Remove hibernate password encryption feature. Add back to use better

encryption algorithm if necessary.
2025-12-08 18:26:30 +00:00 · 2013-07-03 13:34:22 +08:00 · 2013-07-03 13:34:22 +08:00 · e0dc1e3c20
commit e0dc1e3c20
parent 419ad4cb9b
2 changed files with 0 additions and 48 deletions
--- a/commons.persistence/src/main/java/com/pmease/commons/persistence/ConfigurationProvider.java
+++ b/commons.persistence/src/main/java/com/pmease/commons/persistence/ConfigurationProvider.java
@ -47,9 +47,6 @@ public class ConfigurationProvider implements Provider<Configuration> {
 			String url = hibernateProperties.getProperty(Environment.URL);
 			hibernateProperties.setProperty(Environment.URL, 
 					StringUtils.replace(url, "${installDir}", Bootstrap.installDir.getAbsolutePath()));
-			String encryptedPassword = hibernateProperties.getProperty("hibernate.connection.encrypted_password");
-			if (StringUtils.isNotBlank(encryptedPassword))
-				hibernateProperties.setProperty(Environment.PASS, StringUtils.decrypt(encryptedPassword.trim()));
 			
 			configuration = new Configuration();
 			configuration.setNamingStrategy(namingStrategy);
--- a/commons.util/src/main/java/com/pmease/commons/util/StringUtils.java
+++ b/commons.util/src/main/java/com/pmease/commons/util/StringUtils.java
@ -4,56 +4,11 @@ import java.io.BufferedReader;
 import java.io.IOException;
 import java.io.StreamTokenizer;
 import java.io.StringReader;
-import java.security.spec.KeySpec;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.List;

-import javax.crypto.Cipher;
-import javax.crypto.SecretKey;
-import javax.crypto.SecretKeyFactory;
-import javax.crypto.spec.DESedeKeySpec;
-
-import org.apache.commons.codec.binary.Base64;
-
-import com.pmease.commons.bootstrap.BootstrapUtils;
-
 public class StringUtils extends org.apache.commons.lang3.StringUtils {
-	private static final String ENCRYPTION_KEY = "123456789012345678901234567890";
-	
-    public static String encrypt(String string) {
-    	if (string == null)
-    		return null;
-        try {
-            KeySpec keySpec = new DESedeKeySpec(ENCRYPTION_KEY.getBytes("UTF8"));
-            SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DESede");
-            Cipher cipher = Cipher.getInstance("DESede");
-        	
-            SecretKey key = keyFactory.generateSecret(keySpec);
-            cipher.init(Cipher.ENCRYPT_MODE, key);
-            byte[] ciphertext = cipher.doFinal(string.getBytes("UTF8"));
-            return new String(Base64.encodeBase64(ciphertext));
-        } catch (Exception e) {
-        	throw BootstrapUtils.unchecked(e);
-        }
-    }
-
-    public static String decrypt(String string) {
-    	if (string == null)
-    		return null;
-        try {
-            KeySpec keySpec = new DESedeKeySpec(ENCRYPTION_KEY.getBytes("UTF8"));
-            SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DESede");
-            Cipher cipher = Cipher.getInstance("DESede");
-        	
-            SecretKey key = keyFactory.generateSecret(keySpec);
-            cipher.init(Cipher.DECRYPT_MODE, key);
-            byte[] bytes = cipher.doFinal(Base64.decodeBase64(string.getBytes()));
-            return new String(bytes, "UTF8");
-        } catch (Exception e) {
-        	throw BootstrapUtils.unchecked(e);
-        }
-    }

    /**
     * Split specified string with specified separator and trim the result fields.