Commit e902d50b authored by Spiros Koulouzis's avatar Spiros Koulouzis

added encryption

parent a9a921fd
......@@ -6,12 +6,22 @@
package nl.uva.sne.drip.service;
import com.fasterxml.jackson.core.JsonProcessingException;
import java.io.UnsupportedEncodingException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.crypto.BadPaddingException;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import nl.uva.sne.drip.commons.utils.Converter;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import nl.uva.sne.drip.dao.CredentialDAO;
import nl.uva.sne.drip.model.tosca.Credential;
import org.springframework.beans.factory.annotation.Value;
/**
*
......@@ -20,17 +30,21 @@ import nl.uva.sne.drip.model.tosca.Credential;
@Service
public class CredentialService {
@Value("${credential.secret}")
private String credentialSecret;
@Autowired
private CredentialDAO dao;
public String save(Credential document) {
dao.save(document);
public String save(Credential document) throws UnsupportedEncodingException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
dao.save(encryptCredential(document));
return document.getId();
}
public Credential findByID(String id) throws JsonProcessingException {
Credential credentials = dao.findById(id).get();
return credentials;
public Credential findByID(String id) {
Credential credential = dao.findById(id).get();
return credential;
}
public void deleteByID(String id) {
......@@ -54,4 +68,21 @@ public class CredentialService {
return dao.findBycloudProviderName(provider);
}
private Credential encryptCredential(Credential credential) throws UnsupportedEncodingException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
Map<String, String> credKeys = credential.getKeys();
Set<String> keySet = credKeys.keySet();
for (String key : keySet) {
String credKey = credKeys.get(key);
if (credKey != null) {
credKeys.put(key, Converter.encryptString(credKey, credentialSecret));
}
}
String token = credential.getToken();
if (token != null) {
credential.setToken(Converter.encryptString(token, credentialSecret));
}
return credential;
}
}
......@@ -19,3 +19,5 @@ db.username=drip-user
db.password=drip-pass
sure-tosca.base.path=http://localhost:8081/tosca-sure/1.0.0
credential.secret=top_secret
\ No newline at end of file
......@@ -28,6 +28,8 @@ import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.util.HashMap;
import java.util.List;
......@@ -37,6 +39,9 @@ import java.util.Set;
import java.util.concurrent.TimeoutException;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.crypto.BadPaddingException;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import nl.uva.sne.drip.Swagger2SpringBoot;
import nl.uva.sne.drip.api.NotFoundException;
import nl.uva.sne.drip.commons.utils.Constants;
......@@ -301,7 +306,7 @@ public class ServiceTests {
* Test of save method, of class CredentialService.
*/
@Test
public void testCredentialServiceSave() {
public void testCredentialServiceSave() throws UnsupportedEncodingException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
Logger.getLogger(ServiceTests.class.getName()).log(Level.INFO, "save");
saveCredential();
}
......@@ -332,7 +337,7 @@ public class ServiceTests {
assertEquals(keystorFileChecksum, keystorFileCopyChecksum);
}
public String saveCredential() {
public String saveCredential() throws UnsupportedEncodingException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
Logger.getLogger(ServiceTests.class.getName()).log(Level.INFO, "saveCredential");
Credential document = new Credential();
document.setCloudProviderName("exogeni");
......@@ -364,7 +369,7 @@ public class ServiceTests {
* @throws com.fasterxml.jackson.core.JsonProcessingException
*/
@Test
public void testCredentialServiceDeleteByID() throws JsonProcessingException {
public void testCredentialServiceDeleteByID() throws JsonProcessingException, UnsupportedEncodingException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
Logger.getLogger(ServiceTests.class.getName()).log(Level.INFO, "deleteByID");
String id = saveCredential();
credentialService.deleteByID(id);
......@@ -382,7 +387,7 @@ public class ServiceTests {
* Test of getAllIds method, of class CredentialService.
*/
@Test
public void testCredentialServiceGetAllIds() {
public void testCredentialServiceGetAllIds() throws UnsupportedEncodingException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
Logger.getLogger(ServiceTests.class.getName()).log(Level.INFO, "getAllIds");
testCredentialServiceDeleteAll();
int numOfINst = 3;
......@@ -404,7 +409,7 @@ public class ServiceTests {
}
@Test
public void testSetProvisionerOperation() throws FileNotFoundException, IOException, MissingCredentialsException, ApiException, TypeExeption, JsonProcessingException, TimeoutException, InterruptedException, NotFoundException, MissingVMTopologyException {
public void testSetProvisionerOperation() throws FileNotFoundException, IOException, MissingCredentialsException, ApiException, TypeExeption, JsonProcessingException, TimeoutException, InterruptedException, NotFoundException, MissingVMTopologyException, UnsupportedEncodingException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
if (ToscaHelper.isServiceUp(sureToscaBasePath) && ToscaHelper.isServiceUp("http://" + messageBrokerHost + ":15672")) {
addRandomCredential("ExoGENI");
......@@ -447,7 +452,7 @@ public class ServiceTests {
}
}
private void addRandomCredential(String providerName) {
private void addRandomCredential(String providerName) throws UnsupportedEncodingException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
Credential document = new Credential();
document.setCloudProviderName(providerName);
Map<String, String> keys = new HashMap<>();
......
......@@ -8,7 +8,7 @@ CMD jar -xf provisioner-3.0.0-jar-with-dependencies.jar application.properties &
sed -ie "s#^message.broker.host=.*#message.broker.host=$RABBITMQ_HOST#" application.properties && \
sed -ie "s#^sure-tosca.base.path=.*#sure-tosca.base.path=$SURE_TOSCA_BASE_PATH#" application.properties && \
ENCRYPTION_PASSWORD=`date +%s | sha256sum | base64 | head -c 32 ; echo` && \
sed -ie "s#^secret=.*#secret=$ENCRYPTION_PASSWORD#" application.properties && \
echo "cloud.storm.secret=$ENCRYPTION_PASSWORD" >> application.properties && \
echo "cloud.storm.db.path=/etc/UD" >> application.properties && \
cat application.properties && \
jar -uf provisioner-3.0.0-jar-with-dependencies.jar application.properties && \
......
......@@ -113,7 +113,7 @@ class CloudStormService {
if (sureToscaBasePath == null) {
throw new NullPointerException("sureToscaBasePath cannot be null");
}
secret = properties.getProperty("secret");
secret = properties.getProperty("cloud.storm.secret");
if (secret == null) {
throw new NullPointerException("secret cannot be null");
}
......
......@@ -6,4 +6,4 @@ message.broker.queue.planner=planner
message.broker.queue.deployer=deployer
sure-tosca.base.path=http://localhost:8081/tosca-sure/1.0.0
cloud.storm.db.path=etc/UD
secret=top_secret
\ No newline at end of file
cloud.storm.secret=top_secret
\ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment