Examples with Writer org.platformlayer.auth.crypto.SecretStore.Writer used on opensource projects

Search in sources :

Example 1 with Writer

use of org.platformlayer.auth.crypto.SecretStore.Writer in project platformlayer by platformlayer.

the class JdbcUserRepository method grantProjectToProject.

@Override
@JdbcTransaction
public void grantProjectToProject(String grantToProjectKey, String onProjectKey, SecretKey onProjectSecret) throws RepositoryException {
    DbHelper db = new DbHelper();
    try {
        ProjectEntity grantToProject = db.findProjectByKey(grantToProjectKey);
        if (grantToProject == null) {
            throw new RepositoryException("Project not found");
        }
        ProjectEntity onProject = db.findProjectByKey(onProjectKey);
        if (onProject == null) {
            throw new RepositoryException("Project not found");
        }
        byte[] projectSecretData = onProjectSecret.getEncoded();
        PublicKey grantToProjectPublicKey = grantToProject.getPublicKey();
        byte[] newSecretData;
        try {
            SecretStore store = new SecretStore(onProject.secretData);
            Writer writer = store.buildWriter();
            writer.writeAsymetricProjectKey(projectSecretData, grantToProject.id, grantToProjectPublicKey);
            writer.close();
            store.appendContents(writer);
            newSecretData = store.getEncoded();
        } catch (IOException e) {
            throw new RepositoryException("Error writing secrets", e);
        }
        db.updateProjectSecret(onProject.id, newSecretData);
    // db.insertUserProject(user.id, project.id);
    } catch (SQLException e) {
        throw new RepositoryException("Error reading groups", e);
    } finally {
        db.close();
    }
}
Also used : SQLException(java.sql.SQLException) PublicKey(java.security.PublicKey) RepositoryException(org.platformlayer.RepositoryException) IOException(java.io.IOException) SecretStore(org.platformlayer.auth.crypto.SecretStore) Writer(org.platformlayer.auth.crypto.SecretStore.Writer) JdbcTransaction(com.fathomdb.jdbc.JdbcTransaction)

Example 2 with Writer

use of org.platformlayer.auth.crypto.SecretStore.Writer in project platformlayer by platformlayer.

the class JdbcUserRepository method addUserToProject.

@Override
@JdbcTransaction
public void addUserToProject(String username, String projectKey, CryptoKey projectSecret, List<RoleId> roles) throws RepositoryException {
    DbHelper db = new DbHelper();
    try {
        UserEntity user = db.findUserByKey(username);
        if (user == null) {
            throw new RepositoryException("User not found");
        }
        ProjectEntity project = db.findProjectByKey(projectKey);
        if (project == null) {
            throw new RepositoryException("Project not found");
        }
        byte[] projectSecretData = FathomdbCrypto.serialize(projectSecret);
        PublicKey userPublicKey = user.getPublicKey();
        byte[] newSecretData;
        try {
            SecretStore store = new SecretStore(project.secretData);
            Writer writer = store.buildWriter();
            writer.writeAsymetricUserKey(projectSecretData, user.id, userPublicKey);
            writer.close();
            store.appendContents(writer);
            newSecretData = store.getEncoded();
        } catch (IOException e) {
            throw new RepositoryException("Error writing secrets", e);
        }
        db.updateProjectSecret(project.id, newSecretData);
        UserProjectEntity userProjectEntity = new UserProjectEntity();
        userProjectEntity.userId = user.id;
        userProjectEntity.projectId = project.id;
        userProjectEntity.addRoles(roles);
        db.insertUserProject(userProjectEntity);
    } catch (SQLException e) {
        throw new RepositoryException("Error reading groups", e);
    } finally {
        db.close();
    }
}
Also used : SQLException(java.sql.SQLException) PublicKey(java.security.PublicKey) RepositoryException(org.platformlayer.RepositoryException) IOException(java.io.IOException) SecretStore(org.platformlayer.auth.crypto.SecretStore) Writer(org.platformlayer.auth.crypto.SecretStore.Writer) JdbcTransaction(com.fathomdb.jdbc.JdbcTransaction)

Example 3 with Writer

use of org.platformlayer.auth.crypto.SecretStore.Writer in project platformlayer by platformlayer.

the class JdbcUserRepository method createUser.

@Override
@JdbcTransaction
public UserEntity createUser(String userName, String password, Certificate[] certificateChain) throws RepositoryException {
    DbHelper db = new DbHelper();
    try {
        byte[] secretData;
        byte[] publicKeyHash = null;
        CryptoKey userSecretKey = FathomdbCrypto.generateKey();
        try {
            byte[] userSecret = FathomdbCrypto.serialize(userSecretKey);
            ByteArrayOutputStream baos = new ByteArrayOutputStream();
            SecretStore.Writer writer = new SecretStore.Writer(baos);
            // For password auth
            if (password != null) {
                writer.writeUserPassword(userSecret, password);
            }
            // For token auth
            {
                byte[] tokenSecret = CryptoUtils.generateSecureRandom(userSecret.length);
                writer.writeLockedByToken(userSecret, UserEntity.TOKEN_ID_DEFAULT, tokenSecret);
            }
            // For certificate auth
            if (certificateChain != null) {
                Certificate certificate = certificateChain[0];
                PublicKey publicKey = certificate.getPublicKey();
                publicKeyHash = OpenSshUtils.getSignature(publicKey).toByteArray();
                writer.writeGenericAsymetricKey(userSecret, publicKey);
            }
            writer.close();
            secretData = baos.toByteArray();
        } catch (IOException e) {
            throw new RepositoryException("Error encrypting secrets", e);
        }
        byte[] hashedPassword = null;
        if (password != null) {
            hashedPassword = PasswordHash.doPasswordHash(password);
        }
        // This keypair is for grants etc. The client doesn't (currently) get access to the private key
        KeyPair userRsaKeyPair = RsaUtils.generateRsaKeyPair(RsaUtils.SMALL_KEYSIZE);
        byte[] privateKeyData = RsaUtils.serialize(userRsaKeyPair.getPrivate());
        privateKeyData = FathomdbCrypto.encrypt(userSecretKey, privateKeyData);
        byte[] publicKeyData = RsaUtils.serialize(userRsaKeyPair.getPublic());
        db.insertUser(userName, hashedPassword, secretData, publicKeyData, privateKeyData);
        UserEntity user = findUser(userName);
        if (password != null) {
            user.unlockWithPassword(password);
        }
        if (publicKeyHash != null) {
            UserCertEntity userCert = new UserCertEntity();
            // TODO: Retry on collision
            Random random = new Random();
            userCert.id = random.nextInt();
            userCert.userId = user.id;
            userCert.publicKeyHash = publicKeyHash;
            db.insertUserCert(userCert);
        }
        return user;
    } catch (SQLException e) {
        throw new RepositoryException("Error creating user", e);
    } finally {
        db.close();
    }
}
Also used : KeyPair(java.security.KeyPair) SQLException(java.sql.SQLException) PublicKey(java.security.PublicKey) CryptoKey(com.fathomdb.crypto.CryptoKey) RepositoryException(org.platformlayer.RepositoryException) ByteArrayOutputStream(java.io.ByteArrayOutputStream) IOException(java.io.IOException) Writer(org.platformlayer.auth.crypto.SecretStore.Writer) Random(java.util.Random) SecretStore(org.platformlayer.auth.crypto.SecretStore) Writer(org.platformlayer.auth.crypto.SecretStore.Writer) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate) JdbcTransaction(com.fathomdb.jdbc.JdbcTransaction)

Example 4 with Writer

use of org.platformlayer.auth.crypto.SecretStore.Writer in project platformlayer by platformlayer.

the class JdbcUserRepository method createProject.

@Override
@JdbcTransaction
public ProjectEntity createProject(String key, OpsUser ownerObject) throws RepositoryException {
    UserEntity owner = (UserEntity) ownerObject;
    if (owner.id == 0 || owner.isLocked()) {
        throw new IllegalArgumentException();
    }
    DbHelper db = new DbHelper();
    try {
        ProjectEntity project;
        byte[] secretData;
        byte[] metadata;
        try {
            CryptoKey projectSecret = FathomdbCrypto.generateKey();
            byte[] plaintext = FathomdbCrypto.serialize(projectSecret);
            ByteArrayOutputStream baos = new ByteArrayOutputStream();
            SecretStore.Writer writer = new SecretStore.Writer(baos);
            writer.writeLockedByUserKey(plaintext, owner.id, owner.getUserSecret());
            writer.close();
            secretData = baos.toByteArray();
            String metadataString = key + "\0";
            byte[] metadataPlaintext = Utf8.getBytes(metadataString);
            metadata = FathomdbCrypto.encrypt(projectSecret, metadataPlaintext);
            project = new ProjectEntity();
            project.setProjectSecret(projectSecret);
            KeyPair projectRsaKeyPair = RsaUtils.generateRsaKeyPair(RsaUtils.SMALL_KEYSIZE);
            project.setPublicKey(projectRsaKeyPair.getPublic());
            project.setPrivateKey(projectRsaKeyPair.getPrivate());
        } catch (IOException e) {
            throw new RepositoryException("Error encrypting secrets", e);
        }
        int rows = db.createProject(key, secretData, metadata, project.publicKeyData, project.privateKeyData);
        if (rows != 1) {
            throw new RepositoryException("Unexpected number of rows inserted");
        }
        ProjectEntity created = findProjectByKey(db, key);
        if (created == null) {
            throw new RepositoryException("Created project not found");
        }
        UserProjectEntity userProjectEntity = new UserProjectEntity();
        userProjectEntity.userId = owner.id;
        userProjectEntity.projectId = created.id;
        userProjectEntity.addRole(RoleId.OWNER);
        db.insertUserProject(userProjectEntity);
        return created;
    } catch (SQLException e) {
        throw new RepositoryException("Error creating project", e);
    } finally {
        db.close();
    }
}
Also used : KeyPair(java.security.KeyPair) SQLException(java.sql.SQLException) CryptoKey(com.fathomdb.crypto.CryptoKey) RepositoryException(org.platformlayer.RepositoryException) ByteArrayOutputStream(java.io.ByteArrayOutputStream) IOException(java.io.IOException) Writer(org.platformlayer.auth.crypto.SecretStore.Writer) SecretStore(org.platformlayer.auth.crypto.SecretStore) Writer(org.platformlayer.auth.crypto.SecretStore.Writer) JdbcTransaction(com.fathomdb.jdbc.JdbcTransaction)

Aggregations

JdbcTransaction (com.fathomdb.jdbc.JdbcTransaction)4 IOException (java.io.IOException)4 SQLException (java.sql.SQLException)4 RepositoryException (org.platformlayer.RepositoryException)4 SecretStore (org.platformlayer.auth.crypto.SecretStore)4 Writer (org.platformlayer.auth.crypto.SecretStore.Writer)4 PublicKey (java.security.PublicKey)3 CryptoKey (com.fathomdb.crypto.CryptoKey)2 ByteArrayOutputStream (java.io.ByteArrayOutputStream)2 KeyPair (java.security.KeyPair)2 Certificate (java.security.cert.Certificate)1 X509Certificate (java.security.cert.X509Certificate)1 Random (java.util.Random)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial