MemoryPasswordSafe.java example

Explorer
consulo-master
/*
 * Copyright 2000-2010 JetBrains s.r.o.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package com.intellij.ide.passwordSafe.impl.providers.memory;

import com.intellij.ide.passwordSafe.impl.providers.BasePasswordSafeProvider;
import com.intellij.ide.passwordSafe.impl.providers.ByteArrayWrapper;
import com.intellij.ide.passwordSafe.impl.providers.EncryptionUtil;
import com.intellij.openapi.project.Project;
import com.intellij.util.containers.HashMap;

import java.security.SecureRandom;
import java.util.Map;
import java.util.concurrent.atomic.AtomicReference;

/**
 * The provider that stores passwords in memory in encrypted from. It does not stores passwords on the disk,
 * so all passwords are forgotten after application exit. Some efforts are done to complicate retrieving passwords
 * from page file. However the passwords could be still retrieved from the memory using debugger or full memory dump.
 */
public class MemoryPasswordSafe extends BasePasswordSafeProvider {
  /**
   * The key to use to encrypt data
   */
  private transient final AtomicReference<byte[]> key = new AtomicReference<byte[]>();
  /**
   * The password database
   */
  private transient final Map<ByteArrayWrapper, byte[]> database = new HashMap<ByteArrayWrapper, byte[]>();

  /**
   * @param project the project to use
   * @return the secret key used by provider
   */
  @Override
  protected byte[] key(Project project) {
    if (key.get() == null) {
      byte[] rnd = new byte[EncryptionUtil.SECRET_KEY_SIZE_BYTES * 16];
      new SecureRandom().nextBytes(rnd);
      key.compareAndSet(null, EncryptionUtil.genKey(EncryptionUtil.hash(rnd)));
    }
    return key.get();
  }

  /**
   * {@inheritDoc}
   */
  @Override
  protected byte[] getEncryptedPassword(byte[] key) {
    synchronized (database) {
      return database.get(new ByteArrayWrapper(key));
    }
  }

  /**
   * {@inheritDoc}
   */
  @Override
  protected void removeEncryptedPassword(byte[] key) {
    synchronized (database) {
      database.remove(new ByteArrayWrapper(key));
    }
  }

  /**
   * {@inheritDoc}
   */
  @Override
  protected void storeEncryptedPassword(byte[] key, byte[] encryptedPassword) {
    synchronized (database) {
      database.put(new ByteArrayWrapper(key), encryptedPassword);
    }
  }

  /**
   * {@inheritDoc}
   */
  @Override
  public boolean isSupported() {
    return true;
  }

  /**
   * {@inheritDoc}
   */
  @Override
  public String getDescription() {
    return "Memory-based password safe provider. The passwords are stored only for the duration of IDEA process.";
  }

  /**
   * {@inheritDoc}
   */
  @Override
  public String getName() {
    return "Memory PasswordSafe";
  }
}