001 /** 002 * Licensed to the Apache Software Foundation (ASF) under one or more 003 * contributor license agreements. See the NOTICE file distributed with 004 * this work for additional information regarding copyright ownership. 005 * The ASF licenses this file to You under the Apache License, Version 2.0 006 * (the "License"); you may not use this file except in compliance with 007 * the License. You may obtain a copy of the License at 008 * 009 * http://www.apache.org/licenses/LICENSE-2.0 010 * 011 * Unless required by applicable law or agreed to in writing, software 012 * distributed under the License is distributed on an "AS IS" BASIS, 013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 014 * See the License for the specific language governing permissions and 015 * limitations under the License. 016 */ 017 package org.apache.geronimo.crypto; 018 019 import java.io.ByteArrayOutputStream; 020 import java.io.ObjectOutputStream; 021 import java.io.Serializable; 022 import java.io.ObjectInputStream; 023 import java.io.ByteArrayInputStream; 024 import javax.crypto.spec.SecretKeySpec; 025 import javax.crypto.Cipher; 026 import javax.crypto.SealedObject; 027 import org.apache.geronimo.crypto.encoders.Base64; 028 029 /** 030 * This class protects some value BY ENCRYPTING WITH A KNOWN KEY. That is 031 * to say, it's only safe against anyone who can't read the source code. 032 * So the main idea is to protect against casual observers. 033 * 034 * If someone has a better idea for how to implement encryption with a 035 * non-obvious key that the user isn't likely to change during the normal 036 * course of working with the server, I'd be happy to hear it. (But I 037 * assume the SSL keystore is likely to be changed, which would result 038 * in losing all the "encrypted" data. 039 * 040 * @version $Rev: 706640 $ $Date: 2008-10-21 14:44:05 +0000 (Tue, 21 Oct 2008) $ 041 */ 042 public final class SimpleEncryption extends AbstractEncryption { 043 044 public final static SimpleEncryption INSTANCE = new SimpleEncryption(); 045 046 private final static SecretKeySpec SECRET_KEY = new SecretKeySpec(new byte[]{(byte)-45,(byte)-15,(byte)100,(byte)-34,(byte)70,(byte)83,(byte)75,(byte)-100,(byte)-75,(byte)61,(byte)26,(byte)114,(byte)-20,(byte)-58,(byte)114,(byte)77}, "AES"); 047 048 private SimpleEncryption() { 049 } 050 051 protected SecretKeySpec getSecretKeySpec() { 052 return SECRET_KEY; 053 } 054 }