Changeset 374 for trunk/grails-app
- Timestamp:
- Apr 23, 2010, 11:02:31 AM (11 years ago)
- Location:
- trunk/grails-app
- Files:
-
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/grails-app/conf/Config.groovy
r247 r374 84 84 } 85 85 } 86 87 // cryptography settings 88 crypto { 89 shared.secret = "U73reG*mE^\$t@7s!e%" 90 } -
trunk/grails-app/controllers/dbnp/studycapturing/TemplateEditorController.groovy
r373 r374 16 16 import dbnp.data.* 17 17 import dbnp.studycapturing.* 18 import cr.co.arquetipos.crypto.Blowfish 18 19 19 20 class TemplateEditorController { … … 26 27 if (params.entity) { 27 28 // decode entity get parameter 28 entity = new String(params.entity.toString().decodeBase64()) 29 if (grailsApplication.config.crypto) { 30 // generate a Blowfish encrypted and Base64 encoded string. 31 entity = Blowfish.decryptBase64( 32 params.entity, 33 grailsApplication.config.crypto.shared.secret 34 ) 35 } else { 36 // base64 only; this is INSECURE! Even though it is not 37 // very likely, it is possible to exploit this and have 38 // Grails dynamically instantiate whatever class you like. 39 // If that constructor does something harmfull this could 40 // be dangerous. Hence, use encryption (above) instead... 41 entity = new String(params.entity.toString().decodeBase64()) 42 } 29 43 } 30 44 -
trunk/grails-app/taglib/dbnp/studycapturing/WizardTagLib.groovy
r372 r374 4 4 import dbnp.studycapturing.* 5 5 import dbnp.data.* 6 import cr.co.arquetipos.crypto.Blowfish 6 7 7 8 /** … … 564 565 def entity = attrs.remove('entity') 565 566 566 // add the entity class name to the element as 567 // a base64 encoded string. 568 // TODO: encrypt this, instead of using base64! 569 // As this class is instantiated elsewhere 570 // this is a security hazard! 571 // @see TemplateEditorController 572 attrs['entity'] = entity.toString().replaceAll(/^class /,'').bytes.encodeBase64() 567 // add the entity class name to the element 568 // do we have crypto information available? 569 if (grailsApplication.config.crypto) { 570 // generate a Blowfish encrypted and Base64 encoded string. 571 attrs['entity'] = Blowfish.encryptBase64( 572 entity.toString().replaceAll(/^class /, ''), 573 grailsApplication.config.crypto.shared.secret 574 ) 575 } else { 576 // base64 only; this is INSECURE! As this class 577 // is instantiated elsewehere. Possibly exploitable! 578 attrs['entity'] = entity.toString().replaceAll(/^class /, '').bytes.encodeBase64() 579 } 573 580 574 581 // fetch templates
Note: See TracChangeset
for help on using the changeset viewer.