Example 1 with EncryptionOperationNotPossibleException
use of org.jasypt.exceptions.EncryptionOperationNotPossibleException in project CloudStack-archive by CloudStack-extras.
the class EncryptionSecretKeyChanger method main.
public static void main(String[] args) {
List<String> argsList = Arrays.asList(args);
Iterator<String> iter = argsList.iterator();
String oldMSKey = null;
String oldDBKey = null;
String newMSKey = null;
String newDBKey = null;
//Parse command-line args
while (iter.hasNext()) {
String arg = iter.next();
// Old MS Key
if (arg.equals("-m")) {
oldMSKey = iter.next();
}
// Old DB Key
if (arg.equals("-d")) {
oldDBKey = iter.next();
}
// New MS Key
if (arg.equals("-n")) {
newMSKey = iter.next();
}
// New DB Key
if (arg.equals("-e")) {
newDBKey = iter.next();
}
}
if (oldMSKey == null || oldDBKey == null) {
System.out.println("Existing MS secret key or DB secret key is not provided");
usage();
return;
}
if (newMSKey == null && newDBKey == null) {
System.out.println("New MS secret key and DB secret are both not provided");
usage();
return;
}
final File dbPropsFile = PropertiesUtil.findConfigFile("db.properties");
final Properties dbProps;
EncryptionSecretKeyChanger keyChanger = new EncryptionSecretKeyChanger();
StandardPBEStringEncryptor encryptor = new StandardPBEStringEncryptor();
keyChanger.initEncryptor(encryptor, oldMSKey);
dbProps = new EncryptableProperties(encryptor);
PropertiesConfiguration backupDBProps = null;
System.out.println("Parsing db.properties file");
try {
dbProps.load(new FileInputStream(dbPropsFile));
backupDBProps = new PropertiesConfiguration(dbPropsFile);
} catch (FileNotFoundException e) {
System.out.println("db.properties file not found while reading DB secret key" + e.getMessage());
} catch (IOException e) {
System.out.println("Error while reading DB secret key from db.properties" + e.getMessage());
} catch (ConfigurationException e) {
e.printStackTrace();
}
String dbSecretKey = null;
try {
dbSecretKey = dbProps.getProperty("db.cloud.encrypt.secret");
} catch (EncryptionOperationNotPossibleException e) {
System.out.println("Failed to decrypt existing DB secret key from db.properties. " + e.getMessage());
return;
}
if (!oldDBKey.equals(dbSecretKey)) {
System.out.println("Incorrect MS Secret Key or DB Secret Key");
return;
}
System.out.println("Secret key provided matched the key in db.properties");
final String encryptionType = dbProps.getProperty("db.cloud.encryption.type");
if (newMSKey == null) {
System.out.println("No change in MS Key. Skipping migrating db.properties");
} else {
if (!keyChanger.migrateProperties(dbPropsFile, dbProps, newMSKey, newDBKey)) {
System.out.println("Failed to update db.properties");
return;
} else {
//db.properties updated successfully
if (encryptionType.equals("file")) {
//update key file with new MS key
try {
FileWriter fwriter = new FileWriter(keyFile);
BufferedWriter bwriter = new BufferedWriter(fwriter);
bwriter.write(newMSKey);
bwriter.close();
} catch (IOException e) {
System.out.println("Failed to write new secret to file. Please update the file manually");
}
}
}
}
boolean success = false;
if (newDBKey == null || newDBKey.equals(oldDBKey)) {
System.out.println("No change in DB Secret Key. Skipping Data Migration");
} else {
EncryptionSecretKeyChecker.initEncryptorForMigration(oldMSKey);
try {
success = keyChanger.migrateData(oldDBKey, newDBKey);
} catch (Exception e) {
System.out.println("Error during data migration");
e.printStackTrace();
success = false;
}
}
if (success) {
System.out.println("Successfully updated secret key(s)");
} else {
System.out.println("Data Migration failed. Reverting db.properties");
//revert db.properties
try {
backupDBProps.save();
} catch (ConfigurationException e) {
e.printStackTrace();
}
if (encryptionType.equals("file")) {
//revert secret key in file
try {
FileWriter fwriter = new FileWriter(keyFile);
BufferedWriter bwriter = new BufferedWriter(fwriter);
bwriter.write(oldMSKey);
bwriter.close();
} catch (IOException e) {
System.out.println("Failed to revert to old secret to file. Please update the file manually");
}
}
}
}
Also used :
FileWriter(java.io.FileWriter)
FileNotFoundException(java.io.FileNotFoundException)
EncryptionOperationNotPossibleException(org.jasypt.exceptions.EncryptionOperationNotPossibleException)
IOException(java.io.IOException)
EncryptableProperties(org.jasypt.properties.EncryptableProperties)
Properties(java.util.Properties)
PropertiesConfiguration(org.apache.commons.configuration.PropertiesConfiguration)
FileInputStream(java.io.FileInputStream)
IOException(java.io.IOException)
FileNotFoundException(java.io.FileNotFoundException)
CloudRuntimeException(com.cloud.utils.exception.CloudRuntimeException)
SQLException(java.sql.SQLException)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
ConfigurationException(org.apache.commons.configuration.ConfigurationException)
EncryptionOperationNotPossibleException(org.jasypt.exceptions.EncryptionOperationNotPossibleException)
BufferedWriter(java.io.BufferedWriter)
StandardPBEStringEncryptor(org.jasypt.encryption.pbe.StandardPBEStringEncryptor)
EncryptableProperties(org.jasypt.properties.EncryptableProperties)
ConfigurationException(org.apache.commons.configuration.ConfigurationException)
File(java.io.File)
Example 2 with EncryptionOperationNotPossibleException
use of org.jasypt.exceptions.EncryptionOperationNotPossibleException in project fabric8 by jboss-fuse.
the class EncryptedPropertyResolver method inject.
/**
* Replaces original Felix' PersistenceManager with our version
* @param configAdmin
* @param pm
* @return
*/
private PersistenceManager inject(ConfigurationAdmin configAdmin, PersistenceManager pm) {
try {
Field configurationManager = configAdmin.getClass().getDeclaredField("configurationManager");
configurationManager.setAccessible(true);
Object configurationManagerValue = configurationManager.get(configAdmin);
Field persistenceManagers = configurationManagerValue.getClass().getDeclaredField("persistenceManagers");
persistenceManagers.setAccessible(true);
Object[] persistenceManagersValue = (Object[]) persistenceManagers.get(configurationManagerValue);
if (persistenceManagersValue != null && persistenceManagersValue.length == 1) {
// replace org.apache.felix.cm.impl.CachingPersistenceManagerProxy.pm
Field pmField = persistenceManagersValue[0].getClass().getDeclaredField("pm");
pmField.setAccessible(true);
PersistenceManager originalPM = (PersistenceManager) pmField.get(persistenceManagersValue[0]);
pmField.set(persistenceManagersValue[0], pm);
// decrypt org.apache.felix.cm.impl.CachingPersistenceManagerProxy.cache
Field cacheField = persistenceManagersValue[0].getClass().getDeclaredField("cache");
cacheField.setAccessible(true);
Hashtable<String, Dictionary> hashMap = (Hashtable<String, Dictionary>) cacheField.get(persistenceManagersValue[0]);
for (Dictionary<String, String> storedProps : hashMap.values()) {
String encryptedValuesList = storedProps.get("fabric.zookeeper.encrypted.values");
if (encryptedValuesList == null) {
continue;
}
String[] encryptedValues = encryptedValuesList.split("\\s*,\\s");
for (String encryptedValue : encryptedValues) {
String value = storedProps.get(encryptedValue);
if (value != null && value.startsWith("crypt:")) {
storedProps.put(encryptedValue + ".encrypted", value);
try {
storedProps.put(encryptedValue, encryptor.decrypt(value.substring("crypt:".length())));
} catch (EncryptionOperationNotPossibleException e) {
LOG.error(e.getMessage(), e);
}
}
}
}
return originalPM;
}
} catch (Exception e) {
LOG.warn(e.getMessage());
}
return null;
}
Also used :
Field(java.lang.reflect.Field)
Dictionary(java.util.Dictionary)
EncryptingPersistenceManager(org.apache.felix.cm.file.EncryptingPersistenceManager)
PersistenceManager(org.apache.felix.cm.PersistenceManager)
Hashtable(java.util.Hashtable)
EncryptionOperationNotPossibleException(org.jasypt.exceptions.EncryptionOperationNotPossibleException)
FabricException(io.fabric8.api.FabricException)
IOException(java.io.IOException)
EncryptionOperationNotPossibleException(org.jasypt.exceptions.EncryptionOperationNotPossibleException)
Example 3 with EncryptionOperationNotPossibleException
use of org.jasypt.exceptions.EncryptionOperationNotPossibleException in project fabric8 by jboss-fuse.
the class EncryptingPersistenceManager method _load.
@Override
Dictionary _load(File cfgFile) throws IOException {
// environments, where files may not be removed which are still open
synchronized (this) {
InputStream ins = null;
try {
ins = new FileInputStream(cfgFile);
Dictionary<String, String> storedProps = ConfigurationHandler.read(ins);
// encrypted properties
if (storedProps.get("fabric.zookeeper.encrypted.values") != null) {
String encryptedValuesList = storedProps.get("fabric.zookeeper.encrypted.values");
String[] encryptedValues = encryptedValuesList.split("\\s*,\\s");
for (String encryptedValue : encryptedValues) {
String value = storedProps.get(encryptedValue);
if (value != null && value.startsWith("crypt:")) {
storedProps.put(encryptedValue + ".encrypted", value);
try {
storedProps.put(encryptedValue, encryptor.decrypt(value.substring("crypt:".length())));
} catch (EncryptionOperationNotPossibleException e) {
LOG.error(e.getMessage(), e);
}
}
}
}
return storedProps;
} finally {
if (ins != null) {
try {
ins.close();
} catch (IOException ioe) {
// ignore
}
}
}
}
}
Also used :
FileInputStream(java.io.FileInputStream)
InputStream(java.io.InputStream)
EncryptionOperationNotPossibleException(org.jasypt.exceptions.EncryptionOperationNotPossibleException)
IOException(java.io.IOException)
FileInputStream(java.io.FileInputStream)
Example 4 with EncryptionOperationNotPossibleException
use of org.jasypt.exceptions.EncryptionOperationNotPossibleException in project incubator-gobblin by apache.
the class PasswordManagerTest method testStrongEncryptionAndDecryption.
@Test
public void testStrongEncryptionAndDecryption() throws IOException {
String password = UUID.randomUUID().toString();
String masterPassword = UUID.randomUUID().toString();
File masterPwdFile = getMasterPwdFile(masterPassword);
State state = new State();
state.setProp(ConfigurationKeys.ENCRYPT_KEY_LOC, masterPwdFile.toString());
state.setProp(ConfigurationKeys.ENCRYPT_USE_STRONG_ENCRYPTOR, true);
try {
StrongTextEncryptor encryptor = new StrongTextEncryptor();
encryptor.setPassword(masterPassword);
String encrypted = encryptor.encrypt(password);
encrypted = "ENC(" + encrypted + ")";
String decrypted = PasswordManager.getInstance(state).readPassword(encrypted);
Assert.assertEquals(decrypted, password);
} catch (EncryptionOperationNotPossibleException e) {
// no strong encryption is supported
}
}
Also used :
StrongTextEncryptor(org.jasypt.util.text.StrongTextEncryptor)
State(org.apache.gobblin.configuration.State)
EncryptionOperationNotPossibleException(org.jasypt.exceptions.EncryptionOperationNotPossibleException)
File(java.io.File)
Test(org.testng.annotations.Test)
Example 5 with EncryptionOperationNotPossibleException
use of org.jasypt.exceptions.EncryptionOperationNotPossibleException in project cloudstack by apache.
the class EncryptionSecretKeyChanger method main.
public static void main(String[] args) {
List<String> argsList = Arrays.asList(args);
Iterator<String> iter = argsList.iterator();
String oldMSKey = null;
String oldDBKey = null;
String newMSKey = null;
String newDBKey = null;
// Parse command-line args
while (iter.hasNext()) {
String arg = iter.next();
// Old MS Key
if (arg.equals("-m")) {
oldMSKey = iter.next();
}
// Old DB Key
if (arg.equals("-d")) {
oldDBKey = iter.next();
}
// New MS Key
if (arg.equals("-n")) {
newMSKey = iter.next();
}
// New DB Key
if (arg.equals("-e")) {
newDBKey = iter.next();
}
}
if (oldMSKey == null || oldDBKey == null) {
System.out.println("Existing MS secret key or DB secret key is not provided");
usage();
return;
}
if (newMSKey == null && newDBKey == null) {
System.out.println("New MS secret key and DB secret are both not provided");
usage();
return;
}
final File dbPropsFile = PropertiesUtil.findConfigFile("db.properties");
final Properties dbProps;
EncryptionSecretKeyChanger keyChanger = new EncryptionSecretKeyChanger();
StandardPBEStringEncryptor encryptor = new StandardPBEStringEncryptor();
keyChanger.initEncryptor(encryptor, oldMSKey);
dbProps = new EncryptableProperties(encryptor);
PropertiesConfiguration backupDBProps = null;
System.out.println("Parsing db.properties file");
try (FileInputStream db_prop_fstream = new FileInputStream(dbPropsFile)) {
dbProps.load(db_prop_fstream);
backupDBProps = new PropertiesConfiguration(dbPropsFile);
} catch (FileNotFoundException e) {
System.out.println("db.properties file not found while reading DB secret key" + e.getMessage());
} catch (IOException e) {
System.out.println("Error while reading DB secret key from db.properties" + e.getMessage());
} catch (ConfigurationException e) {
e.printStackTrace();
}
String dbSecretKey = null;
try {
dbSecretKey = dbProps.getProperty("db.cloud.encrypt.secret");
} catch (EncryptionOperationNotPossibleException e) {
System.out.println("Failed to decrypt existing DB secret key from db.properties. " + e.getMessage());
return;
}
if (!oldDBKey.equals(dbSecretKey)) {
System.out.println("Incorrect MS Secret Key or DB Secret Key");
return;
}
System.out.println("Secret key provided matched the key in db.properties");
final String encryptionType = dbProps.getProperty("db.cloud.encryption.type");
if (newMSKey == null) {
System.out.println("No change in MS Key. Skipping migrating db.properties");
} else {
if (!keyChanger.migrateProperties(dbPropsFile, dbProps, newMSKey, newDBKey)) {
System.out.println("Failed to update db.properties");
return;
} else {
// db.properties updated successfully
if (encryptionType.equals("file")) {
// update key file with new MS key
try (FileWriter fwriter = new FileWriter(keyFile);
BufferedWriter bwriter = new BufferedWriter(fwriter)) {
bwriter.write(newMSKey);
} catch (IOException e) {
System.out.println("Failed to write new secret to file. Please update the file manually");
}
}
}
}
boolean success = false;
if (newDBKey == null || newDBKey.equals(oldDBKey)) {
System.out.println("No change in DB Secret Key. Skipping Data Migration");
} else {
EncryptionSecretKeyChecker.initEncryptorForMigration(oldMSKey);
try {
success = keyChanger.migrateData(oldDBKey, newDBKey);
} catch (Exception e) {
System.out.println("Error during data migration");
e.printStackTrace();
success = false;
}
}
if (success) {
System.out.println("Successfully updated secret key(s)");
} else {
System.out.println("Data Migration failed. Reverting db.properties");
// revert db.properties
try {
backupDBProps.save();
} catch (ConfigurationException e) {
e.printStackTrace();
}
if (encryptionType.equals("file")) {
// revert secret key in file
try (FileWriter fwriter = new FileWriter(keyFile);
BufferedWriter bwriter = new BufferedWriter(fwriter)) {
bwriter.write(oldMSKey);
} catch (IOException e) {
System.out.println("Failed to revert to old secret to file. Please update the file manually");
}
}
}
}
Also used :
FileWriter(java.io.FileWriter)
FileNotFoundException(java.io.FileNotFoundException)
EncryptionOperationNotPossibleException(org.jasypt.exceptions.EncryptionOperationNotPossibleException)
IOException(java.io.IOException)
EncryptableProperties(org.jasypt.properties.EncryptableProperties)
Properties(java.util.Properties)
PropertiesConfiguration(org.apache.commons.configuration.PropertiesConfiguration)
FileInputStream(java.io.FileInputStream)
IOException(java.io.IOException)
FileNotFoundException(java.io.FileNotFoundException)
CloudRuntimeException(com.cloud.utils.exception.CloudRuntimeException)
SQLException(java.sql.SQLException)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
ConfigurationException(org.apache.commons.configuration.ConfigurationException)
EncryptionOperationNotPossibleException(org.jasypt.exceptions.EncryptionOperationNotPossibleException)
BufferedWriter(java.io.BufferedWriter)
StandardPBEStringEncryptor(org.jasypt.encryption.pbe.StandardPBEStringEncryptor)
EncryptableProperties(org.jasypt.properties.EncryptableProperties)
ConfigurationException(org.apache.commons.configuration.ConfigurationException)
File(java.io.File)
Aggregations
EncryptionOperationNotPossibleException (org.jasypt.exceptions.EncryptionOperationNotPossibleException)13
IOException (java.io.IOException)4
CloudRuntimeException (com.cloud.utils.exception.CloudRuntimeException)3
File (java.io.File)3
FileInputStream (java.io.FileInputStream)3
SQLException (java.sql.SQLException)3
ModelAndView (org.springframework.web.servlet.ModelAndView)3
FabricException (io.fabric8.api.FabricException)2
BufferedWriter (java.io.BufferedWriter)2
FileNotFoundException (java.io.FileNotFoundException)2
FileWriter (java.io.FileWriter)2
UnsupportedEncodingException (java.io.UnsupportedEncodingException)2
Properties (java.util.Properties)2
FailedLoginException (javax.security.auth.login.FailedLoginException)2
ConfigurationException (org.apache.commons.configuration.ConfigurationException)2
PropertiesConfiguration (org.apache.commons.configuration.PropertiesConfiguration)2
StandardPBEStringEncryptor (org.jasypt.encryption.pbe.StandardPBEStringEncryptor)2
EncryptableProperties (org.jasypt.properties.EncryptableProperties)2
RequestMapping (org.springframework.web.bind.annotation.RequestMapping)2
FabricService (io.fabric8.api.FabricService)1
