Examples with ClearPasswordSpec org.wildfly.security.password.spec.ClearPasswordSpec used on opensource projects

Search in sources :

Example 1 with ClearPasswordSpec

use of org.wildfly.security.password.spec.ClearPasswordSpec in project fuse-karaf by jboss-fuse.

the class MaskedPasswordHelper method createCredentialSource.

@Override
public CredentialSource createCredentialSource(final Map<String, String> configuration) throws GeneralSecurityException, IOException {
    final String algorithmParamsBase64 = option(configuration, CREDENTIAL_STORE_PROTECTION_PARAMS, "");
    final Decoder decoder = Base64.getDecoder();
    final byte[] encodedAlgorithmParams = decoder.decode(algorithmParamsBase64);
    final String algorithm = option(configuration, CREDENTIAL_STORE_PROTECTION_ALGORITHM, DEFAULT_ALGORITHM);
    final Provider provider = ProviderHelper.provider(option(configuration, CREDENTIAL_STORE_PROTECTION_PROVIDER, ProviderHelper.WILDFLY_PROVIDER));
    final AlgorithmParameters algorithmParameters = AlgorithmParameters.getInstance(algorithm, provider);
    algorithmParameters.init(encodedAlgorithmParams);
    final MaskedPasswordAlgorithmSpec maskedPasswordAlgorithmSpec = algorithmParameters.getParameterSpec(MaskedPasswordAlgorithmSpec.class);
    final char[] initialKeyMaterial = maskedPasswordAlgorithmSpec.getInitialKeyMaterial();
    final int iterationCount = maskedPasswordAlgorithmSpec.getIterationCount();
    final byte[] salt = maskedPasswordAlgorithmSpec.getSalt();
    final String maskedPasswordBase64 = option(configuration, CREDENTIAL_STORE_PROTECTION, "");
    final byte[] maskedPasswordBytes = decoder.decode(maskedPasswordBase64);
    final MaskedPasswordSpec maskedPasswordSpec = new MaskedPasswordSpec(initialKeyMaterial, iterationCount, salt, maskedPasswordBytes);
    final PasswordFactory passwordFactory = PasswordFactory.getInstance(algorithm, provider);
    final Password maskedPassword = passwordFactory.generatePassword(maskedPasswordSpec);
    final PasswordFactory clearPasswordFactory = PasswordFactory.getInstance(ClearPassword.ALGORITHM_CLEAR, provider);
    final ClearPasswordSpec clearPasswordSpec = passwordFactory.getKeySpec(maskedPassword, ClearPasswordSpec.class);
    final Password password = clearPasswordFactory.generatePassword(clearPasswordSpec);
    final PasswordCredential passwordCredential = new PasswordCredential(password);
    return IdentityCredentials.NONE.withCredential(passwordCredential);
}
Also used : MaskedPasswordSpec(org.wildfly.security.password.spec.MaskedPasswordSpec) PasswordCredential(org.wildfly.security.credential.PasswordCredential) ClearPasswordSpec(org.wildfly.security.password.spec.ClearPasswordSpec) Decoder(java.util.Base64.Decoder) Provider(java.security.Provider) PasswordFactory(org.wildfly.security.password.PasswordFactory) MaskedPasswordAlgorithmSpec(org.wildfly.security.password.spec.MaskedPasswordAlgorithmSpec) AlgorithmParameters(java.security.AlgorithmParameters) MaskedPassword(org.wildfly.security.password.interfaces.MaskedPassword) Password(org.wildfly.security.password.Password) ClearPassword(org.wildfly.security.password.interfaces.ClearPassword)

Example 2 with ClearPasswordSpec

use of org.wildfly.security.password.spec.ClearPasswordSpec in project fuse-karaf by jboss-fuse.

the class CredentialStoreHelperTest method accessCredentialStore.

@Test
public void accessCredentialStore() throws Exception {
    Security.addProvider(new WildFlyElytronProvider());
    // KeyStoreCredentialStore is default algorithm when using
    // org.jboss.fuse.credential.store.karaf.util.CredentialStoreHelper.credentialStoreFromEnvironment()
    // it's a credential store which is backed by a key store
    CredentialStore cs1 = CredentialStore.getInstance("KeyStoreCredentialStore");
    // Credential store implementation which uses the legacy "vault" format
    CredentialStore cs2 = CredentialStore.getInstance("VaultCredentialStore");
    // map-backed credential store implementation
    CredentialStore cs3 = CredentialStore.getInstance("MapCredentialStore");
    LOG.info("Credential Store 1: {}, aliases: {}", cs1, cs1.getAliases());
    LOG.info("Credential Store 2: {}, aliases: {}", cs2, /*cs2.getAliases()*/
    null);
    LOG.info("Credential Store 3: {}, aliases: {}", cs3, cs3.getAliases());
    // KeyStoreCredentialStore uses 3 parameters/attributes
    // - location
    // - modifiable
    // - keyStoreType
    // CHECKSTYLE:OFF
    // from $JAVA_HOME/jre/lib/security/java.security, keystore.type
    LOG.info("Default KeyStore type: {}", KeyStore.getDefaultType());
    LOG.info("KeyStore providers / algorithms:");
    for (Provider p : Providers.getProviderList().providers()) {
        for (Provider.Service s : p.getServices()) {
            if ("KeyStore".equals(s.getType())) {
                LOG.info(" - {} / {}", s.getProvider().getName(), s.getAlgorithm());
            }
        }
    }
    LOG.info("PasswordFactory providers / algorithms:");
    for (Provider p : Providers.getProviderList().providers()) {
        for (Provider.Service s : p.getServices()) {
            if ("PasswordFactory".equals(s.getType())) {
                LOG.info(" - {} / {}", s.getProvider().getName(), s.getAlgorithm());
            }
        }
    }
    LOG.info("SecretKeyFactory providers / algorithms:");
    for (Provider p : Providers.getProviderList().providers()) {
        for (Provider.Service s : p.getServices()) {
            if ("SecretKeyFactory".equals(s.getType())) {
                LOG.info(" - {} / {}", s.getProvider().getName(), s.getAlgorithm());
            }
        }
    }
    LOG.info("Cipher providers / algorithms:");
    for (Provider p : Providers.getProviderList().providers()) {
        for (Provider.Service s : p.getServices()) {
            if ("Cipher".equals(s.getType())) {
                LOG.info(" - {} / {}", s.getProvider().getName(), s.getAlgorithm());
            }
        }
    }
    // CHECKSTYLE:ON
    Password pwd1 = PasswordFactory.getInstance("clear").generatePassword(new ClearPasswordSpec("secret1".toCharArray()));
    Password pwd2 = PasswordFactory.getInstance("clear").generatePassword(new ClearPasswordSpec("secret2".toCharArray()));
    CredentialSource cs = IdentityCredentials.NONE.withCredential(new PasswordCredential(pwd1));
    CredentialStore.ProtectionParameter pp = new CredentialStore.CredentialSourceProtectionParameter(cs);
    Map<String, String> attrs = new HashMap<>();
    attrs.put("keyStoreType", "PKCS12");
    attrs.put("location", String.format("target/credentials-%12d.store", new Date().getTime()));
    cs1.initialize(attrs, pp);
    cs1.store("alias1", new PasswordCredential(pwd2));
    cs1.flush();
    LOG.info("Credential Store 1: {}, aliases: {}", cs1, cs1.getAliases());
    PasswordCredential pwd = cs1.retrieve("alias1", PasswordCredential.class);
    LOG.info("Retrieved password: {}", new String(((ClearPassword) pwd.getPassword()).getPassword()));
}
Also used : ClearPassword(org.wildfly.security.password.interfaces.ClearPassword) HashMap(java.util.HashMap) PasswordCredential(org.wildfly.security.credential.PasswordCredential) ClearPasswordSpec(org.wildfly.security.password.spec.ClearPasswordSpec) WildFlyElytronProvider(org.wildfly.security.WildFlyElytronProvider) Date(java.util.Date) WildFlyElytronProvider(org.wildfly.security.WildFlyElytronProvider) Provider(java.security.Provider) CredentialStore(org.wildfly.security.credential.store.CredentialStore) Password(org.wildfly.security.password.Password) ClearPassword(org.wildfly.security.password.interfaces.ClearPassword) CredentialSource(org.wildfly.security.credential.source.CredentialSource) Test(org.junit.Test)

Example 3 with ClearPasswordSpec

use of org.wildfly.security.password.spec.ClearPasswordSpec in project fuse-karaf by jboss-fuse.

the class ProtectionTypeTest method shouldCreateMaskedPasswordCredentialSourceFromConfiguration.

@Test
public void shouldCreateMaskedPasswordCredentialSourceFromConfiguration() throws IOException, GeneralSecurityException {
    final Map<String, String> configuration = new HashMap<>();
    configuration.put("CREDENTIAL_STORE_PROTECTION_ALGORITHM", MaskedPassword.ALGORITHM_MASKED_MD5_DES);
    configuration.put("CREDENTIAL_STORE_PROTECTION_PARAMS", "MDkEKXNvbWVhcmJpdHJhcnljcmF6eXN0cmluZ3RoYXRkb2Vzbm90bWF0dGVyAgID6AQIHmrp8uDnGLE=");
    configuration.put("CREDENTIAL_STORE_PROTECTION", "mC/60tWnla4bmFn2e5Z8U3CZnjsG9Pvc");
    final CredentialSource credentialSource = ProtectionType.masked.createCredentialSource(configuration);
    assertThat(credentialSource).isNotNull();
    final PasswordCredential credential = credentialSource.getCredential(PasswordCredential.class);
    final Password password = credential.getPassword();
    final PasswordFactory clearPasswordFactory = PasswordFactory.getInstance(ClearPassword.ALGORITHM_CLEAR, new WildFlyElytronProvider());
    final ClearPasswordSpec clearPasswordSpec = clearPasswordFactory.getKeySpec(password, ClearPasswordSpec.class);
    assertThat(new String(clearPasswordSpec.getEncodedPassword())).isEqualTo("my deep dark secret");
}
Also used : PasswordFactory(org.wildfly.security.password.PasswordFactory) HashMap(java.util.HashMap) PasswordCredential(org.wildfly.security.credential.PasswordCredential) ClearPasswordSpec(org.wildfly.security.password.spec.ClearPasswordSpec) WildFlyElytronProvider(org.wildfly.security.WildFlyElytronProvider) CredentialSource(org.wildfly.security.credential.source.CredentialSource) MaskedPassword(org.wildfly.security.password.interfaces.MaskedPassword) Password(org.wildfly.security.password.Password) ClearPassword(org.wildfly.security.password.interfaces.ClearPassword) Test(org.junit.Test)

Example 4 with ClearPasswordSpec

use of org.wildfly.security.password.spec.ClearPasswordSpec in project fuse-karaf by jboss-fuse.

the class ActivatorTest method initializeCredentialStore.

@Before
public void initializeCredentialStore() throws Exception {
    activator.start(null);
    final WildFlyElytronProvider elytron = new WildFlyElytronProvider();
    Security.addProvider(elytron);
    final PasswordFactory passwordFactory = PasswordFactory.getInstance(ClearPassword.ALGORITHM_CLEAR, elytron);
    final Password password = passwordFactory.generatePassword(new ClearPasswordSpec("it was the best of times it was the worst of times".toCharArray()));
    final Credential credential = new PasswordCredential(password);
    final CredentialSource credentialSource = IdentityCredentials.NONE.withCredential(credential);
    credentialStore = CredentialStore.getInstance(KeyStoreCredentialStore.KEY_STORE_CREDENTIAL_STORE, elytron);
    final String storePath = new File(tmp.getRoot(), "credential.store").getAbsolutePath();
    final Map<String, String> parameters = new HashMap<>();
    parameters.put("location", storePath);
    parameters.put("keyStoreType", "JCEKS");
    credentialStore.initialize(parameters, new CredentialStore.CredentialSourceProtectionParameter(credentialSource));
    final Password secret = passwordFactory.generatePassword(new ClearPasswordSpec("this is a password".toCharArray()));
    final Credential value = new PasswordCredential(secret);
    credentialStore.store("alias", value);
    credentialStore.flush();
}
Also used : PasswordCredential(org.wildfly.security.credential.PasswordCredential) Credential(org.wildfly.security.credential.Credential) HashMap(java.util.HashMap) PasswordCredential(org.wildfly.security.credential.PasswordCredential) ClearPasswordSpec(org.wildfly.security.password.spec.ClearPasswordSpec) WildFlyElytronProvider(org.wildfly.security.WildFlyElytronProvider) PasswordFactory(org.wildfly.security.password.PasswordFactory) CredentialStore(org.wildfly.security.credential.store.CredentialStore) KeyStoreCredentialStore(org.wildfly.security.credential.store.impl.KeyStoreCredentialStore) File(java.io.File) Password(org.wildfly.security.password.Password) ClearPassword(org.wildfly.security.password.interfaces.ClearPassword) CredentialSource(org.wildfly.security.credential.source.CredentialSource) Before(org.junit.Before)

Example 5 with ClearPasswordSpec

use of org.wildfly.security.password.spec.ClearPasswordSpec in project fuse-karaf by jboss-fuse.

the class StoreInCredentialStore method execute.

@Override
public Object execute() throws Exception {
    final CredentialStore credentialStore = CredentialStoreHelper.credentialStoreFromEnvironment();
    final PasswordFactory passwordFactory = PasswordFactory.getInstance("clear", ProviderHelper.provider(ProviderHelper.WILDFLY_PROVIDER));
    final Password password = passwordFactory.generatePassword(new ClearPasswordSpec(secret.toCharArray()));
    credentialStore.store(alias, new PasswordCredential(password));
    credentialStore.flush();
    System.out.println("Value stored in the credential store to reference it use: " + CredentialStoreHelper.referenceForAlias(alias));
    return null;
}
Also used : PasswordFactory(org.wildfly.security.password.PasswordFactory) CredentialStore(org.wildfly.security.credential.store.CredentialStore) PasswordCredential(org.wildfly.security.credential.PasswordCredential) ClearPasswordSpec(org.wildfly.security.password.spec.ClearPasswordSpec) Password(org.wildfly.security.password.Password)

Aggregations

PasswordCredential (org.wildfly.security.credential.PasswordCredential)5 Password (org.wildfly.security.password.Password)5 ClearPasswordSpec (org.wildfly.security.password.spec.ClearPasswordSpec)5 PasswordFactory (org.wildfly.security.password.PasswordFactory)4 ClearPassword (org.wildfly.security.password.interfaces.ClearPassword)4 HashMap (java.util.HashMap)3 WildFlyElytronProvider (org.wildfly.security.WildFlyElytronProvider)3 CredentialSource (org.wildfly.security.credential.source.CredentialSource)3 CredentialStore (org.wildfly.security.credential.store.CredentialStore)3 Provider (java.security.Provider)2 Test (org.junit.Test)2 MaskedPassword (org.wildfly.security.password.interfaces.MaskedPassword)2 File (java.io.File)1 AlgorithmParameters (java.security.AlgorithmParameters)1 Decoder (java.util.Base64.Decoder)1 Date (java.util.Date)1 Before (org.junit.Before)1 Credential (org.wildfly.security.credential.Credential)1 KeyStoreCredentialStore (org.wildfly.security.credential.store.impl.KeyStoreCredentialStore)1 MaskedPasswordAlgorithmSpec (org.wildfly.security.password.spec.MaskedPasswordAlgorithmSpec)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial