Example 16 with CryptoKey
use of com.fathomdb.crypto.CryptoKey in project platformlayer by platformlayer.
the class SecretHelper method getSecret.
// public SecretKey decodeSecret(byte[] encoded) {
// SecretStoreDecoder visitor = new SecretStoreDecoder() {
// @Override
// public void visitAsymetricSystemKey(int keyId, byte[] data) {
// PrivateKey privateKey = keyStore.findPrivateKey(keyId);
// if (privateKey != null) {
// setSecretKey(decryptAsymetricKey(privateKey, data));
// }
// }
//
// @Override
// public void visitUserKey(int userId, byte[] data) {
// SecretKey userKey = keyStore.findUserSecret(userId);
// if (userKey != null) {
// setSecretKey(decryptSymetricKey(userKey, data));
// }
// }
// };
//
// try {
// SecretStore.read(encoded, visitor);
// } catch (IOException e) {
// throw new IllegalArgumentException("Error deserializing secret", e);
// }
//
// SecretKey secretKey = visitor.getSecretKey();
// if (secretKey == null)
// throw new IllegalArgumentException("Cannot decrypt secret");
// return secretKey;
//
// }
// public byte[] decryptSecret(byte[] data, byte[] secret) {
// CryptoKey secretKey = getSecret(secret);
//
// return FathomdbCrypto.decrypt(secretKey, data);
// }
public CryptoKey getSecret(byte[] secret) {
SecretStore secretStore = new SecretStore(secret);
CryptoKey secretKey = null;
for (ProjectAuthorization project : OpsContext.get().getEncryptingProjects()) {
secretKey = secretStore.getSecretFromProject(project);
if (secretKey != null) {
break;
}
}
if (secretKey == null) {
throw new SecurityException();
}
return secretKey;
}
Also used :
CryptoKey(com.fathomdb.crypto.CryptoKey)
ProjectAuthorization(org.platformlayer.model.ProjectAuthorization)
SecretStore(org.platformlayer.auth.crypto.SecretStore)
Example 17 with CryptoKey
use of com.fathomdb.crypto.CryptoKey in project platformlayer by platformlayer.
the class DirectAuthentication method build.
public static DirectAuthentication build(String authKey, String authSecret) {
// TODO: Require SSL??
// long t = Long.parseLong(timestampString);
// long delta = Math.abs(t - System.currentTimeMillis());
// if (delta > MAX_TIMESTAMP_SKEW) {
// // If the times are out of sync, that isn't a secret
// throw new SecurityException("Timestamp skew too large");
// }
ProjectAuthorization project = null;
String projectPrefix = DirectAuthenticationToken.PREFIX;
if (authKey.startsWith(projectPrefix)) {
List<String> projectTokens = Lists.newArrayList(Splitter.on(':').limit(3).split(authKey));
if (projectTokens.size() == 3) {
final String projectKey = projectTokens.get(2);
final int projectId = Integer.parseInt(projectTokens.get(1));
final CryptoKey secret;
try {
secret = FathomdbCrypto.deserializeKey(Base64.decode(authSecret));
} catch (Exception e) {
log.debug("Error while deserializing user provided secret", e);
return null;
}
return build(projectKey, projectId, secret);
}
}
return null;
}
Also used :
ProjectAuthorization(org.platformlayer.model.ProjectAuthorization)
CryptoKey(com.fathomdb.crypto.CryptoKey)
Example 18 with CryptoKey
use of com.fathomdb.crypto.CryptoKey in project platformlayer by platformlayer.
the class KeystoneRepositoryAuthenticator method getUserFromToken.
@Override
public UserEntity getUserFromToken(String userIdString, byte[] tokenSecret) throws AuthenticatorException {
int userId;
try {
userId = Integer.parseInt(userIdString);
} catch (NumberFormatException e) {
throw new AuthenticatorException("Invalid user id", e);
}
if (tokenSecret.length < 1) {
throw new IllegalArgumentException();
}
CryptoKey userSecret = authenticationSecrets.decryptSecretFromToken(tokenSecret);
if (userSecret == null) {
throw new AuthenticatorException("Authentication timed out");
}
UserEntity user;
try {
user = repository.findUserById(userId);
} catch (RepositoryException e) {
throw new AuthenticatorException("Error while authenticating user", e);
}
user.unlock(userSecret);
if (user.isLocked()) {
return null;
}
return user;
}
Also used :
CryptoKey(com.fathomdb.crypto.CryptoKey)
AuthenticatorException(org.platformlayer.auth.AuthenticatorException)
RepositoryException(org.platformlayer.RepositoryException)
UserEntity(org.platformlayer.auth.UserEntity)
Aggregations
CryptoKey (com.fathomdb.crypto.CryptoKey)18
RepositoryException (org.platformlayer.RepositoryException)8
JdbcTransaction (com.fathomdb.jdbc.JdbcTransaction)6
SQLException (java.sql.SQLException)6
AesCryptoKey (com.fathomdb.crypto.AesCryptoKey)5
SecretStore (org.platformlayer.auth.crypto.SecretStore)4
IOException (java.io.IOException)3
ByteArrayOutputStream (java.io.ByteArrayOutputStream)2
KeyPair (java.security.KeyPair)2
DirectAuthenticationToken (org.platformlayer.auth.DirectAuthenticationToken)2
DirectAuthenticator (org.platformlayer.auth.DirectAuthenticator)2
UserEntity (org.platformlayer.auth.UserEntity)2
Writer (org.platformlayer.auth.crypto.SecretStore.Writer)2
SecretInfo (org.platformlayer.core.model.SecretInfo)2
ManagedItemId (org.platformlayer.ids.ManagedItemId)2
ProjectAuthorization (org.platformlayer.model.ProjectAuthorization)2
RoleId (org.platformlayer.model.RoleId)2
CliException (com.fathomdb.cli.CliException)1
PublicKey (java.security.PublicKey)1
Certificate (java.security.cert.Certificate)1
