Custom encryption

このページの内容

お困りですか?

アトラシアン コミュニティをご利用ください。

コミュニティに質問

In addition to the basic and advanced encryption methods that you can use, you can also choose to create your own Cipher, which might be especially useful if:

  • you're required to use a specific vault to store the password

  • you want to use encryption algorithms beyond those we ship with Bitbucket Server or Data Center

Step 1. Create a Maven project and get API dependencies 

  1. Get password-cipher-api and password-cipher-base dependencies.

    1. <Bitbucket_installation_directory>/atlassian-bitbucket/WEB-INF/lib に移動します。

    2. 以下の jar ファイルをコピーします。

    • password-cipher-api-<version>.jar: this file contains the API

    • (optional) password-cipher-base-<version>.jar: this file contains some sample implementations 

  2. Maven プロジェクトを作成します。

  3. Go to resources and create a new folder, named libs.

  4. jar ファイルを libs フォルダにコピーします。

  5. Next, use the following pom

    <?xml version="1.0" encoding="UTF-8"?>
    <project xmlns="http://maven.apache.org/POM/4.0.0"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0http://maven.apache.org/xsd/maven-4.0.0.xsd">
    <modelVersion>4.0.0</modelVersion>
     
      <groupId><your_group_ID></groupId>
      <artifactId><your_artifact_ID></artifactId>
      <version><your_version></version>
     
      <properties>
        <maven.compiler.source>1.8</maven.compiler.source>
        <maven.compiler.target>1.8</maven.compiler.target>
      </properties>
     
      <repositories>
        <repository>
          <id>local-maven-repo</id>
          <url>file:///${project.basedir}/libs</url>
        </repository>
      </repositories>
    
      <build>
        <resources>
          <resource>
            <directory>src/main/resources/libs</directory>
            <excludes>
              <exclude>*</exclude>
            </excludes>
            <filtering>false</filtering>
          </resource>
        </resources>
      </build>
     
      <dependencies>
        <dependency>
          <groupId>com.atlassian.db.config</groupId>
          <artifactId>password-cipher-api</artifactId>
          <version><api_version></version>
          <scope>provided</scope>
        </dependency>
        <dependency>
          <groupId>com.atlassian.db.config</groupId>
          <artifactId>password-cipher-base</artifactId>
          <version><base_version></version>
          <scope>provided</scope>
        </dependency>
      </dependencies>
    </project>


Step 2. Implement the Cipher interface

The Cipher interface contains two methods that you need to implement according to your requirements; encrypt and decrypt. decrypt is called during Bitbucket startup, which means that long-running tasks can affect the startup time. encrypt is not called by Bitbucket, as it's only used in the encryption tool.

You can use Base64Cipher and AlgorithmCipher as examples. 

Step 3. Test your implementation

The encryption tool described in Basic encryption and Advanced encryption, uses the same code as Bitbucket to decrypt the password. You can use it to test your implementation.

Assuming that the CLI and your jar is in the same folder:

java -cp "./*" com.atlassian.db.config.password.tools.CipherTool -c your.package.here.ClassName

Step 4. Make your library available to Bitbucket

Bitbucket must be able to access your library. Your class will be instantiated using reflection. Put the library in the following directory:

<Bitbucket_home_directory>/lib
最終更新日 2021 年 1 月 4 日

この内容はお役に立ちましたか?

はい
いいえ
この記事についてのフィードバックを送信する
Powered by Confluence and Scroll Viewport.