Example 1 with SimpleStringPBEConfig
use of org.jasypt.encryption.pbe.config.SimpleStringPBEConfig in project CloudStack-archive by CloudStack-extras.
the class EncryptionSecretKeyChecker method check.
@Override
public void check() {
//Get encryption type from db.properties
final File dbPropsFile = PropertiesUtil.findConfigFile("db.properties");
final Properties dbProps = new Properties();
try {
dbProps.load(new FileInputStream(dbPropsFile));
final String encryptionType = dbProps.getProperty("db.cloud.encryption.type");
s_logger.debug("Encryption Type: " + encryptionType);
if (encryptionType == null || encryptionType.equals("none")) {
return;
}
s_encryptor.setAlgorithm("PBEWithMD5AndDES");
String secretKey = null;
SimpleStringPBEConfig stringConfig = new SimpleStringPBEConfig();
if (encryptionType.equals("file")) {
try {
BufferedReader in = new BufferedReader(new FileReader(s_keyFile));
secretKey = in.readLine();
//Check for null or empty secret key
} catch (FileNotFoundException e) {
throw new CloudRuntimeException("File containing secret key not found: " + s_keyFile, e);
} catch (IOException e) {
throw new CloudRuntimeException("Error while reading secret key from: " + s_keyFile, e);
}
if (secretKey == null || secretKey.isEmpty()) {
throw new CloudRuntimeException("Secret key is null or empty in file " + s_keyFile);
}
} else if (encryptionType.equals("env")) {
secretKey = System.getenv(s_envKey);
if (secretKey == null || secretKey.isEmpty()) {
throw new CloudRuntimeException("Environment variable " + s_envKey + " is not set or empty");
}
} else if (encryptionType.equals("web")) {
ServerSocket serverSocket = null;
int port = 8097;
try {
serverSocket = new ServerSocket(port);
} catch (IOException ioex) {
throw new CloudRuntimeException("Error initializing secret key reciever", ioex);
}
s_logger.info("Waiting for admin to send secret key on port " + port);
Socket clientSocket = null;
try {
clientSocket = serverSocket.accept();
} catch (IOException e) {
throw new CloudRuntimeException("Accept failed on " + port);
}
PrintWriter out = new PrintWriter(clientSocket.getOutputStream(), true);
BufferedReader in = new BufferedReader(new InputStreamReader(clientSocket.getInputStream()));
String inputLine, outputLine;
if ((inputLine = in.readLine()) != null) {
secretKey = inputLine;
}
out.close();
in.close();
clientSocket.close();
serverSocket.close();
} else {
throw new CloudRuntimeException("Invalid encryption type: " + encryptionType);
}
stringConfig.setPassword(secretKey);
s_encryptor.setConfig(stringConfig);
s_useEncryption = true;
} catch (FileNotFoundException e) {
throw new CloudRuntimeException("File db.properties not found", e);
} catch (IOException e) {
throw new CloudRuntimeException("Error while reading db.properties", e);
}
}
Also used :
InputStreamReader(java.io.InputStreamReader)
FileNotFoundException(java.io.FileNotFoundException)
ServerSocket(java.net.ServerSocket)
SimpleStringPBEConfig(org.jasypt.encryption.pbe.config.SimpleStringPBEConfig)
IOException(java.io.IOException)
Properties(java.util.Properties)
FileInputStream(java.io.FileInputStream)
CloudRuntimeException(com.cloud.utils.exception.CloudRuntimeException)
BufferedReader(java.io.BufferedReader)
FileReader(java.io.FileReader)
File(java.io.File)
Socket(java.net.Socket)
ServerSocket(java.net.ServerSocket)
PrintWriter(java.io.PrintWriter)
Example 2 with SimpleStringPBEConfig
use of org.jasypt.encryption.pbe.config.SimpleStringPBEConfig in project cloudstack by apache.
the class EncryptionSecretKeyChecker method check.
public void check(Properties dbProps) throws IOException {
String encryptionType = dbProps.getProperty("db.cloud.encryption.type");
s_logger.debug("Encryption Type: " + encryptionType);
if (encryptionType == null || encryptionType.equals("none")) {
return;
}
if (s_useEncryption) {
s_logger.warn("Encryption already enabled, is check() called twice?");
return;
}
s_encryptor.setAlgorithm("PBEWithMD5AndDES");
String secretKey = null;
SimpleStringPBEConfig stringConfig = new SimpleStringPBEConfig();
if (encryptionType.equals("file")) {
InputStream is = this.getClass().getClassLoader().getResourceAsStream(s_keyFile);
if (is == null) {
is = this.getClass().getClassLoader().getResourceAsStream(s_altKeyFile);
}
if (is == null) {
//This is means we are not able to load key file from the classpath.
throw new CloudRuntimeException(s_keyFile + " File containing secret key not found in the classpath: ");
}
try (BufferedReader in = new BufferedReader(new InputStreamReader(is))) {
secretKey = in.readLine();
//Check for null or empty secret key
} catch (IOException e) {
throw new CloudRuntimeException("Error while reading secret key from: " + s_keyFile, e);
}
if (secretKey == null || secretKey.isEmpty()) {
throw new CloudRuntimeException("Secret key is null or empty in file " + s_keyFile);
}
} else if (encryptionType.equals("env")) {
secretKey = System.getenv(s_envKey);
if (secretKey == null || secretKey.isEmpty()) {
throw new CloudRuntimeException("Environment variable " + s_envKey + " is not set or empty");
}
} else if (encryptionType.equals("web")) {
int port = 8097;
try (ServerSocket serverSocket = new ServerSocket(port)) {
s_logger.info("Waiting for admin to send secret key on port " + port);
try (Socket clientSocket = serverSocket.accept();
PrintWriter out = new PrintWriter(clientSocket.getOutputStream(), true);
BufferedReader in = new BufferedReader(new InputStreamReader(clientSocket.getInputStream()))) {
String inputLine;
if ((inputLine = in.readLine()) != null) {
secretKey = inputLine;
}
} catch (IOException e) {
throw new CloudRuntimeException("Accept failed on " + port);
}
} catch (IOException ioex) {
throw new CloudRuntimeException("Error initializing secret key reciever", ioex);
}
} else {
throw new CloudRuntimeException("Invalid encryption type: " + encryptionType);
}
stringConfig.setPassword(secretKey);
s_encryptor.setConfig(stringConfig);
s_useEncryption = true;
}
Also used :
InputStreamReader(java.io.InputStreamReader)
InputStream(java.io.InputStream)
CloudRuntimeException(com.cloud.utils.exception.CloudRuntimeException)
BufferedReader(java.io.BufferedReader)
ServerSocket(java.net.ServerSocket)
SimpleStringPBEConfig(org.jasypt.encryption.pbe.config.SimpleStringPBEConfig)
IOException(java.io.IOException)
Socket(java.net.Socket)
ServerSocket(java.net.ServerSocket)
PrintWriter(java.io.PrintWriter)
Example 3 with SimpleStringPBEConfig
use of org.jasypt.encryption.pbe.config.SimpleStringPBEConfig in project cloudstack by apache.
the class EncryptionSecretKeyChecker method initEncryptorForMigration.
//Initialize encryptor for migration during secret key change
public static void initEncryptorForMigration(String secretKey) {
s_encryptor.setAlgorithm("PBEWithMD5AndDES");
SimpleStringPBEConfig stringConfig = new SimpleStringPBEConfig();
stringConfig.setPassword(secretKey);
s_encryptor.setConfig(stringConfig);
s_useEncryption = true;
}
Also used :
SimpleStringPBEConfig(org.jasypt.encryption.pbe.config.SimpleStringPBEConfig)
Example 4 with SimpleStringPBEConfig
use of org.jasypt.encryption.pbe.config.SimpleStringPBEConfig in project CloudStack-archive by CloudStack-extras.
the class EncryptionSecretKeyChanger method initEncryptor.
private void initEncryptor(StandardPBEStringEncryptor encryptor, String secretKey) {
encryptor.setAlgorithm("PBEWithMD5AndDES");
SimpleStringPBEConfig stringConfig = new SimpleStringPBEConfig();
stringConfig.setPassword(secretKey);
encryptor.setConfig(stringConfig);
}
Also used :
SimpleStringPBEConfig(org.jasypt.encryption.pbe.config.SimpleStringPBEConfig)
Example 5 with SimpleStringPBEConfig
use of org.jasypt.encryption.pbe.config.SimpleStringPBEConfig in project CloudStack-archive by CloudStack-extras.
the class EncryptionSecretKeyChecker method initEncryptorForMigration.
//Initialize encryptor for migration during secret key change
public static void initEncryptorForMigration(String secretKey) {
s_encryptor.setAlgorithm("PBEWithMD5AndDES");
SimpleStringPBEConfig stringConfig = new SimpleStringPBEConfig();
stringConfig.setPassword(secretKey);
s_encryptor.setConfig(stringConfig);
s_useEncryption = true;
}
Also used :
SimpleStringPBEConfig(org.jasypt.encryption.pbe.config.SimpleStringPBEConfig)
Aggregations
SimpleStringPBEConfig (org.jasypt.encryption.pbe.config.SimpleStringPBEConfig)6
CloudRuntimeException (com.cloud.utils.exception.CloudRuntimeException)2
BufferedReader (java.io.BufferedReader)2
IOException (java.io.IOException)2
InputStreamReader (java.io.InputStreamReader)2
PrintWriter (java.io.PrintWriter)2
ServerSocket (java.net.ServerSocket)2
Socket (java.net.Socket)2
File (java.io.File)1
FileInputStream (java.io.FileInputStream)1
FileNotFoundException (java.io.FileNotFoundException)1
FileReader (java.io.FileReader)1
InputStream (java.io.InputStream)1
Properties (java.util.Properties)1
