protected void writeKeystoreToFile(final KeyStore keyStore, final File file) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException { // TODO: backup the keystore on disk before attempting a write and restore on failure try( final FileOutputStream out = new FileOutputStream(file) ) { keyStore.store( out, masterService.getMasterSecret() ); } }
protected void writeKeystoreToFile(final KeyStore keyStore, final File file) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException { // TODO: backup the keystore on disk before attempting a write and restore on failure try( OutputStream out = Files.newOutputStream(file.toPath()) ) { keyStore.store( out, masterService.getMasterSecret() ); } }
@Override public char[] getGatewayIdentityPassphrase() throws AliasServiceException { char[] passphrase = getPasswordFromAliasForGateway(GATEWAY_IDENTITY_PASSPHRASE); if (passphrase == null) { passphrase = masterService.getMasterSecret(); } return passphrase; }
@Override public char[] getGatewayIdentityPassphrase() throws AliasServiceException { char[] passphrase = getPasswordFromAliasForGateway( GATEWAY_IDENTITY_PASSPHRASE); if (passphrase == null) { passphrase = ms.getMasterSecret(); } return passphrase; }
@Override public char[] getGatewayIdentityPassphrase() throws AliasServiceException { char[] passphrase = getPasswordFromAliasForGateway(GATEWAY_IDENTITY_PASSPHRASE); if (passphrase == null) { passphrase = masterService.getMasterSecret(); } return passphrase; }
protected void addCredential(String alias, String value, KeyStore ks) { if (ks != null) { try { final Key key = new SecretKeySpec(value.getBytes(StandardCharsets.UTF_8), "AES"); ks.setKeyEntry( alias, key, masterService.getMasterSecret(), null); } catch (KeyStoreException e) { LOG.failedToAddCredential(e); } } }
protected char[] getCredential(String alias, char[] credential, KeyStore ks) { if (ks != null) { try { credential = new String(ks.getKey(alias, masterService.getMasterSecret()).getEncoded(), StandardCharsets.UTF_8).toCharArray(); } catch (UnrecoverableKeyException | NoSuchAlgorithmException | KeyStoreException e) { LOG.failedToGetCredential(e); } } return credential; }
@Override public char[] getGatewayIdentityPassphrase() throws AliasServiceException { char[] passphrase = getPasswordFromAliasForGateway( GATEWAY_IDENTITY_PASSPHRASE); if (passphrase == null) { passphrase = ms.getMasterSecret(); } return passphrase; }
protected void addCredential(String alias, String value, KeyStore ks) { if (ks != null) { try { final Key key = new SecretKeySpec(value.getBytes(StandardCharsets.UTF_8), "AES"); ks.setKeyEntry( alias, key, masterService.getMasterSecret(), null); } catch (KeyStoreException e) { LOG.failedToAddCredential(e); } } }
protected boolean isKeystoreAvailable(final File keyStoreFile, String storeType) throws KeyStoreException, IOException { if ( keyStoreFile.exists() ) { try (InputStream input = Files.newInputStream(keyStoreFile.toPath())){ final KeyStore keyStore = KeyStore.getInstance(storeType); keyStore.load( input, masterService.getMasterSecret() ); return true; } catch (NoSuchAlgorithmException | CertificateException e) { LOG.failedToLoadKeystore( keyStoreFile.getName(), storeType, e ); } catch (IOException | KeyStoreException e) { LOG.failedToLoadKeystore( keyStoreFile.getName(), storeType, e ); throw e; } } return false; }
protected void createKeystore(String filename, String keystoreType) throws KeystoreServiceException { try (OutputStream out = createKeyStoreFile( filename )) { KeyStore ks = KeyStore.getInstance(keystoreType); ks.load( null, null ); ks.store( out, masterService.getMasterSecret() ); } catch (NoSuchAlgorithmException | CertificateException | KeyStoreException | IOException e) { LOG.failedToCreateKeystore( filename, keystoreType, e ); throw new KeystoreServiceException(e); } }
protected char[] getCredential(String alias, char[] credential, KeyStore ks) { if (ks != null) { try { credential = new String(ks.getKey(alias, masterService.getMasterSecret()).getEncoded(), StandardCharsets.UTF_8).toCharArray(); } catch (UnrecoverableKeyException e) { LOG.failedToGetCredential(e); } catch (KeyStoreException e) { LOG.failedToGetCredential(e); } catch (NoSuchAlgorithmException e) { LOG.failedToGetCredential(e); } } return credential; }
protected KeyStore getKeystore(final File keyStoreFile, String storeType) throws KeystoreServiceException { KeyStore credStore; try { credStore = loadKeyStore( keyStoreFile, masterService.getMasterSecret(), storeType); } catch (CertificateException | IOException | NoSuchAlgorithmException | KeyStoreException e) { LOG.failedToLoadKeystore( keyStoreFile.getName(), storeType, e ); throw new KeystoreServiceException(e); } return credStore; }
@Override public Key getSigningKey(String keystoreName, String alias, char[] passphrase) throws KeystoreServiceException { Key key = null; readLock.lock(); try { KeyStore ks = getSigningKeystore(keystoreName); if (passphrase == null) { passphrase = masterService.getMasterSecret(); LOG.assumingKeyPassphraseIsMaster(); } if (ks != null) { try { key = ks.getKey(alias, passphrase); } catch (UnrecoverableKeyException | NoSuchAlgorithmException | KeyStoreException e) { LOG.failedToGetKeyForGateway( alias, e ); } } return key; } finally { readLock.unlock(); } }
@Override public Key getKeyForGateway(String alias, char[] passphrase) throws KeystoreServiceException { Key key = null; readLock.lock(); try { KeyStore ks = getKeystoreForGateway(); if (passphrase == null) { passphrase = masterService.getMasterSecret(); LOG.assumingKeyPassphraseIsMaster(); } if (ks != null) { try { key = ks.getKey(alias, passphrase); } catch (UnrecoverableKeyException | NoSuchAlgorithmException | KeyStoreException e) { LOG.failedToGetKeyForGateway( alias, e ); } } return key; } finally { readLock.unlock(); } }
@Override public Key getSigningKey(String keystoreName, String alias, char[] passphrase) throws KeystoreServiceException { Key key = null; readLock.lock(); try { KeyStore ks = getSigningKeystore(keystoreName); if (passphrase == null) { passphrase = masterService.getMasterSecret(); LOG.assumingKeyPassphraseIsMaster(); } if (ks != null) { try { key = ks.getKey(alias, passphrase); } catch (UnrecoverableKeyException e) { LOG.failedToGetKeyForGateway( alias, e ); } catch (KeyStoreException e) { LOG.failedToGetKeyForGateway( alias, e ); } catch (NoSuchAlgorithmException e) { LOG.failedToGetKeyForGateway( alias, e ); } } return key; } finally { readLock.unlock(); } }
protected KeyStore getKeystore(final File keyStoreFile, String storeType) throws KeystoreServiceException { KeyStore credStore = null; try { credStore = loadKeyStore( keyStoreFile, masterService.getMasterSecret(), storeType); } catch (CertificateException e) { LOG.failedToLoadKeystore( keyStoreFile.getName(), storeType, e ); throw new KeystoreServiceException(e); } catch (KeyStoreException e) { LOG.failedToLoadKeystore( keyStoreFile.getName(), storeType, e ); throw new KeystoreServiceException(e); } catch (NoSuchAlgorithmException e) { LOG.failedToLoadKeystore( keyStoreFile.getName(), storeType, e ); throw new KeystoreServiceException(e); } catch (IOException e) { LOG.failedToLoadKeystore( keyStoreFile.getName(), storeType, e ); throw new KeystoreServiceException(e); } return credStore; }
@Override public void init(final GatewayConfig config, final Map<String, String> options) throws ServiceLifecycleException { this.config = config; /* setup and initialize encryptor for encryption and decryption of passwords */ encryptor = new ConfigurableEncryptor(new String(ms.getMasterSecret())); encryptor.init(config); /* If we have remote registry configured, query it */ final String clientName = config.getRemoteConfigurationMonitorClientName(); if (clientName != null) { if (registryClientService != null) { remoteClient = registryClientService.get(clientName); } else { throw new ServiceLifecycleException( "Remote configuration registry not initialized"); } } else { LOG.missingClientConfigurationForRemoteMonitoring(); } }
@Override public void init(final GatewayConfig config, final Map<String, String> options) throws ServiceLifecycleException { this.config = config; this.options = options; /* setup and initialize encryptor for encryption and decryption of passwords */ encryptor = new ConfigurableEncryptor(new String(ms.getMasterSecret())); encryptor.init(config); /* If we have remote registry configured, query it */ final String clientName = config.getRemoteConfigurationMonitorClientName(); if (clientName != null) { if (registryClientService != null) { remoteClient = registryClientService.get(clientName); } else { throw new ServiceLifecycleException( "Remote configuration registry not initialized"); } } else { LOG.missingClientConfigurationForRemoteMonitoring(); } }
protected void createKeystore(String filename, String keystoreType) throws KeystoreServiceException { try { FileOutputStream out = createKeyStoreFile( filename ); KeyStore ks = KeyStore.getInstance(keystoreType); ks.load( null, null ); ks.store( out, masterService.getMasterSecret() ); out.close(); } catch (KeyStoreException e) { LOG.failedToCreateKeystore( filename, keystoreType, e ); throw new KeystoreServiceException(e); } catch (NoSuchAlgorithmException e) { LOG.failedToCreateKeystore( filename, keystoreType, e ); throw new KeystoreServiceException(e); } catch (CertificateException e) { LOG.failedToCreateKeystore( filename, keystoreType, e ); throw new KeystoreServiceException(e); } catch (FileNotFoundException e) { LOG.failedToCreateKeystore( filename, keystoreType, e ); throw new KeystoreServiceException(e); } catch (IOException e) { LOG.failedToCreateKeystore( filename, keystoreType, e ); throw new KeystoreServiceException(e); } }