InsecureCipherFactory.java

  1. /*
  2.  * Copyright (C) 2016, Google Inc. and others
  3.  *
  4.  * This program and the accompanying materials are made available under the
  5.  * terms of the Eclipse Distribution License v. 1.0 which is available at
  6.  * https://www.eclipse.org/org/documents/edl-v10.php.
  7.  *
  8.  * SPDX-License-Identifier: BSD-3-Clause
  9.  */

  11. package org.eclipse.jgit.transport;

  13. import java.security.NoSuchAlgorithmException;

  15. import javax.crypto.Cipher;
  16. import javax.crypto.NoSuchPaddingException;

  18. /**
  19.  * <b>DO NOT USE</b> Factory to create any cipher.
  20.  * <p>
  21.  * This is a hack for {@link WalkEncryption} to create any cipher configured by
  22.  * the end-user. Using this class allows JGit to violate ErrorProne's security
  23.  * recommendations (<a
  24.  * href="https://errorprone.info/bugpattern/InsecureCryptoUsage"
  25.  * >InsecureCryptoUsage</a>), which is not secure.
  26.  */
  27. class InsecureCipherFactory {
  28.     static Cipher create(String algo)
  29.             throws NoSuchAlgorithmException, NoSuchPaddingException {
  30.         return Cipher.getInstance(algo);
  31.     }
  32. }
Created with JaCoCo 0.8.6.202009150832