/**
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
*
* The contents of this file are subject to the terms
* of the Common Development and Distribution License
* (the License). You may not use this file except in
* compliance with the License.
*
* You can obtain a copy of the License at
* https://opensso.dev.java.net/public/CDDLv1.0.html or
* opensso/legal/CDDLv1.0.txt
* See the License for the specific language governing
* permission and limitations under the License.
*
* When distributing Covered Code, include this CDDL
* Header Notice in each file and include the License file
* at opensso/legal/CDDLv1.0.txt.
* If applicable, add the following below the CDDL Header,
* with the fields enclosed by brackets [] replaced by
* your own identifying information:
* "Portions Copyrighted [year] [name of copyright owner]"
*
* $Id: EncryptTask.java,v 1.3 2008/06/25 05:51:52 qcheng Exp $
*
*/
package com.sun.identity.agents.install.configurator;
import java.io.BufferedReader;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.util.Map;
import java.lang.reflect.Method;
import com.iplanet.services.util.Crypt;
import com.sun.identity.install.tools.configurator.ITask;
import com.sun.identity.install.tools.configurator.InstallConstants;
import com.sun.identity.install.tools.configurator.InstallException;
import com.sun.identity.install.tools.configurator.IStateAccess;
import com.sun.identity.install.tools.util.Debug;
import com.sun.identity.install.tools.util.EncryptionKeyGenerator;
import com.sun.identity.install.tools.util.LocalizedMessage;
/**
* This class performs password encryption
*/
public class EncryptTask implements ITask, InstallConstants {
public boolean execute(String name, IStateAccess stateAccess,
Map properties) throws InstallException
{
Debug.log("EncryptTask.execute() - Setting up System encrypt " +
"properties.");
// Set the debug directory !!
String debugLogsDirPath = (String) stateAccess.get(
STR_DEBUG_DIR_PREFIX_TAG);
System.setProperty(STR_DEBUG_DIR_PROPERTY, debugLogsDirPath);
String debugLevel = (String) stateAccess.get(STR_DEBUG_LEVEL_TAG);
System.setProperty(STR_DEBUG_LEVEL_PROPERTY, debugLevel);
// Set the encryption key
String encryptionKeyLookUpKey = (String) properties.get(
STR_ENCRYPTION_KEY_LOOKUP_KEY);
Debug.log("EncryptTask.execute() - Obtained encryption lookup key = " +
encryptionKeyLookUpKey);
String encryptionKey = (String) stateAccess.get(encryptionKeyLookUpKey);
if (encryptionKey == null) {
encryptionKey = EncryptionKeyGenerator.generateRandomString();
stateAccess.put("AGENT_ENCRYPT_KEY", encryptionKey);
}
Debug.log("EncryptTask.execute() - Obtained encryption key = " +
encryptionKey);
System.setProperty(STR_ENCRYPTION_KEY_PROP_KEY, encryptionKey);
// Set the Encryption modules
System.setProperty(STR_SECURITY_ENCRYPTOR_PROP_KEY,
STR_SECURITY_ENCRYPTOR_PROP_VALUE);
// Set the encrypted value key
String encryptedDataKey = (String) properties.get(
STR_ENCRYPTED_DATA_LOOKUP_KEY);
String dataFileKey = (String) properties.get(STR_DATA_FILE_LOOKUP_KEY);
String dataFileName = (String) stateAccess.get(dataFileKey);
Debug.log("EncryptTask.execute() - Encrypting data stored in file '" +
dataFileName + "'");
String data = readDataFromFile(dataFileName);
String encryptedData = getEncryptedAppPassword(data);
stateAccess.put(encryptedDataKey, encryptedData);
// This task does not have anything that could set the return value to
// false. The task will only fail with fatal exceptions if they occur
// & halt the system.
return true;
}
private String getEncryptedAppPassword(String data) throws InstallException {
String applicationPassword = null;
Method method = null;
try {
method = Crypt.class.getMethod(STR_ENCRYPT_LOCAL_FUNCTION,
new Class[]{String.class});
} catch (Exception ex) {
if (method == null) {
Debug.log("EncryptTask.getEncryptedAppPassword() - failed to get " +
"method from SDK with exception : ",ex);
Debug.log("EncryptionHandler.getEncryptedAppPassword() - making " +
"second attempt to load method");
try {
method = Crypt.class.getMethod(STR_ENCRYPT_FUNCTION,
new Class[]{String.class});
} catch (Exception e) {
Debug.log("EncryptionHandler.getEncryptedAppPassword() - "
+ "failed to load method with exception : ", e);
}
if (method == null) {
throw new InstallException(
LocalizedMessage.get(LOC_TSK_ERR_ENCRYPT_PASSWORD_INVOKE_METHOD));
}
}
}
try {
if (method != null) {
applicationPassword =
(String)method.invoke(Crypt.class,new Object[]{data});
}
} catch (Exception ex) {
Debug.log("EncryptionHandler.getEncryptedAppPassword() - "
+ "failed to invoke method with exception :", ex);
}
if (applicationPassword == null ||
applicationPassword.trim().length() == 0) {
throw new InstallException(
LocalizedMessage.get(LOC_TSK_ERR_INVALID_APP_SSO_PASSWORD));
}
return applicationPassword;
}
private String readDataFromFile(String fileName)
throws InstallException
{
Debug.log("EncryptTask.readDataFromFile() - Reading data stored in" +
" file '" + fileName + "'");
String firstLine = null;
BufferedReader br = null;
try {
FileInputStream fis = new FileInputStream(fileName);
InputStreamReader fir = new InputStreamReader(fis);
br = new BufferedReader(fir);
firstLine = br.readLine();
} catch (Exception e) {
Debug.log("EncryptTask.readPasswordFromFile() - Error reading " +
"file - " + fileName, e);
throw new InstallException(LocalizedMessage.get(
LOC_TK_ERR_PASSWD_FILE_READ), e);
} finally {
if (br != null) {
try {
br.close();
} catch (IOException i) {
// Ignore
}
}
}
return firstLine;
}
public LocalizedMessage getExecutionMessage(IStateAccess stateAccess,
Map properties)
{
String dataFileKey = (String) properties.get(STR_DATA_FILE_LOOKUP_KEY);
String dataFileName = (String) stateAccess.get(dataFileKey);
Object[] args = { dataFileName };
LocalizedMessage message = LocalizedMessage.get(
LOC_TSK_MSG_ENCRYPT_DATA_EXECUTE , args);
return message;
}
public LocalizedMessage getRollBackMessage(IStateAccess stateAccess,
Map properties)
{
String dataFileKey = (String) properties.get(STR_DATA_FILE_LOOKUP_KEY);
String dataFileName = (String) stateAccess.get(dataFileKey);
Object[] args = { dataFileName };
LocalizedMessage message = LocalizedMessage.get(
LOC_TSK_MSG_ENCRYPT_DATA_ROLLBACK , args);
return message;
}
public boolean rollBack(String name, IStateAccess stateAccess,
Map properties) throws InstallException
{
// Remove the encrypted data.
String encryptedDataKey = (String) properties.get(
STR_ENCRYPTED_DATA_LOOKUP_KEY);
stateAccess.remove(encryptedDataKey);
return true;
}
// Lookup keys
public static final String STR_DATA_FILE_LOOKUP_KEY =
"DATA_FILE_LOOKUP_KEY";
public static final String STR_ENCRYPTED_DATA_LOOKUP_KEY =
"ENCRYPTED_VALUE_KEY_LOOKUP_KEY";
public static final String STR_ENCRYPTION_KEY_LOOKUP_KEY =
"ENCRYPTION_KEY_LOOKUP_KEY";
// Localiziation keys
public static final String LOC_TK_ERR_PASSWD_FILE_READ =
"TSK_ERR_PASSWD_FILE_READ";
public static final String LOC_TSK_MSG_ENCRYPT_DATA_EXECUTE =
"TSK_MSG_ENCRYPT_DATA_EXECUTE";
public static final String LOC_TSK_MSG_ENCRYPT_DATA_ROLLBACK =
"TSK_MSG_ENCRYPT_DATA_ROLLBACK";
public static final String LOC_TSK_ERR_ENCRYPT_PASSWORD_INVOKE_METHOD =
"TSK_ERR_ENCRYPT_PASSWORD_INVOKE_METHOD";
public static final String LOC_TSK_ERR_INVALID_APP_SSO_PASSWORD =
"TSK_ERR_INVALID_APP_SSO_PASSWORD";
public static final String STR_ENCRYPTION_KEY_PROP_KEY =
"am.encryption.pwd";
public static final String STR_SECURITY_ENCRYPTOR_PROP_KEY =
"com.iplanet.security.encryptor";
public static final String STR_SECURITY_ENCRYPTOR_PROP_VALUE =
"com.iplanet.services.util.JCEEncryption";
public static final String STR_ENCRYPT_LOCAL_FUNCTION = "encryptLocal";
public static final String STR_ENCRYPT_FUNCTION = "encrypt";
public static final String STR_DEBUG_DIR_PROPERTY =
"com.iplanet.services.debug.directory";
public static final String STR_DEBUG_LEVEL_PROPERTY =
"com.iplanet.services.debug.level";
public static final String STR_DEBUG_LEVEL_TAG = "DEBUG_LEVEL";
}