Example 1 with EncryptableProperties
use of org.jasypt.properties.EncryptableProperties in project CloudStack-archive by CloudStack-extras.
the class EncryptionSecretKeyChanger method main.
public static void main(String[] args) {
List<String> argsList = Arrays.asList(args);
Iterator<String> iter = argsList.iterator();
String oldMSKey = null;
String oldDBKey = null;
String newMSKey = null;
String newDBKey = null;
//Parse command-line args
while (iter.hasNext()) {
String arg = iter.next();
// Old MS Key
if (arg.equals("-m")) {
oldMSKey = iter.next();
}
// Old DB Key
if (arg.equals("-d")) {
oldDBKey = iter.next();
}
// New MS Key
if (arg.equals("-n")) {
newMSKey = iter.next();
}
// New DB Key
if (arg.equals("-e")) {
newDBKey = iter.next();
}
}
if (oldMSKey == null || oldDBKey == null) {
System.out.println("Existing MS secret key or DB secret key is not provided");
usage();
return;
}
if (newMSKey == null && newDBKey == null) {
System.out.println("New MS secret key and DB secret are both not provided");
usage();
return;
}
final File dbPropsFile = PropertiesUtil.findConfigFile("db.properties");
final Properties dbProps;
EncryptionSecretKeyChanger keyChanger = new EncryptionSecretKeyChanger();
StandardPBEStringEncryptor encryptor = new StandardPBEStringEncryptor();
keyChanger.initEncryptor(encryptor, oldMSKey);
dbProps = new EncryptableProperties(encryptor);
PropertiesConfiguration backupDBProps = null;
System.out.println("Parsing db.properties file");
try {
dbProps.load(new FileInputStream(dbPropsFile));
backupDBProps = new PropertiesConfiguration(dbPropsFile);
} catch (FileNotFoundException e) {
System.out.println("db.properties file not found while reading DB secret key" + e.getMessage());
} catch (IOException e) {
System.out.println("Error while reading DB secret key from db.properties" + e.getMessage());
} catch (ConfigurationException e) {
e.printStackTrace();
}
String dbSecretKey = null;
try {
dbSecretKey = dbProps.getProperty("db.cloud.encrypt.secret");
} catch (EncryptionOperationNotPossibleException e) {
System.out.println("Failed to decrypt existing DB secret key from db.properties. " + e.getMessage());
return;
}
if (!oldDBKey.equals(dbSecretKey)) {
System.out.println("Incorrect MS Secret Key or DB Secret Key");
return;
}
System.out.println("Secret key provided matched the key in db.properties");
final String encryptionType = dbProps.getProperty("db.cloud.encryption.type");
if (newMSKey == null) {
System.out.println("No change in MS Key. Skipping migrating db.properties");
} else {
if (!keyChanger.migrateProperties(dbPropsFile, dbProps, newMSKey, newDBKey)) {
System.out.println("Failed to update db.properties");
return;
} else {
//db.properties updated successfully
if (encryptionType.equals("file")) {
//update key file with new MS key
try {
FileWriter fwriter = new FileWriter(keyFile);
BufferedWriter bwriter = new BufferedWriter(fwriter);
bwriter.write(newMSKey);
bwriter.close();
} catch (IOException e) {
System.out.println("Failed to write new secret to file. Please update the file manually");
}
}
}
}
boolean success = false;
if (newDBKey == null || newDBKey.equals(oldDBKey)) {
System.out.println("No change in DB Secret Key. Skipping Data Migration");
} else {
EncryptionSecretKeyChecker.initEncryptorForMigration(oldMSKey);
try {
success = keyChanger.migrateData(oldDBKey, newDBKey);
} catch (Exception e) {
System.out.println("Error during data migration");
e.printStackTrace();
success = false;
}
}
if (success) {
System.out.println("Successfully updated secret key(s)");
} else {
System.out.println("Data Migration failed. Reverting db.properties");
//revert db.properties
try {
backupDBProps.save();
} catch (ConfigurationException e) {
e.printStackTrace();
}
if (encryptionType.equals("file")) {
//revert secret key in file
try {
FileWriter fwriter = new FileWriter(keyFile);
BufferedWriter bwriter = new BufferedWriter(fwriter);
bwriter.write(oldMSKey);
bwriter.close();
} catch (IOException e) {
System.out.println("Failed to revert to old secret to file. Please update the file manually");
}
}
}
}
Also used :
FileWriter(java.io.FileWriter)
FileNotFoundException(java.io.FileNotFoundException)
EncryptionOperationNotPossibleException(org.jasypt.exceptions.EncryptionOperationNotPossibleException)
IOException(java.io.IOException)
EncryptableProperties(org.jasypt.properties.EncryptableProperties)
Properties(java.util.Properties)
PropertiesConfiguration(org.apache.commons.configuration.PropertiesConfiguration)
FileInputStream(java.io.FileInputStream)
IOException(java.io.IOException)
FileNotFoundException(java.io.FileNotFoundException)
CloudRuntimeException(com.cloud.utils.exception.CloudRuntimeException)
SQLException(java.sql.SQLException)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
ConfigurationException(org.apache.commons.configuration.ConfigurationException)
EncryptionOperationNotPossibleException(org.jasypt.exceptions.EncryptionOperationNotPossibleException)
BufferedWriter(java.io.BufferedWriter)
StandardPBEStringEncryptor(org.jasypt.encryption.pbe.StandardPBEStringEncryptor)
EncryptableProperties(org.jasypt.properties.EncryptableProperties)
ConfigurationException(org.apache.commons.configuration.ConfigurationException)
File(java.io.File)
Example 2 with EncryptableProperties
use of org.jasypt.properties.EncryptableProperties in project cosmic by MissionCriticalCloud.
the class DbProperties method getDbProperties.
public static synchronized Properties getDbProperties() {
if (!loaded) {
Properties dbProps = new Properties();
InputStream is = null;
try {
final File props = PropertiesUtil.findConfigFile("db.properties");
if (props != null && props.exists()) {
is = new FileInputStream(props);
}
if (is == null) {
is = PropertiesUtil.openStreamFromURL("db.properties");
}
if (is == null) {
System.err.println("Failed to find db.properties");
log.error("Failed to find db.properties");
}
if (is != null) {
dbProps.load(is);
}
final EncryptionSecretKeyChecker checker = new EncryptionSecretKeyChecker();
checker.check(dbProps);
if (EncryptionSecretKeyChecker.useEncryption()) {
final StandardPBEStringEncryptor encryptor = EncryptionSecretKeyChecker.getEncryptor();
final EncryptableProperties encrDbProps = new EncryptableProperties(encryptor);
encrDbProps.putAll(dbProps);
dbProps = encrDbProps;
}
} catch (final IOException e) {
throw new IllegalStateException("Failed to load db.properties", e);
} finally {
IOUtils.closeQuietly(is);
}
properties = dbProps;
loaded = true;
}
return properties;
}
Also used :
StandardPBEStringEncryptor(org.jasypt.encryption.pbe.StandardPBEStringEncryptor)
EncryptableProperties(org.jasypt.properties.EncryptableProperties)
FileInputStream(java.io.FileInputStream)
InputStream(java.io.InputStream)
IOException(java.io.IOException)
EncryptableProperties(org.jasypt.properties.EncryptableProperties)
Properties(java.util.Properties)
EncryptionSecretKeyChecker(com.cloud.utils.crypt.EncryptionSecretKeyChecker)
File(java.io.File)
FileInputStream(java.io.FileInputStream)
Example 3 with EncryptableProperties
use of org.jasypt.properties.EncryptableProperties in project cloudstack by apache.
the class EncryptionSecretKeyChanger method main.
public static void main(String[] args) {
List<String> argsList = Arrays.asList(args);
Iterator<String> iter = argsList.iterator();
String oldMSKey = null;
String oldDBKey = null;
String newMSKey = null;
String newDBKey = null;
// Parse command-line args
while (iter.hasNext()) {
String arg = iter.next();
// Old MS Key
if (arg.equals("-m")) {
oldMSKey = iter.next();
}
// Old DB Key
if (arg.equals("-d")) {
oldDBKey = iter.next();
}
// New MS Key
if (arg.equals("-n")) {
newMSKey = iter.next();
}
// New DB Key
if (arg.equals("-e")) {
newDBKey = iter.next();
}
}
if (oldMSKey == null || oldDBKey == null) {
System.out.println("Existing MS secret key or DB secret key is not provided");
usage();
return;
}
if (newMSKey == null && newDBKey == null) {
System.out.println("New MS secret key and DB secret are both not provided");
usage();
return;
}
final File dbPropsFile = PropertiesUtil.findConfigFile("db.properties");
final Properties dbProps;
EncryptionSecretKeyChanger keyChanger = new EncryptionSecretKeyChanger();
StandardPBEStringEncryptor encryptor = new StandardPBEStringEncryptor();
keyChanger.initEncryptor(encryptor, oldMSKey);
dbProps = new EncryptableProperties(encryptor);
PropertiesConfiguration backupDBProps = null;
System.out.println("Parsing db.properties file");
try (FileInputStream db_prop_fstream = new FileInputStream(dbPropsFile)) {
dbProps.load(db_prop_fstream);
backupDBProps = new PropertiesConfiguration(dbPropsFile);
} catch (FileNotFoundException e) {
System.out.println("db.properties file not found while reading DB secret key" + e.getMessage());
} catch (IOException e) {
System.out.println("Error while reading DB secret key from db.properties" + e.getMessage());
} catch (ConfigurationException e) {
e.printStackTrace();
}
String dbSecretKey = null;
try {
dbSecretKey = dbProps.getProperty("db.cloud.encrypt.secret");
} catch (EncryptionOperationNotPossibleException e) {
System.out.println("Failed to decrypt existing DB secret key from db.properties. " + e.getMessage());
return;
}
if (!oldDBKey.equals(dbSecretKey)) {
System.out.println("Incorrect MS Secret Key or DB Secret Key");
return;
}
System.out.println("Secret key provided matched the key in db.properties");
final String encryptionType = dbProps.getProperty("db.cloud.encryption.type");
if (newMSKey == null) {
System.out.println("No change in MS Key. Skipping migrating db.properties");
} else {
if (!keyChanger.migrateProperties(dbPropsFile, dbProps, newMSKey, newDBKey)) {
System.out.println("Failed to update db.properties");
return;
} else {
// db.properties updated successfully
if (encryptionType.equals("file")) {
// update key file with new MS key
try (FileWriter fwriter = new FileWriter(keyFile);
BufferedWriter bwriter = new BufferedWriter(fwriter)) {
bwriter.write(newMSKey);
} catch (IOException e) {
System.out.println("Failed to write new secret to file. Please update the file manually");
}
}
}
}
boolean success = false;
if (newDBKey == null || newDBKey.equals(oldDBKey)) {
System.out.println("No change in DB Secret Key. Skipping Data Migration");
} else {
EncryptionSecretKeyChecker.initEncryptorForMigration(oldMSKey);
try {
success = keyChanger.migrateData(oldDBKey, newDBKey);
} catch (Exception e) {
System.out.println("Error during data migration");
e.printStackTrace();
success = false;
}
}
if (success) {
System.out.println("Successfully updated secret key(s)");
} else {
System.out.println("Data Migration failed. Reverting db.properties");
// revert db.properties
try {
backupDBProps.save();
} catch (ConfigurationException e) {
e.printStackTrace();
}
if (encryptionType.equals("file")) {
// revert secret key in file
try (FileWriter fwriter = new FileWriter(keyFile);
BufferedWriter bwriter = new BufferedWriter(fwriter)) {
bwriter.write(oldMSKey);
} catch (IOException e) {
System.out.println("Failed to revert to old secret to file. Please update the file manually");
}
}
}
}
Also used :
FileWriter(java.io.FileWriter)
FileNotFoundException(java.io.FileNotFoundException)
EncryptionOperationNotPossibleException(org.jasypt.exceptions.EncryptionOperationNotPossibleException)
IOException(java.io.IOException)
EncryptableProperties(org.jasypt.properties.EncryptableProperties)
Properties(java.util.Properties)
PropertiesConfiguration(org.apache.commons.configuration.PropertiesConfiguration)
FileInputStream(java.io.FileInputStream)
IOException(java.io.IOException)
FileNotFoundException(java.io.FileNotFoundException)
CloudRuntimeException(com.cloud.utils.exception.CloudRuntimeException)
SQLException(java.sql.SQLException)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
ConfigurationException(org.apache.commons.configuration.ConfigurationException)
EncryptionOperationNotPossibleException(org.jasypt.exceptions.EncryptionOperationNotPossibleException)
BufferedWriter(java.io.BufferedWriter)
StandardPBEStringEncryptor(org.jasypt.encryption.pbe.StandardPBEStringEncryptor)
EncryptableProperties(org.jasypt.properties.EncryptableProperties)
ConfigurationException(org.apache.commons.configuration.ConfigurationException)
File(java.io.File)
Example 4 with EncryptableProperties
use of org.jasypt.properties.EncryptableProperties in project CloudStack-archive by CloudStack-extras.
the class DBEncryptionUtil method initialize.
private static void initialize() {
final File dbPropsFile = PropertiesUtil.findConfigFile("db.properties");
final Properties dbProps;
if (EncryptionSecretKeyChecker.useEncryption()) {
StandardPBEStringEncryptor encryptor = EncryptionSecretKeyChecker.getEncryptor();
dbProps = new EncryptableProperties(encryptor);
try {
dbProps.load(new FileInputStream(dbPropsFile));
} catch (FileNotFoundException e) {
throw new CloudRuntimeException("db.properties file not found while reading DB secret key", e);
} catch (IOException e) {
throw new CloudRuntimeException("Erroe while reading DB secret key from db.properties", e);
}
String dbSecretKey = dbProps.getProperty("db.cloud.encrypt.secret");
if (dbSecretKey == null || dbSecretKey.isEmpty()) {
throw new CloudRuntimeException("Empty DB secret key in db.properties");
}
s_encryptor = new StandardPBEStringEncryptor();
s_encryptor.setAlgorithm("PBEWithMD5AndDES");
s_encryptor.setPassword(dbSecretKey);
} else {
throw new CloudRuntimeException("Trying to encrypt db values when encrytion is not enabled");
}
}
Also used :
StandardPBEStringEncryptor(org.jasypt.encryption.pbe.StandardPBEStringEncryptor)
EncryptableProperties(org.jasypt.properties.EncryptableProperties)
CloudRuntimeException(com.cloud.utils.exception.CloudRuntimeException)
FileNotFoundException(java.io.FileNotFoundException)
IOException(java.io.IOException)
EncryptableProperties(org.jasypt.properties.EncryptableProperties)
Properties(java.util.Properties)
File(java.io.File)
FileInputStream(java.io.FileInputStream)
Example 5 with EncryptableProperties
use of org.jasypt.properties.EncryptableProperties in project uPortal by Jasig.
the class PortalPropertySourcesPlaceholderConfigurer method mergeProperties.
/**
* Override PropertiesLoaderSupport.mergeProprties in order to slip in a properly-configured
* EncryptableProperties instance, allowing us to encrypt property values at rest.
*/
@Override
protected Properties mergeProperties() throws IOException {
Properties rslt = null;
/*
* If properties file encryption is used in this deployment, the
* encryption key will be made available to the application as an
* environment variable called UP_JASYPT_KEY.
*/
final String encryptionKey = System.getenv(JAYSYPT_ENCRYPTION_KEY_VARIABLE);
if (encryptionKey != null) {
log.info("Jasypt support for encrypted property values ENABLED");
StandardPBEStringEncryptor encryptor = new StandardPBEStringEncryptor();
encryptor.setPassword(encryptionKey);
rslt = new EncryptableProperties(encryptor);
if (this.localOverride) {
// Load properties from file upfront, to let local properties override.
loadProperties(rslt);
}
if (this.localProperties != null) {
for (int i = 0; i < this.localProperties.length; i++) {
CollectionUtils.mergePropertiesIntoMap(this.localProperties[i], rslt);
}
}
if (!this.localOverride) {
// Load properties from file afterwards, to let those properties override.
loadProperties(rslt);
}
/*
* END copied from PropertiesLoaderSupport.mergeProperties()
*/
} else {
log.info("Jasypt support for encrypted property values DISABLED; " + "specify environment variable {} to use this feature", JAYSYPT_ENCRYPTION_KEY_VARIABLE);
/*
* The feature is not in use; defer to the Spring-provided
* implementation of this method.
*/
rslt = super.mergeProperties();
}
honorClusterOverrides(rslt);
return rslt;
}
Also used :
StandardPBEStringEncryptor(org.jasypt.encryption.pbe.StandardPBEStringEncryptor)
EncryptableProperties(org.jasypt.properties.EncryptableProperties)
EncryptableProperties(org.jasypt.properties.EncryptableProperties)
Properties(java.util.Properties)
Aggregations
EncryptableProperties (org.jasypt.properties.EncryptableProperties)9
Properties (java.util.Properties)7
StandardPBEStringEncryptor (org.jasypt.encryption.pbe.StandardPBEStringEncryptor)7
IOException (java.io.IOException)6
EncryptionSecretKeyChecker (com.cloud.utils.crypt.EncryptionSecretKeyChecker)5
File (java.io.File)5
FileInputStream (java.io.FileInputStream)5
CloudRuntimeException (com.cloud.utils.exception.CloudRuntimeException)3
FileNotFoundException (java.io.FileNotFoundException)3
BufferedWriter (java.io.BufferedWriter)2
FileWriter (java.io.FileWriter)2
InputStream (java.io.InputStream)2
UnsupportedEncodingException (java.io.UnsupportedEncodingException)2
SQLException (java.sql.SQLException)2
ConfigurationException (org.apache.commons.configuration.ConfigurationException)2
PropertiesConfiguration (org.apache.commons.configuration.PropertiesConfiguration)2
EncryptionOperationNotPossibleException (org.jasypt.exceptions.EncryptionOperationNotPossibleException)2
