1008N/A/**
1008N/A * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
1008N/A *
1008N/A * Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
1008N/A *
1008N/A * The contents of this file are subject to the terms
1008N/A * of the Common Development and Distribution License
1008N/A * (the License). You may not use this file except in
6983N/A * compliance with the License.
6983N/A *
1008N/A * You can obtain a copy of the License at
1008N/A * https://opensso.dev.java.net/public/CDDLv1.0.html or
1008N/A * opensso/legal/CDDLv1.0.txt
1008N/A * See the License for the specific language governing
6983N/A * permission and limitations under the License.
6983N/A *
6983N/A * When distributing Covered Code, include this CDDL
6983N/A * Header Notice in each file and include the License file
1008N/A * at opensso/legal/CDDLv1.0.txt.
1008N/A * If applicable, add the following below the CDDL Header,
1008N/A * with the fields enclosed by brackets [] replaced by
1008N/A * your own identifying information:
1008N/A * "Portions Copyrighted [year] [name of copyright owner]"
3215N/A *
1008N/A * $Id: EncryptTask.java,v 1.3 2008/06/25 05:51:52 qcheng Exp $
1008N/A *
1008N/A */
1008N/A
1008N/Apackage com.sun.identity.agents.install.configurator;
1008N/A
1008N/Aimport java.io.BufferedReader;
1008N/Aimport java.io.FileInputStream;
1008N/Aimport java.io.IOException;
1008N/Aimport java.io.InputStreamReader;
1008N/Aimport java.util.Map;
1008N/Aimport java.lang.reflect.Method;
1008N/A
1008N/Aimport com.iplanet.services.util.Crypt;
1008N/Aimport com.sun.identity.install.tools.configurator.ITask;
1008N/Aimport com.sun.identity.install.tools.configurator.InstallConstants;
1008N/Aimport com.sun.identity.install.tools.configurator.InstallException;
1008N/Aimport com.sun.identity.install.tools.configurator.IStateAccess;
1470N/Aimport com.sun.identity.install.tools.util.Debug;
1008N/Aimport com.sun.identity.install.tools.util.EncryptionKeyGenerator;
1008N/Aimport com.sun.identity.install.tools.util.LocalizedMessage;
1008N/A
1008N/A
1008N/A/**
1008N/A * This class performs password encryption
1008N/A */
1008N/Apublic class EncryptTask implements ITask, InstallConstants {
1008N/A
1140N/A public boolean execute(String name, IStateAccess stateAccess,
1140N/A Map properties) throws InstallException
1140N/A {
1008N/A Debug.log("EncryptTask.execute() - Setting up System encrypt " +
1008N/A "properties.");
1008N/A
1008N/A // Set the debug directory !!
1008N/A String debugLogsDirPath = (String) stateAccess.get(
1008N/A STR_DEBUG_DIR_PREFIX_TAG);
1008N/A System.setProperty(STR_DEBUG_DIR_PROPERTY, debugLogsDirPath);
1008N/A
1140N/A String debugLevel = (String) stateAccess.get(STR_DEBUG_LEVEL_TAG);
1140N/A System.setProperty(STR_DEBUG_LEVEL_PROPERTY, debugLevel);
1008N/A
1565N/A // Set the encryption key
1008N/A String encryptionKeyLookUpKey = (String) properties.get(
1140N/A STR_ENCRYPTION_KEY_LOOKUP_KEY);
1565N/A Debug.log("EncryptTask.execute() - Obtained encryption lookup key = " +
1008N/A encryptionKeyLookUpKey);
1008N/A String encryptionKey = (String) stateAccess.get(encryptionKeyLookUpKey);
1008N/A if (encryptionKey == null) {
1008N/A encryptionKey = EncryptionKeyGenerator.generateRandomString();
1008N/A stateAccess.put("AGENT_ENCRYPT_KEY", encryptionKey);
1008N/A }
1008N/A Debug.log("EncryptTask.execute() - Obtained encryption key = " +
1008N/A encryptionKey);
1008N/A System.setProperty(STR_ENCRYPTION_KEY_PROP_KEY, encryptionKey);
1140N/A
1140N/A // Set the Encryption modules
1140N/A System.setProperty(STR_SECURITY_ENCRYPTOR_PROP_KEY,
1008N/A STR_SECURITY_ENCRYPTOR_PROP_VALUE);
1008N/A
1008N/A // Set the encrypted value key
1008N/A String encryptedDataKey = (String) properties.get(
1140N/A STR_ENCRYPTED_DATA_LOOKUP_KEY);
1140N/A
1140N/A String dataFileKey = (String) properties.get(STR_DATA_FILE_LOOKUP_KEY);
1008N/A String dataFileName = (String) stateAccess.get(dataFileKey);
1008N/A
1008N/A Debug.log("EncryptTask.execute() - Encrypting data stored in file '" +
1008N/A dataFileName + "'");
1008N/A String data = readDataFromFile(dataFileName);
1140N/A String encryptedData = getEncryptedAppPassword(data);
1140N/A stateAccess.put(encryptedDataKey, encryptedData);
1008N/A
1565N/A // This task does not have anything that could set the return value to
1008N/A // false. The task will only fail with fatal exceptions if they occur
1565N/A // & halt the system.
1565N/A return true;
1008N/A }
1008N/A
1008N/A private String getEncryptedAppPassword(String data) throws InstallException {
1008N/A String applicationPassword = null;
1008N/A Method method = null;
1008N/A
1008N/A try {
1008N/A method = Crypt.class.getMethod(STR_ENCRYPT_LOCAL_FUNCTION,
1008N/A new Class[]{String.class});
1008N/A } catch (Exception ex) {
1008N/A if (method == null) {
1008N/A Debug.log("EncryptTask.getEncryptedAppPassword() - failed to get " +
1008N/A "method from SDK with exception : ",ex);
1008N/A Debug.log("EncryptionHandler.getEncryptedAppPassword() - making " +
1008N/A "second attempt to load method");
1008N/A try {
1008N/A method = Crypt.class.getMethod(STR_ENCRYPT_FUNCTION,
1008N/A new Class[]{String.class});
1008N/A } catch (Exception e) {
1008N/A Debug.log("EncryptionHandler.getEncryptedAppPassword() - "
1008N/A + "failed to load method with exception : ", e);
1008N/A }
1008N/A if (method == null) {
1008N/A throw new InstallException(
1008N/A LocalizedMessage.get(LOC_TSK_ERR_ENCRYPT_PASSWORD_INVOKE_METHOD));
1008N/A }
1008N/A }
1008N/A }
1008N/A
1008N/A try {
1008N/A if (method != null) {
1008N/A applicationPassword =
1008N/A (String)method.invoke(Crypt.class,new Object[]{data});
1008N/A }
1008N/A } catch (Exception ex) {
1008N/A Debug.log("EncryptionHandler.getEncryptedAppPassword() - "
1008N/A + "failed to invoke method with exception :", ex);
1008N/A }
1008N/A
1254N/A if (applicationPassword == null ||
1254N/A applicationPassword.trim().length() == 0) {
1566N/A throw new InstallException(
1566N/A LocalizedMessage.get(LOC_TSK_ERR_INVALID_APP_SSO_PASSWORD));
1566N/A }
1566N/A
1566N/A return applicationPassword;
1566N/A
1566N/A }
1566N/A
1566N/A
1566N/A private String readDataFromFile(String fileName)
1566N/A throws InstallException
1566N/A {
1566N/A Debug.log("EncryptTask.readDataFromFile() - Reading data stored in" +
1254N/A " file '" + fileName + "'");
1254N/A String firstLine = null;
1254N/A BufferedReader br = null;
1254N/A try {
1254N/A FileInputStream fis = new FileInputStream(fileName);
1254N/A InputStreamReader fir = new InputStreamReader(fis);
1254N/A br = new BufferedReader(fir);
1254N/A firstLine = br.readLine();
1008N/A } catch (Exception e) {
1008N/A Debug.log("EncryptTask.readPasswordFromFile() - Error reading " +
1008N/A "file - " + fileName, e);
1008N/A throw new InstallException(LocalizedMessage.get(
1008N/A LOC_TK_ERR_PASSWD_FILE_READ), e);
1008N/A } finally {
1008N/A if (br != null) {
1008N/A try {
1008N/A br.close();
1008N/A } catch (IOException i) {
1470N/A // Ignore
1470N/A }
1470N/A }
1470N/A }
1470N/A return firstLine;
1470N/A }
1470N/A
1470N/A public LocalizedMessage getExecutionMessage(IStateAccess stateAccess,
1470N/A Map properties)
1470N/A {
1008N/A String dataFileKey = (String) properties.get(STR_DATA_FILE_LOOKUP_KEY);
1008N/A String dataFileName = (String) stateAccess.get(dataFileKey);
1008N/A Object[] args = { dataFileName };
1008N/A LocalizedMessage message = LocalizedMessage.get(
LOC_TSK_MSG_ENCRYPT_DATA_EXECUTE , args);
return message;
}
public LocalizedMessage getRollBackMessage(IStateAccess stateAccess,
Map properties)
{
String dataFileKey = (String) properties.get(STR_DATA_FILE_LOOKUP_KEY);
String dataFileName = (String) stateAccess.get(dataFileKey);
Object[] args = { dataFileName };
LocalizedMessage message = LocalizedMessage.get(
LOC_TSK_MSG_ENCRYPT_DATA_ROLLBACK , args);
return message;
}
public boolean rollBack(String name, IStateAccess stateAccess,
Map properties) throws InstallException
{
// Remove the encrypted data.
String encryptedDataKey = (String) properties.get(
STR_ENCRYPTED_DATA_LOOKUP_KEY);
stateAccess.remove(encryptedDataKey);
return true;
}
// Lookup keys
public static final String STR_DATA_FILE_LOOKUP_KEY =
"DATA_FILE_LOOKUP_KEY";
public static final String STR_ENCRYPTED_DATA_LOOKUP_KEY =
"ENCRYPTED_VALUE_KEY_LOOKUP_KEY";
public static final String STR_ENCRYPTION_KEY_LOOKUP_KEY =
"ENCRYPTION_KEY_LOOKUP_KEY";
// Localiziation keys
public static final String LOC_TK_ERR_PASSWD_FILE_READ =
"TSK_ERR_PASSWD_FILE_READ";
public static final String LOC_TSK_MSG_ENCRYPT_DATA_EXECUTE =
"TSK_MSG_ENCRYPT_DATA_EXECUTE";
public static final String LOC_TSK_MSG_ENCRYPT_DATA_ROLLBACK =
"TSK_MSG_ENCRYPT_DATA_ROLLBACK";
public static final String LOC_TSK_ERR_ENCRYPT_PASSWORD_INVOKE_METHOD =
"TSK_ERR_ENCRYPT_PASSWORD_INVOKE_METHOD";
public static final String LOC_TSK_ERR_INVALID_APP_SSO_PASSWORD =
"TSK_ERR_INVALID_APP_SSO_PASSWORD";
public static final String STR_ENCRYPTION_KEY_PROP_KEY =
"am.encryption.pwd";
public static final String STR_SECURITY_ENCRYPTOR_PROP_KEY =
"com.iplanet.security.encryptor";
public static final String STR_SECURITY_ENCRYPTOR_PROP_VALUE =
"com.iplanet.services.util.JCEEncryption";
public static final String STR_ENCRYPT_LOCAL_FUNCTION = "encryptLocal";
public static final String STR_ENCRYPT_FUNCTION = "encrypt";
public static final String STR_DEBUG_DIR_PROPERTY =
"com.iplanet.services.debug.directory";
public static final String STR_DEBUG_LEVEL_PROPERTY =
"com.iplanet.services.debug.level";
public static final String STR_DEBUG_LEVEL_TAG = "DEBUG_LEVEL";
}