use of com.orientechnologies.orient.core.exception.OSecurityException in project orientdb by orientechnologies.
the class OMetadataDefault method init.
private void init(final boolean iLoad) {
final ODatabaseDocumentInternal database = getDatabase();
schemaClusterId = database.getClusterIdByName(CLUSTER_INTERNAL_NAME);
final AtomicBoolean schemaLoaded = new AtomicBoolean(false);
schema = new OSchemaProxy(database.getStorage().getResource(OSchema.class.getSimpleName(), new Callable<OSchemaShared>() {
public OSchemaShared call() {
ODatabaseDocumentInternal database = getDatabase();
final OSchemaShared instance = new OSchemaShared(database.getStorageVersions().classesAreDetectedByClusterId());
if (iLoad)
instance.load();
schemaLoaded.set(true);
return instance;
}
}), database);
indexManager = new OIndexManagerProxy(database.getStorage().getResource(OIndexManager.class.getSimpleName(), new Callable<OIndexManager>() {
public OIndexManager call() {
OIndexManager instance;
if (database.getStorage() instanceof OStorageProxy)
instance = new OIndexManagerRemote(database);
else
instance = new OIndexManagerShared(database);
if (iLoad)
try {
instance.load();
} catch (Exception e) {
OLogManager.instance().error(this, "[OMetadata] Error on loading index manager, reset index configuration", e);
instance.create();
}
return instance;
}
}), database);
security = new OSecurityProxy(database.getStorage().getResource(OSecurity.class.getSimpleName(), new Callable<OSecurity>() {
public OSecurity call() {
final OSecurity instance = OSecurityManager.instance().newSecurity();
if (iLoad) {
security = instance;
instance.load();
}
return instance;
}
}), database);
commandCache = database.getStorage().getResource(OCommandCache.class.getSimpleName(), new Callable<OCommandCache>() {
public OCommandCache call() {
return new OCommandCacheSoftRefs(database.getName());
}
});
final Class<? extends OSecurity> securityClass = (Class<? extends OSecurity>) database.getProperty(ODatabase.OPTIONS.SECURITY.toString());
if (securityClass != null)
// INSTALL CUSTOM WRAPPED SECURITY
try {
final OSecurity wrapped = security;
security = securityClass.getDeclaredConstructor(OSecurity.class, ODatabaseDocumentInternal.class).newInstance(wrapped, database);
} catch (Exception e) {
throw OException.wrapException(new OSecurityException("Cannot install custom security implementation (" + securityClass + ")"), e);
}
functionLibrary = new OFunctionLibraryProxy(database.getStorage().getResource(OFunctionLibrary.class.getSimpleName(), new Callable<OFunctionLibrary>() {
public OFunctionLibrary call() {
final OFunctionLibraryImpl instance = new OFunctionLibraryImpl();
if (iLoad && !(database.getStorage() instanceof OStorageProxy))
instance.load();
return instance;
}
}), database);
sequenceLibrary = new OSequenceLibraryProxy(database.getStorage().getResource(OSequenceLibrary.class.getSimpleName(), new Callable<OSequenceLibrary>() {
@Override
public OSequenceLibrary call() throws Exception {
final OSequenceLibraryImpl instance = new OSequenceLibraryImpl();
if (iLoad) {
instance.load();
}
return instance;
}
}), database);
scheduler = new OSchedulerProxy(database.getStorage().getResource(OScheduler.class.getSimpleName(), new Callable<OScheduler>() {
public OScheduler call() {
final OSchedulerImpl instance = new OSchedulerImpl();
if (iLoad && !(database.getStorage() instanceof OStorageProxy))
instance.load();
return instance;
}
}), database);
if (schemaLoaded.get())
schema.onPostIndexManagement();
}
use of com.orientechnologies.orient.core.exception.OSecurityException in project orientdb by orientechnologies.
the class OSymmetricKey method create.
protected void create() {
try {
SecureRandom secureRandom = new SecureRandom();
byte[] salt = secureRandom.generateSeed(saltLength);
KeySpec keySpec = new PBEKeySpec(seedPhrase.toCharArray(), salt, iteration, keySize);
SecretKeyFactory factory = SecretKeyFactory.getInstance(seedAlgorithm);
SecretKey tempKey = factory.generateSecret(keySpec);
secretKey = new SecretKeySpec(tempKey.getEncoded(), secretKeyAlgorithm);
} catch (Exception ex) {
throw new OSecurityException("OSymmetricKey.create() Exception: " + ex);
}
}
use of com.orientechnologies.orient.core.exception.OSecurityException in project orientdb by orientechnologies.
the class OSymmetricKey method decrypt.
/**
* This method decrypts the Base64-encoded JSON document using the specified algorithm and cipher transformation.
*
* @param encodedJSON The Base64-encoded JSON document.
*
* @return The decrypted array of bytes or null if unsuccessful.
*
*/
public byte[] decrypt(final String encodedJSON) {
byte[] result = null;
if (encodedJSON == null)
throw new OSecurityException("OSymmetricKey.decrypt(String) encodedJSON is null");
try {
byte[] decoded = convertFromBase64(encodedJSON);
if (decoded == null)
throw new OSecurityException("OSymmetricKey.decrypt(String) encodedJSON could not be decoded");
String json = new String(decoded, "UTF8");
// Convert the JSON content to an ODocument to make parsing it easier.
final ODocument doc = new ODocument().fromJSON(json, "noMap");
// Set a default in case the JSON document does not contain an "algorithm" property.
String algorithm = secretKeyAlgorithm;
if (doc.containsField("algorithm"))
algorithm = doc.field("algorithm");
// Set a default in case the JSON document does not contain a "transform" property.
String transform = defaultCipherTransformation;
if (doc.containsField("transform"))
transform = doc.field("transform");
String payloadBase64 = doc.field("payload");
String ivBase64 = doc.field("iv");
byte[] payload = null;
byte[] iv = null;
if (payloadBase64 != null)
payload = convertFromBase64(payloadBase64);
if (ivBase64 != null)
iv = convertFromBase64(ivBase64);
// Throws NoSuchAlgorithmException and NoSuchPaddingException.
Cipher cipher = Cipher.getInstance(transform);
if (iv != null)
cipher.init(Cipher.DECRYPT_MODE, secretKey, new IvParameterSpec(iv));
else
cipher.init(Cipher.DECRYPT_MODE, secretKey);
result = cipher.doFinal(payload);
} catch (Exception ex) {
throw new OSecurityException("OSymmetricKey.decrypt(String) Exception: " + ex.getMessage());
}
return result;
}
use of com.orientechnologies.orient.core.exception.OSecurityException in project orientdb by orientechnologies.
the class OSymmetricKey method saveToKeystore.
/**
* Saves the internal SecretKey as a KeyStore.
*/
public void saveToKeystore(final OutputStream os, final String ksPasswd, final String keyAlias, final String keyPasswd) {
if (os == null)
throw new OSecurityException("OSymmetricKey.saveToKeystore() OutputStream is null");
if (ksPasswd == null)
throw new OSecurityException("OSymmetricKey.saveToKeystore() Keystore Password is required");
if (keyAlias == null)
throw new OSecurityException("OSymmetricKey.saveToKeystore() Key Alias is required");
if (keyPasswd == null)
throw new OSecurityException("OSymmetricKey.saveToKeystore() Key Password is required");
try {
KeyStore ks = KeyStore.getInstance("JCEKS");
char[] ksPasswdCA = ksPasswd.toCharArray();
char[] keyPasswdCA = keyPasswd.toCharArray();
// Create a new KeyStore by passing null.
ks.load(null, ksPasswdCA);
KeyStore.ProtectionParameter protParam = new KeyStore.PasswordProtection(keyPasswdCA);
KeyStore.SecretKeyEntry skEntry = new KeyStore.SecretKeyEntry(secretKey);
ks.setEntry(keyAlias, skEntry, protParam);
// Save the KeyStore
ks.store(os, ksPasswdCA);
} catch (Exception ex) {
throw new OSecurityException("OSymmetricKey.saveToKeystore() Exception: " + ex.getMessage());
}
}
use of com.orientechnologies.orient.core.exception.OSecurityException in project orientdb by orientechnologies.
the class OAESEncryptionTest method testCreatedAESEncryptedCluster.
public void testCreatedAESEncryptedCluster() {
final String buildDirectory = System.getProperty("buildDirectory", ".");
final String dbPath = buildDirectory + File.separator + DBNAME_CLUSTERTEST;
OFileUtils.deleteRecursively(new File(dbPath));
final ODatabase db = new ODatabaseDocumentTx("plocal:" + dbPath);
db.setProperty(OGlobalConfiguration.STORAGE_ENCRYPTION_KEY.getKey(), "T1JJRU5UREJfSVNfQ09PTA==");
db.create();
try {
db.command(new OCommandSQL("create class TestEncryption")).execute();
db.command(new OCommandSQL("alter class TestEncryption encryption aes")).execute();
db.command(new OCommandSQL("insert into TestEncryption set name = 'Jay'")).execute();
List result = db.query(new OSQLSynchQuery<ODocument>("select from TestEncryption"));
Assert.assertEquals(result.size(), 1);
db.close();
db.open("admin", "admin");
OStorage storage = ((ODatabaseDocumentInternal) db).getStorage();
db.close();
storage.close(true, false);
db.setProperty(OGlobalConfiguration.STORAGE_ENCRYPTION_KEY.getKey(), "T1JJRU5UREJfSVNfQ09PTA==");
db.open("admin", "admin");
result = db.query(new OSQLSynchQuery<ODocument>("select from TestEncryption"));
Assert.assertEquals(result.size(), 1);
storage = ((ODatabaseDocumentInternal) db).getStorage();
db.close();
storage.close(true, false);
db.setProperty(OGlobalConfiguration.STORAGE_ENCRYPTION_KEY.getKey(), "invalidPassword");
try {
db.open("admin", "admin");
storage = ((ODatabaseDocumentInternal) db).getStorage();
db.query(new OSQLSynchQuery<ODocument>("select from TestEncryption"));
result = db.query(new OSQLSynchQuery<ODocument>("select from OUser"));
Assert.assertFalse(result.isEmpty());
Assert.fail();
} catch (OSecurityException e) {
Assert.assertTrue(true);
} finally {
db.close();
storage.close(true, false);
}
db.setProperty(OGlobalConfiguration.STORAGE_ENCRYPTION_KEY.getKey(), "T1JJRU5UREJfSVNfQ09PTA=-");
try {
db.open("admin", "admin");
storage = ((ODatabaseDocumentInternal) db).getStorage();
db.query(new OSQLSynchQuery<ODocument>("select from TestEncryption"));
Assert.fail();
} catch (OSecurityException e) {
Assert.assertTrue(true);
} finally {
db.activateOnCurrentThread();
db.close();
storage.close(true, false);
}
db.setProperty(OGlobalConfiguration.STORAGE_ENCRYPTION_KEY.getKey(), "T1JJRU5UREJfSVNfQ09PTA==");
db.open("admin", "admin");
result = db.query(new OSQLSynchQuery<ODocument>("select from TestEncryption"));
Assert.assertEquals(result.size(), 1);
} catch (Exception e) {
e.printStackTrace();
} finally {
db.activateOnCurrentThread();
if (db.isClosed())
db.open("admin", "admin");
db.drop();
}
}
Aggregations