peval / owasp-esapi-java

Automatically exported from code.google.com/p/owasp-esapi-java
Other
0 stars 0 forks source link

Change ESAPI crypto to support hex-encoding of crypto keys #284

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago
Currently (in ESAPI 2.0.1 and earlier), the Encryptor.MasterKey and 
Encryptor.MasterSalt are both generated and stored in bas64-encoded format.

Hex-encoding is more conventional for crypto related items (keys, IVs, etc.).

This is a new feature request to:
1) Generate new Encryptor.MasterKey and Encryptor.MasterSalt via hex-encoding.
2) To support both hex-encoding and base64-encoding in reading properties 
Encryptor.MasterKey and Encryptor.MasterSalt from an existing ESAPI.properties 
file. (We need to continue to support base64-encoding for backward 
compatibility reasons.)

Besides being more conventional, advantage of hex format is that it is trivial 
to trim (say) a 256-bit key to turn it into a 128-bit.

Original issue reported on code.google.com by kevin.w.wall@gmail.com on 23 Aug 2012 at 4:52