@Override protected Object execute0() throws Exception { if (!(passwordHint == null ^ passwordFile == null)) { throw new IllegalCmdParamException( "exactly one of password and password-file must be specified"); } if (passwordHint == null) { passwordHint = new String(IoUtil.read(passwordFile)); } if (!StringUtil.startsWithIgnoreCase(passwordHint, "OBF:")) { throw new IllegalCmdParamException("encrypted password '" + passwordHint + "' does not start with OBF:"); } String password = OBFPasswordService.deobfuscate(passwordHint); if (outFile != null) { saveVerbose("saved the password to file", new File(outFile), new String(password).getBytes()); } else { println("the password is: '" + new String(password) + "'"); } return null; }
public static String eraseSensitiveData(String conf) { if (conf == null || !conf.toLowerCase().contains("password")) { return conf; } try { ConfPairs pairs = new ConfPairs(conf); for (String name : pairs.names()) { if (name.toLowerCase().contains("password")) { String value = pairs.value(name); if (value != null && !StringUtil.startsWithIgnoreCase(value, "PBE:")) { pairs.putPair(name, "<sensitive>"); } } } return pairs.getEncoded(); } catch (Exception ex) { return conf; } }
private static Set<P11SlotIdFilter> getSlotIdFilters(List<Pkcs11conf.Slot> slotTypes) throws InvalidConfException { if (CollectionUtil.isEmpty(slotTypes)) { return null; } Set<P11SlotIdFilter> filters = new HashSet<>(); for (Pkcs11conf.Slot slotType : slotTypes) { Long slotId = null; if (slotType.getId() != null) { String str = slotType.getId().trim(); try { slotId = StringUtil.startsWithIgnoreCase(str, "0X") ? Long.parseLong(str.substring(2), 16) : Long.parseLong(str); } catch (NumberFormatException ex) { String message = "invalid slotId '" + str + "'"; LOG.error(message); throw new InvalidConfException(message); } } filters.add(new P11SlotIdFilter(slotType.getIndex(), slotId)); } return filters; }
if (StringUtil.startsWithIgnoreCase(passwordHint, OBFPasswordService.OBFUSCATE)) { return OBFPasswordService.deobfuscate(passwordHint).toCharArray(); } else {
private static Set<P11SlotIdFilter> getSlotIdFilters(SlotsType type) throws InvalidConfException { if (type == null || CollectionUtil.isEmpty(type.getSlot())) { return null; } Set<P11SlotIdFilter> filters = new HashSet<>(); for (SlotType slotType : type.getSlot()) { Long slotId = null; if (slotType.getId() != null) { String str = slotType.getId().trim(); try { slotId = StringUtil.startsWithIgnoreCase(str, "0X") ? Long.parseLong(str.substring(2), 16) : Long.parseLong(str); } catch (NumberFormatException ex) { String message = "invalid slotId '" + str + "'"; LOG.error(message); throw new InvalidConfException(message); } } filters.add(new P11SlotIdFilter(slotType.getIndex(), slotId)); } return filters; }
} else if ("OBF".equalsIgnoreCase(type)) { pwdCallback = new PasswordCallback.OBF(); if (conf != null && !StringUtil.startsWithIgnoreCase(conf, "OBF:")) { conf = "OBF:" + conf;
String propName = "jdbcUrl"; final String url = props.getProperty(propName); if (StringUtil.startsWithIgnoreCase(url, "jdbc:db2:")) { String sep = ":currentSchema="; int idx = url.indexOf(sep);
if (StringUtil.startsWithIgnoreCase(keystoreConf, "file:")) { String keystoreFile = keystoreConf.substring("file:".length()); keystoreBytes = IoUtil.read(keystoreFile); } else if (StringUtil.startsWithIgnoreCase(keystoreConf, "base64:")) { keystoreBytes = Base64.decode(keystoreConf.substring("base64:".length())); } else {
if (!StringUtil.startsWithIgnoreCase(passwordHint, "PBE:")) { throw new IllegalCmdParamException("encrypted password '" + passwordHint + "' does not start with PBE:");
for (Object objKey : confProperties.keySet()) { String key = (String) objKey; if (!StringUtil.startsWithIgnoreCase(key, "datasource.")) { continue;
if (StringUtil.startsWithIgnoreCase(keystoreConf, "file:")) { String keystoreFile = keystoreConf.substring("file:".length()); try { throw new CaMgmtException("IOException: " + ex.getMessage(), ex); } else if (StringUtil.startsWithIgnoreCase(keystoreConf, "base64:")) { ksBytes = Base64.decode(keystoreConf.substring("base64:".length())); } else {
if (StringUtil.startsWithIgnoreCase(str, "base64:")) { keystoreStream = new ByteArrayInputStream( Base64.decode(str.substring("base64:".length()))); } else if (StringUtil.startsWithIgnoreCase(str, "file:")) { String fn = str.substring("file:".length()); try {
@Override public void addRequestor(MgmtEntry.Requestor requestorEntry) throws CaMgmtException { Args.notNull(requestorEntry, "requestorEntry"); asssertMasterMode(); String name = requestorEntry.getIdent().getName(); if (requestorDbEntries.containsKey(name)) { throw new CaMgmtException(concat("Requestor named ", name, " exists")); } // encrypt the password PasswordResolver pwdResolver = securityFactory.getPasswordResolver(); if (MgmtEntry.Requestor.TYPE_PBM.equalsIgnoreCase(requestorEntry.getType())) { String conf = requestorEntry.getConf(); if (!StringUtil.startsWithIgnoreCase(conf, "PBE:")) { String encryptedPassword; try { encryptedPassword = pwdResolver.protectPassword("PBE", conf.toCharArray()); } catch (PasswordResolverException ex) { throw new CaMgmtException("could not encrypt requestor " + name, ex); } requestorEntry = new MgmtEntry.Requestor(requestorEntry.getIdent(), requestorEntry.getType(), encryptedPassword); } } RequestorEntryWrapper requestor = new RequestorEntryWrapper(); requestor.setDbEntry(requestorEntry, pwdResolver); queryExecutor.addRequestor(requestorEntry); idNameMap.addRequestor(requestorEntry.getIdent()); requestorDbEntries.put(name, requestorEntry); requestors.put(name, requestor); } // method addRequestor
RequestorEntryWrapper changeRequestor(NameId nameId, String type, String conf, PasswordResolver passwordResolver) throws CaMgmtException { Args.notNull(nameId, "nameId"); RequestorEntryWrapper requestor = new RequestorEntryWrapper(); if (MgmtEntry.Requestor.TYPE_PBM.equalsIgnoreCase(type)) { if (!StringUtil.startsWithIgnoreCase(conf, "PBE:")) { try { conf = passwordResolver.protectPassword("PBE", conf.toCharArray()); } catch (PasswordResolverException ex) { throw new CaMgmtException("could not encrypt requestor " + nameId.getName(), ex); } } } requestor.setDbEntry(new MgmtEntry.Requestor(nameId, type, conf), passwordResolver); if (requestor.getDbEntry().isFaulty()) { throw new CaMgmtException("invalid requestor configuration"); } changeIfNotNull("REQUESTOR", col(INT, "ID", nameId.getId()), col(STRING, "TYPE", type), col(STRING, "CONF", conf)); return requestor; } // method changeRequestor
if (rsaKg.getPublicExponent() != null) { String tmp = rsaKg.getPublicExponent(); publicExponent = StringUtil.startsWithIgnoreCase(tmp, "0x") ? new BigInteger(tmp.substring(2), 16) : new BigInteger(tmp);