use of com.fathomdb.crypto.CryptoKey in project platformlayer by platformlayer.
the class SecretHelper method getSecret.
// public SecretKey decodeSecret(byte[] encoded) {
// SecretStoreDecoder visitor = new SecretStoreDecoder() {
// @Override
// public void visitAsymetricSystemKey(int keyId, byte[] data) {
// PrivateKey privateKey = keyStore.findPrivateKey(keyId);
// if (privateKey != null) {
// setSecretKey(decryptAsymetricKey(privateKey, data));
// }
// }
//
// @Override
// public void visitUserKey(int userId, byte[] data) {
// SecretKey userKey = keyStore.findUserSecret(userId);
// if (userKey != null) {
// setSecretKey(decryptSymetricKey(userKey, data));
// }
// }
// };
//
// try {
// SecretStore.read(encoded, visitor);
// } catch (IOException e) {
// throw new IllegalArgumentException("Error deserializing secret", e);
// }
//
// SecretKey secretKey = visitor.getSecretKey();
// if (secretKey == null)
// throw new IllegalArgumentException("Cannot decrypt secret");
// return secretKey;
//
// }
// public byte[] decryptSecret(byte[] data, byte[] secret) {
// CryptoKey secretKey = getSecret(secret);
//
// return FathomdbCrypto.decrypt(secretKey, data);
// }
public CryptoKey getSecret(byte[] secret) {
SecretStore secretStore = new SecretStore(secret);
CryptoKey secretKey = null;
for (ProjectAuthorization project : OpsContext.get().getEncryptingProjects()) {
secretKey = secretStore.getSecretFromProject(project);
if (secretKey != null) {
break;
}
}
if (secretKey == null) {
throw new SecurityException();
}
return secretKey;
}
use of com.fathomdb.crypto.CryptoKey in project platformlayer by platformlayer.
the class DirectAuthentication method build.
public static DirectAuthentication build(String authKey, String authSecret) {
// TODO: Require SSL??
// long t = Long.parseLong(timestampString);
// long delta = Math.abs(t - System.currentTimeMillis());
// if (delta > MAX_TIMESTAMP_SKEW) {
// // If the times are out of sync, that isn't a secret
// throw new SecurityException("Timestamp skew too large");
// }
ProjectAuthorization project = null;
String projectPrefix = DirectAuthenticationToken.PREFIX;
if (authKey.startsWith(projectPrefix)) {
List<String> projectTokens = Lists.newArrayList(Splitter.on(':').limit(3).split(authKey));
if (projectTokens.size() == 3) {
final String projectKey = projectTokens.get(2);
final int projectId = Integer.parseInt(projectTokens.get(1));
final CryptoKey secret;
try {
secret = FathomdbCrypto.deserializeKey(Base64.decode(authSecret));
} catch (Exception e) {
log.debug("Error while deserializing user provided secret", e);
return null;
}
return build(projectKey, projectId, secret);
}
}
return null;
}
use of com.fathomdb.crypto.CryptoKey in project platformlayer by platformlayer.
the class KeystoneRepositoryAuthenticator method getUserFromToken.
@Override
public UserEntity getUserFromToken(String userIdString, byte[] tokenSecret) throws AuthenticatorException {
int userId;
try {
userId = Integer.parseInt(userIdString);
} catch (NumberFormatException e) {
throw new AuthenticatorException("Invalid user id", e);
}
if (tokenSecret.length < 1) {
throw new IllegalArgumentException();
}
CryptoKey userSecret = authenticationSecrets.decryptSecretFromToken(tokenSecret);
if (userSecret == null) {
throw new AuthenticatorException("Authentication timed out");
}
UserEntity user;
try {
user = repository.findUserById(userId);
} catch (RepositoryException e) {
throw new AuthenticatorException("Error while authenticating user", e);
}
user.unlock(userSecret);
if (user.isLocked()) {
return null;
}
return user;
}
Aggregations