Examples with EncryptedDataType com.evolveum.prism.xml.ns._public.types_3.EncryptedDataType used on opensource projects

Search in sources :

Example 1 with EncryptedDataType

use of com.evolveum.prism.xml.ns._public.types_3.EncryptedDataType in project midpoint by Evolveum.

the class PageAbstractSelfCredentials method setEncryptedPasswordData.

protected void setEncryptedPasswordData(EncryptedDataType data) {
    MyPasswordsDto dto = model.getObject();
    ProtectedStringType password = dto.getPassword();
    if (password != null) {
        password.setEncryptedData(data);
    }
}
Also used : MyPasswordsDto(com.evolveum.midpoint.web.page.admin.home.dto.MyPasswordsDto) ProtectedStringType(com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType)

Example 2 with EncryptedDataType

use of com.evolveum.prism.xml.ns._public.types_3.EncryptedDataType in project midpoint by Evolveum.

the class XNodeProcessorUtil method parseProtectedType.

public static <T> void parseProtectedType(ProtectedDataType<T> protectedType, MapXNode xmap, PrismContext prismContext, ParsingContext pc) throws SchemaException {
    RootXNode xEncryptedData = xmap.getEntryAsRoot(ProtectedDataType.F_ENCRYPTED_DATA);
    if (xEncryptedData != null) {
        if (!(xEncryptedData.getSubnode() instanceof MapXNode)) {
            throw new SchemaException("Cannot parse encryptedData from " + xEncryptedData);
        }
        EncryptedDataType encryptedDataType = prismContext.parserFor(xEncryptedData).context(pc).parseRealValue(EncryptedDataType.class);
        protectedType.setEncryptedData(encryptedDataType);
    } else {
        // Check for legacy EncryptedData
        RootXNode xLegacyEncryptedData = xmap.getEntryAsRoot(ProtectedDataType.F_XML_ENC_ENCRYPTED_DATA);
        if (xLegacyEncryptedData != null) {
            if (!(xLegacyEncryptedData.getSubnode() instanceof MapXNode)) {
                throw new SchemaException("Cannot parse EncryptedData from " + xEncryptedData);
            }
            RootXNode xConvertedEncryptedData = (RootXNode) xLegacyEncryptedData.cloneTransformKeys(in -> {
                String elementName = StringUtils.uncapitalize(in.getLocalPart());
                if (elementName.equals("type")) {
                    return null;
                }
                return new QName(null, elementName);
            });
            EncryptedDataType encryptedDataType = prismContext.parserFor(xConvertedEncryptedData).context(pc).parseRealValue(EncryptedDataType.class);
            protectedType.setEncryptedData(encryptedDataType);
            if (protectedType instanceof ProtectedStringType) {
                transformEncryptedValue(protectedType, prismContext);
            }
        }
    }
    RootXNode xHashedData = xmap.getEntryAsRoot(ProtectedDataType.F_HASHED_DATA);
    if (xHashedData != null) {
        if (!(xHashedData.getSubnode() instanceof MapXNode)) {
            throw new SchemaException("Cannot parse hashedData from " + xHashedData);
        }
        HashedDataType hashedDataType = prismContext.parserFor(xHashedData).context(pc).parseRealValue(HashedDataType.class);
        protectedType.setHashedData(hashedDataType);
    }
    // protected data empty..check for clear value
    if (protectedType.isEmpty()) {
        XNode xClearValue = xmap.get(ProtectedDataType.F_CLEAR_VALUE);
        if (xClearValue == null) {
            //TODO: try to use common namespace (only to be compatible with previous versions)
            //FIXME maybe add some warning, info...
            xClearValue = xmap.get(new QName(ProtectedDataType.F_CLEAR_VALUE.getLocalPart()));
        }
        if (xClearValue == null) {
            return;
        }
        if (!(xClearValue instanceof PrimitiveXNode)) {
            //this is maybe not good..
            throw new SchemaException("Cannot parse clear value from " + xClearValue);
        }
        // TODO: clearValue
        T clearValue = (T) ((PrimitiveXNode) xClearValue).getParsedValue(DOMUtil.XSD_STRING, String.class);
        protectedType.setClearValue(clearValue);
    }
}
Also used : StringUtils(org.apache.commons.lang.StringUtils) RootXNode(com.evolveum.midpoint.prism.xnode.RootXNode) XNode(com.evolveum.midpoint.prism.xnode.XNode) SchemaException(com.evolveum.midpoint.util.exception.SchemaException) HashedDataType(com.evolveum.prism.xml.ns._public.types_3.HashedDataType) Field(java.lang.reflect.Field) EncryptionException(com.evolveum.midpoint.prism.crypto.EncryptionException) PrimitiveXNode(com.evolveum.midpoint.prism.xnode.PrimitiveXNode) DOMUtil(com.evolveum.midpoint.util.DOMUtil) ParsingContext(com.evolveum.midpoint.prism.ParsingContext) Protector(com.evolveum.midpoint.prism.crypto.Protector) PrismContext(com.evolveum.midpoint.prism.PrismContext) MapXNode(com.evolveum.midpoint.prism.xnode.MapXNode) XmlValue(javax.xml.bind.annotation.XmlValue) QName(javax.xml.namespace.QName) ProtectedDataType(com.evolveum.prism.xml.ns._public.types_3.ProtectedDataType) ProtectedStringType(com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType) EncryptedDataType(com.evolveum.prism.xml.ns._public.types_3.EncryptedDataType) SchemaException(com.evolveum.midpoint.util.exception.SchemaException) PrimitiveXNode(com.evolveum.midpoint.prism.xnode.PrimitiveXNode) EncryptedDataType(com.evolveum.prism.xml.ns._public.types_3.EncryptedDataType) QName(javax.xml.namespace.QName) RootXNode(com.evolveum.midpoint.prism.xnode.RootXNode) XNode(com.evolveum.midpoint.prism.xnode.XNode) PrimitiveXNode(com.evolveum.midpoint.prism.xnode.PrimitiveXNode) MapXNode(com.evolveum.midpoint.prism.xnode.MapXNode) RootXNode(com.evolveum.midpoint.prism.xnode.RootXNode) MapXNode(com.evolveum.midpoint.prism.xnode.MapXNode) ProtectedStringType(com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType) HashedDataType(com.evolveum.prism.xml.ns._public.types_3.HashedDataType)

Example 3 with EncryptedDataType

use of com.evolveum.prism.xml.ns._public.types_3.EncryptedDataType in project midpoint by Evolveum.

the class TestSanityLegacy method checkOpenResourceConfiguration.

private void checkOpenResourceConfiguration(PrismObject<ResourceType> resource, String connectorNamespace, String credentialsPropertyName, int numConfigProps, String source) {
    PrismContainer<Containerable> configurationContainer = resource.findContainer(ResourceType.F_CONNECTOR_CONFIGURATION);
    assertNotNull("No configuration container in " + resource + " from " + source, configurationContainer);
    PrismContainer<Containerable> configPropsContainer = configurationContainer.findContainer(SchemaTestConstants.ICFC_CONFIGURATION_PROPERTIES);
    assertNotNull("No configuration properties container in " + resource + " from " + source, configPropsContainer);
    List<? extends Item<?, ?>> configProps = configPropsContainer.getValue().getItems();
    assertEquals("Wrong number of config properties in " + resource + " from " + source, numConfigProps, configProps.size());
    PrismProperty<Object> credentialsProp = configPropsContainer.findProperty(new QName(connectorNamespace, credentialsPropertyName));
    if (credentialsProp == null) {
        // The is the heisenbug we are looking for. Just dump the entire damn thing.
        display("Configuration with the heisenbug", configurationContainer.debugDump());
    }
    assertNotNull("No credentials property in " + resource + " from " + source, credentialsProp);
    assertEquals("Wrong number of credentials property value in " + resource + " from " + source, 1, credentialsProp.getValues().size());
    PrismPropertyValue<Object> credentialsPropertyValue = credentialsProp.getValues().iterator().next();
    assertNotNull("No credentials property value in " + resource + " from " + source, credentialsPropertyValue);
    if (credentialsPropertyValue.isRaw()) {
        Object rawElement = credentialsPropertyValue.getRawElement();
        assertTrue("Wrong element class " + rawElement.getClass() + " in " + resource + " from " + source, rawElement instanceof MapXNode);
        //			Element rawDomElement = (Element)rawElement;
        MapXNode xmap = (MapXNode) rawElement;
        try {
            ProtectedStringType protectedType = new ProtectedStringType();
            XNodeProcessorUtil.parseProtectedType(protectedType, xmap, prismContext);
            //		display("LDAP credentials raw element", DOMUtil.serializeDOMToString(rawDomElement));
            //			assertEquals("Wrong credentials element namespace in "+resource+" from "+source, connectorNamespace, rawDomElement.getNamespaceURI());
            //			assertEquals("Wrong credentials element local name in "+resource+" from "+source, credentialsPropertyName, rawDomElement.getLocalName());
            //			Element encryptedDataElement = DOMUtil.getChildElement(rawDomElement, new QName(DOMUtil.NS_XML_ENC, "EncryptedData"));
            EncryptedDataType encryptedDataType = protectedType.getEncryptedDataType();
            assertNotNull("No EncryptedData element", encryptedDataType);
        } catch (SchemaException ex) {
            throw new IllegalArgumentException(ex);
        }
    //			assertEquals("Wrong EncryptedData element namespace in "+resource+" from "+source, DOMUtil.NS_XML_ENC, encryptedDataType.getNamespaceURI());
    //			assertEquals("Wrong EncryptedData element local name in "+resource+" from "+source, "EncryptedData", encryptedDataType.getLocalName());
    } else {
        Object credentials = credentialsPropertyValue.getValue();
        assertTrue("Wrong type of credentials configuration property in " + resource + " from " + source + ": " + credentials.getClass(), credentials instanceof ProtectedStringType);
        ProtectedStringType credentialsPs = (ProtectedStringType) credentials;
        EncryptedDataType encryptedData = credentialsPs.getEncryptedDataType();
        assertNotNull("No EncryptedData element", encryptedData);
    }
}
Also used : EncryptedDataType(com.evolveum.prism.xml.ns._public.types_3.EncryptedDataType) QName(javax.xml.namespace.QName) MapXNode(com.evolveum.midpoint.prism.xnode.MapXNode) ProtectedStringType(com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType)

Example 4 with EncryptedDataType

use of com.evolveum.prism.xml.ns._public.types_3.EncryptedDataType in project midpoint by Evolveum.

the class TestSanity method checkOpenResourceConfiguration.

private void checkOpenResourceConfiguration(PrismObject<ResourceType> resource, String connectorNamespace, String credentialsPropertyName, int numConfigProps, String source) {
    PrismContainer<Containerable> configurationContainer = resource.findContainer(ResourceType.F_CONNECTOR_CONFIGURATION);
    assertNotNull("No configuration container in " + resource + " from " + source, configurationContainer);
    PrismContainer<Containerable> configPropsContainer = configurationContainer.findContainer(SchemaTestConstants.ICFC_CONFIGURATION_PROPERTIES);
    assertNotNull("No configuration properties container in " + resource + " from " + source, configPropsContainer);
    List<? extends Item<?, ?>> configProps = configPropsContainer.getValue().getItems();
    assertEquals("Wrong number of config properties in " + resource + " from " + source, numConfigProps, configProps.size());
    PrismProperty<Object> credentialsProp = configPropsContainer.findProperty(new QName(connectorNamespace, credentialsPropertyName));
    if (credentialsProp == null) {
        // The is the heisenbug we are looking for. Just dump the entire damn thing.
        display("Configuration with the heisenbug", configurationContainer.debugDump());
    }
    assertNotNull("No " + credentialsPropertyName + " property in " + resource + " from " + source, credentialsProp);
    assertEquals("Wrong number of " + credentialsPropertyName + " property value in " + resource + " from " + source, 1, credentialsProp.getValues().size());
    PrismPropertyValue<Object> credentialsPropertyValue = credentialsProp.getValues().iterator().next();
    assertNotNull("No " + credentialsPropertyName + " property value in " + resource + " from " + source, credentialsPropertyValue);
    if (credentialsPropertyValue.isRaw()) {
        Object rawElement = credentialsPropertyValue.getRawElement();
        assertTrue("Wrong element class " + rawElement.getClass() + " in " + resource + " from " + source, rawElement instanceof MapXNode);
        //			Element rawDomElement = (Element)rawElement;
        MapXNode xmap = (MapXNode) rawElement;
        try {
            ProtectedStringType protectedType = new ProtectedStringType();
            XNodeProcessorUtil.parseProtectedType(protectedType, xmap, prismContext);
            //		display("LDAP credentials raw element", DOMUtil.serializeDOMToString(rawDomElement));
            //			assertEquals("Wrong credentials element namespace in "+resource+" from "+source, connectorNamespace, rawDomElement.getNamespaceURI());
            //			assertEquals("Wrong credentials element local name in "+resource+" from "+source, credentialsPropertyName, rawDomElement.getLocalName());
            //			Element encryptedDataElement = DOMUtil.getChildElement(rawDomElement, new QName(DOMUtil.NS_XML_ENC, "EncryptedData"));
            EncryptedDataType encryptedDataType = protectedType.getEncryptedDataType();
            assertNotNull("No EncryptedData element", encryptedDataType);
        } catch (SchemaException ex) {
            throw new IllegalArgumentException(ex);
        }
    //			assertEquals("Wrong EncryptedData element namespace in "+resource+" from "+source, DOMUtil.NS_XML_ENC, encryptedDataType.getNamespaceURI());
    //			assertEquals("Wrong EncryptedData element local name in "+resource+" from "+source, "EncryptedData", encryptedDataType.getLocalName());
    } else {
        Object credentials = credentialsPropertyValue.getValue();
        assertTrue("Wrong type of credentials configuration property in " + resource + " from " + source + ": " + credentials.getClass(), credentials instanceof ProtectedStringType);
        ProtectedStringType credentialsPs = (ProtectedStringType) credentials;
        EncryptedDataType encryptedData = credentialsPs.getEncryptedDataType();
        assertNotNull("No EncryptedData element", encryptedData);
    }
}
Also used : EncryptedDataType(com.evolveum.prism.xml.ns._public.types_3.EncryptedDataType) QName(javax.xml.namespace.QName) MapXNode(com.evolveum.midpoint.prism.xnode.MapXNode) ProtectedStringType(com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType)

Example 5 with EncryptedDataType

use of com.evolveum.prism.xml.ns._public.types_3.EncryptedDataType in project midpoint by Evolveum.

the class ProtectorImpl method decryptBytes.

@Override
protected <T> byte[] decryptBytes(ProtectedData<T> protectedData) throws SchemaException, EncryptionException {
    EncryptedDataType encryptedDataType = protectedData.getEncryptedDataType();
    EncryptionMethodType encryptionMethodType = encryptedDataType.getEncryptionMethod();
    if (encryptionMethodType == null) {
        throw new SchemaException("No encryptionMethod element in protected data");
    }
    String algorithmUri = encryptionMethodType.getAlgorithm();
    if (StringUtils.isBlank(algorithmUri)) {
        throw new SchemaException("No algorithm URI in encryptionMethod element in protected data");
    }
    KeyInfoType keyInfo = encryptedDataType.getKeyInfo();
    if (keyInfo == null) {
        throw new SchemaException("No keyInfo element in protected data");
    }
    String keyName = keyInfo.getKeyName();
    if (StringUtils.isBlank(keyName)) {
        throw new SchemaException("No keyName defined in keyInfo element in protected data");
    }
    SecretKey key = getSecretKeyByDigest(keyName);
    CipherDataType cipherData = encryptedDataType.getCipherData();
    if (cipherData == null) {
        throw new SchemaException("No cipherData element in protected data");
    }
    byte[] encryptedBytes = cipherData.getCipherValue();
    if (encryptedBytes == null || encryptedBytes.length == 0) {
        throw new SchemaException("No cipherValue in cipherData element in protected data");
    }
    byte[] decryptedData;
    try {
        decryptedData = decryptBytes(encryptedBytes, algorithmUri, key);
    } catch (InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException | NoSuchProviderException | IllegalBlockSizeException | BadPaddingException | InvalidAlgorithmParameterException e) {
        throw new EncryptionException(e.getMessage(), e);
    }
    return decryptedData;
}
Also used : SchemaException(com.evolveum.midpoint.util.exception.SchemaException) InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) EncryptedDataType(com.evolveum.prism.xml.ns._public.types_3.EncryptedDataType) EncryptionMethodType(com.evolveum.prism.xml.ns._public.types_3.EncryptionMethodType) NoSuchPaddingException(javax.crypto.NoSuchPaddingException) IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) BadPaddingException(javax.crypto.BadPaddingException) InvalidKeyException(java.security.InvalidKeyException) KeyInfoType(com.evolveum.prism.xml.ns._public.types_3.KeyInfoType) SecretKey(javax.crypto.SecretKey) CipherDataType(com.evolveum.prism.xml.ns._public.types_3.CipherDataType) NoSuchProviderException(java.security.NoSuchProviderException)

Aggregations

EncryptedDataType (com.evolveum.prism.xml.ns._public.types_3.EncryptedDataType)5 ProtectedStringType (com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType)4 MapXNode (com.evolveum.midpoint.prism.xnode.MapXNode)3 QName (javax.xml.namespace.QName)3 SchemaException (com.evolveum.midpoint.util.exception.SchemaException)2 CipherDataType (com.evolveum.prism.xml.ns._public.types_3.CipherDataType)2 EncryptionMethodType (com.evolveum.prism.xml.ns._public.types_3.EncryptionMethodType)2 KeyInfoType (com.evolveum.prism.xml.ns._public.types_3.KeyInfoType)2 InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)2 InvalidKeyException (java.security.InvalidKeyException)2 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)2 NoSuchProviderException (java.security.NoSuchProviderException)2 BadPaddingException (javax.crypto.BadPaddingException)2 IllegalBlockSizeException (javax.crypto.IllegalBlockSizeException)2 NoSuchPaddingException (javax.crypto.NoSuchPaddingException)2 SecretKey (javax.crypto.SecretKey)2 ParsingContext (com.evolveum.midpoint.prism.ParsingContext)1 PrismContext (com.evolveum.midpoint.prism.PrismContext)1 EncryptionException (com.evolveum.midpoint.prism.crypto.EncryptionException)1 Protector (com.evolveum.midpoint.prism.crypto.Protector)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial