Initial graduated contribution
diff --git a/bundles/org.eclipse.equinox.security.win32.x86/.classpath b/bundles/org.eclipse.equinox.security.win32.x86/.classpath
new file mode 100644
index 0000000..065ac06
--- /dev/null
+++ b/bundles/org.eclipse.equinox.security.win32.x86/.classpath
@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<classpath>
+ <classpathentry kind="src" path="src"/>
+ <classpathentry kind="con" path="org.eclipse.pde.core.requiredPlugins"/>
+ <classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER"/>
+ <classpathentry kind="output" path="bin"/>
+</classpath>
diff --git a/bundles/org.eclipse.equinox.security.win32.x86/.project b/bundles/org.eclipse.equinox.security.win32.x86/.project
new file mode 100644
index 0000000..fd6e4d9
--- /dev/null
+++ b/bundles/org.eclipse.equinox.security.win32.x86/.project
@@ -0,0 +1,28 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<projectDescription>
+ <name>org.eclipse.equinox.security.win32.x86</name>
+ <comment></comment>
+ <projects>
+ </projects>
+ <buildSpec>
+ <buildCommand>
+ <name>org.eclipse.jdt.core.javabuilder</name>
+ <arguments>
+ </arguments>
+ </buildCommand>
+ <buildCommand>
+ <name>org.eclipse.pde.ManifestBuilder</name>
+ <arguments>
+ </arguments>
+ </buildCommand>
+ <buildCommand>
+ <name>org.eclipse.pde.SchemaBuilder</name>
+ <arguments>
+ </arguments>
+ </buildCommand>
+ </buildSpec>
+ <natures>
+ <nature>org.eclipse.pde.PluginNature</nature>
+ <nature>org.eclipse.jdt.core.javanature</nature>
+ </natures>
+</projectDescription>
diff --git a/bundles/org.eclipse.equinox.security.win32.x86/.settings/org.eclipse.jdt.core.prefs b/bundles/org.eclipse.equinox.security.win32.x86/.settings/org.eclipse.jdt.core.prefs
new file mode 100644
index 0000000..743005f
--- /dev/null
+++ b/bundles/org.eclipse.equinox.security.win32.x86/.settings/org.eclipse.jdt.core.prefs
@@ -0,0 +1,7 @@
+#Tue Jan 08 16:13:49 EST 2008
+eclipse.preferences.version=1
+org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.2
+org.eclipse.jdt.core.compiler.compliance=1.4
+org.eclipse.jdt.core.compiler.problem.assertIdentifier=warning
+org.eclipse.jdt.core.compiler.problem.enumIdentifier=warning
+org.eclipse.jdt.core.compiler.source=1.3
diff --git a/bundles/org.eclipse.equinox.security.win32.x86/META-INF/MANIFEST.MF b/bundles/org.eclipse.equinox.security.win32.x86/META-INF/MANIFEST.MF
new file mode 100644
index 0000000..869e118
--- /dev/null
+++ b/bundles/org.eclipse.equinox.security.win32.x86/META-INF/MANIFEST.MF
@@ -0,0 +1,12 @@
+Manifest-Version: 1.0
+Bundle-ManifestVersion: 2
+Bundle-Name: %fragmentName
+Bundle-SymbolicName: org.eclipse.equinox.security.win32.x86;singleton:=true
+Bundle-Version: 1.0.0.qualifier
+Bundle-Vendor: %providerName
+Fragment-Host: org.eclipse.equinox.security;bundle-version="[1.0.0,2.0.0)"
+Bundle-RequiredExecutionEnvironment: J2SE-1.4
+Bundle-Localization: fragment
+Eclipse-PlatformFilter: (& (osgi.os=win32) (osgi.arch=x86))
+Export-Package: org.eclipse.equinox.internal.security.win32;x-internal:=true
+Require-Bundle: org.eclipse.swt;bundle-version="3.4.0";resolution:=optional
diff --git a/bundles/org.eclipse.equinox.security.win32.x86/about.html b/bundles/org.eclipse.equinox.security.win32.x86/about.html
new file mode 100644
index 0000000..4602330
--- /dev/null
+++ b/bundles/org.eclipse.equinox.security.win32.x86/about.html
@@ -0,0 +1,28 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"/>
+<title>About</title>
+</head>
+<body lang="EN-US">
+<h2>About This Content</h2>
+
+<p>June 2, 2006</p>
+<h3>License</h3>
+
+<p>The Eclipse Foundation makes available all content in this plug-in ("Content"). Unless otherwise
+indicated below, the Content is provided to you under the terms and conditions of the
+Eclipse Public License Version 1.0 ("EPL"). A copy of the EPL is available
+at <a href="http://www.eclipse.org/legal/epl-v10.html">http://www.eclipse.org/legal/epl-v10.html</a>.
+For purposes of the EPL, "Program" will mean the Content.</p>
+
+<p>If you did not receive this Content directly from the Eclipse Foundation, the Content is
+being redistributed by another party ("Redistributor") and different terms and conditions may
+apply to your use of any object code in the Content. Check the Redistributor's license that was
+provided with the Content. If no such license exists, contact the Redistributor. Unless otherwise
+indicated below, the terms and conditions of the EPL still apply to any source code in the Content
+and such source code may be obtained at <a href="http://www.eclipse.org">http://www.eclipse.org</a>.</p>
+
+</body>
+</html>
\ No newline at end of file
diff --git a/bundles/org.eclipse.equinox.security.win32.x86/build.properties b/bundles/org.eclipse.equinox.security.win32.x86/build.properties
new file mode 100644
index 0000000..f8c2037
--- /dev/null
+++ b/bundles/org.eclipse.equinox.security.win32.x86/build.properties
@@ -0,0 +1,12 @@
+source.. = src/
+output.. = bin/
+bin.includes = META-INF/,\
+ .,\
+ fragment.properties,\
+ fragment.xml,\
+ about.html,\
+ jnicrypt.dll
+src.includes = cpp/,\
+ META-INF/,\
+ about.html,\
+ src/
diff --git a/bundles/org.eclipse.equinox.security.win32.x86/cpp/ReadMe.txt b/bundles/org.eclipse.equinox.security.win32.x86/cpp/ReadMe.txt
new file mode 100644
index 0000000..b5f137c
--- /dev/null
+++ b/bundles/org.eclipse.equinox.security.win32.x86/cpp/ReadMe.txt
@@ -0,0 +1,31 @@
+/*******************************************************************************
+ * Copyright (c) 2007 IBM Corporation and others.
+ * All rights reserved. This program and the accompanying materials
+ * are made available under the terms of the Eclipse Public License v1.0
+ * which accompanies this distribution, and is available at
+ * http://www.eclipse.org/legal/epl-v10.html
+ *
+ * Contributors:
+ * IBM Corporation - initial API and implementation
+ *******************************************************************************/
+
+This is a JNI bridge to access native Windows encryption methods from Java. The methods
+perform user-specific encryption of the data. The same user can later decrypt data using
+methods provided by this DLL. A different user won't be able to decrypt the data.
+
+If the user has a roaming profile, he can decrypt data on a different computer in the domain.
+
+In the event if stand-alone computer needs to have OS re-installed (or the domain controller
+and the computer in the domain), be sure to create Windows password recovery disk BEFORE
+re-installing the operating system.
+
+Note that this mechanism is intended to be used with small size data (i.e., passwords). For
+large amount of data consider encrypting your password using this mechanism and using
+symmetric encryption to encrypt the data.
+
+To compile this DLL:
+=> JAVA_HOME environment variable needs to be setup so that jni.h can be found
+
+Note C++ projects settings:
+=> Additional include directories - "$(JAVA_HOME)/include";"$(JAVA_HOME)/include/win32"
+=> Additional linker dependency - Crypt32.lib
diff --git a/bundles/org.eclipse.equinox.security.win32.x86/cpp/jnicrypt.cpp b/bundles/org.eclipse.equinox.security.win32.x86/cpp/jnicrypt.cpp
new file mode 100644
index 0000000..9a8f2c4
--- /dev/null
+++ b/bundles/org.eclipse.equinox.security.win32.x86/cpp/jnicrypt.cpp
@@ -0,0 +1,81 @@
+/*******************************************************************************
+ * Copyright (c) 2007, 2008 IBM Corporation and others.
+ * All rights reserved. This program and the accompanying materials
+ * are made available under the terms of the Eclipse Public License v1.0
+ * which accompanies this distribution, and is available at
+ * http://www.eclipse.org/legal/epl-v10.html
+ *
+ * Contributors:
+ * IBM Corporation - initial API and implementation
+ *******************************************************************************/
+
+#define WIN32_LEAN_AND_MEAN // Exclude rarely-used stuff from Windows headers
+
+#include <windows.h>
+#include <wincrypt.h>
+#include "jnicrypt.h"
+
+BOOL APIENTRY DllMain(HMODULE hModule, DWORD ul_reason_for_call, LPVOID lpReserved)
+{
+ return TRUE;
+}
+
+JNIEXPORT jbyteArray JNICALL Java_org_eclipse_equinox_internal_security_win32_WinCrypto_winencrypt
+ (JNIEnv *env, jobject obj, jbyteArray value)
+{
+ jsize size = env->GetArrayLength(value);
+ jbyte *body = env->GetByteArrayElements(value, NULL);
+ if (body == NULL)
+ return NULL;
+
+ DATA_BLOB clearText;
+ DATA_BLOB encryptedText;
+ clearText.pbData = (BYTE*) body;
+ clearText.cbData = (DWORD) size;
+
+ BOOL result = CryptProtectData(&clearText, L"Equinox", NULL, NULL, NULL, 0, &encryptedText);
+
+ // release memory allocated by Java environment
+ env->ReleaseByteArrayElements(value, body, 0);
+
+ if (result == FALSE)
+ return NULL;
+
+ jbyteArray returnArray = env->NewByteArray(encryptedText.cbData);
+ env->SetByteArrayRegion(returnArray, 0, encryptedText.cbData, (jbyte*) encryptedText.pbData);
+ LocalFree(encryptedText.pbData); // no need any more, have Java representation
+
+ return returnArray;
+}
+
+JNIEXPORT jbyteArray JNICALL Java_org_eclipse_equinox_internal_security_win32_WinCrypto_windecrypt
+ (JNIEnv *env, jobject obj, jbyteArray value)
+{
+ jsize size = env->GetArrayLength(value);
+ jbyte *body = env->GetByteArrayElements(value, NULL);
+ if (body == NULL)
+ return NULL;
+
+ DATA_BLOB clearText;
+ DATA_BLOB encryptedText;
+ encryptedText.pbData = (BYTE*) body;
+ encryptedText.cbData = (DWORD) size;
+
+ LPWSTR pDescrOut = NULL;
+ BOOL result = CryptUnprotectData(&encryptedText, &pDescrOut, NULL, NULL, NULL, 0, &clearText);
+
+ if (pDescrOut != NULL)
+ LocalFree(pDescrOut);
+
+ // release memory allocated by Java environment
+ env->ReleaseByteArrayElements(value, body, 0);
+
+ if (result == FALSE)
+ return NULL;
+
+ jbyteArray returnArray = env->NewByteArray(clearText.cbData);
+ env->SetByteArrayRegion(returnArray, 0, clearText.cbData, (jbyte*) clearText.pbData);
+ LocalFree(clearText.pbData); // no need any more, have Java representation
+
+ return returnArray;
+}
diff --git a/bundles/org.eclipse.equinox.security.win32.x86/cpp/jnicrypt.h b/bundles/org.eclipse.equinox.security.win32.x86/cpp/jnicrypt.h
new file mode 100644
index 0000000..9d44ffe
--- /dev/null
+++ b/bundles/org.eclipse.equinox.security.win32.x86/cpp/jnicrypt.h
@@ -0,0 +1,28 @@
+/*******************************************************************************
+ * Copyright (c) 2007, 2008 IBM Corporation and others.
+ * All rights reserved. This program and the accompanying materials
+ * are made available under the terms of the Eclipse Public License v1.0
+ * which accompanies this distribution, and is available at
+ * http://www.eclipse.org/legal/epl-v10.html
+ *
+ * Contributors:
+ * IBM Corporation - initial API and implementation
+ *******************************************************************************/
+#include <jni.h>
+
+#ifndef EQUINOX_WIN32_CRYPTO
+#define EQUINOX_WIN32_CRYPTO
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+JNIEXPORT jbyteArray JNICALL Java_org_eclipse_equinox_internal_security_win32_WinCrypto_windecrypt(JNIEnv *, jobject, jbyteArray);
+JNIEXPORT jbyteArray JNICALL Java_org_eclipse_equinox_internal_security_win32_WinCrypto_winencrypt(JNIEnv *, jobject, jbyteArray);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif // #ifndef EQUINOX_WIN32_CRYPTO
+
diff --git a/bundles/org.eclipse.equinox.security.win32.x86/cpp/jnicrypt.vcproj b/bundles/org.eclipse.equinox.security.win32.x86/cpp/jnicrypt.vcproj
new file mode 100644
index 0000000..c207c57
--- /dev/null
+++ b/bundles/org.eclipse.equinox.security.win32.x86/cpp/jnicrypt.vcproj
@@ -0,0 +1,209 @@
+<?xml version="1.0" encoding="Windows-1252"?>
+<VisualStudioProject
+ ProjectType="Visual C++"
+ Version="8.00"
+ Name="jnicrypt"
+ ProjectGUID="{F34C755E-2053-4783-85FC-356BC2CE2A35}"
+ RootNamespace="jnicrypt"
+ Keyword="Win32Proj"
+ >
+ <Platforms>
+ <Platform
+ Name="Win32"
+ />
+ </Platforms>
+ <ToolFiles>
+ </ToolFiles>
+ <Configurations>
+ <Configuration
+ Name="Debug|Win32"
+ OutputDirectory="$(SolutionDir)$(ConfigurationName)"
+ IntermediateDirectory="$(ConfigurationName)"
+ ConfigurationType="2"
+ CharacterSet="1"
+ >
+ <Tool
+ Name="VCPreBuildEventTool"
+ />
+ <Tool
+ Name="VCCustomBuildTool"
+ />
+ <Tool
+ Name="VCXMLDataGeneratorTool"
+ />
+ <Tool
+ Name="VCWebServiceProxyGeneratorTool"
+ />
+ <Tool
+ Name="VCMIDLTool"
+ />
+ <Tool
+ Name="VCCLCompilerTool"
+ Optimization="0"
+ AdditionalIncludeDirectories=""$(JAVA_HOME)/include";"$(JAVA_HOME)/include/win32""
+ PreprocessorDefinitions="WIN32;_DEBUG;_WINDOWS;_USRDLL;JNICRYPT_EXPORTS"
+ MinimalRebuild="true"
+ BasicRuntimeChecks="3"
+ RuntimeLibrary="3"
+ UsePrecompiledHeader="0"
+ WarningLevel="3"
+ Detect64BitPortabilityProblems="true"
+ DebugInformationFormat="4"
+ />
+ <Tool
+ Name="VCManagedResourceCompilerTool"
+ />
+ <Tool
+ Name="VCResourceCompilerTool"
+ />
+ <Tool
+ Name="VCPreLinkEventTool"
+ />
+ <Tool
+ Name="VCLinkerTool"
+ AdditionalDependencies="Crypt32.lib"
+ LinkIncremental="2"
+ GenerateDebugInformation="true"
+ SubSystem="2"
+ TargetMachine="1"
+ />
+ <Tool
+ Name="VCALinkTool"
+ />
+ <Tool
+ Name="VCManifestTool"
+ />
+ <Tool
+ Name="VCXDCMakeTool"
+ />
+ <Tool
+ Name="VCBscMakeTool"
+ />
+ <Tool
+ Name="VCFxCopTool"
+ />
+ <Tool
+ Name="VCAppVerifierTool"
+ />
+ <Tool
+ Name="VCWebDeploymentTool"
+ />
+ <Tool
+ Name="VCPostBuildEventTool"
+ />
+ </Configuration>
+ <Configuration
+ Name="Release|Win32"
+ OutputDirectory="$(SolutionDir)$(ConfigurationName)"
+ IntermediateDirectory="$(ConfigurationName)"
+ ConfigurationType="2"
+ CharacterSet="1"
+ WholeProgramOptimization="1"
+ >
+ <Tool
+ Name="VCPreBuildEventTool"
+ />
+ <Tool
+ Name="VCCustomBuildTool"
+ />
+ <Tool
+ Name="VCXMLDataGeneratorTool"
+ />
+ <Tool
+ Name="VCWebServiceProxyGeneratorTool"
+ />
+ <Tool
+ Name="VCMIDLTool"
+ />
+ <Tool
+ Name="VCCLCompilerTool"
+ AdditionalIncludeDirectories=""$(JAVA_HOME)/include";"$(JAVA_HOME)/include/win32""
+ PreprocessorDefinitions="WIN32;NDEBUG;_WINDOWS;_USRDLL;JNICRYPT_EXPORTS"
+ RuntimeLibrary="2"
+ UsePrecompiledHeader="0"
+ WarningLevel="3"
+ Detect64BitPortabilityProblems="true"
+ DebugInformationFormat="3"
+ />
+ <Tool
+ Name="VCManagedResourceCompilerTool"
+ />
+ <Tool
+ Name="VCResourceCompilerTool"
+ />
+ <Tool
+ Name="VCPreLinkEventTool"
+ />
+ <Tool
+ Name="VCLinkerTool"
+ AdditionalDependencies="Crypt32.lib"
+ LinkIncremental="1"
+ GenerateDebugInformation="true"
+ SubSystem="2"
+ OptimizeReferences="2"
+ EnableCOMDATFolding="2"
+ TargetMachine="1"
+ />
+ <Tool
+ Name="VCALinkTool"
+ />
+ <Tool
+ Name="VCManifestTool"
+ />
+ <Tool
+ Name="VCXDCMakeTool"
+ />
+ <Tool
+ Name="VCBscMakeTool"
+ />
+ <Tool
+ Name="VCFxCopTool"
+ />
+ <Tool
+ Name="VCAppVerifierTool"
+ />
+ <Tool
+ Name="VCWebDeploymentTool"
+ />
+ <Tool
+ Name="VCPostBuildEventTool"
+ />
+ </Configuration>
+ </Configurations>
+ <References>
+ </References>
+ <Files>
+ <Filter
+ Name="Source Files"
+ Filter="cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx"
+ UniqueIdentifier="{4FC737F1-C7A5-4376-A066-2A32D752A2FF}"
+ >
+ <File
+ RelativePath=".\jnicrypt.cpp"
+ >
+ </File>
+ </Filter>
+ <Filter
+ Name="Header Files"
+ Filter="h;hpp;hxx;hm;inl;inc;xsd"
+ UniqueIdentifier="{93995380-89BD-4b04-88EB-625FBE52EBFB}"
+ >
+ <File
+ RelativePath=".\jnicrypt.h"
+ >
+ </File>
+ </Filter>
+ <Filter
+ Name="Resource Files"
+ Filter="rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav"
+ UniqueIdentifier="{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}"
+ >
+ </Filter>
+ <File
+ RelativePath=".\ReadMe.txt"
+ >
+ </File>
+ </Files>
+ <Globals>
+ </Globals>
+</VisualStudioProject>
diff --git a/bundles/org.eclipse.equinox.security.win32.x86/fragment.properties b/bundles/org.eclipse.equinox.security.win32.x86/fragment.properties
new file mode 100644
index 0000000..79c7758
--- /dev/null
+++ b/bundles/org.eclipse.equinox.security.win32.x86/fragment.properties
@@ -0,0 +1,13 @@
+###############################################################################
+# Copyright (c) 2008 IBM Corporation and others.
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Eclipse Public License v1.0
+# which accompanies this distribution, and is available at
+# http://www.eclipse.org/legal/epl-v10.html
+#
+# Contributors:
+# IBM Corporation - initial API and implementation
+###############################################################################
+fragmentName = Windows Data Protection services integration
+providerName = Eclipse.org
+moduleName = Password provider backed by the Windows Data Protection API (DPAPI)
diff --git a/bundles/org.eclipse.equinox.security.win32.x86/fragment.xml b/bundles/org.eclipse.equinox.security.win32.x86/fragment.xml
new file mode 100644
index 0000000..bb3899f
--- /dev/null
+++ b/bundles/org.eclipse.equinox.security.win32.x86/fragment.xml
@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<?eclipse version="3.2"?>
+<fragment>
+ <extension
+ id="WindowsPasswordProvider"
+ name="%moduleName"
+ point="org.eclipse.equinox.security.secureStorage">
+ <provider
+ class="org.eclipse.equinox.internal.security.win32.WinCrypto"
+ priority="5">
+ </provider>
+ </extension>
+
+</fragment>
diff --git a/bundles/org.eclipse.equinox.security.win32.x86/jnicrypt.dll b/bundles/org.eclipse.equinox.security.win32.x86/jnicrypt.dll
new file mode 100644
index 0000000..bbfbafa
--- /dev/null
+++ b/bundles/org.eclipse.equinox.security.win32.x86/jnicrypt.dll
Binary files differ
diff --git a/bundles/org.eclipse.equinox.security.win32.x86/src/org/eclipse/equinox/internal/security/win32/WinCrypto.java b/bundles/org.eclipse.equinox.security.win32.x86/src/org/eclipse/equinox/internal/security/win32/WinCrypto.java
new file mode 100644
index 0000000..724fe80
--- /dev/null
+++ b/bundles/org.eclipse.equinox.security.win32.x86/src/org/eclipse/equinox/internal/security/win32/WinCrypto.java
@@ -0,0 +1,143 @@
+/*******************************************************************************
+ * Copyright (c) 2008 IBM Corporation and others.
+ * All rights reserved. This program and the accompanying materials
+ * are made available under the terms of the Eclipse Public License v1.0
+ * which accompanies this distribution, and is available at
+ * http://www.eclipse.org/legal/epl-v10.html
+ *
+ * Contributors:
+ * IBM Corporation - initial API and implementation
+ *******************************************************************************/
+package org.eclipse.equinox.internal.security.win32;
+
+import java.io.IOException;
+import java.security.SecureRandom;
+
+import javax.crypto.spec.PBEKeySpec;
+
+import org.eclipse.equinox.internal.security.auth.AuthPlugin;
+import org.eclipse.equinox.internal.security.auth.nls.SecAuthMessages;
+import org.eclipse.equinox.internal.security.storage.Base64;
+import org.eclipse.equinox.internal.security.win32.nls.WinCryptoMessages;
+import org.eclipse.equinox.security.storage.ISecurePreferences;
+import org.eclipse.equinox.security.storage.StorageException;
+import org.eclipse.equinox.security.storage.provider.IPreferencesContainer;
+import org.eclipse.equinox.security.storage.provider.IProviderHints;
+import org.eclipse.equinox.security.storage.provider.PasswordProvider;
+
+/**
+ * Provides interface with native Windows data protection API. This provider
+ * auto-generates separate passwords for each secure preferences tree.
+ */
+public class WinCrypto extends PasswordProvider {
+
+ native public byte[] windecrypt(byte[] encryptedText);
+
+ native public byte[] winencrypt(byte[] clearText);
+
+ static {
+ System.loadLibrary("jnicrypt");
+ }
+
+ private final static String WIN_PROVIDER_NODE = "/org.eclipse.equinox.secure.storage/windows";
+ private final static String PASSWORD_KEY = "encryptedPassword";
+
+ /**
+ * The length of the randomly generated password in bytes
+ */
+ private final static int PASSWORD_LENGTH = 250;
+
+ public PBEKeySpec login(IPreferencesContainer container) {
+ byte[] encryptedPassord = getEncryptedPassword(container);
+ if (encryptedPassord != null) {
+ byte[] decryptedPassword = windecrypt(encryptedPassord);
+ if (decryptedPassword != null) {
+ String password = new String(decryptedPassword);
+ return new PBEKeySpec(password.toCharArray());
+ } else {
+ StorageException e = new StorageException(StorageException.ENCRYPTION_ERROR, WinCryptoMessages.decryptPasswordFailed);
+ AuthPlugin.getDefault().logError(WinCryptoMessages.decryptPasswordFailed, e);
+
+ if (container.hasOption(IProviderHints.PROMPT_USER)) {
+ Object promptHint = container.getOption(IProviderHints.PROMPT_USER);
+ if (promptHint instanceof Boolean) {
+ boolean canPrompt = ((Boolean) promptHint).booleanValue();
+ if (!canPrompt)
+ return null;
+ }
+ }
+ try {
+ if (!WinCryptoUI.canRecreatePassword())
+ return null;
+ } catch (ClassNotFoundException exception) {
+ return null;
+ }
+ // follow down with new password generation
+ }
+ }
+
+ // add info message in the log
+ AuthPlugin.getDefault().logMessage(WinCryptoMessages.newPasswordGenerated);
+
+ byte[] rawPassword = new byte[PASSWORD_LENGTH];
+ SecureRandom random = new SecureRandom();
+ random.setSeed(System.currentTimeMillis());
+ random.nextBytes(rawPassword);
+ String password = Base64.encode(rawPassword);
+ if (savePassword(password, container))
+ return new PBEKeySpec(password.toCharArray());
+ else
+ return null;
+ }
+
+ private byte[] getEncryptedPassword(IPreferencesContainer container) {
+ ISecurePreferences node = container.getPreferences().node(WIN_PROVIDER_NODE);
+ String passwordHint;
+ try {
+ passwordHint = node.get(PASSWORD_KEY, null);
+ } catch (StorageException e) { // should never happen in this scenario
+ AuthPlugin.getDefault().logError(WinCryptoMessages.decryptPasswordFailed, e);
+ return null;
+ }
+ if (passwordHint == null)
+ return null;
+ return Base64.decode(passwordHint);
+ }
+
+ private boolean savePassword(String password, IPreferencesContainer container){
+ byte[] data = winencrypt(password.getBytes());
+ if (data == null) { // this is bad. Something wrong with OS or JNI.
+ StorageException e = new StorageException(StorageException.ENCRYPTION_ERROR, WinCryptoMessages.encryptPasswordFailed);
+ AuthPlugin.getDefault().logError(WinCryptoMessages.encryptPasswordFailed, e);
+ return false;
+ }
+ String encodedEncryptyedPassword = Base64.encode(data);
+ ISecurePreferences node = container.getPreferences().node(WIN_PROVIDER_NODE);
+ try {
+ node.put(PASSWORD_KEY, encodedEncryptyedPassword, false); // note we don't recursively try to encrypt
+ } catch (StorageException e) { // should never happen in this scenario
+ AuthPlugin.getDefault().logError(SecAuthMessages.errorOnSave, e);
+ return false;
+ }
+ try {
+ node.flush(); // save right away
+ } catch (IOException e) {
+ AuthPlugin.getDefault().logError(SecAuthMessages.errorOnSave, e);
+ return false;
+ }
+ return true;
+ }
+
+ public boolean changePassword(Exception e, IPreferencesContainer container) {
+ // It would be rather dangerous to allow this password to be changed
+ // as it would permanently trash all entries in the secure storage.
+ // Rather applications using get...() should handle exceptions and offer to overwrite
+ // data on an entry-by-entry scale.
+ return false;
+ }
+
+ public void logout(IPreferencesContainer container) {
+ // nothing to do
+ }
+
+}
diff --git a/bundles/org.eclipse.equinox.security.win32.x86/src/org/eclipse/equinox/internal/security/win32/WinCryptoUI.java b/bundles/org.eclipse.equinox.security.win32.x86/src/org/eclipse/equinox/internal/security/win32/WinCryptoUI.java
new file mode 100644
index 0000000..83f2cbc
--- /dev/null
+++ b/bundles/org.eclipse.equinox.security.win32.x86/src/org/eclipse/equinox/internal/security/win32/WinCryptoUI.java
@@ -0,0 +1,30 @@
+/*******************************************************************************
+ * Copyright (c) 2008 IBM Corporation and others.
+ * All rights reserved. This program and the accompanying materials
+ * are made available under the terms of the Eclipse Public License v1.0
+ * which accompanies this distribution, and is available at
+ * http://www.eclipse.org/legal/epl-v10.html
+ *
+ * Contributors:
+ * IBM Corporation - initial API and implementation
+ *******************************************************************************/
+package org.eclipse.equinox.internal.security.win32;
+
+import org.eclipse.equinox.internal.security.win32.nls.WinCryptoMessages;
+import org.eclipse.swt.SWT;
+import org.eclipse.swt.widgets.MessageBox;
+import org.eclipse.swt.widgets.Shell;
+
+/**
+ * Isolates optional UI functionality
+ */
+public class WinCryptoUI {
+
+ public static boolean canRecreatePassword() throws ClassNotFoundException{
+ MessageBox dialog = new MessageBox(new Shell(), SWT.ICON_ERROR | SWT.YES | SWT.NO);
+ dialog.setText(WinCryptoMessages.newPasswordTitle);
+ dialog.setMessage(WinCryptoMessages.newPasswordMessage);
+ int result = dialog.open();
+ return (result == SWT.YES);
+ }
+}
diff --git a/bundles/org.eclipse.equinox.security.win32.x86/src/org/eclipse/equinox/internal/security/win32/nls/WinCryptoMessages.java b/bundles/org.eclipse.equinox.security.win32.x86/src/org/eclipse/equinox/internal/security/win32/nls/WinCryptoMessages.java
new file mode 100644
index 0000000..d14c2a4
--- /dev/null
+++ b/bundles/org.eclipse.equinox.security.win32.x86/src/org/eclipse/equinox/internal/security/win32/nls/WinCryptoMessages.java
@@ -0,0 +1,34 @@
+/*******************************************************************************
+ * Copyright (c) 2008 IBM Corporation and others.
+ * All rights reserved. This program and the accompanying materials
+ * are made available under the terms of the Eclipse Public License v1.0
+ * which accompanies this distribution, and is available at
+ * http://www.eclipse.org/legal/epl-v10.html
+ *
+ * Contributors:
+ * IBM Corporation - initial API and implementation
+ *******************************************************************************/
+package org.eclipse.equinox.internal.security.win32.nls;
+
+import org.eclipse.osgi.util.NLS;
+
+public class WinCryptoMessages extends NLS {
+
+ private static final String BUNDLE_NAME = "org.eclipse.equinox.internal.security.win32.nls.messages"; //$NON-NLS-1$
+
+ // Windows module
+ public static String encryptPasswordFailed;
+ public static String decryptPasswordFailed;
+ public static String newPasswordTitle;
+ public static String newPasswordMessage;
+ public static String newPasswordGenerated;
+
+ static {
+ // load message values from bundle file
+ reloadMessages();
+ }
+
+ public static void reloadMessages() {
+ NLS.initializeMessages(BUNDLE_NAME, WinCryptoMessages.class);
+ }
+}
\ No newline at end of file
diff --git a/bundles/org.eclipse.equinox.security.win32.x86/src/org/eclipse/equinox/internal/security/win32/nls/messages.properties b/bundles/org.eclipse.equinox.security.win32.x86/src/org/eclipse/equinox/internal/security/win32/nls/messages.properties
new file mode 100644
index 0000000..1f204f2
--- /dev/null
+++ b/bundles/org.eclipse.equinox.security.win32.x86/src/org/eclipse/equinox/internal/security/win32/nls/messages.properties
@@ -0,0 +1,17 @@
+###############################################################################
+# Copyright (c) 2008 IBM Corporation and others.
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Eclipse Public License v1.0
+# which accompanies this distribution, and is available at
+# http://www.eclipse.org/legal/epl-v10.html
+#
+# Contributors:
+# IBM Corporation - initial API and implementation
+###############################################################################
+
+## Windows module
+encryptPasswordFailed = Unable to encrypt master password for storage.
+decryptPasswordFailed = Unable to decrypt master password.
+newPasswordTitle = Keyring password
+newPasswordMessage = Unable to retrieve keyring password. Would you like to generate new keyring password?
+newPasswordGenerated = New keyring password generated.