@Test public void testLoadPasswordNoKeystore() { final KeyStoreHelper serverHelper = new KeyStoreHelper(); try { serverHelper.getPasswordKey(null, null); fail(); } catch (final RuntimeException re) { assertTrue(true); } }
System.setProperty( KeyStoreConstants.PROP_PVT_ALIAS, KEY_ALIAS ); System.setProperty( KeyStoreConstants.PROP_PVT_PWD, KEY_PASSWORD ); final KeyStoreHelper serverHelper = new KeyStoreHelper(); final byte[] signature = serverHelper.signDataWithPrivateKey(data ); System.setProperty( KeyStoreConstants.PROP_PUB_KS_PWD, KEYSTORE_CLIENT_PASSWORD ); final KeyStoreHelper clientHelper = new KeyStoreHelper( ); assertTrue( clientHelper.checkDataWithPublicKey( KEY_ALIAS, data, signature ) ); assertFalse( clientHelper.checkDataWithPublicKey( KEY_ALIAS, "fake".getBytes( "UTF8" ), signature ) );
private static void sign(ProtobufMessages.Header.Builder _header, byte[] buff ) { KeyStoreHelper helper = new KeyStoreHelper(); if (helper.isSigned()) { try { _header.setSignature( ProtobufMessages.Signature.newBuilder() .setKeyAlias( helper.getPvtKeyAlias() ) .setSignature( ByteString.copyFrom( helper.signDataWithPrivateKey( buff ) ) ) .build() ); } catch (Exception e) { throw new RuntimeDroolsException( "Error signing session: " + e.getMessage(), e ); } } }
private static void checkSignature(Header _header, byte[] sessionbuff) { KeyStoreHelper helper = new KeyStoreHelper(); boolean signed = _header.hasSignature(); if ( helper.isSigned() != signed ) { throw new RuntimeDroolsException( "This environment is configured to work with " + (helper.isSigned() ? "signed" : "unsigned") + " serialized objects, but the given object is " + (signed ? "signed" : "unsigned") + ". Deserialization aborted." ); if ( helper.getPubKeyStore() == null ) { throw new RuntimeDroolsException( "The session was serialized with a signature. Please configure a public keystore with the public key to check the signature. Deserialization aborted." ); if ( !helper.checkDataWithPublicKey( _header.getSignature().getKeyAlias(), sessionbuff, _header.getSignature().getSignature().toByteArray() ) ) {
KeyStoreHelper helper = new KeyStoreHelper(); stream.writeBoolean( helper.isSigned() ); if (helper.isSigned()) { stream.writeObject( helper.getPvtKeyAlias() ); byte[] buff = bos.toByteArray(); stream.writeObject( buff ); if (helper.isSigned()) { sign( stream, helper,
KeyStoreHelper helper = new KeyStoreHelper(); boolean signed = stream.readBoolean(); if (helper.isSigned() != signed) { throw new RuntimeDroolsException( "This environment is configured to work with " + ( helper.isSigned() ? "signed" : "unsigned" ) + " serialized objects, but the given object is " + ( signed ? "signed" : "unsigned" ) + ". Deserialization aborted." ); if (signed) { pubKeyAlias = (String) stream.readObject(); if (helper.getPubKeyStore() == null) { throw new RuntimeDroolsException( "The package was serialized with a signature. Please configure a public keystore with the public key to check the signature. Deserialization aborted." );
private void sign( final ObjectOutput stream, KeyStoreHelper helper, byte[] buff ) { try { stream.writeObject( helper.signDataWithPrivateKey( buff ) ); } catch (Exception e) { throw new RuntimeDroolsException( "Error signing object store: " + e.getMessage(), e ); } }
private void checkSignature( final ObjectInput stream, final KeyStoreHelper helper, final byte[] bytes, final String pubKeyAlias ) throws ClassNotFoundException, IOException { byte[] signature = (byte[]) stream.readObject(); try { if (!helper.checkDataWithPublicKey( pubKeyAlias, bytes, signature )) { throw new RuntimeDroolsException( "Signature does not match serialized package. This is a security violation. Deserialisation aborted." ); } } catch (InvalidKeyException e) { throw new RuntimeDroolsException( "Invalid key checking signature: " + e.getMessage(), e ); } catch (KeyStoreException e) { throw new RuntimeDroolsException( "Error accessing Key Store: " + e.getMessage(), e ); } catch (NoSuchAlgorithmException e) { throw new RuntimeDroolsException( "No algorithm available: " + e.getMessage(), e ); } catch (SignatureException e) { throw new RuntimeDroolsException( "Signature Exception: " + e.getMessage(), e ); } }
initKeyStore(); } catch ( Exception e ) { throw new RuntimeDroolsException( "Error initialising KeyStore: " + e.getMessage(),
@Test public void testLoadPassword() throws CertificateException, NoSuchAlgorithmException, IOException, KeyStoreException, InvalidKeyException, InvalidKeySpecException { final SecretKey storedSecretKey = storeKeyIntoKeyStoreFile(KEY_PHRASE); // Set properties to simulate the server final URL serverKeyStoreURL = getClass().getResource(KEYSTORE_JCEKS_RESOURCE_NAME); System.setProperty(KeyStoreConstants.PROP_PWD_KS_URL, serverKeyStoreURL.toExternalForm()); System.setProperty(KeyStoreConstants.PROP_PWD_KS_PWD, KEYSTORE_SERVER_PASSWORD); try { final KeyStoreHelper serverHelper = new KeyStoreHelper(); final String passwordKey = serverHelper.getPasswordKey(KEY_ALIAS, KEY_PASSWORD.toCharArray()); assertEquals(new String(storedSecretKey.getEncoded()), passwordKey); } catch (final RuntimeException re) { re.printStackTrace(); fail(re.getMessage()); } }
public static String loadControllerPassword(final String defaultPassword) { KeyStoreHelper keyStoreHelper = new KeyStoreHelper(); try { String pwdKeyAlias = System.getProperty(PROP_PWD_CTRL_ALIAS, ""); char[] pwdKeyPassword = System.getProperty(PROP_PWD_CTRL_PWD, "").toCharArray(); return keyStoreHelper.getPasswordKey(pwdKeyAlias, pwdKeyPassword); } catch (RuntimeException re) { logger.warn("Unable to load key store. Using password from configuration"); return defaultPassword; } } }
public static String loadControllerPassword(final String defaultPassword) { KeyStoreHelper keyStoreHelper = new KeyStoreHelper(); try { String pwdKeyAlias = System.getProperty(PROP_PWD_CTRL_ALIAS, ""); char[] pwdKeyPassword = System.getProperty(PROP_PWD_CTRL_PWD, "").toCharArray(); return keyStoreHelper.getPasswordKey(pwdKeyAlias, pwdKeyPassword); } catch (RuntimeException re) { logger.warn("Unable to load key store. Using password from configuration"); return defaultPassword; } } }
public static String loadServerPassword() { String passwordKey; KeyStoreHelper keyStoreHelper = new KeyStoreHelper(); try { String pwdKeyAlias = System.getProperty(PROP_PWD_SERVER_ALIAS, ""); char[] pwdKeyPassword = System.getProperty(PROP_PWD_SERVER_PWD, "").toCharArray(); passwordKey = keyStoreHelper.getPasswordKey(pwdKeyAlias, pwdKeyPassword); } catch (RuntimeException re) { logger.warn("Unable to load key store. Using password from configuration"); passwordKey = System.getProperty(KieServerConstants.CFG_KIE_PASSWORD, "kieserver1!"); } return passwordKey; }
public static String loadServerPassword() { String passwordKey; KeyStoreHelper keyStoreHelper = new KeyStoreHelper(); try { String pwdKeyAlias = System.getProperty(PROP_PWD_SERVER_ALIAS, ""); char[] pwdKeyPassword = System.getProperty(PROP_PWD_SERVER_PWD, "").toCharArray(); passwordKey = keyStoreHelper.getPasswordKey(pwdKeyAlias, pwdKeyPassword); } catch (RuntimeException re) { logger.warn("Unable to load key store. Using password from configuration"); passwordKey = System.getProperty(KieServerConstants.CFG_KIE_PASSWORD, "kieserver1!"); } return passwordKey; }