001    /**
002     *  Licensed to the Apache Software Foundation (ASF) under one or more
003     *  contributor license agreements.  See the NOTICE file distributed with
004     *  this work for additional information regarding copyright ownership.
005     *  The ASF licenses this file to You under the Apache License, Version 2.0
006     *  (the "License"); you may not use this file except in compliance with
007     *  the License.  You may obtain a copy of the License at
008     *
009     *     http://www.apache.org/licenses/LICENSE-2.0
010     *
011     *  Unless required by applicable law or agreed to in writing, software
012     *  distributed under the License is distributed on an "AS IS" BASIS,
013     *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014     *  See the License for the specific language governing permissions and
015     *  limitations under the License.
016     */
017    package org.apache.geronimo.crypto;
018    
019    import java.io.ByteArrayOutputStream;
020    import java.io.ObjectOutputStream;
021    import java.io.Serializable;
022    import java.io.ObjectInputStream;
023    import java.io.ByteArrayInputStream;
024    import javax.crypto.spec.SecretKeySpec;
025    import javax.crypto.Cipher;
026    import javax.crypto.SealedObject;
027    import org.apache.geronimo.crypto.encoders.Base64;
028    
029    /**
030     * This class protects some value BY ENCRYPTING WITH A KNOWN KEY.  That is
031     * to say, it's only safe against anyone who can't read the source code.
032     * So the main idea is to protect against casual observers.
033     *
034     * If someone has a better idea for how to implement encryption with a
035     * non-obvious key that the user isn't likely to change during the normal
036     * course of working with the server, I'd be happy to hear it.  (But I
037     * assume the SSL keystore is likely to be changed, which would result
038     * in losing all the "encrypted" data.
039     *
040     * @version $Rev: 706640 $ $Date: 2008-10-21 14:44:05 +0000 (Tue, 21 Oct 2008) $
041     */
042    public final class SimpleEncryption extends AbstractEncryption {
043    
044        public final static SimpleEncryption INSTANCE = new SimpleEncryption();
045    
046        private final static SecretKeySpec SECRET_KEY = new SecretKeySpec(new byte[]{(byte)-45,(byte)-15,(byte)100,(byte)-34,(byte)70,(byte)83,(byte)75,(byte)-100,(byte)-75,(byte)61,(byte)26,(byte)114,(byte)-20,(byte)-58,(byte)114,(byte)77}, "AES");
047    
048        private SimpleEncryption() {
049        }
050    
051        protected SecretKeySpec getSecretKeySpec() {
052            return SECRET_KEY;
053        }
054    }