImportConnectionProfileDialog.java b/j-lawyer-client/src/com/jdimension/jlawyer/client/ImportConnectionProfileDialog.java index 22d0f93f3..edceab1cf 100644 --- a/j-lawyer-client/src/com/jdimension/jlawyer/client/ImportConnectionProfileDialog.java +++ b/j-lawyer-client/src/com/jdimension/jlawyer/client/ImportConnectionProfileDialog.java @@ -670,15 +670,18 @@ You should also get your employer (if you work as a programmer) or school, public class ImportConnectionProfileDialog extends javax.swing.JDialog { private ConnectionProfile profile=null; - + ConnectionProfiles connections=null; + /** * Creates new form ImportConnectionProfileDialog * @param parent * @param modal */ - public ImportConnectionProfileDialog(java.awt.Frame parent, boolean modal) { + public ImportConnectionProfileDialog(java.awt.Frame parent, boolean modal, ConnectionProfiles connections) { super(parent, modal); + this.connections=connections; initComponents(); + } /** @@ -754,8 +757,7 @@ private void cmdCancelActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIR }//GEN-LAST:event_cmdCancelActionPerformed private void cmdImportActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_cmdImportActionPerformed - ConnectionProfiles connections=ConnectionProfiles.getInstance(); - this.profile=connections.fromPropertiesString(this.jTextArea1.getText(), this); + this.profile=this.connections.fromPropertiesString(this.jTextArea1.getText(), this); this.setVisible(false); this.dispose(); }//GEN-LAST:event_cmdImportActionPerformed @@ -793,7 +795,7 @@ public static void main(String args[]) { /* Create and display the dialog */ java.awt.EventQueue.invokeLater(() -> { - ImportConnectionProfileDialog dialog = new ImportConnectionProfileDialog(new javax.swing.JFrame(), true); + ImportConnectionProfileDialog dialog = new ImportConnectionProfileDialog(new javax.swing.JFrame(), true, null); dialog.addWindowListener(new java.awt.event.WindowAdapter() { @Override public void windowClosing(java.awt.event.WindowEvent e) { diff --git a/j-lawyer-client/src/com/jdimension/jlawyer/client/LoginDialog.java b/j-lawyer-client/src/com/jdimension/jlawyer/client/LoginDialog.java index c91f83b5e..9fb117635 100755 --- a/j-lawyer-client/src/com/jdimension/jlawyer/client/LoginDialog.java +++ b/j-lawyer-client/src/com/jdimension/jlawyer/client/LoginDialog.java @@ -673,7 +673,6 @@ import com.jdimension.jlawyer.client.utils.ThreadUtils; import com.jdimension.jlawyer.client.utils.VersionUtils; import com.jdimension.jlawyer.jlawyerbox.BoxAccess; -import com.jdimension.jlawyer.security.Crypto; import com.jdimension.jlawyer.services.JLawyerServiceLocator; import com.jdimension.jlawyer.services.SecurityServiceRemote; import com.jdimension.jlawyer.services.SystemManagementRemote; @@ -710,6 +709,8 @@ public class LoginDialog extends javax.swing.JFrame { private StartupSplashFrame splash = null; private String initialStatus = null; + + private ConnectionProfiles connections=null; /** * Creates new form LoginDialog @@ -730,6 +731,14 @@ public LoginDialog(String initialStatus, String cmdHost, String cmdPort, String initComponents(); this.lblAutoUpdate.setText(" "); + + try { + this.connections=ConnectionProfiles.getInstance(); + } catch (Throwable t) { + log.error("Could not instantiate cryptography", t); + JOptionPane.showMessageDialog(null, "Fehler im Kryptographiesystem:" + System.lineSeparator() + t.getMessage(), "Fehler", JOptionPane.ERROR_MESSAGE); + System.exit(-1); + } Color highlightColor = new Color(DefaultColorTheme.COLOR_DARK_GREY.getRed(), DefaultColorTheme.COLOR_DARK_GREY.getGreen(), DefaultColorTheme.COLOR_DARK_GREY.getBlue(), 170); this.jPanel5.setBackground(highlightColor); @@ -843,7 +852,6 @@ public void focusGained(java.awt.event.FocusEvent evt) { this.initialStatus = initialStatus; ClientSettings settings = ClientSettings.getInstance(); - ConnectionProfiles connections = ConnectionProfiles.getInstance(); String lastConnectionName = settings.getConfiguration(ClientSettings.CONF_LASTCONNECTION, null); if (lastConnectionName == null) { // migration and initialization logic - first call of the client or first call after an update @@ -856,7 +864,7 @@ public void focusGained(java.awt.event.FocusEvent evt) { String p = settings.getConfiguration(ClientSettings.CONF_LASTSSHPWD, ""); try { if (p.length() > 0) { - p = Crypto.decrypt(p, System.getProperty("user.name").toCharArray()); + p = this.connections.getCrypto().decrypt(p); } } catch (Throwable t) { log.error("Unable to decrypt tunnel SSH password", t); @@ -873,7 +881,7 @@ public void focusGained(java.awt.event.FocusEvent evt) { } } - List allProfiles = connections.getAllProfiles(); + List allProfiles = this.connections.getAllProfiles(); DefaultComboBoxModel allConnections1 = new DefaultComboBoxModel(); DefaultComboBoxModel allConnections2 = new DefaultComboBoxModel(); for (ConnectionProfile p : allProfiles) { @@ -1668,6 +1676,8 @@ private void loginPerformed(boolean saveProfile) { launching = true; this.cmdLogin.setEnabled(false); + log.info("login: initiated"); + long loginStart=System.currentTimeMillis(); ClientSettings settings = ClientSettings.getInstance(); int sourcePort = -1; if (this.rdSecTunnel.isSelected()) { @@ -1701,6 +1711,7 @@ private void loginPerformed(boolean saveProfile) { } } + log.info("login: saving last settings"); // BEGIN: required because backup configuration dialog needs it for constructing URL for ad hoc backups settings.setConfiguration(ClientSettings.CONF_LASTPORTDYN, this.txtPort.getText()); settings.setConfiguration(ClientSettings.CONF_LASTSERVER, this.txtServer.getText()); @@ -1714,6 +1725,7 @@ private void loginPerformed(boolean saveProfile) { } // END + log.info("login: initiating lookups"); Properties properties = new Properties(); if (this.rdSecSsl.isSelected()) { //properties.put(Context.URL_PKG_PREFIXES, "org.jboss.ejb.client.naming"); @@ -1756,6 +1768,7 @@ private void loginPerformed(boolean saveProfile) { settings.setLookupProperties(properties); + log.info("login: logging in..."); // try connecting to see whether the loginContext.login succeeded try { JLawyerServiceLocator locator = JLawyerServiceLocator.getInstance(settings.getLookupProperties()); @@ -1784,13 +1797,16 @@ private void loginPerformed(boolean saveProfile) { return; } + log.info("login: logged in."); settings.setConfiguration(ClientSettings.CONF_LASTCONNECTION, this.cmbCurrentConnection.getSelectedItem().toString()); if (saveProfile) { + log.info("login: saving profile"); // save profile in case user changed the user name this.cmdSaveProfileActionPerformed(null); } + log.info("login: version check"); String serverVersion = VersionUtils.getServerVersion(); String currentClientVersion = VersionUtils.getFullClientVersion(); String latestClientVersion = VersionUtils.getLatestClientVersionForServer(serverVersion); @@ -1863,6 +1879,7 @@ private void loginPerformed(boolean saveProfile) { } + log.info("login: checking client-server compatibility"); if (!VersionUtils.isCompatible(serverVersion, currentClientVersion)) { int response = JOptionPane.showConfirmDialog(this, java.text.MessageFormat.format(java.util.ResourceBundle.getBundle("com/jdimension/jlawyer/client/LoginDialog").getString("msg.compatibilitycheck.failed"), new Object[]{currentClientVersion, serverVersion, System.getProperty("line.separator")}), java.util.ResourceBundle.getBundle("com/jdimension/jlawyer/client/LoginDialog").getString("msg.compatibilitycheck"), JOptionPane.YES_NO_OPTION); if (response == JOptionPane.NO_OPTION) { @@ -1874,6 +1891,7 @@ private void loginPerformed(boolean saveProfile) { this.setVisible(false); + log.info("login: initiating splash frame"); splash = new StartupSplashFrame(); FrameUtils.centerFrame(splash, null); @@ -1886,6 +1904,7 @@ private void loginPerformed(boolean saveProfile) { splash.addStatus(System.getProperty("line.separator")); splash.repaint(); + log.info("login: launching splash thread, login procedure took " + (System.currentTimeMillis()-loginStart)); new Thread(new SplashThread(splash, settings, this)).start(); } @@ -1902,8 +1921,7 @@ private void rdSecTunnelActionPerformed(java.awt.event.ActionEvent evt) {//GEN-F }//GEN-LAST:event_rdSecTunnelActionPerformed private void cmbProfileActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_cmbProfileActionPerformed - ConnectionProfiles connections = ConnectionProfiles.getInstance(); - ConnectionProfile profile = connections.getProfile(this.cmbProfile.getSelectedItem().toString()); + ConnectionProfile profile = this.connections.getProfile(this.cmbProfile.getSelectedItem().toString()); if (profile != null) { this.txtPort.setText(profile.getPort()); @@ -1938,8 +1956,7 @@ private void txtServerFocusLost(java.awt.event.FocusEvent evt) {//GEN-FIRST:even }//GEN-LAST:event_txtServerFocusLost private void cmdSaveProfileActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_cmdSaveProfileActionPerformed - ConnectionProfiles profiles = ConnectionProfiles.getInstance(); - ConnectionProfile profile = profiles.getProfile(this.cmbProfile.getSelectedItem().toString()); + ConnectionProfile profile = this.connections.getProfile(this.cmbProfile.getSelectedItem().toString()); if (profile != null) { profile.setPort(this.txtPort.getText()); profile.setSecurityMode(SECMODE_STANDARD); @@ -1957,7 +1974,7 @@ private void cmdSaveProfileActionPerformed(java.awt.event.ActionEvent evt) {//GE profile.setSshUser(this.txtSshUser.getText()); profile.setUser(this.txtUser.getText()); try { - profiles.saveProfile(profile); + this.connections.saveProfile(profile); } catch (Exception ex) { log.error("Unable to save profile", ex); JOptionPane.showMessageDialog(this, "Profil konnte nicht gespeichert werden", "Profil speichern", JOptionPane.ERROR_MESSAGE); @@ -1966,9 +1983,8 @@ private void cmdSaveProfileActionPerformed(java.awt.event.ActionEvent evt) {//GE }//GEN-LAST:event_cmdSaveProfileActionPerformed private void cmdDeleteProfileActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_cmdDeleteProfileActionPerformed - ConnectionProfiles profiles = ConnectionProfiles.getInstance(); String selected = this.cmbProfile.getSelectedItem().toString(); - profiles.removeProfile(selected); + this.connections.removeProfile(selected); ((DefaultComboBoxModel) this.cmbProfile.getModel()).removeElement(selected); ((DefaultComboBoxModel) this.cmbCurrentConnection.getModel()).removeElement(selected); this.cmbCurrentConnection.setSelectedItem(this.cmbCurrentConnection.getSelectedItem()); @@ -1980,14 +1996,13 @@ private void cmdAddProfileActionPerformed(java.awt.event.ActionEvent evt) {//GEN return; } - ConnectionProfiles profiles = ConnectionProfiles.getInstance(); ConnectionProfile newProfile = new ConnectionProfile(); newProfile.setName(newNameObject.toString()); newProfile.setServer("localhost"); newProfile.setPort("8080"); newProfile.setSecurityMode(SECMODE_STANDARD); try { - profiles.addProfile(newProfile); + this.connections.addProfile(newProfile); ((DefaultComboBoxModel) this.cmbProfile.getModel()).addElement(newNameObject.toString()); ((DefaultComboBoxModel) this.cmbCurrentConnection.getModel()).addElement(newNameObject.toString()); this.cmbCurrentConnection.setSelectedItem(newNameObject.toString()); @@ -1999,14 +2014,14 @@ private void cmdAddProfileActionPerformed(java.awt.event.ActionEvent evt) {//GEN }//GEN-LAST:event_cmdAddProfileActionPerformed private void cmdImportProfileActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_cmdImportProfileActionPerformed - ImportConnectionProfileDialog dlg = new ImportConnectionProfileDialog(this, true); + ImportConnectionProfileDialog dlg = new ImportConnectionProfileDialog(this, true,this.connections); dlg.setTitle("Profil aus Zwischenablage einfügen"); FrameUtils.centerDialog(dlg, this); dlg.setVisible(true); ConnectionProfile profile = dlg.getProfile(); if (profile != null) { try { - ConnectionProfiles.getInstance().addProfile(profile); + this.connections.addProfile(profile); ((DefaultComboBoxModel) this.cmbProfile.getModel()).addElement(profile.getName()); ((DefaultComboBoxModel) this.cmbCurrentConnection.getModel()).addElement(profile.getName()); this.cmbCurrentConnection.setSelectedItem(profile.getName()); diff --git a/j-lawyer-client/src/com/jdimension/jlawyer/client/bea/BeaInboxPanel.java b/j-lawyer-client/src/com/jdimension/jlawyer/client/bea/BeaInboxPanel.java index da1df580e..0adb85a80 100755 --- a/j-lawyer-client/src/com/jdimension/jlawyer/client/bea/BeaInboxPanel.java +++ b/j-lawyer-client/src/com/jdimension/jlawyer/client/bea/BeaInboxPanel.java @@ -693,7 +693,7 @@ import com.jdimension.jlawyer.persistence.ArchiveFileBean; import com.jdimension.jlawyer.persistence.ArchiveFileDocumentsBean; import com.jdimension.jlawyer.persistence.CaseFolder; -import com.jdimension.jlawyer.security.Crypto; +import com.jdimension.jlawyer.security.CryptoProvider; import com.jdimension.jlawyer.services.AddressServiceRemote; import com.jdimension.jlawyer.services.ArchiveFileServiceRemote; import com.jdimension.jlawyer.services.JLawyerServiceLocator; @@ -893,7 +893,7 @@ private void initWithCertificate() throws BeaWrapperException { AppUserBean cu = UserSettings.getInstance().getCurrentUser(); String pwd = null; try { - pwd = Crypto.decrypt(cu.getBeaCertificatePassword()); + pwd = CryptoProvider.defaultCrypto().decrypt(cu.getBeaCertificatePassword()); } catch (GeneralSecurityException | IOException ge) { log.error("Unable to decrypt beA certificate password"); throw new BeaWrapperException(ge); diff --git a/j-lawyer-client/src/com/jdimension/jlawyer/client/bea/BeaLoginDialog.java b/j-lawyer-client/src/com/jdimension/jlawyer/client/bea/BeaLoginDialog.java index 2b0742cab..9bf02ebef 100755 --- a/j-lawyer-client/src/com/jdimension/jlawyer/client/bea/BeaLoginDialog.java +++ b/j-lawyer-client/src/com/jdimension/jlawyer/client/bea/BeaLoginDialog.java @@ -667,7 +667,7 @@ import com.jdimension.jlawyer.client.settings.UserSettings; import com.jdimension.jlawyer.client.utils.ThreadUtils; import com.jdimension.jlawyer.persistence.AppUserBean; -import com.jdimension.jlawyer.security.Crypto; +import com.jdimension.jlawyer.security.CryptoProvider; import java.awt.Color; import javax.swing.JDialog; import javax.swing.JFrame; @@ -941,7 +941,7 @@ private void cmdCertificateLoginActionPerformed(java.awt.event.ActionEvent evt) lblCertLogin.setText("Verbinde zum beA... einloggen..."); AppUserBean cu = UserSettings.getInstance().getCurrentUser(); - BeaAccess bea = BeaAccess.getInstance(cu.getBeaCertificate(), Crypto.decrypt(cu.getBeaCertificatePassword())); + BeaAccess bea = BeaAccess.getInstance(cu.getBeaCertificate(), CryptoProvider.defaultCrypto().decrypt(cu.getBeaCertificatePassword())); bea.login(); lblCertLogin.setText("Verbinde zum beA... laden..."); if (callback != null) { diff --git a/j-lawyer-client/src/com/jdimension/jlawyer/client/cloud/CloudInstance.java b/j-lawyer-client/src/com/jdimension/jlawyer/client/cloud/CloudInstance.java index ddc40c34c..00f6af5b8 100644 --- a/j-lawyer-client/src/com/jdimension/jlawyer/client/cloud/CloudInstance.java +++ b/j-lawyer-client/src/com/jdimension/jlawyer/client/cloud/CloudInstance.java @@ -665,7 +665,7 @@ You should also get your employer (if you work as a programmer) or school, import com.jdimension.jlawyer.client.utils.FileUtils; import com.jdimension.jlawyer.persistence.AppUserBean; -import com.jdimension.jlawyer.security.Crypto; +import com.jdimension.jlawyer.security.CryptoProvider; import java.io.File; import java.util.ArrayList; import java.util.List; @@ -734,7 +734,7 @@ public static CloudInstance getInstance(AppUserBean user) { String pwd=null; try { - pwd=Crypto.decrypt(user.getCloudPassword()); + pwd=CryptoProvider.defaultCrypto().decrypt(user.getCloudPassword()); } catch(Throwable t) { log.error("Unable to decrypt Nextcloud password", t); return null; diff --git a/j-lawyer-client/src/com/jdimension/jlawyer/client/configuration/AddressBookSetupDialog.java b/j-lawyer-client/src/com/jdimension/jlawyer/client/configuration/AddressBookSetupDialog.java index 047835ba8..6b1f864c0 100644 --- a/j-lawyer-client/src/com/jdimension/jlawyer/client/configuration/AddressBookSetupDialog.java +++ b/j-lawyer-client/src/com/jdimension/jlawyer/client/configuration/AddressBookSetupDialog.java @@ -666,7 +666,7 @@ You should also get your employer (if you work as a programmer) or school, import com.jdimension.jlawyer.client.settings.ClientSettings; import com.jdimension.jlawyer.client.settings.ServerSettings; import com.jdimension.jlawyer.client.utils.StringUtils; -import com.jdimension.jlawyer.security.Crypto; +import com.jdimension.jlawyer.security.CryptoProvider; import com.jdimension.jlawyer.services.JLawyerServiceLocator; import java.util.List; import javax.swing.DefaultComboBoxModel; @@ -707,7 +707,7 @@ public AddressBookSetupDialog(java.awt.Frame parent, boolean modal) { log.warn("invalid cloud port: " + s.getSetting(ServerSettings.SERVERCONF_CLOUDSYNC_ADDRESSBOOK_PORT, ""), t); } try { - this.pnlCloud.setCloudPassword(Crypto.decrypt(s.getSetting(ServerSettings.SERVERCONF_CLOUDSYNC_ADDRESSBOOK_PWD, ""))); + this.pnlCloud.setCloudPassword(CryptoProvider.defaultCrypto().decrypt(s.getSetting(ServerSettings.SERVERCONF_CLOUDSYNC_ADDRESSBOOK_PWD, ""))); } catch (Throwable t) { log.warn("invalid cloud password: " + s.getSetting(ServerSettings.SERVERCONF_CLOUDSYNC_ADDRESSBOOK_PWD, ""), t); this.pnlCloud.setCloudPassword(""); @@ -875,7 +875,7 @@ private void cmdSaveActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST s.setSetting(ServerSettings.SERVERCONF_CLOUDSYNC_ADDRESSBOOK_HREF, ((CloudAddressBook) this.cmbAddressBook.getSelectedItem()).getHref()); s.setSetting(ServerSettings.SERVERCONF_CLOUDSYNC_ADDRESSBOOK_PATH, this.pnlCloud.getCloudPath()); s.setSetting(ServerSettings.SERVERCONF_CLOUDSYNC_ADDRESSBOOK_PORT, "" + this.pnlCloud.getCloudPort()); - s.setSetting(ServerSettings.SERVERCONF_CLOUDSYNC_ADDRESSBOOK_PWD, Crypto.encrypt(this.pnlCloud.getCloudPassword())); + s.setSetting(ServerSettings.SERVERCONF_CLOUDSYNC_ADDRESSBOOK_PWD, CryptoProvider.defaultCrypto().encrypt(this.pnlCloud.getCloudPassword())); s.setSettingAsBoolean(ServerSettings.SERVERCONF_CLOUDSYNC_ADDRESSBOOK_SSL, this.pnlCloud.isSsl()); s.setSetting(ServerSettings.SERVERCONF_CLOUDSYNC_ADDRESSBOOK_USER, this.pnlCloud.getCloudUser()); diff --git a/j-lawyer-client/src/com/jdimension/jlawyer/client/configuration/AssistantPromptSetupDialog.java b/j-lawyer-client/src/com/jdimension/jlawyer/client/configuration/AssistantPromptSetupDialog.java index bbac12edd..26d8ecb84 100644 --- a/j-lawyer-client/src/com/jdimension/jlawyer/client/configuration/AssistantPromptSetupDialog.java +++ b/j-lawyer-client/src/com/jdimension/jlawyer/client/configuration/AssistantPromptSetupDialog.java @@ -669,7 +669,6 @@ You should also get your employer (if you work as a programmer) or school, import com.jdimension.jlawyer.client.utils.CaseInsensitiveStringComparator; import com.jdimension.jlawyer.client.utils.ComponentUtils; import com.jdimension.jlawyer.persistence.AssistantPrompt; -import com.jdimension.jlawyer.security.Crypto; import com.jdimension.jlawyer.services.JLawyerServiceLocator; import java.util.List; import javax.swing.JOptionPane; diff --git a/j-lawyer-client/src/com/jdimension/jlawyer/client/configuration/AssistantSetupDialog.form b/j-lawyer-client/src/com/jdimension/jlawyer/client/configuration/AssistantSetupDialog.form index d9aed40ff..9c7cdaea9 100644 --- a/j-lawyer-client/src/com/jdimension/jlawyer/client/configuration/AssistantSetupDialog.form +++ b/j-lawyer-client/src/com/jdimension/jlawyer/client/configuration/AssistantSetupDialog.form @@ -5,9 +5,6 @@ - - - diff --git a/j-lawyer-client/src/com/jdimension/jlawyer/client/configuration/AssistantSetupDialog.java b/j-lawyer-client/src/com/jdimension/jlawyer/client/configuration/AssistantSetupDialog.java index fac661a1e..8852e3ba4 100644 --- a/j-lawyer-client/src/com/jdimension/jlawyer/client/configuration/AssistantSetupDialog.java +++ b/j-lawyer-client/src/com/jdimension/jlawyer/client/configuration/AssistantSetupDialog.java @@ -668,7 +668,7 @@ You should also get your employer (if you work as a programmer) or school, import com.jdimension.jlawyer.client.utils.CaseInsensitiveStringComparator; import com.jdimension.jlawyer.client.utils.ComponentUtils; import com.jdimension.jlawyer.persistence.AssistantConfig; -import com.jdimension.jlawyer.security.Crypto; +import com.jdimension.jlawyer.security.CryptoProvider; import com.jdimension.jlawyer.services.JLawyerServiceLocator; import java.util.List; import javax.swing.JOptionPane; @@ -1065,7 +1065,7 @@ private void cmdSaveActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST ac.setUrl(this.txtUrl.getText()); try { if (this.txtPwd.getPassword().length > 0) { - ac.setPassword(Crypto.encrypt(new String(this.txtPwd.getPassword()))); + ac.setPassword(CryptoProvider.defaultCrypto().encrypt(new String(this.txtPwd.getPassword()))); } else { ac.setPassword(""); } @@ -1131,7 +1131,7 @@ private void updatedUI(AssistantConfig ac) { try { if (ac.getPassword() != null && !"".equalsIgnoreCase(ac.getPassword())) { - this.txtPwd.setText(Crypto.decrypt(ac.getPassword())); + this.txtPwd.setText(CryptoProvider.defaultCrypto().decrypt(ac.getPassword())); } else { this.txtPwd.setText(null); } diff --git a/j-lawyer-client/src/com/jdimension/jlawyer/client/configuration/CalendarSetupDialog.java b/j-lawyer-client/src/com/jdimension/jlawyer/client/configuration/CalendarSetupDialog.java index 447fb9fef..52b9b08b3 100644 --- a/j-lawyer-client/src/com/jdimension/jlawyer/client/configuration/CalendarSetupDialog.java +++ b/j-lawyer-client/src/com/jdimension/jlawyer/client/configuration/CalendarSetupDialog.java @@ -670,7 +670,7 @@ You should also get your employer (if you work as a programmer) or school, import com.jdimension.jlawyer.client.utils.ComponentUtils; import com.jdimension.jlawyer.client.utils.StringUtils; import com.jdimension.jlawyer.persistence.CalendarSetup; -import com.jdimension.jlawyer.security.Crypto; +import com.jdimension.jlawyer.security.CryptoProvider; import com.jdimension.jlawyer.services.JLawyerServiceLocator; import java.awt.Color; import java.util.ArrayList; @@ -1165,7 +1165,7 @@ else if(this.rdEvents.isSelected()) cs.setBackground(this.cmdColor.getBackground().getRGB()); cs.setCloudHost(this.pnlCloud.getCloudHost()); try { - cs.setCloudPassword(Crypto.encrypt(this.pnlCloud.getCloudPassword())); + cs.setCloudPassword(CryptoProvider.defaultCrypto().encrypt(this.pnlCloud.getCloudPassword())); } catch (Exception ex) { log.error("Error accessing cloud credentials", ex); JOptionPane.showMessageDialog(this, "Fehler bzgl. Nextcloud-Zugangsdaten" + ex.getMessage(), com.jdimension.jlawyer.client.utils.DesktopUtils.POPUP_TITLE_ERROR, JOptionPane.ERROR_MESSAGE); @@ -1313,7 +1313,7 @@ private void updatedUI(CalendarSetup cs) { try { JLawyerServiceLocator locator = JLawyerServiceLocator.getInstance(settings.getLookupProperties()); - List cals = locator.lookupCalendarServiceRemote().listCalendars(cs.getCloudHost(), cs.isCloudSsl(), cs.getCloudPort(), cs.getCloudUser(), Crypto.decrypt(cs.getCloudPassword()), cs.getCloudPath()); + List cals = locator.lookupCalendarServiceRemote().listCalendars(cs.getCloudHost(), cs.isCloudSsl(), cs.getCloudPort(), cs.getCloudUser(), CryptoProvider.defaultCrypto().decrypt(cs.getCloudPassword()), cs.getCloudPath()); CloudCalendar selected = null; for (Object abO : cals) { CloudCalendar ab=(CloudCalendar)abO; @@ -1331,7 +1331,7 @@ private void updatedUI(CalendarSetup cs) { } try { - this.pnlCloud.setCloudPassword(Crypto.decrypt(cs.getCloudPassword())); + this.pnlCloud.setCloudPassword(CryptoProvider.defaultCrypto().decrypt(cs.getCloudPassword())); } catch (Exception ex) { log.error("Error accessing cloud credentials", ex); this.pnlCloud.setCloudPassword(""); diff --git a/j-lawyer-client/src/com/jdimension/jlawyer/client/configuration/MailboxSetupDialog.java b/j-lawyer-client/src/com/jdimension/jlawyer/client/configuration/MailboxSetupDialog.java index 93bd2b83e..897ae5b96 100644 --- a/j-lawyer-client/src/com/jdimension/jlawyer/client/configuration/MailboxSetupDialog.java +++ b/j-lawyer-client/src/com/jdimension/jlawyer/client/configuration/MailboxSetupDialog.java @@ -676,7 +676,7 @@ You should also get your employer (if you work as a programmer) or school, import com.jdimension.jlawyer.client.utils.TableUtils; import com.jdimension.jlawyer.persistence.AppOptionGroupBean; import com.jdimension.jlawyer.persistence.MailboxSetup; -import com.jdimension.jlawyer.security.Crypto; +import com.jdimension.jlawyer.security.CryptoProvider; import com.jdimension.jlawyer.services.JLawyerServiceLocator; import java.awt.event.ActionEvent; import java.awt.event.ItemEvent; @@ -1503,8 +1503,8 @@ private void cmdSaveActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST ClientSettings settings = ClientSettings.getInstance(); try { - ms.setEmailOutPwd(Crypto.encrypt(new String(this.pwdOutPassword.getPassword()))); - ms.setEmailInPwd(Crypto.encrypt(new String(this.pwdInPassword.getPassword()))); + ms.setEmailOutPwd(CryptoProvider.defaultCrypto().encrypt(new String(this.pwdOutPassword.getPassword()))); + ms.setEmailInPwd(CryptoProvider.defaultCrypto().encrypt(new String(this.pwdInPassword.getPassword()))); JLawyerServiceLocator locator = JLawyerServiceLocator.getInstance(settings.getLookupProperties()); @@ -1623,13 +1623,13 @@ private void updatedUI(MailboxSetup ms) { String inPwd = ms.getEmailInPwd(); String outPwd = ms.getEmailOutPwd(); try { - outPwd = Crypto.decrypt(ms.getEmailOutPwd()); + outPwd = CryptoProvider.defaultCrypto().decrypt(ms.getEmailOutPwd()); } catch (Throwable t) { log.error(t); outPwd=""; } try { - inPwd = Crypto.decrypt(ms.getEmailInPwd()); + inPwd = CryptoProvider.defaultCrypto().decrypt(ms.getEmailInPwd()); } catch (Throwable t) { log.error(t); inPwd=""; diff --git a/j-lawyer-client/src/com/jdimension/jlawyer/client/configuration/UserAdministrationDialog.java b/j-lawyer-client/src/com/jdimension/jlawyer/client/configuration/UserAdministrationDialog.java index baa470691..0c40ae90a 100755 --- a/j-lawyer-client/src/com/jdimension/jlawyer/client/configuration/UserAdministrationDialog.java +++ b/j-lawyer-client/src/com/jdimension/jlawyer/client/configuration/UserAdministrationDialog.java @@ -693,7 +693,7 @@ import com.jdimension.jlawyer.persistence.InvoicePoolAccess; import com.jdimension.jlawyer.persistence.MailboxAccess; import com.jdimension.jlawyer.persistence.MailboxSetup; -import com.jdimension.jlawyer.security.Crypto; +import com.jdimension.jlawyer.security.CryptoProvider; import com.jdimension.jlawyer.server.utils.ServerStringUtils; import com.jdimension.jlawyer.services.SecurityServiceRemote; import java.awt.Point; @@ -2259,7 +2259,7 @@ private void lstUsersValueChanged(javax.swing.event.ListSelectionEvent evt) {//G this.pnlCloudConnection.setCloudUser(u.getCloudUser()); this.pnlCloudConnection.setCloudPassword(""); if (u.getCloudPassword() != null && !"".equals(u.getCloudPassword())) { - this.pnlCloudConnection.setCloudPassword(Crypto.decrypt(u.getCloudPassword())); + this.pnlCloudConnection.setCloudPassword(CryptoProvider.defaultCrypto().decrypt(u.getCloudPassword())); } this.pnlCloudConnection.setSsl(u.isCloudSsl()); @@ -2291,7 +2291,7 @@ private void lstUsersValueChanged(javax.swing.event.ListSelectionEvent evt) {//G this.txtEpostCustomer.setText(u.getEpostCustomer()); this.txtEpostSecret.setText(u.getEpostSecret()); try { - this.pwdEpostPassword.setText(Crypto.decrypt(u.getEpostPassword())); + this.pwdEpostPassword.setText(CryptoProvider.defaultCrypto().decrypt(u.getEpostPassword())); } catch (Throwable t) { log.warn("Unable to decrypt E-POST password, might be empty", t); this.pwdEpostPassword.setText(""); @@ -2333,7 +2333,7 @@ private void lstUsersValueChanged(javax.swing.event.ListSelectionEvent evt) {//G this.rdManualLogin.setSelected(true); } try { - this.pwdBeaCertificatePassword.setText(Crypto.decrypt(u.getBeaCertificatePassword())); + this.pwdBeaCertificatePassword.setText(CryptoProvider.defaultCrypto().decrypt(u.getBeaCertificatePassword())); } catch (Throwable t) { log.warn("Unable to decrypt beA certificate password, might be empty", t); this.pwdBeaCertificatePassword.setText(""); @@ -2344,7 +2344,7 @@ private void lstUsersValueChanged(javax.swing.event.ListSelectionEvent evt) {//G this.taBeaCertificate.setText("kein Zertifikat hinterlegt"); } else { this.taBeaCertificate.setText(""); - Hashtable ht = BeaAccess.getCertificateInformation(u.getBeaCertificate(), Crypto.decrypt(u.getBeaCertificatePassword())); + Hashtable ht = BeaAccess.getCertificateInformation(u.getBeaCertificate(), CryptoProvider.defaultCrypto().decrypt(u.getBeaCertificatePassword())); for (Object key : ht.keySet()) { this.taBeaCertificate.setText(this.taBeaCertificate.getText() + key.toString() + ": " + ht.get(key).toString() + System.getProperty("line.separator")); } @@ -2520,7 +2520,7 @@ private void cmdSaveActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST u.setCountryCode(countryId); u.setBeaCertificate(this.currentCertificate); - u.setBeaCertificatePassword(Crypto.encrypt(this.pwdBeaCertificatePassword.getText().trim())); + u.setBeaCertificatePassword(CryptoProvider.defaultCrypto().encrypt(this.pwdBeaCertificatePassword.getText().trim())); u.setBeaCertificateAutoLogin(this.rdAutoLogin.isSelected()); u.setCloudHost(this.pnlCloudConnection.getCloudHost()); @@ -2539,7 +2539,7 @@ private void cmdSaveActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST } u.setCloudPath(cloudPath); if (this.pnlCloudConnection.getCloudPassword().length() > 0) { - u.setCloudPassword(Crypto.encrypt(this.pnlCloudConnection.getCloudPassword())); + u.setCloudPassword(CryptoProvider.defaultCrypto().encrypt(this.pnlCloudConnection.getCloudPassword())); } else { u.setCloudPassword(null); } @@ -2556,7 +2556,7 @@ private void cmdSaveActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST } u.setEpostCustomer(this.txtEpostCustomer.getText()); - u.setEpostPassword(Crypto.encrypt(this.pwdEpostPassword.getText().trim())); + u.setEpostPassword(CryptoProvider.defaultCrypto().encrypt(this.pwdEpostPassword.getText().trim())); u.setEpostSecret(this.txtEpostSecret.getText()); u.setDisplayName(this.txtDisplayName.getText()); diff --git a/j-lawyer-client/src/com/jdimension/jlawyer/client/configuration/WebHookSetupDialog.java b/j-lawyer-client/src/com/jdimension/jlawyer/client/configuration/WebHookSetupDialog.java index 46e80544a..38c538171 100644 --- a/j-lawyer-client/src/com/jdimension/jlawyer/client/configuration/WebHookSetupDialog.java +++ b/j-lawyer-client/src/com/jdimension/jlawyer/client/configuration/WebHookSetupDialog.java @@ -667,7 +667,7 @@ You should also get your employer (if you work as a programmer) or school, import com.jdimension.jlawyer.client.utils.CaseInsensitiveStringComparator; import com.jdimension.jlawyer.client.utils.ComponentUtils; import com.jdimension.jlawyer.persistence.IntegrationHook; -import com.jdimension.jlawyer.security.Crypto; +import com.jdimension.jlawyer.security.CryptoProvider; import com.jdimension.jlawyer.services.JLawyerServiceLocator; import java.util.List; import javax.swing.JOptionPane; @@ -1084,7 +1084,7 @@ private void cmdSaveActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST } try { if (this.txtPwd.getPassword().length > 0) { - ih.setAuthenticationPwd(Crypto.encrypt(new String(this.txtPwd.getPassword()))); + ih.setAuthenticationPwd(CryptoProvider.defaultCrypto().encrypt(new String(this.txtPwd.getPassword()))); } else { ih.setAuthenticationPwd(""); } @@ -1151,7 +1151,7 @@ private void updatedUI(IntegrationHook ih) { try { if (ih.getAuthenticationPwd() != null && !"".equalsIgnoreCase(ih.getAuthenticationPwd())) { - this.txtPwd.setText(Crypto.decrypt(ih.getAuthenticationPwd())); + this.txtPwd.setText(CryptoProvider.defaultCrypto().decrypt(ih.getAuthenticationPwd())); } else { this.txtPwd.setText(null); } diff --git a/j-lawyer-client/src/com/jdimension/jlawyer/client/editors/AutoUpdateTimerTask.java b/j-lawyer-client/src/com/jdimension/jlawyer/client/editors/AutoUpdateTimerTask.java index b0752e8bc..d40719c4d 100755 --- a/j-lawyer-client/src/com/jdimension/jlawyer/client/editors/AutoUpdateTimerTask.java +++ b/j-lawyer-client/src/com/jdimension/jlawyer/client/editors/AutoUpdateTimerTask.java @@ -675,7 +675,7 @@ import com.jdimension.jlawyer.client.settings.UserSettings; import com.jdimension.jlawyer.client.utils.StringUtils; import com.jdimension.jlawyer.client.utils.VersionUtils; -import com.jdimension.jlawyer.security.Crypto; +import com.jdimension.jlawyer.security.CryptoProvider; import com.jdimension.jlawyer.services.AddressServiceRemote; import com.jdimension.jlawyer.services.ArchiveFileServiceRemote; import com.jdimension.jlawyer.services.JLawyerServiceLocator; @@ -767,7 +767,7 @@ public void run() { String csession = installationHash + ",user=" + userHash + ",java=" + javaVersion + ",os=" + osName + ",osversion=" + osVersion + ",adrc=" + addressCount + ",afc=" + archiveFileCount + ",docc=" + docCount + ",j-lawyer=" + VersionUtils.getFullClientVersion() + ",drebis=" + drebismode + ",voip=" + voipmode + ",backup=" + backupmode; - URL updateURL = new URL("https://www.j-lawyer.org/downloads/updatecheck.xml?csession=" + Crypto.encrypt(csession)); + URL updateURL = new URL("https://www.j-lawyer.org/downloads/updatecheck.xml?csession=" + CryptoProvider.newCrypto().encrypt(csession)); URLConnection urlCon = updateURL.openConnection(); urlCon.setRequestProperty("User-Agent", "j-lawyer Client v" + VersionUtils.getFullClientVersion()); diff --git a/j-lawyer-client/src/com/jdimension/jlawyer/client/mail/EmailInboxPanel.java b/j-lawyer-client/src/com/jdimension/jlawyer/client/mail/EmailInboxPanel.java index d5eacf97a..256b898e9 100755 --- a/j-lawyer-client/src/com/jdimension/jlawyer/client/mail/EmailInboxPanel.java +++ b/j-lawyer-client/src/com/jdimension/jlawyer/client/mail/EmailInboxPanel.java @@ -696,7 +696,7 @@ import com.jdimension.jlawyer.persistence.ArchiveFileBean; import com.jdimension.jlawyer.persistence.CaseFolder; import com.jdimension.jlawyer.persistence.MailboxSetup; -import com.jdimension.jlawyer.security.Crypto; +import com.jdimension.jlawyer.security.CryptoProvider; import com.jdimension.jlawyer.server.utils.ContentTypes; import com.jdimension.jlawyer.services.AddressServiceRemote; import com.jdimension.jlawyer.services.ArchiveFileServiceRemote; @@ -890,7 +890,7 @@ private void connect(boolean showErrorDialogOnFailure, MailboxSetup ms) throws E if (!this.connected) { String server = null; try { - String emailInPwd=Crypto.decrypt(ms.getEmailInPwd()); + String emailInPwd=CryptoProvider.defaultCrypto().decrypt(ms.getEmailInPwd()); //Properties props = System.getProperties(); // using system properties would require to clean some properties for each new mailbox --> use new ones diff --git a/j-lawyer-client/src/com/jdimension/jlawyer/client/mail/EmailUtils.java b/j-lawyer-client/src/com/jdimension/jlawyer/client/mail/EmailUtils.java index f0d25f642..b59cdea69 100755 --- a/j-lawyer-client/src/com/jdimension/jlawyer/client/mail/EmailUtils.java +++ b/j-lawyer-client/src/com/jdimension/jlawyer/client/mail/EmailUtils.java @@ -670,7 +670,8 @@ import com.jdimension.jlawyer.persistence.AddressBean; import com.jdimension.jlawyer.persistence.AppUserBean; import com.jdimension.jlawyer.persistence.MailboxSetup; -import com.jdimension.jlawyer.security.Crypto; +import com.jdimension.jlawyer.security.CachingCrypto; +import com.jdimension.jlawyer.security.CryptoProvider; import com.jdimension.jlawyer.server.utils.ContentTypes; import java.io.ByteArrayOutputStream; import java.io.InputStream; @@ -692,7 +693,7 @@ /** * - * @author jens + * @author j-dimension */ public class EmailUtils extends CommonMailUtils { @@ -712,7 +713,8 @@ public static boolean hasConfig(AppUserBean u) { return false; } - if (StringUtils.isEmpty(Crypto.decrypt(ms.getEmailInPwd()))) { + CachingCrypto crypto=CryptoProvider.defaultCrypto(); + if (StringUtils.isEmpty(crypto.decrypt(ms.getEmailInPwd()))) { return false; } @@ -1108,7 +1110,7 @@ public static void sendReceipt(final MailboxSetup ms, String subject, String to) boolean authenticate=true; try { - if(StringUtils.isEmpty(ms.getEmailOutUser()) && StringUtils.isEmpty(Crypto.decrypt(ms.getEmailOutPwd()))) + if(StringUtils.isEmpty(ms.getEmailOutUser()) && StringUtils.isEmpty(CryptoProvider.defaultCrypto().decrypt(ms.getEmailOutPwd()))) authenticate=false; } catch (Throwable t) { log.error("Could not decrypt outgoing password", t); @@ -1148,7 +1150,7 @@ public static void sendReceipt(final MailboxSetup ms, String subject, String to) props.put("mail.smtps.user", ms.getEmailOutUser()); String outPwd = ""; try { - outPwd = Crypto.decrypt(ms.getEmailOutPwd()); + outPwd = CryptoProvider.defaultCrypto().decrypt(ms.getEmailOutPwd()); } catch (Throwable t) { log.error(t); } @@ -1160,7 +1162,7 @@ public static void sendReceipt(final MailboxSetup ms, String subject, String to) public PasswordAuthentication getPasswordAuthentication() { String outPwd = ""; try { - outPwd = Crypto.decrypt(ms.getEmailOutPwd()); + outPwd = CryptoProvider.defaultCrypto().decrypt(ms.getEmailOutPwd()); } catch (Throwable t) { log.error(t); } @@ -1177,7 +1179,7 @@ public PasswordAuthentication getPasswordAuthentication() { // Transport.send() disconnects after each send // Usually, no username and password is required for SMTP if(authenticate) - bus.connect(ms.getEmailOutServer(), ms.getEmailOutUser(), Crypto.decrypt(ms.getEmailOutPwd())); + bus.connect(ms.getEmailOutServer(), ms.getEmailOutUser(), CryptoProvider.defaultCrypto().decrypt(ms.getEmailOutPwd())); else bus.connect(ms.getEmailOutServer(), null, null); diff --git a/j-lawyer-client/src/com/jdimension/jlawyer/client/mail/SendAction.java b/j-lawyer-client/src/com/jdimension/jlawyer/client/mail/SendAction.java index 69691bfd4..0371701a5 100755 --- a/j-lawyer-client/src/com/jdimension/jlawyer/client/mail/SendAction.java +++ b/j-lawyer-client/src/com/jdimension/jlawyer/client/mail/SendAction.java @@ -679,7 +679,7 @@ import com.jdimension.jlawyer.persistence.CaseFolder; import com.jdimension.jlawyer.persistence.DocumentTagsBean; import com.jdimension.jlawyer.persistence.MailboxSetup; -import com.jdimension.jlawyer.security.Crypto; +import com.jdimension.jlawyer.security.CryptoProvider; import com.jdimension.jlawyer.server.utils.ContentTypes; import com.jdimension.jlawyer.services.ArchiveFileServiceRemote; import com.jdimension.jlawyer.services.JLawyerServiceLocator; @@ -754,14 +754,14 @@ public boolean execute() throws Exception { String inPwd = ""; try { - inPwd = Crypto.decrypt(ms.getEmailInPwd()); + inPwd = CryptoProvider.defaultCrypto().decrypt(ms.getEmailInPwd()); } catch (Throwable t) { log.error(t); } String outPwd = ""; try { - outPwd = Crypto.decrypt(ms.getEmailOutPwd()); + outPwd = CryptoProvider.defaultCrypto().decrypt(ms.getEmailOutPwd()); } catch (Throwable t) { log.error(t); } diff --git a/j-lawyer-client/src/com/jdimension/jlawyer/client/mail/SendEncryptedAction.java b/j-lawyer-client/src/com/jdimension/jlawyer/client/mail/SendEncryptedAction.java index 1500a8f75..9bfcfe7de 100644 --- a/j-lawyer-client/src/com/jdimension/jlawyer/client/mail/SendEncryptedAction.java +++ b/j-lawyer-client/src/com/jdimension/jlawyer/client/mail/SendEncryptedAction.java @@ -681,7 +681,7 @@ import com.jdimension.jlawyer.persistence.CaseFolder; import com.jdimension.jlawyer.persistence.DocumentTagsBean; import com.jdimension.jlawyer.persistence.MailboxSetup; -import com.jdimension.jlawyer.security.Crypto; +import com.jdimension.jlawyer.security.CryptoProvider; import com.jdimension.jlawyer.server.utils.ContentTypes; import com.jdimension.jlawyer.services.AddressServiceRemote; import com.jdimension.jlawyer.services.ArchiveFileServiceRemote; @@ -764,14 +764,14 @@ public boolean execute() throws Exception { String inPwd = ""; try { - inPwd = Crypto.decrypt(ms.getEmailInPwd()); + inPwd = CryptoProvider.defaultCrypto().decrypt(ms.getEmailInPwd()); } catch (Throwable t) { log.error(t); } String outPwd = ""; try { - outPwd = Crypto.decrypt(ms.getEmailOutPwd()); + outPwd = CryptoProvider.defaultCrypto().decrypt(ms.getEmailOutPwd()); } catch (Throwable t) { log.error(t); } diff --git a/j-lawyer-client/src/com/jdimension/jlawyer/client/voip/EpostTeaserPanel.java b/j-lawyer-client/src/com/jdimension/jlawyer/client/voip/EpostTeaserPanel.java index 901ebc48b..6fccc970d 100644 --- a/j-lawyer-client/src/com/jdimension/jlawyer/client/voip/EpostTeaserPanel.java +++ b/j-lawyer-client/src/com/jdimension/jlawyer/client/voip/EpostTeaserPanel.java @@ -665,7 +665,7 @@ You should also get your employer (if you work as a programmer) or school, import com.jdimension.jlawyer.client.settings.ServerSettings; import com.jdimension.jlawyer.client.utils.DesktopUtils; -import com.jdimension.jlawyer.security.Crypto; +import com.jdimension.jlawyer.security.CryptoProvider; import java.awt.Toolkit; import java.awt.datatransfer.Clipboard; import java.awt.datatransfer.StringSelection; @@ -814,7 +814,7 @@ private void cmdCopyInstIdActionPerformed(java.awt.event.ActionEvent evt) {//GEN private void cmdOKActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_cmdOKActionPerformed if(this.txtEpostRegistrationCode.getText().trim().length()>0) { try { - String testDecrypt=Crypto.decrypt(this.txtEpostRegistrationCode.getText().trim(), ServerSettings.getInstance().getInstallationId().toCharArray()); + String testDecrypt=CryptoProvider.newCrypto(ServerSettings.getInstance().getInstallationId().toCharArray()).decrypt(this.txtEpostRegistrationCode.getText().trim()); ServerSettings.getInstance().setSetting(ServerSettings.SERVERCONF_EPOSTVENDORID_ENCRYPTED, this.txtEpostRegistrationCode.getText().trim()); } catch (Throwable t) { JOptionPane.showMessageDialog(this, "Ungültiger Code: " + t.getMessage(), com.jdimension.jlawyer.client.utils.DesktopUtils.POPUP_TITLE_ERROR, JOptionPane.ERROR_MESSAGE); diff --git a/j-lawyer-server-common/src/com/jdimension/jlawyer/security/CachingCrypto.java b/j-lawyer-server-common/src/com/jdimension/jlawyer/security/CachingCrypto.java new file mode 100644 index 000000000..d39b42363 --- /dev/null +++ b/j-lawyer-server-common/src/com/jdimension/jlawyer/security/CachingCrypto.java @@ -0,0 +1,782 @@ +/* + * GNU AFFERO GENERAL PUBLIC LICENSE + * Version 3, 19 November 2007 + * + * Copyright (C) 2007 Free Software Foundation, Inc. + * Everyone is permitted to copy and distribute verbatim copies + * of this license document, but changing it is not allowed. + * + * Preamble + * + * The GNU Affero General Public License is a free, copyleft license for + * software and other kinds of works, specifically designed to ensure + * cooperation with the community in the case of network server software. + * + * The licenses for most software and other practical works are designed + * to take away your freedom to share and change the works. By contrast, + * our General Public Licenses are intended to guarantee your freedom to + * share and change all versions of a program--to make sure it remains free + * software for all its users. + * + * When we speak of free software, we are referring to freedom, not + * price. Our General Public Licenses are designed to make sure that you + * have the freedom to distribute copies of free software (and charge for + * them if you wish), that you receive source code or can get it if you + * want it, that you can change the software or use pieces of it in new + * free programs, and that you know you can do these things. + * + * Developers that use our General Public Licenses protect your rights + * with two steps: (1) assert copyright on the software, and (2) offer + * you this License which gives you legal permission to copy, distribute + * and/or modify the software. + * + * A secondary benefit of defending all users' freedom is that + * improvements made in alternate versions of the program, if they + * receive widespread use, become available for other developers to + * incorporate. Many developers of free software are heartened and + * encouraged by the resulting cooperation. However, in the case of + * software used on network servers, this result may fail to come about. + * The GNU General Public License permits making a modified version and + * letting the public access it on a server without ever releasing its + * source code to the public. + * + * The GNU Affero General Public License is designed specifically to + * ensure that, in such cases, the modified source code becomes available + * to the community. It requires the operator of a network server to + * provide the source code of the modified version running there to the + * users of that server. Therefore, public use of a modified version, on + * a publicly accessible server, gives the public access to the source + * code of the modified version. + * + * An older license, called the Affero General Public License and + * published by Affero, was designed to accomplish similar goals. This is + * a different license, not a version of the Affero GPL, but Affero has + * released a new version of the Affero GPL which permits relicensing under + * this license. + * + * The precise terms and conditions for copying, distribution and + * modification follow. + * + * TERMS AND CONDITIONS + * + * 0. Definitions. + * + * "This License" refers to version 3 of the GNU Affero General Public License. + * + * "Copyright" also means copyright-like laws that apply to other kinds of + * works, such as semiconductor masks. + * + * "The Program" refers to any copyrightable work licensed under this + * License. Each licensee is addressed as "you". "Licensees" and + * "recipients" may be individuals or organizations. + * + * To "modify" a work means to copy from or adapt all or part of the work + * in a fashion requiring copyright permission, other than the making of an + * exact copy. The resulting work is called a "modified version" of the + * earlier work or a work "based on" the earlier work. + * + * A "covered work" means either the unmodified Program or a work based + * on the Program. + * + * To "propagate" a work means to do anything with it that, without + * permission, would make you directly or secondarily liable for + * infringement under applicable copyright law, except executing it on a + * computer or modifying a private copy. Propagation includes copying, + * distribution (with or without modification), making available to the + * public, and in some countries other activities as well. + * + * To "convey" a work means any kind of propagation that enables other + * parties to make or receive copies. Mere interaction with a user through + * a computer network, with no transfer of a copy, is not conveying. + * + * An interactive user interface displays "Appropriate Legal Notices" + * to the extent that it includes a convenient and prominently visible + * feature that (1) displays an appropriate copyright notice, and (2) + * tells the user that there is no warranty for the work (except to the + * extent that warranties are provided), that licensees may convey the + * work under this License, and how to view a copy of this License. If + * the interface presents a list of user commands or options, such as a + * menu, a prominent item in the list meets this criterion. + * + * 1. Source Code. + * + * The "source code" for a work means the preferred form of the work + * for making modifications to it. "Object code" means any non-source + * form of a work. + * + * A "Standard Interface" means an interface that either is an official + * standard defined by a recognized standards body, or, in the case of + * interfaces specified for a particular programming language, one that + * is widely used among developers working in that language. + * + * The "System Libraries" of an executable work include anything, other + * than the work as a whole, that (a) is included in the normal form of + * packaging a Major Component, but which is not part of that Major + * Component, and (b) serves only to enable use of the work with that + * Major Component, or to implement a Standard Interface for which an + * implementation is available to the public in source code form. A + * "Major Component", in this context, means a major essential component + * (kernel, window system, and so on) of the specific operating system + * (if any) on which the executable work runs, or a compiler used to + * produce the work, or an object code interpreter used to run it. + * + * The "Corresponding Source" for a work in object code form means all + * the source code needed to generate, install, and (for an executable + * work) run the object code and to modify the work, including scripts to + * control those activities. However, it does not include the work's + * System Libraries, or general-purpose tools or generally available free + * programs which are used unmodified in performing those activities but + * which are not part of the work. For example, Corresponding Source + * includes interface definition files associated with source files for + * the work, and the source code for shared libraries and dynamically + * linked subprograms that the work is specifically designed to require, + * such as by intimate data communication or control flow between those + * subprograms and other parts of the work. + * + * The Corresponding Source need not include anything that users + * can regenerate automatically from other parts of the Corresponding + * Source. + * + * The Corresponding Source for a work in source code form is that + * same work. + * + * 2. Basic Permissions. + * + * All rights granted under this License are granted for the term of + * copyright on the Program, and are irrevocable provided the stated + * conditions are met. This License explicitly affirms your unlimited + * permission to run the unmodified Program. The output from running a + * covered work is covered by this License only if the output, given its + * content, constitutes a covered work. This License acknowledges your + * rights of fair use or other equivalent, as provided by copyright law. + * + * You may make, run and propagate covered works that you do not + * convey, without conditions so long as your license otherwise remains + * in force. You may convey covered works to others for the sole purpose + * of having them make modifications exclusively for you, or provide you + * with facilities for running those works, provided that you comply with + * the terms of this License in conveying all material for which you do + * not control copyright. Those thus making or running the covered works + * for you must do so exclusively on your behalf, under your direction + * and control, on terms that prohibit them from making any copies of + * your copyrighted material outside their relationship with you. + * + * Conveying under any other circumstances is permitted solely under + * the conditions stated below. Sublicensing is not allowed; section 10 + * makes it unnecessary. + * + * 3. Protecting Users' Legal Rights From Anti-Circumvention Law. + * + * No covered work shall be deemed part of an effective technological + * measure under any applicable law fulfilling obligations under article + * 11 of the WIPO copyright treaty adopted on 20 December 1996, or + * similar laws prohibiting or restricting circumvention of such + * measures. + * + * When you convey a covered work, you waive any legal power to forbid + * circumvention of technological measures to the extent such circumvention + * is effected by exercising rights under this License with respect to + * the covered work, and you disclaim any intention to limit operation or + * modification of the work as a means of enforcing, against the work's + * users, your or third parties' legal rights to forbid circumvention of + * technological measures. + * + * 4. Conveying Verbatim Copies. + * + * You may convey verbatim copies of the Program's source code as you + * receive it, in any medium, provided that you conspicuously and + * appropriately publish on each copy an appropriate copyright notice; + * keep intact all notices stating that this License and any + * non-permissive terms added in accord with section 7 apply to the code; + * keep intact all notices of the absence of any warranty; and give all + * recipients a copy of this License along with the Program. + * + * You may charge any price or no price for each copy that you convey, + * and you may offer support or warranty protection for a fee. + * + * 5. Conveying Modified Source Versions. + * + * You may convey a work based on the Program, or the modifications to + * produce it from the Program, in the form of source code under the + * terms of section 4, provided that you also meet all of these conditions: + * + * a) The work must carry prominent notices stating that you modified + * it, and giving a relevant date. + * + * b) The work must carry prominent notices stating that it is + * released under this License and any conditions added under section + * 7. This requirement modifies the requirement in section 4 to + * "keep intact all notices". + * + * c) You must license the entire work, as a whole, under this + * License to anyone who comes into possession of a copy. This + * License will therefore apply, along with any applicable section 7 + * additional terms, to the whole of the work, and all its parts, + * regardless of how they are packaged. This License gives no + * permission to license the work in any other way, but it does not + * invalidate such permission if you have separately received it. + * + * d) If the work has interactive user interfaces, each must display + * Appropriate Legal Notices; however, if the Program has interactive + * interfaces that do not display Appropriate Legal Notices, your + * work need not make them do so. + * + * A compilation of a covered work with other separate and independent + * works, which are not by their nature extensions of the covered work, + * and which are not combined with it such as to form a larger program, + * in or on a volume of a storage or distribution medium, is called an + * "aggregate" if the compilation and its resulting copyright are not + * used to limit the access or legal rights of the compilation's users + * beyond what the individual works permit. Inclusion of a covered work + * in an aggregate does not cause this License to apply to the other + * parts of the aggregate. + * + * 6. Conveying Non-Source Forms. + * + * You may convey a covered work in object code form under the terms + * of sections 4 and 5, provided that you also convey the + * machine-readable Corresponding Source under the terms of this License, + * in one of these ways: + * + * a) Convey the object code in, or embodied in, a physical product + * (including a physical distribution medium), accompanied by the + * Corresponding Source fixed on a durable physical medium + * customarily used for software interchange. + * + * b) Convey the object code in, or embodied in, a physical product + * (including a physical distribution medium), accompanied by a + * written offer, valid for at least three years and valid for as + * long as you offer spare parts or customer support for that product + * model, to give anyone who possesses the object code either (1) a + * copy of the Corresponding Source for all the software in the + * product that is covered by this License, on a durable physical + * medium customarily used for software interchange, for a price no + * more than your reasonable cost of physically performing this + * conveying of source, or (2) access to copy the + * Corresponding Source from a network server at no charge. + * + * c) Convey individual copies of the object code with a copy of the + * written offer to provide the Corresponding Source. This + * alternative is allowed only occasionally and noncommercially, and + * only if you received the object code with such an offer, in accord + * with subsection 6b. + * + * d) Convey the object code by offering access from a designated + * place (gratis or for a charge), and offer equivalent access to the + * Corresponding Source in the same way through the same place at no + * further charge. You need not require recipients to copy the + * Corresponding Source along with the object code. If the place to + * copy the object code is a network server, the Corresponding Source + * may be on a different server (operated by you or a third party) + * that supports equivalent copying facilities, provided you maintain + * clear directions next to the object code saying where to find the + * Corresponding Source. Regardless of what server hosts the + * Corresponding Source, you remain obligated to ensure that it is + * available for as long as needed to satisfy these requirements. + * + * e) Convey the object code using peer-to-peer transmission, provided + * you inform other peers where the object code and Corresponding + * Source of the work are being offered to the general public at no + * charge under subsection 6d. + * + * A separable portion of the object code, whose source code is excluded + * from the Corresponding Source as a System Library, need not be + * included in conveying the object code work. + * + * A "User Product" is either (1) a "consumer product", which means any + * tangible personal property which is normally used for personal, family, + * or household purposes, or (2) anything designed or sold for incorporation + * into a dwelling. In determining whether a product is a consumer product, + * doubtful cases shall be resolved in favor of coverage. For a particular + * product received by a particular user, "normally used" refers to a + * typical or common use of that class of product, regardless of the status + * of the particular user or of the way in which the particular user + * actually uses, or expects or is expected to use, the product. A product + * is a consumer product regardless of whether the product has substantial + * commercial, industrial or non-consumer uses, unless such uses represent + * the only significant mode of use of the product. + * + * "Installation Information" for a User Product means any methods, + * procedures, authorization keys, or other information required to install + * and execute modified versions of a covered work in that User Product from + * a modified version of its Corresponding Source. The information must + * suffice to ensure that the continued functioning of the modified object + * code is in no case prevented or interfered with solely because + * modification has been made. + * + * If you convey an object code work under this section in, or with, or + * specifically for use in, a User Product, and the conveying occurs as + * part of a transaction in which the right of possession and use of the + * User Product is transferred to the recipient in perpetuity or for a + * fixed term (regardless of how the transaction is characterized), the + * Corresponding Source conveyed under this section must be accompanied + * by the Installation Information. But this requirement does not apply + * if neither you nor any third party retains the ability to install + * modified object code on the User Product (for example, the work has + * been installed in ROM). + * + * The requirement to provide Installation Information does not include a + * requirement to continue to provide support service, warranty, or updates + * for a work that has been modified or installed by the recipient, or for + * the User Product in which it has been modified or installed. Access to a + * network may be denied when the modification itself materially and + * adversely affects the operation of the network or violates the rules and + * protocols for communication across the network. + * + * Corresponding Source conveyed, and Installation Information provided, + * in accord with this section must be in a format that is publicly + * documented (and with an implementation available to the public in + * source code form), and must require no special password or key for + * unpacking, reading or copying. + * + * 7. Additional Terms. + * + * "Additional permissions" are terms that supplement the terms of this + * License by making exceptions from one or more of its conditions. + * Additional permissions that are applicable to the entire Program shall + * be treated as though they were included in this License, to the extent + * that they are valid under applicable law. If additional permissions + * apply only to part of the Program, that part may be used separately + * under those permissions, but the entire Program remains governed by + * this License without regard to the additional permissions. + * + * When you convey a copy of a covered work, you may at your option + * remove any additional permissions from that copy, or from any part of + * it. (Additional permissions may be written to require their own + * removal in certain cases when you modify the work.) You may place + * additional permissions on material, added by you to a covered work, + * for which you have or can give appropriate copyright permission. + * + * Notwithstanding any other provision of this License, for material you + * add to a covered work, you may (if authorized by the copyright holders of + * that material) supplement the terms of this License with terms: + * + * a) Disclaiming warranty or limiting liability differently from the + * terms of sections 15 and 16 of this License; or + * + * b) Requiring preservation of specified reasonable legal notices or + * author attributions in that material or in the Appropriate Legal + * Notices displayed by works containing it; or + * + * c) Prohibiting misrepresentation of the origin of that material, or + * requiring that modified versions of such material be marked in + * reasonable ways as different from the original version; or + * + * d) Limiting the use for publicity purposes of names of licensors or + * authors of the material; or + * + * e) Declining to grant rights under trademark law for use of some + * trade names, trademarks, or service marks; or + * + * f) Requiring indemnification of licensors and authors of that + * material by anyone who conveys the material (or modified versions of + * it) with contractual assumptions of liability to the recipient, for + * any liability that these contractual assumptions directly impose on + * those licensors and authors. + * + * All other non-permissive additional terms are considered "further + * restrictions" within the meaning of section 10. If the Program as you + * received it, or any part of it, contains a notice stating that it is + * governed by this License along with a term that is a further + * restriction, you may remove that term. If a license document contains + * a further restriction but permits relicensing or conveying under this + * License, you may add to a covered work material governed by the terms + * of that license document, provided that the further restriction does + * not survive such relicensing or conveying. + * + * If you add terms to a covered work in accord with this section, you + * must place, in the relevant source files, a statement of the + * additional terms that apply to those files, or a notice indicating + * where to find the applicable terms. + * + * Additional terms, permissive or non-permissive, may be stated in the + * form of a separately written license, or stated as exceptions; + * the above requirements apply either way. + * + * 8. Termination. + * + * You may not propagate or modify a covered work except as expressly + * provided under this License. Any attempt otherwise to propagate or + * modify it is void, and will automatically terminate your rights under + * this License (including any patent licenses granted under the third + * paragraph of section 11). + * + * However, if you cease all violation of this License, then your + * license from a particular copyright holder is reinstated (a) + * provisionally, unless and until the copyright holder explicitly and + * finally terminates your license, and (b) permanently, if the copyright + * holder fails to notify you of the violation by some reasonable means + * prior to 60 days after the cessation. + * + * Moreover, your license from a particular copyright holder is + * reinstated permanently if the copyright holder notifies you of the + * violation by some reasonable means, this is the first time you have + * received notice of violation of this License (for any work) from that + * copyright holder, and you cure the violation prior to 30 days after + * your receipt of the notice. + * + * Termination of your rights under this section does not terminate the + * licenses of parties who have received copies or rights from you under + * this License. If your rights have been terminated and not permanently + * reinstated, you do not qualify to receive new licenses for the same + * material under section 10. + * + * 9. Acceptance Not Required for Having Copies. + * + * You are not required to accept this License in order to receive or + * run a copy of the Program. Ancillary propagation of a covered work + * occurring solely as a consequence of using peer-to-peer transmission + * to receive a copy likewise does not require acceptance. However, + * nothing other than this License grants you permission to propagate or + * modify any covered work. These actions infringe copyright if you do + * not accept this License. Therefore, by modifying or propagating a + * covered work, you indicate your acceptance of this License to do so. + * + * 10. Automatic Licensing of Downstream Recipients. + * + * Each time you convey a covered work, the recipient automatically + * receives a license from the original licensors, to run, modify and + * propagate that work, subject to this License. You are not responsible + * for enforcing compliance by third parties with this License. + * + * An "entity transaction" is a transaction transferring control of an + * organization, or substantially all assets of one, or subdividing an + * organization, or merging organizations. If propagation of a covered + * work results from an entity transaction, each party to that + * transaction who receives a copy of the work also receives whatever + * licenses to the work the party's predecessor in interest had or could + * give under the previous paragraph, plus a right to possession of the + * Corresponding Source of the work from the predecessor in interest, if + * the predecessor has it or can get it with reasonable efforts. + * + * You may not impose any further restrictions on the exercise of the + * rights granted or affirmed under this License. For example, you may + * not impose a license fee, royalty, or other charge for exercise of + * rights granted under this License, and you may not initiate litigation + * (including a cross-claim or counterclaim in a lawsuit) alleging that + * any patent claim is infringed by making, using, selling, offering for + * sale, or importing the Program or any portion of it. + * + * 11. Patents. + * + * A "contributor" is a copyright holder who authorizes use under this + * License of the Program or a work on which the Program is based. The + * work thus licensed is called the contributor's "contributor version". + * + * A contributor's "essential patent claims" are all patent claims + * owned or controlled by the contributor, whether already acquired or + * hereafter acquired, that would be infringed by some manner, permitted + * by this License, of making, using, or selling its contributor version, + * but do not include claims that would be infringed only as a + * consequence of further modification of the contributor version. For + * purposes of this definition, "control" includes the right to grant + * patent sublicenses in a manner consistent with the requirements of + * this License. + * + * Each contributor grants you a non-exclusive, worldwide, royalty-free + * patent license under the contributor's essential patent claims, to + * make, use, sell, offer for sale, import and otherwise run, modify and + * propagate the contents of its contributor version. + * + * In the following three paragraphs, a "patent license" is any express + * agreement or commitment, however denominated, not to enforce a patent + * (such as an express permission to practice a patent or covenant not to + * sue for patent infringement). To "grant" such a patent license to a + * party means to make such an agreement or commitment not to enforce a + * patent against the party. + * + * If you convey a covered work, knowingly relying on a patent license, + * and the Corresponding Source of the work is not available for anyone + * to copy, free of charge and under the terms of this License, through a + * publicly available network server or other readily accessible means, + * then you must either (1) cause the Corresponding Source to be so + * available, or (2) arrange to deprive yourself of the benefit of the + * patent license for this particular work, or (3) arrange, in a manner + * consistent with the requirements of this License, to extend the patent + * license to downstream recipients. "Knowingly relying" means you have + * actual knowledge that, but for the patent license, your conveying the + * covered work in a country, or your recipient's use of the covered work + * in a country, would infringe one or more identifiable patents in that + * country that you have reason to believe are valid. + * + * If, pursuant to or in connection with a single transaction or + * arrangement, you convey, or propagate by procuring conveyance of, a + * covered work, and grant a patent license to some of the parties + * receiving the covered work authorizing them to use, propagate, modify + * or convey a specific copy of the covered work, then the patent license + * you grant is automatically extended to all recipients of the covered + * work and works based on it. + * + * A patent license is "discriminatory" if it does not include within + * the scope of its coverage, prohibits the exercise of, or is + * conditioned on the non-exercise of one or more of the rights that are + * specifically granted under this License. You may not convey a covered + * work if you are a party to an arrangement with a third party that is + * in the business of distributing software, under which you make payment + * to the third party based on the extent of your activity of conveying + * the work, and under which the third party grants, to any of the + * parties who would receive the covered work from you, a discriminatory + * patent license (a) in connection with copies of the covered work + * conveyed by you (or copies made from those copies), or (b) primarily + * for and in connection with specific products or compilations that + * contain the covered work, unless you entered into that arrangement, + * or that patent license was granted, prior to 28 March 2007. + * + * Nothing in this License shall be construed as excluding or limiting + * any implied license or other defenses to infringement that may + * otherwise be available to you under applicable patent law. + * + * 12. No Surrender of Others' Freedom. + * + * If conditions are imposed on you (whether by court order, agreement or + * otherwise) that contradict the conditions of this License, they do not + * excuse you from the conditions of this License. If you cannot convey a + * covered work so as to satisfy simultaneously your obligations under this + * License and any other pertinent obligations, then as a consequence you may + * not convey it at all. For example, if you agree to terms that obligate you + * to collect a royalty for further conveying from those to whom you convey + * the Program, the only way you could satisfy both those terms and this + * License would be to refrain entirely from conveying the Program. + * + * 13. Remote Network Interaction; Use with the GNU General Public License. + * + * Notwithstanding any other provision of this License, if you modify the + * Program, your modified version must prominently offer all users + * interacting with it remotely through a computer network (if your version + * supports such interaction) an opportunity to receive the Corresponding + * Source of your version by providing access to the Corresponding Source + * from a network server at no charge, through some standard or customary + * means of facilitating copying of software. This Corresponding Source + * shall include the Corresponding Source for any work covered by version 3 + * of the GNU General Public License that is incorporated pursuant to the + * following paragraph. + * + * Notwithstanding any other provision of this License, you have + * permission to link or combine any covered work with a work licensed + * under version 3 of the GNU General Public License into a single + * combined work, and to convey the resulting work. The terms of this + * License will continue to apply to the part which is the covered work, + * but the work with which it is combined will remain governed by version + * 3 of the GNU General Public License. + * + * 14. Revised Versions of this License. + * + * The Free Software Foundation may publish revised and/or new versions of + * the GNU Affero General Public License from time to time. Such new versions + * will be similar in spirit to the present version, but may differ in detail to + * address new problems or concerns. + * + * Each version is given a distinguishing version number. If the + * Program specifies that a certain numbered version of the GNU Affero General + * Public License "or any later version" applies to it, you have the + * option of following the terms and conditions either of that numbered + * version or of any later version published by the Free Software + * Foundation. If the Program does not specify a version number of the + * GNU Affero General Public License, you may choose any version ever published + * by the Free Software Foundation. + * + * If the Program specifies that a proxy can decide which future + * versions of the GNU Affero General Public License can be used, that proxy's + * public statement of acceptance of a version permanently authorizes you + * to choose that version for the Program. + * + * Later license versions may give you additional or different + * permissions. However, no additional obligations are imposed on any + * author or copyright holder as a result of your choosing to follow a + * later version. + * + * 15. Disclaimer of Warranty. + * + * THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY + * APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT + * HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY + * OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, + * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM + * IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF + * ALL NECESSARY SERVICING, REPAIR OR CORRECTION. + * + * 16. Limitation of Liability. + * + * IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING + * WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS + * THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY + * GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE + * USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF + * DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD + * PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), + * EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGES. + * + * 17. Interpretation of Sections 15 and 16. + * + * If the disclaimer of warranty and limitation of liability provided + * above cannot be given local legal effect according to their terms, + * reviewing courts shall apply local law that most closely approximates + * an absolute waiver of all civil liability in connection with the + * Program, unless a warranty or assumption of liability accompanies a + * copy of the Program in return for a fee. + * + * END OF TERMS AND CONDITIONS + * + * How to Apply These Terms to Your New Programs + * + * If you develop a new program, and you want it to be of the greatest + * possible use to the public, the best way to achieve this is to make it + * free software which everyone can redistribute and change under these terms. + * + * To do so, attach the following notices to the program. It is safest + * to attach them to the start of each source file to most effectively + * state the exclusion of warranty; and each file should have at least + * the "copyright" line and a pointer to where the full notice is found. + * + * + * Copyright (C) + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + * + * Also add information on how to contact you by electronic and paper mail. + * + * If your software can interact with users remotely through a computer + * network, you should also make sure that it provides a way for users to + * get its source. For example, if your program is a web application, its + * interface could display a "Source" link that leads users to an archive + * of the code. There are many ways you could offer source, and different + * solutions will be better for different programs; see section 13 for the + * specific requirements. + * + * You should also get your employer (if you work as a programmer) or school, + * if any, to sign a "copyright disclaimer" for the program, if necessary. + * For more information on this, and how to apply and follow the GNU AGPL, see + * . + */ +package com.jdimension.jlawyer.security; + +import java.io.IOException; +import java.nio.charset.StandardCharsets; +import java.security.GeneralSecurityException; +import java.security.spec.KeySpec; +import javax.crypto.Cipher; +import javax.crypto.SecretKey; +import javax.crypto.SecretKeyFactory; +import javax.crypto.spec.GCMParameterSpec; +import javax.crypto.spec.PBEKeySpec; +import javax.crypto.spec.SecretKeySpec; + +/** + * + * @author jens + */ +public class CachingCrypto { + + private static final char[] DROW_SSAP = ("enfld" + "sgbnlsn" + "gdlksdsgm").toCharArray(); + + private static final byte[] SALT_AES = { + (byte) 0xde, (byte) 0x33, (byte) 0x10, (byte) 0x12, (byte) 0xde, (byte) 0x33, (byte) 0x10, (byte) 0x12, + (byte) 0xde, (byte) 0x33, (byte) 0x10, (byte) 0x12, (byte) 0xde, (byte) 0x33, (byte) 0x10, (byte) 0x12, + (byte) 0xde, (byte) 0x33, (byte) 0x10, (byte) 0x12, (byte) 0xde, (byte) 0x33, (byte) 0x10, (byte) 0x12, + (byte) 0xde, (byte) 0x33, (byte) 0x10, (byte) 0x12, (byte) 0xde, (byte) 0x33, (byte) 0x10, (byte) 0x12, + (byte) 0xde, (byte) 0x33, (byte) 0x10, (byte) 0x12, (byte) 0xde, (byte) 0x33, (byte) 0x10, (byte) 0x12, + (byte) 0xde, (byte) 0x33, (byte) 0x10, (byte) 0x12, (byte) 0xde, (byte) 0x33, (byte) 0x10, (byte) 0x12, + (byte) 0xde, (byte) 0x33, (byte) 0x10, (byte) 0x12, (byte) 0xde, (byte) 0x33, (byte) 0x10, (byte) 0x12, + (byte) 0xde, (byte) 0x33, (byte) 0x10, (byte) 0x12, (byte) 0xde, (byte) 0x33, (byte) 0x10, (byte) 0x12}; + + private static final byte[] NONCE_AES = { + (byte) 0xde, (byte) 0x33, (byte) 0x10, (byte) 0x12, (byte) 0xde, (byte) 0x33, (byte) 0x10, (byte) 0x12, + (byte) 0xde, (byte) 0x33, (byte) 0x10, (byte) 0x12, (byte) 0xde, (byte) 0x33, (byte) 0x10, (byte) 0x12, + (byte) 0xde, (byte) 0x33, (byte) 0x10, (byte) 0x12, (byte) 0xde, (byte) 0x33, (byte) 0x10, (byte) 0x12, + (byte) 0xde, (byte) 0x33, (byte) 0x10, (byte) 0x12, (byte) 0xde, (byte) 0x33, (byte) 0x10, (byte) 0x12}; + + private char[] password = DROW_SSAP; + private Base64 base64 = new Base64(); + private SecretKey key=null; + + public CachingCrypto() throws GeneralSecurityException { + this(DROW_SSAP); + } + + public CachingCrypto(char[] password) throws GeneralSecurityException { + this.password = password; + + // GENERATE random salt (needed for PBKDF2) + // final byte[] salt = new byte[64]; +// SecureRandom random = SecureRandom.getInstanceStrong(); +// random.nextBytes(salt); + final byte[] salt = SALT_AES; + + // DERIVE key (from password and salt) + SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA512"); + KeySpec passwordBasedEncryptionKeySpec = new PBEKeySpec(this.password, salt, 10000, 256); + SecretKey secretKeyFromPBKDF2 = secretKeyFactory.generateSecret(passwordBasedEncryptionKeySpec); + this.key = new SecretKeySpec(secretKeyFromPBKDF2.getEncoded(), "AES"); + +// // GENERATE random nonce (number used once) +// final byte[] nonce = new byte[32]; +// random.nextBytes(nonce); + } + + public static void main(String[] args) throws Exception { + + CachingCrypto c = new CachingCrypto(); + String originalPassword = "jRK0EG6sLq1oI9bh"; + System.out.println("Original password: " + originalPassword); + String encryptedPassword = c.encrypt(originalPassword); + System.out.println("Encrypted password: " + encryptedPassword); + String decryptedPassword = c.decrypt(encryptedPassword); + System.out.println("Decrypted password: " + decryptedPassword); + + // 685ed8be7f0001014a634488a865f86d + CachingCrypto c2 = new CachingCrypto("11fe8dea7f000101241f8d9d2e7ccc7e".toCharArray()); + System.out.println(c.encrypt("J0644604401G")); + + } + + public String encrypt(String property) throws GeneralSecurityException { + // ENCRYPTION + Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding"); + GCMParameterSpec spec = new GCMParameterSpec(16 * 8, NONCE_AES); + cipher.init(Cipher.ENCRYPT_MODE, this.key, spec); + + byte[] cipherTextBytes = cipher.doFinal(property.getBytes(StandardCharsets.UTF_8)); + + // CONVERSION of raw bytes to BASE64 representation + return base64Encode(cipherTextBytes); + } + + private String base64Encode(byte[] bytes) { + return this.base64.encode(bytes); + } + + public String decrypt(String property) throws GeneralSecurityException, IOException { + + if (property == null) { + return null; + } + + // ENCRYPTION + Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding"); + GCMParameterSpec spec = new GCMParameterSpec(16 * 8, NONCE_AES); + //cipher.init(Cipher.ENCRYPT_MODE, key, spec); + + // DECRYPTION + cipher.init(Cipher.DECRYPT_MODE, this.key, spec); + byte[] decryptedCipherTextBytes = cipher.doFinal(base64Decode(property)); + return new String(decryptedCipherTextBytes, StandardCharsets.UTF_8); + } + + private byte[] base64Decode(String property) throws IOException { + return this.base64.decode(property); + } + +} diff --git a/j-lawyer-server-common/src/com/jdimension/jlawyer/security/CryptoProvider.java b/j-lawyer-server-common/src/com/jdimension/jlawyer/security/CryptoProvider.java new file mode 100644 index 000000000..805ec65f4 --- /dev/null +++ b/j-lawyer-server-common/src/com/jdimension/jlawyer/security/CryptoProvider.java @@ -0,0 +1,691 @@ +/* + GNU AFFERO GENERAL PUBLIC LICENSE + Version 3, 19 November 2007 + + Copyright (C) 2007 Free Software Foundation, Inc. + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The GNU Affero General Public License is a free, copyleft license for +software and other kinds of works, specifically designed to ensure +cooperation with the community in the case of network server software. + + The licenses for most software and other practical works are designed +to take away your freedom to share and change the works. By contrast, +our General Public Licenses are intended to guarantee your freedom to +share and change all versions of a program--to make sure it remains free +software for all its users. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +them if you wish), that you receive source code or can get it if you +want it, that you can change the software or use pieces of it in new +free programs, and that you know you can do these things. + + Developers that use our General Public Licenses protect your rights +with two steps: (1) assert copyright on the software, and (2) offer +you this License which gives you legal permission to copy, distribute +and/or modify the software. + + A secondary benefit of defending all users' freedom is that +improvements made in alternate versions of the program, if they +receive widespread use, become available for other developers to +incorporate. Many developers of free software are heartened and +encouraged by the resulting cooperation. However, in the case of +software used on network servers, this result may fail to come about. +The GNU General Public License permits making a modified version and +letting the public access it on a server without ever releasing its +source code to the public. + + The GNU Affero General Public License is designed specifically to +ensure that, in such cases, the modified source code becomes available +to the community. It requires the operator of a network server to +provide the source code of the modified version running there to the +users of that server. Therefore, public use of a modified version, on +a publicly accessible server, gives the public access to the source +code of the modified version. + + An older license, called the Affero General Public License and +published by Affero, was designed to accomplish similar goals. This is +a different license, not a version of the Affero GPL, but Affero has +released a new version of the Affero GPL which permits relicensing under +this license. + + The precise terms and conditions for copying, distribution and +modification follow. + + TERMS AND CONDITIONS + + 0. Definitions. + + "This License" refers to version 3 of the GNU Affero General Public License. + + "Copyright" also means copyright-like laws that apply to other kinds of +works, such as semiconductor masks. + + "The Program" refers to any copyrightable work licensed under this +License. Each licensee is addressed as "you". "Licensees" and +"recipients" may be individuals or organizations. + + To "modify" a work means to copy from or adapt all or part of the work +in a fashion requiring copyright permission, other than the making of an +exact copy. The resulting work is called a "modified version" of the +earlier work or a work "based on" the earlier work. + + A "covered work" means either the unmodified Program or a work based +on the Program. + + To "propagate" a work means to do anything with it that, without +permission, would make you directly or secondarily liable for +infringement under applicable copyright law, except executing it on a +computer or modifying a private copy. Propagation includes copying, +distribution (with or without modification), making available to the +public, and in some countries other activities as well. + + To "convey" a work means any kind of propagation that enables other +parties to make or receive copies. Mere interaction with a user through +a computer network, with no transfer of a copy, is not conveying. + + An interactive user interface displays "Appropriate Legal Notices" +to the extent that it includes a convenient and prominently visible +feature that (1) displays an appropriate copyright notice, and (2) +tells the user that there is no warranty for the work (except to the +extent that warranties are provided), that licensees may convey the +work under this License, and how to view a copy of this License. If +the interface presents a list of user commands or options, such as a +menu, a prominent item in the list meets this criterion. + + 1. Source Code. + + The "source code" for a work means the preferred form of the work +for making modifications to it. "Object code" means any non-source +form of a work. + + A "Standard Interface" means an interface that either is an official +standard defined by a recognized standards body, or, in the case of +interfaces specified for a particular programming language, one that +is widely used among developers working in that language. + + The "System Libraries" of an executable work include anything, other +than the work as a whole, that (a) is included in the normal form of +packaging a Major Component, but which is not part of that Major +Component, and (b) serves only to enable use of the work with that +Major Component, or to implement a Standard Interface for which an +implementation is available to the public in source code form. A +"Major Component", in this context, means a major essential component +(kernel, window system, and so on) of the specific operating system +(if any) on which the executable work runs, or a compiler used to +produce the work, or an object code interpreter used to run it. + + The "Corresponding Source" for a work in object code form means all +the source code needed to generate, install, and (for an executable +work) run the object code and to modify the work, including scripts to +control those activities. However, it does not include the work's +System Libraries, or general-purpose tools or generally available free +programs which are used unmodified in performing those activities but +which are not part of the work. For example, Corresponding Source +includes interface definition files associated with source files for +the work, and the source code for shared libraries and dynamically +linked subprograms that the work is specifically designed to require, +such as by intimate data communication or control flow between those +subprograms and other parts of the work. + + The Corresponding Source need not include anything that users +can regenerate automatically from other parts of the Corresponding +Source. + + The Corresponding Source for a work in source code form is that +same work. + + 2. Basic Permissions. + + All rights granted under this License are granted for the term of +copyright on the Program, and are irrevocable provided the stated +conditions are met. This License explicitly affirms your unlimited +permission to run the unmodified Program. The output from running a +covered work is covered by this License only if the output, given its +content, constitutes a covered work. This License acknowledges your +rights of fair use or other equivalent, as provided by copyright law. + + You may make, run and propagate covered works that you do not +convey, without conditions so long as your license otherwise remains +in force. You may convey covered works to others for the sole purpose +of having them make modifications exclusively for you, or provide you +with facilities for running those works, provided that you comply with +the terms of this License in conveying all material for which you do +not control copyright. Those thus making or running the covered works +for you must do so exclusively on your behalf, under your direction +and control, on terms that prohibit them from making any copies of +your copyrighted material outside their relationship with you. + + Conveying under any other circumstances is permitted solely under +the conditions stated below. Sublicensing is not allowed; section 10 +makes it unnecessary. + + 3. Protecting Users' Legal Rights From Anti-Circumvention Law. + + No covered work shall be deemed part of an effective technological +measure under any applicable law fulfilling obligations under article +11 of the WIPO copyright treaty adopted on 20 December 1996, or +similar laws prohibiting or restricting circumvention of such +measures. + + When you convey a covered work, you waive any legal power to forbid +circumvention of technological measures to the extent such circumvention +is effected by exercising rights under this License with respect to +the covered work, and you disclaim any intention to limit operation or +modification of the work as a means of enforcing, against the work's +users, your or third parties' legal rights to forbid circumvention of +technological measures. + + 4. Conveying Verbatim Copies. + + You may convey verbatim copies of the Program's source code as you +receive it, in any medium, provided that you conspicuously and +appropriately publish on each copy an appropriate copyright notice; +keep intact all notices stating that this License and any +non-permissive terms added in accord with section 7 apply to the code; +keep intact all notices of the absence of any warranty; and give all +recipients a copy of this License along with the Program. + + You may charge any price or no price for each copy that you convey, +and you may offer support or warranty protection for a fee. + + 5. Conveying Modified Source Versions. + + You may convey a work based on the Program, or the modifications to +produce it from the Program, in the form of source code under the +terms of section 4, provided that you also meet all of these conditions: + + a) The work must carry prominent notices stating that you modified + it, and giving a relevant date. + + b) The work must carry prominent notices stating that it is + released under this License and any conditions added under section + 7. This requirement modifies the requirement in section 4 to + "keep intact all notices". + + c) You must license the entire work, as a whole, under this + License to anyone who comes into possession of a copy. This + License will therefore apply, along with any applicable section 7 + additional terms, to the whole of the work, and all its parts, + regardless of how they are packaged. This License gives no + permission to license the work in any other way, but it does not + invalidate such permission if you have separately received it. + + d) If the work has interactive user interfaces, each must display + Appropriate Legal Notices; however, if the Program has interactive + interfaces that do not display Appropriate Legal Notices, your + work need not make them do so. + + A compilation of a covered work with other separate and independent +works, which are not by their nature extensions of the covered work, +and which are not combined with it such as to form a larger program, +in or on a volume of a storage or distribution medium, is called an +"aggregate" if the compilation and its resulting copyright are not +used to limit the access or legal rights of the compilation's users +beyond what the individual works permit. Inclusion of a covered work +in an aggregate does not cause this License to apply to the other +parts of the aggregate. + + 6. Conveying Non-Source Forms. + + You may convey a covered work in object code form under the terms +of sections 4 and 5, provided that you also convey the +machine-readable Corresponding Source under the terms of this License, +in one of these ways: + + a) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by the + Corresponding Source fixed on a durable physical medium + customarily used for software interchange. + + b) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by a + written offer, valid for at least three years and valid for as + long as you offer spare parts or customer support for that product + model, to give anyone who possesses the object code either (1) a + copy of the Corresponding Source for all the software in the + product that is covered by this License, on a durable physical + medium customarily used for software interchange, for a price no + more than your reasonable cost of physically performing this + conveying of source, or (2) access to copy the + Corresponding Source from a network server at no charge. + + c) Convey individual copies of the object code with a copy of the + written offer to provide the Corresponding Source. This + alternative is allowed only occasionally and noncommercially, and + only if you received the object code with such an offer, in accord + with subsection 6b. + + d) Convey the object code by offering access from a designated + place (gratis or for a charge), and offer equivalent access to the + Corresponding Source in the same way through the same place at no + further charge. You need not require recipients to copy the + Corresponding Source along with the object code. If the place to + copy the object code is a network server, the Corresponding Source + may be on a different server (operated by you or a third party) + that supports equivalent copying facilities, provided you maintain + clear directions next to the object code saying where to find the + Corresponding Source. Regardless of what server hosts the + Corresponding Source, you remain obligated to ensure that it is + available for as long as needed to satisfy these requirements. + + e) Convey the object code using peer-to-peer transmission, provided + you inform other peers where the object code and Corresponding + Source of the work are being offered to the general public at no + charge under subsection 6d. + + A separable portion of the object code, whose source code is excluded +from the Corresponding Source as a System Library, need not be +included in conveying the object code work. + + A "User Product" is either (1) a "consumer product", which means any +tangible personal property which is normally used for personal, family, +or household purposes, or (2) anything designed or sold for incorporation +into a dwelling. In determining whether a product is a consumer product, +doubtful cases shall be resolved in favor of coverage. For a particular +product received by a particular user, "normally used" refers to a +typical or common use of that class of product, regardless of the status +of the particular user or of the way in which the particular user +actually uses, or expects or is expected to use, the product. A product +is a consumer product regardless of whether the product has substantial +commercial, industrial or non-consumer uses, unless such uses represent +the only significant mode of use of the product. + + "Installation Information" for a User Product means any methods, +procedures, authorization keys, or other information required to install +and execute modified versions of a covered work in that User Product from +a modified version of its Corresponding Source. The information must +suffice to ensure that the continued functioning of the modified object +code is in no case prevented or interfered with solely because +modification has been made. + + If you convey an object code work under this section in, or with, or +specifically for use in, a User Product, and the conveying occurs as +part of a transaction in which the right of possession and use of the +User Product is transferred to the recipient in perpetuity or for a +fixed term (regardless of how the transaction is characterized), the +Corresponding Source conveyed under this section must be accompanied +by the Installation Information. But this requirement does not apply +if neither you nor any third party retains the ability to install +modified object code on the User Product (for example, the work has +been installed in ROM). + + The requirement to provide Installation Information does not include a +requirement to continue to provide support service, warranty, or updates +for a work that has been modified or installed by the recipient, or for +the User Product in which it has been modified or installed. Access to a +network may be denied when the modification itself materially and +adversely affects the operation of the network or violates the rules and +protocols for communication across the network. + + Corresponding Source conveyed, and Installation Information provided, +in accord with this section must be in a format that is publicly +documented (and with an implementation available to the public in +source code form), and must require no special password or key for +unpacking, reading or copying. + + 7. Additional Terms. + + "Additional permissions" are terms that supplement the terms of this +License by making exceptions from one or more of its conditions. +Additional permissions that are applicable to the entire Program shall +be treated as though they were included in this License, to the extent +that they are valid under applicable law. If additional permissions +apply only to part of the Program, that part may be used separately +under those permissions, but the entire Program remains governed by +this License without regard to the additional permissions. + + When you convey a copy of a covered work, you may at your option +remove any additional permissions from that copy, or from any part of +it. (Additional permissions may be written to require their own +removal in certain cases when you modify the work.) You may place +additional permissions on material, added by you to a covered work, +for which you have or can give appropriate copyright permission. + + Notwithstanding any other provision of this License, for material you +add to a covered work, you may (if authorized by the copyright holders of +that material) supplement the terms of this License with terms: + + a) Disclaiming warranty or limiting liability differently from the + terms of sections 15 and 16 of this License; or + + b) Requiring preservation of specified reasonable legal notices or + author attributions in that material or in the Appropriate Legal + Notices displayed by works containing it; or + + c) Prohibiting misrepresentation of the origin of that material, or + requiring that modified versions of such material be marked in + reasonable ways as different from the original version; or + + d) Limiting the use for publicity purposes of names of licensors or + authors of the material; or + + e) Declining to grant rights under trademark law for use of some + trade names, trademarks, or service marks; or + + f) Requiring indemnification of licensors and authors of that + material by anyone who conveys the material (or modified versions of + it) with contractual assumptions of liability to the recipient, for + any liability that these contractual assumptions directly impose on + those licensors and authors. + + All other non-permissive additional terms are considered "further +restrictions" within the meaning of section 10. If the Program as you +received it, or any part of it, contains a notice stating that it is +governed by this License along with a term that is a further +restriction, you may remove that term. If a license document contains +a further restriction but permits relicensing or conveying under this +License, you may add to a covered work material governed by the terms +of that license document, provided that the further restriction does +not survive such relicensing or conveying. + + If you add terms to a covered work in accord with this section, you +must place, in the relevant source files, a statement of the +additional terms that apply to those files, or a notice indicating +where to find the applicable terms. + + Additional terms, permissive or non-permissive, may be stated in the +form of a separately written license, or stated as exceptions; +the above requirements apply either way. + + 8. Termination. + + You may not propagate or modify a covered work except as expressly +provided under this License. Any attempt otherwise to propagate or +modify it is void, and will automatically terminate your rights under +this License (including any patent licenses granted under the third +paragraph of section 11). + + However, if you cease all violation of this License, then your +license from a particular copyright holder is reinstated (a) +provisionally, unless and until the copyright holder explicitly and +finally terminates your license, and (b) permanently, if the copyright +holder fails to notify you of the violation by some reasonable means +prior to 60 days after the cessation. + + Moreover, your license from a particular copyright holder is +reinstated permanently if the copyright holder notifies you of the +violation by some reasonable means, this is the first time you have +received notice of violation of this License (for any work) from that +copyright holder, and you cure the violation prior to 30 days after +your receipt of the notice. + + Termination of your rights under this section does not terminate the +licenses of parties who have received copies or rights from you under +this License. If your rights have been terminated and not permanently +reinstated, you do not qualify to receive new licenses for the same +material under section 10. + + 9. Acceptance Not Required for Having Copies. + + You are not required to accept this License in order to receive or +run a copy of the Program. Ancillary propagation of a covered work +occurring solely as a consequence of using peer-to-peer transmission +to receive a copy likewise does not require acceptance. However, +nothing other than this License grants you permission to propagate or +modify any covered work. These actions infringe copyright if you do +not accept this License. Therefore, by modifying or propagating a +covered work, you indicate your acceptance of this License to do so. + + 10. Automatic Licensing of Downstream Recipients. + + Each time you convey a covered work, the recipient automatically +receives a license from the original licensors, to run, modify and +propagate that work, subject to this License. You are not responsible +for enforcing compliance by third parties with this License. + + An "entity transaction" is a transaction transferring control of an +organization, or substantially all assets of one, or subdividing an +organization, or merging organizations. If propagation of a covered +work results from an entity transaction, each party to that +transaction who receives a copy of the work also receives whatever +licenses to the work the party's predecessor in interest had or could +give under the previous paragraph, plus a right to possession of the +Corresponding Source of the work from the predecessor in interest, if +the predecessor has it or can get it with reasonable efforts. + + You may not impose any further restrictions on the exercise of the +rights granted or affirmed under this License. For example, you may +not impose a license fee, royalty, or other charge for exercise of +rights granted under this License, and you may not initiate litigation +(including a cross-claim or counterclaim in a lawsuit) alleging that +any patent claim is infringed by making, using, selling, offering for +sale, or importing the Program or any portion of it. + + 11. Patents. + + A "contributor" is a copyright holder who authorizes use under this +License of the Program or a work on which the Program is based. The +work thus licensed is called the contributor's "contributor version". + + A contributor's "essential patent claims" are all patent claims +owned or controlled by the contributor, whether already acquired or +hereafter acquired, that would be infringed by some manner, permitted +by this License, of making, using, or selling its contributor version, +but do not include claims that would be infringed only as a +consequence of further modification of the contributor version. For +purposes of this definition, "control" includes the right to grant +patent sublicenses in a manner consistent with the requirements of +this License. + + Each contributor grants you a non-exclusive, worldwide, royalty-free +patent license under the contributor's essential patent claims, to +make, use, sell, offer for sale, import and otherwise run, modify and +propagate the contents of its contributor version. + + In the following three paragraphs, a "patent license" is any express +agreement or commitment, however denominated, not to enforce a patent +(such as an express permission to practice a patent or covenant not to +sue for patent infringement). To "grant" such a patent license to a +party means to make such an agreement or commitment not to enforce a +patent against the party. + + If you convey a covered work, knowingly relying on a patent license, +and the Corresponding Source of the work is not available for anyone +to copy, free of charge and under the terms of this License, through a +publicly available network server or other readily accessible means, +then you must either (1) cause the Corresponding Source to be so +available, or (2) arrange to deprive yourself of the benefit of the +patent license for this particular work, or (3) arrange, in a manner +consistent with the requirements of this License, to extend the patent +license to downstream recipients. "Knowingly relying" means you have +actual knowledge that, but for the patent license, your conveying the +covered work in a country, or your recipient's use of the covered work +in a country, would infringe one or more identifiable patents in that +country that you have reason to believe are valid. + + If, pursuant to or in connection with a single transaction or +arrangement, you convey, or propagate by procuring conveyance of, a +covered work, and grant a patent license to some of the parties +receiving the covered work authorizing them to use, propagate, modify +or convey a specific copy of the covered work, then the patent license +you grant is automatically extended to all recipients of the covered +work and works based on it. + + A patent license is "discriminatory" if it does not include within +the scope of its coverage, prohibits the exercise of, or is +conditioned on the non-exercise of one or more of the rights that are +specifically granted under this License. You may not convey a covered +work if you are a party to an arrangement with a third party that is +in the business of distributing software, under which you make payment +to the third party based on the extent of your activity of conveying +the work, and under which the third party grants, to any of the +parties who would receive the covered work from you, a discriminatory +patent license (a) in connection with copies of the covered work +conveyed by you (or copies made from those copies), or (b) primarily +for and in connection with specific products or compilations that +contain the covered work, unless you entered into that arrangement, +or that patent license was granted, prior to 28 March 2007. + + Nothing in this License shall be construed as excluding or limiting +any implied license or other defenses to infringement that may +otherwise be available to you under applicable patent law. + + 12. No Surrender of Others' Freedom. + + If conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot convey a +covered work so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you may +not convey it at all. For example, if you agree to terms that obligate you +to collect a royalty for further conveying from those to whom you convey +the Program, the only way you could satisfy both those terms and this +License would be to refrain entirely from conveying the Program. + + 13. Remote Network Interaction; Use with the GNU General Public License. + + Notwithstanding any other provision of this License, if you modify the +Program, your modified version must prominently offer all users +interacting with it remotely through a computer network (if your version +supports such interaction) an opportunity to receive the Corresponding +Source of your version by providing access to the Corresponding Source +from a network server at no charge, through some standard or customary +means of facilitating copying of software. This Corresponding Source +shall include the Corresponding Source for any work covered by version 3 +of the GNU General Public License that is incorporated pursuant to the +following paragraph. + + Notwithstanding any other provision of this License, you have +permission to link or combine any covered work with a work licensed +under version 3 of the GNU General Public License into a single +combined work, and to convey the resulting work. The terms of this +License will continue to apply to the part which is the covered work, +but the work with which it is combined will remain governed by version +3 of the GNU General Public License. + + 14. Revised Versions of this License. + + The Free Software Foundation may publish revised and/or new versions of +the GNU Affero General Public License from time to time. Such new versions +will be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + + Each version is given a distinguishing version number. If the +Program specifies that a certain numbered version of the GNU Affero General +Public License "or any later version" applies to it, you have the +option of following the terms and conditions either of that numbered +version or of any later version published by the Free Software +Foundation. If the Program does not specify a version number of the +GNU Affero General Public License, you may choose any version ever published +by the Free Software Foundation. + + If the Program specifies that a proxy can decide which future +versions of the GNU Affero General Public License can be used, that proxy's +public statement of acceptance of a version permanently authorizes you +to choose that version for the Program. + + Later license versions may give you additional or different +permissions. However, no additional obligations are imposed on any +author or copyright holder as a result of your choosing to follow a +later version. + + 15. Disclaimer of Warranty. + + THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY +APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT +HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY +OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, +THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM +IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF +ALL NECESSARY SERVICING, REPAIR OR CORRECTION. + + 16. Limitation of Liability. + + IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS +THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY +GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE +USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF +DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD +PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), +EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF +SUCH DAMAGES. + + 17. Interpretation of Sections 15 and 16. + + If the disclaimer of warranty and limitation of liability provided +above cannot be given local legal effect according to their terms, +reviewing courts shall apply local law that most closely approximates +an absolute waiver of all civil liability in connection with the +Program, unless a warranty or assumption of liability accompanies a +copy of the Program in return for a fee. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +state the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + + Copyright (C) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU Affero General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU Affero General Public License for more details. + + You should have received a copy of the GNU Affero General Public License + along with this program. If not, see . + +Also add information on how to contact you by electronic and paper mail. + + If your software can interact with users remotely through a computer +network, you should also make sure that it provides a way for users to +get its source. For example, if your program is a web application, its +interface could display a "Source" link that leads users to an archive +of the code. There are many ways you could offer source, and different +solutions will be better for different programs; see section 13 for the +specific requirements. + + You should also get your employer (if you work as a programmer) or school, +if any, to sign a "copyright disclaimer" for the program, if necessary. +For more information on this, and how to apply and follow the GNU AGPL, see +. + */ +package com.jdimension.jlawyer.security; + +import java.security.GeneralSecurityException; + +/** + * + * @author jens + */ +public class CryptoProvider { + + private static CachingCrypto defaultCrypto=null; + + public static CachingCrypto newCrypto() throws GeneralSecurityException { + return new CachingCrypto(); + } + + public static CachingCrypto newCrypto(char[] password) throws GeneralSecurityException { + return new CachingCrypto(password); + } + + public static synchronized CachingCrypto defaultCrypto() throws GeneralSecurityException { + if(defaultCrypto==null) + defaultCrypto=new CachingCrypto(); + + return defaultCrypto; + } + +} diff --git a/j-lawyer-server/j-lawyer-server-ejb/src/java/com/jdimension/jlawyer/events/CustomHooksService.java b/j-lawyer-server/j-lawyer-server-ejb/src/java/com/jdimension/jlawyer/events/CustomHooksService.java index 765000409..686831c4b 100644 --- a/j-lawyer-server/j-lawyer-server-ejb/src/java/com/jdimension/jlawyer/events/CustomHooksService.java +++ b/j-lawyer-server/j-lawyer-server-ejb/src/java/com/jdimension/jlawyer/events/CustomHooksService.java @@ -667,7 +667,7 @@ You should also get your employer (if you work as a programmer) or school, import com.jdimension.jlawyer.persistence.IntegrationHookFacadeLocal; import com.jdimension.jlawyer.persistence.IntegrationHookLog; import com.jdimension.jlawyer.persistence.IntegrationHookLogFacadeLocal; -import com.jdimension.jlawyer.security.Crypto; +import com.jdimension.jlawyer.security.CryptoProvider; import java.util.Calendar; import java.util.Date; import java.util.HashMap; @@ -779,7 +779,7 @@ private void executeHook(IntegrationHook hook, CustomHook evt) { if (hook.getAuthenticationUser() != null && !"".equalsIgnoreCase(hook.getAuthenticationUser())) { if (!this.hookPwd.containsKey(hook.getName())) { - this.hookPwd.put(hook.getName(), Crypto.decrypt(hook.getAuthenticationPwd())); + this.hookPwd.put(hook.getName(), CryptoProvider.newCrypto().decrypt(hook.getAuthenticationPwd())); } client.register(new HookAuthenticator(hook.getAuthenticationUser(), this.hookPwd.get(hook.getName()))); } diff --git a/j-lawyer-server/j-lawyer-server-ejb/src/java/com/jdimension/jlawyer/services/CalendarSyncService.java b/j-lawyer-server/j-lawyer-server-ejb/src/java/com/jdimension/jlawyer/services/CalendarSyncService.java index e385f4c1c..8fac27074 100644 --- a/j-lawyer-server/j-lawyer-server-ejb/src/java/com/jdimension/jlawyer/services/CalendarSyncService.java +++ b/j-lawyer-server/j-lawyer-server-ejb/src/java/com/jdimension/jlawyer/services/CalendarSyncService.java @@ -669,7 +669,7 @@ You should also get your employer (if you work as a programmer) or school, import com.jdimension.jlawyer.persistence.CalendarSetup; import com.jdimension.jlawyer.persistence.ServerSettingsBean; import com.jdimension.jlawyer.persistence.ServerSettingsBeanFacadeLocal; -import com.jdimension.jlawyer.security.Crypto; +import com.jdimension.jlawyer.security.CryptoProvider; import com.jdimension.jlawyer.server.services.settings.ServerSettingsKeys; import com.jdimension.jlawyer.server.utils.ServerStringUtils; import java.util.List; @@ -683,7 +683,6 @@ You should also get your employer (if you work as a programmer) or school, import org.jboss.ejb3.annotation.TransactionTimeout; import org.jboss.logging.Logger; import org.jlawyer.cloud.NextcloudCalendarConnector; -import org.jlawyer.cloud.calendar.CloudCalendar; /** * @@ -776,7 +775,7 @@ private NextcloudCalendarConnector getConnector(CalendarSetup cs) throws Excepti return null; } - NextcloudCalendarConnector nc = new NextcloudCalendarConnector(cs.getCloudHost(), cs.isCloudSsl(), cs.getCloudPort(), cs.getCloudUser(), Crypto.decrypt(cs.getCloudPassword())); + NextcloudCalendarConnector nc = new NextcloudCalendarConnector(cs.getCloudHost(), cs.isCloudSsl(), cs.getCloudPort(), cs.getCloudUser(), CryptoProvider.newCrypto().decrypt(cs.getCloudPassword())); if (cs.getCloudPath() != null && !("".equals(cs.getCloudPath()))) { nc.setSubpathPrefix(cs.getCloudPath()); } diff --git a/j-lawyer-server/j-lawyer-server-ejb/src/java/com/jdimension/jlawyer/services/ContactSyncService.java b/j-lawyer-server/j-lawyer-server-ejb/src/java/com/jdimension/jlawyer/services/ContactSyncService.java index e404b3205..25cf5b4bb 100644 --- a/j-lawyer-server/j-lawyer-server-ejb/src/java/com/jdimension/jlawyer/services/ContactSyncService.java +++ b/j-lawyer-server/j-lawyer-server-ejb/src/java/com/jdimension/jlawyer/services/ContactSyncService.java @@ -667,7 +667,7 @@ You should also get your employer (if you work as a programmer) or school, import com.jdimension.jlawyer.persistence.AddressBeanFacadeLocal; import com.jdimension.jlawyer.persistence.ServerSettingsBean; import com.jdimension.jlawyer.persistence.ServerSettingsBeanFacadeLocal; -import com.jdimension.jlawyer.security.Crypto; +import com.jdimension.jlawyer.security.CryptoProvider; import com.jdimension.jlawyer.server.services.settings.ServerSettingsKeys; import com.jdimension.jlawyer.server.utils.ServerStringUtils; import java.util.List; @@ -791,7 +791,7 @@ private NextcloudContactsConnector getConnector() { s = this.settings.find(ServerSettingsKeys.SERVERCONF_CLOUDSYNC_ADDRESSBOOK_PWD); if (s != null) { pwd = s.getSettingValue(); - pwd = Crypto.decrypt(pwd); + pwd = CryptoProvider.newCrypto().decrypt(pwd); } String subPath = null; diff --git a/j-lawyer-server/j-lawyer-server-ejb/src/java/com/jdimension/jlawyer/services/DrebisService.java b/j-lawyer-server/j-lawyer-server-ejb/src/java/com/jdimension/jlawyer/services/DrebisService.java index 042fb8ce1..44bc1ce63 100644 --- a/j-lawyer-server/j-lawyer-server-ejb/src/java/com/jdimension/jlawyer/services/DrebisService.java +++ b/j-lawyer-server/j-lawyer-server-ejb/src/java/com/jdimension/jlawyer/services/DrebisService.java @@ -666,7 +666,8 @@ import com.jdimension.jlawyer.drebis.*; import com.jdimension.jlawyer.persistence.*; import com.jdimension.jlawyer.persistence.utils.StringGenerator; -import com.jdimension.jlawyer.security.Crypto; +import com.jdimension.jlawyer.security.CachingCrypto; +import com.jdimension.jlawyer.security.CryptoProvider; import java.util.ArrayList; import java.util.Calendar; import java.util.Date; @@ -718,8 +719,9 @@ private DrebisAPI getAPI() throws DrebisException { String techPwd=this.settingsFacade.find("jlawyer.server.drebis.techpwd").getSettingValue(); try { - techUser=Crypto.decrypt(techUser); - techPwd=Crypto.decrypt(techPwd); + CachingCrypto crypto=CryptoProvider.newCrypto(); + techUser=crypto.decrypt(techUser); + techPwd=crypto.decrypt(techPwd); } catch (Exception ex) { log.error(ex); diff --git a/j-lawyer-server/j-lawyer-server-ejb/src/java/com/jdimension/jlawyer/services/IntegrationService.java b/j-lawyer-server/j-lawyer-server-ejb/src/java/com/jdimension/jlawyer/services/IntegrationService.java index 31f951c88..1879a3743 100644 --- a/j-lawyer-server/j-lawyer-server-ejb/src/java/com/jdimension/jlawyer/services/IntegrationService.java +++ b/j-lawyer-server/j-lawyer-server-ejb/src/java/com/jdimension/jlawyer/services/IntegrationService.java @@ -685,7 +685,8 @@ import com.jdimension.jlawyer.persistence.ServerSettingsBeanFacadeLocal; import com.jdimension.jlawyer.persistence.utils.StringGenerator; import com.jdimension.jlawyer.pojo.FileMetadata; -import com.jdimension.jlawyer.security.Crypto; +import com.jdimension.jlawyer.security.CachingCrypto; +import com.jdimension.jlawyer.security.CryptoProvider; import com.jdimension.jlawyer.server.utils.ServerFileUtils; import com.jdimension.jlawyer.storage.VirtualFile; import java.io.BufferedReader; @@ -1420,10 +1421,11 @@ public void removeAssistantConfig(AssistantConfig ac) throws Exception { public Map> getAssistantCapabilities() throws Exception { Map> allCapabilities=new HashMap<>(); List configs=this.assistantFacade.findAll(); + CachingCrypto crypto=CryptoProvider.newCrypto(); for(AssistantConfig c: configs) { String pwd=c.getPassword(); if(pwd!=null) - pwd=Crypto.decrypt(c.getPassword()); + pwd=crypto.decrypt(c.getPassword()); AssistantAPI api=new AssistantAPI(c.getUrl(), c.getUserName(), pwd); allCapabilities.put(c, api.getCapabilities()); @@ -1436,13 +1438,14 @@ public Map> getAssistantCapabilities() throws @RolesAllowed(value = {"loginRole"}) public AiRequestStatus submitAssistantRequest(AssistantConfig config, String requestType, String modelType, String prompt, List params, List inputs) throws Exception { List configs=this.assistantFacade.findAll(); + CachingCrypto crypto=CryptoProvider.newCrypto(); for(AssistantConfig c: configs) { if(!(c.getId().equals(config.getId()))) { continue; } String pwd=c.getPassword(); if(pwd!=null) - pwd=Crypto.decrypt(c.getPassword()); + pwd=crypto.decrypt(c.getPassword()); AssistantAPI api=new AssistantAPI(c.getUrl(), c.getUserName(), pwd); return api.submitRequest(requestType, modelType, prompt, params, inputs); @@ -1454,13 +1457,14 @@ public AiRequestStatus submitAssistantRequest(AssistantConfig config, String req @RolesAllowed(value = {"loginRole"}) public AiResponse getAssistantRequestStatus(AssistantConfig config, String requestId) throws Exception { List configs=this.assistantFacade.findAll(); + CachingCrypto crypto=CryptoProvider.newCrypto(); for(AssistantConfig c: configs) { if(!(c.getId().equals(config.getId()))) { continue; } String pwd=c.getPassword(); if(pwd!=null) - pwd=Crypto.decrypt(c.getPassword()); + pwd=crypto.decrypt(c.getPassword()); AssistantAPI api=new AssistantAPI(c.getUrl(), c.getUserName(), pwd); return api.getRequestStatus(requestId); diff --git a/j-lawyer-server/j-lawyer-server-ejb/src/java/com/jdimension/jlawyer/services/VoipService.java b/j-lawyer-server/j-lawyer-server-ejb/src/java/com/jdimension/jlawyer/services/VoipService.java index 98ce7830e..4a099bf83 100644 --- a/j-lawyer-server/j-lawyer-server-ejb/src/java/com/jdimension/jlawyer/services/VoipService.java +++ b/j-lawyer-server/j-lawyer-server-ejb/src/java/com/jdimension/jlawyer/services/VoipService.java @@ -677,7 +677,7 @@ import com.jdimension.jlawyer.fax.SipgateInstance; import com.jdimension.jlawyer.persistence.*; import com.jdimension.jlawyer.persistence.utils.StringGenerator; -import com.jdimension.jlawyer.security.Crypto; +import com.jdimension.jlawyer.security.CryptoProvider; import com.jdimension.jlawyer.server.services.settings.ServerSettingsKeys; import static com.jdimension.jlawyer.server.services.settings.ServerSettingsKeys.SERVERCONF_INSTALLATION_ID; import com.jdimension.jlawyer.server.utils.ServerStringUtils; @@ -907,7 +907,7 @@ private String getVendorId() throws EpostException { throw new EpostException("Kein E-POST-Freischaltcode vorhanden"); try { - return Crypto.decrypt(encryptedId.getSettingValue(), installationId.getSettingValue().toCharArray()); + return CryptoProvider.newCrypto(installationId.getSettingValue().toCharArray()).decrypt(encryptedId.getSettingValue()); } catch (Exception ex) { throw new EpostException("E-POST-Freischaltcode kann nicht entschlüsselt werden"); } @@ -923,7 +923,7 @@ public EpostLetterStatus getLetterStatus(int letterId, String senderPrincipalId) EpostAPI ea=new EpostAPI(this.getVendorId(), currentUser.getEpostCustomer()); - String token=ea.login(currentUser.getEpostSecret(), Crypto.decrypt(currentUser.getEpostPassword())); + String token=ea.login(currentUser.getEpostSecret(), CryptoProvider.newCrypto().decrypt(currentUser.getEpostPassword())); return ea.getLetterStatus(token, letterId); } @@ -937,7 +937,7 @@ public List getLetterStatus(List letterIds, String s EpostAPI ea=new EpostAPI(this.getVendorId(), currentUser.getEpostCustomer()); - String token=ea.login(currentUser.getEpostSecret(), Crypto.decrypt(currentUser.getEpostPassword())); + String token=ea.login(currentUser.getEpostSecret(), CryptoProvider.newCrypto().decrypt(currentUser.getEpostPassword())); return ea.getLetterStatus(token, letterIds); } @@ -1138,7 +1138,7 @@ public byte[] getValidatedLetter(int letterId) throws Exception { } EpostAPI ea=new EpostAPI(this.getVendorId(), currentUser.getEpostCustomer()); - String token=ea.login(currentUser.getEpostSecret(), Crypto.decrypt(currentUser.getEpostPassword())); + String token=ea.login(currentUser.getEpostSecret(), CryptoProvider.newCrypto().decrypt(currentUser.getEpostPassword())); return ea.getValidatedLetter(token, letterId); } @@ -1165,7 +1165,7 @@ public int sendLetter(EpostLetter letter, String caseId) throws Exception { } EpostAPI ea=new EpostAPI(this.getVendorId(), currentUser.getEpostCustomer()); - String token=ea.login(currentUser.getEpostSecret(), Crypto.decrypt(currentUser.getEpostPassword())); + String token=ea.login(currentUser.getEpostSecret(), CryptoProvider.newCrypto().decrypt(currentUser.getEpostPassword())); int letterId= ea.sendLetter(token, letter); // may cause the sending transaction to fail if the status request hits a rate limit directly after sending //EpostLetterStatus s=ea.getLetterStatus(token, letterId); @@ -1216,7 +1216,7 @@ public int sendRegisteredLetter(EpostLetter letter, String registeredLetterMode, } EpostAPI ea=new EpostAPI(this.getVendorId(), currentUser.getEpostCustomer()); - String token=ea.login(currentUser.getEpostSecret(), Crypto.decrypt(currentUser.getEpostPassword())); + String token=ea.login(currentUser.getEpostSecret(), CryptoProvider.newCrypto().decrypt(currentUser.getEpostPassword())); int letterId = ea.sendRegisteredLetter(token, letter, registeredLetterMode); EpostLetterStatus s=ea.getLetterStatus(token, letterId); @@ -1278,7 +1278,7 @@ public int validateLetter(EpostLetter letter, String toEmail) throws Exception { } EpostAPI ea=new EpostAPI(this.getVendorId(), currentUser.getEpostCustomer()); - String token=ea.login(currentUser.getEpostSecret(), Crypto.decrypt(currentUser.getEpostPassword())); + String token=ea.login(currentUser.getEpostSecret(), CryptoProvider.newCrypto().decrypt(currentUser.getEpostPassword())); return ea.validateLetter(token, letter, toEmail); } diff --git a/j-lawyer-server/j-lawyer-server-war/src/java/com/jdimension/jlawyer/timer/MailboxScannerTask.java b/j-lawyer-server/j-lawyer-server-war/src/java/com/jdimension/jlawyer/timer/MailboxScannerTask.java index 5ebfef754..891c7c323 100644 --- a/j-lawyer-server/j-lawyer-server-war/src/java/com/jdimension/jlawyer/timer/MailboxScannerTask.java +++ b/j-lawyer-server/j-lawyer-server-war/src/java/com/jdimension/jlawyer/timer/MailboxScannerTask.java @@ -663,7 +663,6 @@ */ package com.jdimension.jlawyer.timer; -import com.jdimension.jlawyer.documents.PlaceHolders; import com.jdimension.jlawyer.documents.ServerTemplatesUtil; import com.jdimension.jlawyer.email.AttachmentInfo; import com.jdimension.jlawyer.email.CommonMailUtils; @@ -682,8 +681,7 @@ import com.jdimension.jlawyer.persistence.PartyTypeBean; import com.jdimension.jlawyer.persistence.ServerSettingsBean; import com.jdimension.jlawyer.persistence.ServerSettingsBeanFacadeLocal; -import com.jdimension.jlawyer.pojo.PartiesTriplet; -import com.jdimension.jlawyer.security.Crypto; +import com.jdimension.jlawyer.security.CryptoProvider; import com.jdimension.jlawyer.server.utils.ContentTypes; import com.jdimension.jlawyer.server.utils.ServerFileUtils; import com.jdimension.jlawyer.services.AddressServiceLocal; @@ -771,7 +769,7 @@ private void processMailbox(MailboxSetup ms, ArchiveFileServiceLocal caseSvc, Ad String server = null; try { - String emailInPwd = Crypto.decrypt(ms.getEmailInPwd()); + String emailInPwd = CryptoProvider.newCrypto().decrypt(ms.getEmailInPwd()); //Properties props = System.getProperties(); Properties props = new Properties();