@Override public void access(char[] passwordChars) { try { ps.setClearValue(new String(passwordChars)); protector.encrypt(ps); } catch (EncryptionException e) { throw new IllegalStateException("Protector failed to encrypt password"); } } });
private static void reencryptProtectedStringType(ProtectedStringType ps, String propName, Holder<Integer> modCountHolder, Protector protector) { if (ps == null) { // nothing to do here } else if (ps.isHashed()) { // nothing to do here } else if (ps.getClearValue() != null) { try { protector.encrypt(ps); increment(modCountHolder); } catch (EncryptionException e) { throw new TunnelException(new EncryptionException("Failed to encrypt value for field " + propName + ": " + e.getMessage(), e)); } } else if (ps.getEncryptedDataType() != null) { try { if (!protector.isEncryptedByCurrentKey(ps.getEncryptedDataType())) { ProtectedStringType reencrypted = protector.encryptString(protector.decryptString(ps)); ps.setEncryptedData(reencrypted.getEncryptedDataType()); increment(modCountHolder); } } catch (EncryptionException e) { throw new TunnelException(new EncryptionException("Failed to check/reencrypt value for field " + propName + ": " + e.getMessage(), e)); } } else { // no clear nor encrypted value } }
private static void transformEncryptedValue(ProtectedDataType protectedType, PrismContext prismContext) throws SchemaException{ Protector protector = prismContext.getDefaultProtector(); if (protector == null) { return; } try { protector.decrypt(protectedType); Object clearValue = protectedType.getClearValue(); if (clearValue instanceof String){ String clear = (String) clearValue; if (clear.startsWith("<value>") && clear.endsWith("</value>")){ clear = clear.replace("<value>","").replace("</value>", ""); clearValue = (String) clear; } protectedType.setClearValue(clearValue); protector.encrypt(protectedType); } } catch (EncryptionException ex){ //System.out.println("failed to encrypt.."); throw new IllegalArgumentException("failed to encrypt. " + ex); } }
protector256.encrypt(pdt);
private static void encryptProtectedStringType(Protector protector, ProtectedStringType ps, String propName) throws EncryptionException { if (ps == null) { return; } if (ps.isHashed()) { return; } if (ps.getClearValue() != null) { try { protector.encrypt(ps); } catch (EncryptionException e) { throw new EncryptionException("Failed to encrypt value for field " + propName + ": " + e.getMessage(), e); } } }
protected PrismObject<UserType> getUserOld() throws SchemaException, EncryptionException, IOException { PrismObject<UserType> user = PrismTestUtil.parseObject(USER_OLD_FILE); ProtectedStringType passwordPs = user.asObjectable().getCredentials().getPassword().getValue(); protector.encrypt(passwordPs); return user; }
private void prepareProtectedStringForStorage(ProtectedStringType ps, CredentialsStorageTypeType storageType) throws SchemaException { try { switch (storageType) { case ENCRYPTION: if (ps.isEncrypted()) { break; } if (ps.isHashed()) { throw new SchemaException("Cannot store hashed value in an encrypted form"); } protector.encrypt(ps); break; case HASHING: if (ps.isHashed()) { break; } protector.hash(ps); break; case NONE: throw new SchemaException("Cannot store value on NONE storage form"); default: throw new SchemaException("Unknown storage type: "+storageType); } } catch (EncryptionException e) { throw new SystemException(e.getMessage(), e); } }
/** * MID-4946 */ @Test public void testHashLdapPasswordSshaProtectedStringEncrypted() throws Exception { final String TEST_NAME = "testHashLdapPasswordSshaProtectedStringEncrypted"; TestUtil.displayTestTitle(TEST_NAME); BasicExpressionFunctions basic = createBasicFunctions(); ProtectedStringType protectedString = new ProtectedStringType(); protectedString.setClearValue("whatever"); protector.encrypt(protectedString); assertTrue(protectedString.isEncrypted()); // WHEN String hash1 = basic.hashLdapPassword(protectedString, "SSHA"); // THEN assertLdapHash(hash1); String hash2 = basic.hashLdapPassword(protectedString, "SSHA"); assertNotNull("Null hash2", hash2); assertFalse("Same hash generated twice: "+hash1, hash1.equals(hash2)); }
private void testJackManyPasswordChangesAttempt(String TEST_NAME, String passwordPrefix, CredentialsStorageTypeType storageType, int i) throws Exception { Task task = createTask(TEST_NAME + "-" + i); OperationResult result = task.getResult(); String newPassword = passwordPrefix + i; ProtectedStringType userPasswordPs = new ProtectedStringType(); userPasswordPs.setClearValue(newPassword); if (storageType == CredentialsStorageTypeType.ENCRYPTION) { protector.encrypt(userPasswordPs); } // WHEN displayWhen(TEST_NAME + "-" + i); modifyUserReplace(USER_JACK_OID, PASSWORD_VALUE_PATH, task, result, userPasswordPs); // THEN displayThen(TEST_NAME + "-" + i); assertSuccess(result); PrismObject<UserType> userAfter = getUser(USER_JACK_OID); display("User after", userAfter); assertUserPassword(userAfter, newPassword); assertAssignments(userAfter, 4); assertLinks(userAfter, 4); assertDummyPassword(ACCOUNT_JACK_DUMMY_USERNAME, newPassword); assertDummyPassword(RESOURCE_DUMMY_RED_NAME, ACCOUNT_JACK_DUMMY_USERNAME, newPassword); }
final String userOid = userType.getOid(); protector.encrypt(userType.getCredentials().getPassword().getValue());
protector.encrypt(userType.getCredentials().getPassword().getValue()); assertParentConsistency(user);
protector.encrypt(userType.getCredentials().getPassword().getValue());