justbk2015 commented on pull request #11440:
URL: https://github.com/apache/shardingsphere/pull/11440#issuecomment-884690828
> > > I don't see any key to use to encrypt or decrypt. Does it mean that
there is no key for password encryption.
> >
> >
> > the key is variable named secretBytes which generate by SecureRandom, in
16 bytes.
> > we use this key to encrypt password, and saved as base64 string in
encrypt function return; in decrypt, we first extract key and iv from
base64string and run aes to decrypt the password plaint text.
>
> Where does the secretBytes stored?
the secretBytes was return by encrypt string , if you want more security,
your can implentments new algorithm and save secretBytes to safe disk or
database.
see code:
@Override
public String encrypt(final byte[] content) throws Exception {
byte[] ivBytes = getRandom();
byte[] secretKeyBytes = getRandom();
byte[] encryptBytes = runAesAlgorithm(content,
ivBytes,
secretKeyBytes,
Cipher.ENCRYPT_MODE);
byte[] results = mergeAllBytes(ivBytes, secretKeyBytes,
encryptBytes);
return Base64.getEncoder().encodeToString(results); -- the encrypt
text have iv and secretKey value
}
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
