me/no-java
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added a private randomizer field to prevent editing user data so as to

Browse Source 
affect the resultant hash
This commit is contained in:
Dave
2015-01-31 22:12:56 +02:00
parent fb63626fc5
commit ff35dd8680
1 changed files with 13 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
src/nodash/models/NoUser.java
View File

@@ -51,6 +51,7 @@ public class NoUser implements Serializable {
private static final long serialVersionUID = 7132405837081692211L; private static final long serialVersionUID = 7132405837081692211L;
private PublicKey publicKey; private PublicKey publicKey;
private PrivateKey privateKey; private PrivateKey privateKey;
private String randomized;
public int influences; public int influences;
public int actions; public int actions;
@@ -78,11 +79,23 @@ public class NoUser implements Serializable {
this.privateKey = keyPair.getPrivate(); this.privateKey = keyPair.getPrivate();
this.influences = 0; this.influences = 0;
this.actions = 0; this.actions = 0;
this.touchRandomizer();
}
private void touchRandomizer() {
byte[] randomBytes = new byte[64];
try {
SecureRandom.getInstance(NoUtil.SECURERANDOM_ALGORITHM).nextBytes(randomBytes);
} catch (NoSuchAlgorithmException e) {
throw new NoDashFatalException("Value for SECURERANDOM_ALGORITHM not valid.", e);
}
this.randomized = new String(randomBytes);
} }
public final byte[] createFile(char[] password) { public final byte[] createFile(char[] password) {
ArrayList<NoAction> temp = this.outgoing; ArrayList<NoAction> temp = this.outgoing;
try { try {
this.touchRandomizer();
this.outgoing = new ArrayList<NoAction>(); this.outgoing = new ArrayList<NoAction>();
ByteArrayOutputStream baos = new ByteArrayOutputStream(); ByteArrayOutputStream baos = new ByteArrayOutputStream();
ObjectOutputStream oos = new ObjectOutputStream(baos); ObjectOutputStream oos = new ObjectOutputStream(baos);