001/* 002 * jPOS Project [http://jpos.org] 003 * Copyright (C) 2000-2026 jPOS Software SRL 004 * 005 * This program is free software: you can redistribute it and/or modify 006 * it under the terms of the GNU Affero General Public License as 007 * published by the Free Software Foundation, either version 3 of the 008 * License, or (at your option) any later version. 009 * 010 * This program is distributed in the hope that it will be useful, 011 * but WITHOUT ANY WARRANTY; without even the implied warranty of 012 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 013 * GNU Affero General Public License for more details. 014 * 015 * You should have received a copy of the GNU Affero General Public License 016 * along with this program. If not, see <http://www.gnu.org/licenses/>. 017 */ 018 019package org.jpos.q2.cli; 020 021import org.jpos.iso.ISOUtil; 022import org.jpos.q2.CLICommand; 023import org.jpos.q2.CLIContext; 024import org.jpos.security.SystemSeed; 025 026import java.nio.ByteBuffer; 027import java.security.SecureRandom; 028import java.util.Base64; 029 030/** 031 * Obfuscate a secret 032 */ 033public class OBF implements CLICommand { 034 @Override 035 public void exec(CLIContext cli, String[] args) throws Exception { 036 if (args.length != 2) { 037 usage(cli); 038 return; 039 } 040 cli.println (String.format("obf::%s", obf(args[1]))); 041 } 042 public void usage(CLIContext cli) { 043 cli.println("Usage: obf \"secret\""); 044 } 045 046 private String obf(String s) { 047 SecureRandom sr = new SecureRandom(); 048 byte[] b = s.getBytes(); 049 byte[] e = new byte[Math.abs(sr.nextInt()) % 32]; 050 int i = Math.abs(sr.nextInt()); 051 sr.nextBytes(e); 052 b = ISOUtil.xor(b, SystemSeed.getSeed(i, b.length)); 053 ByteBuffer buf = ByteBuffer.allocate(b.length + e.length + 8); 054 buf.putInt(i); 055 buf.putInt(b.length); 056 buf.put(b); 057 buf.put(e); 058 return Base64.getEncoder().encodeToString(buf.array()); 059 } 060}