Commit e902d50b authored by Spiros Koulouzis's avatar Spiros Koulouzis

added encryption

parent a9a921fd
...@@ -6,12 +6,22 @@ ...@@ -6,12 +6,22 @@
package nl.uva.sne.drip.service; package nl.uva.sne.drip.service;
import com.fasterxml.jackson.core.JsonProcessingException; import com.fasterxml.jackson.core.JsonProcessingException;
import java.io.UnsupportedEncodingException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.List; import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.crypto.BadPaddingException;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import nl.uva.sne.drip.commons.utils.Converter;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service; import org.springframework.stereotype.Service;
import nl.uva.sne.drip.dao.CredentialDAO; import nl.uva.sne.drip.dao.CredentialDAO;
import nl.uva.sne.drip.model.tosca.Credential; import nl.uva.sne.drip.model.tosca.Credential;
import org.springframework.beans.factory.annotation.Value;
/** /**
* *
...@@ -20,17 +30,21 @@ import nl.uva.sne.drip.model.tosca.Credential; ...@@ -20,17 +30,21 @@ import nl.uva.sne.drip.model.tosca.Credential;
@Service @Service
public class CredentialService { public class CredentialService {
@Value("${credential.secret}")
private String credentialSecret;
@Autowired @Autowired
private CredentialDAO dao; private CredentialDAO dao;
public String save(Credential document) { public String save(Credential document) throws UnsupportedEncodingException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
dao.save(document);
dao.save(encryptCredential(document));
return document.getId(); return document.getId();
} }
public Credential findByID(String id) throws JsonProcessingException { public Credential findByID(String id) {
Credential credentials = dao.findById(id).get(); Credential credential = dao.findById(id).get();
return credentials; return credential;
} }
public void deleteByID(String id) { public void deleteByID(String id) {
...@@ -54,4 +68,21 @@ public class CredentialService { ...@@ -54,4 +68,21 @@ public class CredentialService {
return dao.findBycloudProviderName(provider); return dao.findBycloudProviderName(provider);
} }
private Credential encryptCredential(Credential credential) throws UnsupportedEncodingException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
Map<String, String> credKeys = credential.getKeys();
Set<String> keySet = credKeys.keySet();
for (String key : keySet) {
String credKey = credKeys.get(key);
if (credKey != null) {
credKeys.put(key, Converter.encryptString(credKey, credentialSecret));
}
}
String token = credential.getToken();
if (token != null) {
credential.setToken(Converter.encryptString(token, credentialSecret));
}
return credential;
}
} }
...@@ -18,4 +18,6 @@ db.name=drip ...@@ -18,4 +18,6 @@ db.name=drip
db.username=drip-user db.username=drip-user
db.password=drip-pass db.password=drip-pass
sure-tosca.base.path=http://localhost:8081/tosca-sure/1.0.0 sure-tosca.base.path=http://localhost:8081/tosca-sure/1.0.0
\ No newline at end of file
credential.secret=top_secret
\ No newline at end of file
...@@ -28,6 +28,8 @@ import java.io.File; ...@@ -28,6 +28,8 @@ import java.io.File;
import java.io.FileInputStream; import java.io.FileInputStream;
import java.io.FileNotFoundException; import java.io.FileNotFoundException;
import java.io.IOException; import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException; import java.security.NoSuchAlgorithmException;
import java.util.HashMap; import java.util.HashMap;
import java.util.List; import java.util.List;
...@@ -37,6 +39,9 @@ import java.util.Set; ...@@ -37,6 +39,9 @@ import java.util.Set;
import java.util.concurrent.TimeoutException; import java.util.concurrent.TimeoutException;
import java.util.logging.Level; import java.util.logging.Level;
import java.util.logging.Logger; import java.util.logging.Logger;
import javax.crypto.BadPaddingException;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import nl.uva.sne.drip.Swagger2SpringBoot; import nl.uva.sne.drip.Swagger2SpringBoot;
import nl.uva.sne.drip.api.NotFoundException; import nl.uva.sne.drip.api.NotFoundException;
import nl.uva.sne.drip.commons.utils.Constants; import nl.uva.sne.drip.commons.utils.Constants;
...@@ -301,7 +306,7 @@ public class ServiceTests { ...@@ -301,7 +306,7 @@ public class ServiceTests {
* Test of save method, of class CredentialService. * Test of save method, of class CredentialService.
*/ */
@Test @Test
public void testCredentialServiceSave() { public void testCredentialServiceSave() throws UnsupportedEncodingException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
Logger.getLogger(ServiceTests.class.getName()).log(Level.INFO, "save"); Logger.getLogger(ServiceTests.class.getName()).log(Level.INFO, "save");
saveCredential(); saveCredential();
} }
...@@ -332,7 +337,7 @@ public class ServiceTests { ...@@ -332,7 +337,7 @@ public class ServiceTests {
assertEquals(keystorFileChecksum, keystorFileCopyChecksum); assertEquals(keystorFileChecksum, keystorFileCopyChecksum);
} }
public String saveCredential() { public String saveCredential() throws UnsupportedEncodingException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
Logger.getLogger(ServiceTests.class.getName()).log(Level.INFO, "saveCredential"); Logger.getLogger(ServiceTests.class.getName()).log(Level.INFO, "saveCredential");
Credential document = new Credential(); Credential document = new Credential();
document.setCloudProviderName("exogeni"); document.setCloudProviderName("exogeni");
...@@ -364,7 +369,7 @@ public class ServiceTests { ...@@ -364,7 +369,7 @@ public class ServiceTests {
* @throws com.fasterxml.jackson.core.JsonProcessingException * @throws com.fasterxml.jackson.core.JsonProcessingException
*/ */
@Test @Test
public void testCredentialServiceDeleteByID() throws JsonProcessingException { public void testCredentialServiceDeleteByID() throws JsonProcessingException, UnsupportedEncodingException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
Logger.getLogger(ServiceTests.class.getName()).log(Level.INFO, "deleteByID"); Logger.getLogger(ServiceTests.class.getName()).log(Level.INFO, "deleteByID");
String id = saveCredential(); String id = saveCredential();
credentialService.deleteByID(id); credentialService.deleteByID(id);
...@@ -382,7 +387,7 @@ public class ServiceTests { ...@@ -382,7 +387,7 @@ public class ServiceTests {
* Test of getAllIds method, of class CredentialService. * Test of getAllIds method, of class CredentialService.
*/ */
@Test @Test
public void testCredentialServiceGetAllIds() { public void testCredentialServiceGetAllIds() throws UnsupportedEncodingException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
Logger.getLogger(ServiceTests.class.getName()).log(Level.INFO, "getAllIds"); Logger.getLogger(ServiceTests.class.getName()).log(Level.INFO, "getAllIds");
testCredentialServiceDeleteAll(); testCredentialServiceDeleteAll();
int numOfINst = 3; int numOfINst = 3;
...@@ -404,7 +409,7 @@ public class ServiceTests { ...@@ -404,7 +409,7 @@ public class ServiceTests {
} }
@Test @Test
public void testSetProvisionerOperation() throws FileNotFoundException, IOException, MissingCredentialsException, ApiException, TypeExeption, JsonProcessingException, TimeoutException, InterruptedException, NotFoundException, MissingVMTopologyException { public void testSetProvisionerOperation() throws FileNotFoundException, IOException, MissingCredentialsException, ApiException, TypeExeption, JsonProcessingException, TimeoutException, InterruptedException, NotFoundException, MissingVMTopologyException, UnsupportedEncodingException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
if (ToscaHelper.isServiceUp(sureToscaBasePath) && ToscaHelper.isServiceUp("http://" + messageBrokerHost + ":15672")) { if (ToscaHelper.isServiceUp(sureToscaBasePath) && ToscaHelper.isServiceUp("http://" + messageBrokerHost + ":15672")) {
addRandomCredential("ExoGENI"); addRandomCredential("ExoGENI");
...@@ -447,7 +452,7 @@ public class ServiceTests { ...@@ -447,7 +452,7 @@ public class ServiceTests {
} }
} }
private void addRandomCredential(String providerName) { private void addRandomCredential(String providerName) throws UnsupportedEncodingException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
Credential document = new Credential(); Credential document = new Credential();
document.setCloudProviderName(providerName); document.setCloudProviderName(providerName);
Map<String, String> keys = new HashMap<>(); Map<String, String> keys = new HashMap<>();
......
...@@ -8,7 +8,7 @@ CMD jar -xf provisioner-3.0.0-jar-with-dependencies.jar application.properties & ...@@ -8,7 +8,7 @@ CMD jar -xf provisioner-3.0.0-jar-with-dependencies.jar application.properties &
sed -ie "s#^message.broker.host=.*#message.broker.host=$RABBITMQ_HOST#" application.properties && \ sed -ie "s#^message.broker.host=.*#message.broker.host=$RABBITMQ_HOST#" application.properties && \
sed -ie "s#^sure-tosca.base.path=.*#sure-tosca.base.path=$SURE_TOSCA_BASE_PATH#" application.properties && \ sed -ie "s#^sure-tosca.base.path=.*#sure-tosca.base.path=$SURE_TOSCA_BASE_PATH#" application.properties && \
ENCRYPTION_PASSWORD=`date +%s | sha256sum | base64 | head -c 32 ; echo` && \ ENCRYPTION_PASSWORD=`date +%s | sha256sum | base64 | head -c 32 ; echo` && \
sed -ie "s#^secret=.*#secret=$ENCRYPTION_PASSWORD#" application.properties && \ echo "cloud.storm.secret=$ENCRYPTION_PASSWORD" >> application.properties && \
echo "cloud.storm.db.path=/etc/UD" >> application.properties && \ echo "cloud.storm.db.path=/etc/UD" >> application.properties && \
cat application.properties && \ cat application.properties && \
jar -uf provisioner-3.0.0-jar-with-dependencies.jar application.properties && \ jar -uf provisioner-3.0.0-jar-with-dependencies.jar application.properties && \
......
...@@ -113,7 +113,7 @@ class CloudStormService { ...@@ -113,7 +113,7 @@ class CloudStormService {
if (sureToscaBasePath == null) { if (sureToscaBasePath == null) {
throw new NullPointerException("sureToscaBasePath cannot be null"); throw new NullPointerException("sureToscaBasePath cannot be null");
} }
secret = properties.getProperty("secret"); secret = properties.getProperty("cloud.storm.secret");
if (secret == null) { if (secret == null) {
throw new NullPointerException("secret cannot be null"); throw new NullPointerException("secret cannot be null");
} }
......
...@@ -6,4 +6,4 @@ message.broker.queue.planner=planner ...@@ -6,4 +6,4 @@ message.broker.queue.planner=planner
message.broker.queue.deployer=deployer message.broker.queue.deployer=deployer
sure-tosca.base.path=http://localhost:8081/tosca-sure/1.0.0 sure-tosca.base.path=http://localhost:8081/tosca-sure/1.0.0
cloud.storm.db.path=etc/UD cloud.storm.db.path=etc/UD
secret=top_secret cloud.storm.secret=top_secret
\ No newline at end of file \ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment