private boolean savePassword(String password, IPreferencesContainer container) {
byte[] data = winencrypt(password.getBytes());
if (data == null) { // this is bad. Something wrong with OS or JNI.
StorageException e =
new StorageException(
StorageException.ENCRYPTION_ERROR, WinCryptoMessages.encryptPasswordFailed);
AuthPlugin.getDefault().logError(WinCryptoMessages.encryptPasswordFailed, e);
return false;
}
String encodedEncryptyedPassword = Base64.encode(data);
ISecurePreferences node = container.getPreferences().node(WIN_PROVIDER_NODE);
try {
node.put(
PASSWORD_KEY,
encodedEncryptyedPassword,
false); // note we don't recursively try to encrypt
} catch (StorageException e) { // should never happen in this scenario
AuthPlugin.getDefault().logError(SecAuthMessages.errorOnSave, e);
return false;
}
try {
node.flush(); // save right away
} catch (IOException e) {
AuthPlugin.getDefault().logError(SecAuthMessages.errorOnSave, e);
return false;
}
return true;
}
public PBEKeySpec getPassword(IPreferencesContainer container, int passwordType) {
byte[] encryptedPassword;
if ((passwordType & CREATE_NEW_PASSWORD) == 0)
encryptedPassword = getEncryptedPassword(container);
else encryptedPassword = null;
if (encryptedPassword != null) {
byte[] decryptedPassword = windecrypt(encryptedPassword);
if (decryptedPassword != null) {
String password = new String(decryptedPassword);
return new PBEKeySpec(password.toCharArray());
} else {
StorageException e =
new StorageException(
StorageException.ENCRYPTION_ERROR, WinCryptoMessages.decryptPasswordFailed);
AuthPlugin.getDefault().logError(WinCryptoMessages.decryptPasswordFailed, e);
return null;
}
}
// add info message in the log
AuthPlugin.getDefault().logMessage(WinCryptoMessages.newPasswordGenerated);
byte[] rawPassword = new byte[PASSWORD_LENGTH];
SecureRandom random = new SecureRandom();
random.setSeed(System.currentTimeMillis());
random.nextBytes(rawPassword);
String password = Base64.encode(rawPassword);
if (savePassword(password, container)) return new PBEKeySpec(password.toCharArray());
else return null;
}
private byte[] getEncryptedPassword(IPreferencesContainer container) {
ISecurePreferences node = container.getPreferences().node(WIN_PROVIDER_NODE);
String passwordHint;
try {
passwordHint = node.get(PASSWORD_KEY, null);
} catch (StorageException e) { // should never happen in this scenario
AuthPlugin.getDefault().logError(WinCryptoMessages.decryptPasswordFailed, e);
return null;
}
if (passwordHint == null) return null;
return Base64.decode(passwordHint);
}