Delegate crypto algorithm creation to InsecureCipherFactory
This is a preparation change to Bazel build implementation. Error Prone rejects the code with variable crypto algorithm as insecure see: [1]. [1] http://errorprone.info/bugpattern/InsecureCryptoUsage Change-Id: I92db70a7da454bc364597a995e8be5dccc2d6427 Signed-off-by: David Ostrovsky <david@ostrovsky.org>
This commit is contained in:
parent
02fe1e0b5b
commit
cee9d444e9
|
@ -91,7 +91,6 @@
|
|||
import java.util.TreeSet;
|
||||
import java.util.UUID;
|
||||
|
||||
import javax.crypto.Cipher;
|
||||
import javax.crypto.SecretKeyFactory;
|
||||
|
||||
import org.eclipse.jgit.api.Git;
|
||||
|
@ -772,16 +771,16 @@ static boolean isAlgorithmPresent(Properties props) {
|
|||
String profile = props.getProperty(AmazonS3.Keys.CRYPTO_ALG);
|
||||
String version = props.getProperty(AmazonS3.Keys.CRYPTO_VER,
|
||||
WalkEncryption.Vals.DEFAULT_VERS);
|
||||
String crytoAlgo;
|
||||
String cryptoAlgo;
|
||||
String keyAlgo;
|
||||
switch (version) {
|
||||
case WalkEncryption.Vals.DEFAULT_VERS:
|
||||
case WalkEncryption.JGitV1.VERSION:
|
||||
crytoAlgo = profile;
|
||||
cryptoAlgo = profile;
|
||||
keyAlgo = profile;
|
||||
break;
|
||||
case WalkEncryption.JGitV2.VERSION:
|
||||
crytoAlgo = props
|
||||
cryptoAlgo = props
|
||||
.getProperty(profile + WalkEncryption.Keys.X_ALGO);
|
||||
keyAlgo = props
|
||||
.getProperty(profile + WalkEncryption.Keys.X_KEY_ALGO);
|
||||
|
@ -790,7 +789,7 @@ static boolean isAlgorithmPresent(Properties props) {
|
|||
return false;
|
||||
}
|
||||
try {
|
||||
Cipher.getInstance(crytoAlgo);
|
||||
InsecureCipherFactory.create(cryptoAlgo);
|
||||
SecretKeyFactory.getInstance(keyAlgo);
|
||||
return true;
|
||||
} catch (Throwable e) {
|
||||
|
|
Loading…
Reference in New Issue