int length = keyValueList.size();
// Let us run through the list to see if there is any salt
for (int i = 0; i < length; i++) {
KeyValueType kvt = (KeyValueType) keyValueList.get(i);
String key = kvt.getKey();
if (PicketLinkFederationConstants.SALT.equalsIgnoreCase(key))
salt = kvt.getValue();
if (PicketLinkFederationConstants.ITERATION_COUNT.equalsIgnoreCase(key))
iterationCount = Integer.parseInt(kvt.getValue());
}
if (salt == null)
return keyValueList;
// Ok. there is a salt configured. So we have some properties with masked values
List<KeyValueType> returningList = new ArrayList<KeyValueType>();
// Create the PBE secret key
SecretKeyFactory factory = SecretKeyFactory.getInstance(pbeAlgo);
char[] password = "somearbitrarycrazystringthatdoesnotmatter".toCharArray();
PBEParameterSpec cipherSpec = new PBEParameterSpec(salt.getBytes(), iterationCount);
PBEKeySpec keySpec = new PBEKeySpec(password);
SecretKey cipherKey = factory.generateSecret(keySpec);
for (int i = 0; i < length; i++) {
KeyValueType kvt = (KeyValueType) keyValueList.get(i);
String val = kvt.getValue();
if (val.startsWith(PicketLinkFederationConstants.PASS_MASK_PREFIX)) {
val = val.substring(PicketLinkFederationConstants.PASS_MASK_PREFIX.length());
String decodedValue;
try {
decodedValue = PBEUtils.decode64(val, pbeAlgo, cipherKey, cipherSpec);
} catch (UnsupportedEncodingException e) {
throw new RuntimeException(e);
}
KeyValueType newKVT = new KeyValueType();
if (keyValueList.get(0) instanceof AuthPropertyType)
newKVT = new AuthPropertyType();
newKVT.setKey(kvt.getKey());
newKVT.setValue(new String(decodedValue));
returningList.add(newKVT);
} else {
returningList.add(kvt);
}
}