summaryrefslogtreecommitdiffstats
path: root/core/utils
diff options
context:
space:
mode:
Diffstat (limited to 'core/utils')
-rw-r--r--core/utils/provider/pom.xml4
-rw-r--r--core/utils/provider/src/main/java/org/onap/ccsdk/sli/core/utils/common/EnvProperties.java6
-rw-r--r--core/utils/provider/src/main/java/org/onap/ccsdk/sli/core/utils/encryption/EncryptionTool.java170
-rw-r--r--core/utils/provider/src/test/java/org/onap/ccsdk/sli/core/utils/encryption/EncryptionToolTest.java66
4 files changed, 243 insertions, 3 deletions
diff --git a/core/utils/provider/pom.xml b/core/utils/provider/pom.xml
index 4233ee574..ac9941aec 100644
--- a/core/utils/provider/pom.xml
+++ b/core/utils/provider/pom.xml
@@ -45,6 +45,10 @@
<version>${junit.version}</version>
<scope>test</scope>
</dependency>
+ <dependency>
+ <groupId>org.apache.commons</groupId>
+ <artifactId>commons-lang3</artifactId>
+ </dependency>
</dependencies>
<build>
diff --git a/core/utils/provider/src/main/java/org/onap/ccsdk/sli/core/utils/common/EnvProperties.java b/core/utils/provider/src/main/java/org/onap/ccsdk/sli/core/utils/common/EnvProperties.java
index 2e9f2673d..0dca28427 100644
--- a/core/utils/provider/src/main/java/org/onap/ccsdk/sli/core/utils/common/EnvProperties.java
+++ b/core/utils/provider/src/main/java/org/onap/ccsdk/sli/core/utils/common/EnvProperties.java
@@ -34,7 +34,7 @@ public class EnvProperties extends Properties {
String propName = (String) propNames.nextElement();
super.setProperty(propName, EnvProperties.resolveValue(getProperty(propName)));
}
-
+
}
public static String resolveValue(String value) {
@@ -45,7 +45,7 @@ public class EnvProperties extends Properties {
Pattern p = Pattern.compile("\\$\\{(\\w+)((?:\\:\\-)([^\\}]*))?\\}");
Matcher m = p.matcher(value);
- StringBuffer sb = new StringBuffer();
+ StringBuilder sb = new StringBuilder();
while (m.find()) {
String envVarName = null == m.group(1) ? m.group(2) : m.group(1);
String envVarDefault = null == m.group(3) ? "" : m.group(3);
@@ -56,6 +56,6 @@ public class EnvProperties extends Properties {
}
m.appendTail(sb);
return sb.toString();
-
+
}
}
diff --git a/core/utils/provider/src/main/java/org/onap/ccsdk/sli/core/utils/encryption/EncryptionTool.java b/core/utils/provider/src/main/java/org/onap/ccsdk/sli/core/utils/encryption/EncryptionTool.java
new file mode 100644
index 000000000..84317c50a
--- /dev/null
+++ b/core/utils/provider/src/main/java/org/onap/ccsdk/sli/core/utils/encryption/EncryptionTool.java
@@ -0,0 +1,170 @@
+/*-
+ * ============LICENSE_START=======================================================
+ * ONAP : APPC
+ * ================================================================================
+ * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Copyright (C) 2017 Amdocs
+ * =============================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.ccsdk.sli.core.utils.encryption;
+
+import java.security.Provider;
+import java.security.Provider.Service;
+import java.security.Security;
+
+import java.util.Base64;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * This class is used to encapsulate the encryption and decryption support in one place and to
+ * provide a utility to encrypt and decrypt data.
+ */
+public class EncryptionTool {
+
+ /**
+ * The prefix we insert onto any data we encrypt so that we can tell if it is encrypted later and
+ * therefore decrypt it
+ */
+ public static final String ENCRYPTED_VALUE_PREFIX = "enc:";
+
+ /**
+ * The instance of the encryption utility object
+ */
+ private static EncryptionTool instance = null;
+
+ /**
+ * The logger for this class.
+ */
+ private static final Logger LOG = LoggerFactory.getLogger(EncryptionTool.class);
+
+ /**
+ * The secret passphrase (PBE) that we use to perform encryption and decryption. The algorithm we
+ * are using is a symmetrical cipher.
+ */
+ private static final char[] secret = {'C', '_', 'z', 'l', '!', 'K', '!', '4', '?', 'O', 'z', 'E', 'K', 'E', '>', 'U', 'R',
+ '/', '%', 'Y', '\\', 'f', 'b', '"', 'e', 'n', '{', '"', 'l', 'U', 'F', '+', 'E', '\'', 'R', 'T', 'p', '1',
+ 'V', '4', 'l', 'a', '9', 'w', 'v', '5', 'Z', '#', 'i', 'V', '"', 'd', 'l', '!', 'L', 'M', 'g', 'L', 'Q',
+ '{', 'v', 'v', 'K', 'V'};
+
+
+
+ /**
+ * Get an instance of the EncryptionTool
+ *
+ * @return The encryption tool to be used
+ */
+ public static synchronized EncryptionTool getInstance() {
+ if (instance == null) {
+ instance = new EncryptionTool();
+ }
+ return instance;
+ }
+
+ /**
+ * Create the EncryptionTool instance
+ */
+ private EncryptionTool() {
+
+ StringBuilder sb = new StringBuilder("Found the following security algorithms:");
+ for (Provider p : Security.getProviders()) {
+ for (Service s : p.getServices()) {
+ String algo = s.getAlgorithm();
+ sb.append(String.format("%n -Algorithm [ %s ] in provider [ %s ] and service [ %s ]", algo, p.getName(),
+ s.getClassName()));
+ }
+ }
+ if (LOG.isDebugEnabled()) {
+ LOG.debug(sb.toString());
+ }
+ }
+
+ /**
+ * Decrypt the provided encrypted text
+ *
+ * @param cipherText THe cipher text to be decrypted. If the ciphertext is not encrypted, then it is
+ * returned as is.
+ * @return the clear test of the (possibly) encrypted value. The original value if the string is not
+ * encrypted.
+ */
+ public synchronized String decrypt(String cipherText) {
+ if (isEncrypted(cipherText)) {
+ String encValue = cipherText.substring(ENCRYPTED_VALUE_PREFIX.length());
+ byte[] plainByte = Base64.getDecoder().decode(encValue.getBytes());
+ byte[] decryptByte = xorWithSecret(plainByte);
+ return new String(decryptByte);
+ } else {
+ return cipherText;
+ }
+
+ }
+
+ /**
+ * Encrypt the provided clear text
+ *
+ * @param clearText The clear text to be encrypted
+ * @return the encrypted text. If the clear text is empty (null or zero length), then an empty
+ * string is returned. If the clear text is already encrypted, it is not encrypted again and
+ * is returned as is. Otherwise, the clear text is encrypted and returned.
+ */
+ public synchronized String encrypt(String clearText) {
+ if (clearText != null) {
+ byte[] encByte = xorWithSecret(clearText.getBytes());
+ String encryptedValue = new String(Base64.getEncoder().encode(encByte));
+ return ENCRYPTED_VALUE_PREFIX + encryptedValue;
+ } else {
+ return null;
+ }
+ }
+
+ /**
+ * Is a value encrypted? A value is considered to be encrypted if it begins with the
+ * {@linkplain #ENCRYPTED_VALUE_PREFIX encrypted value prefix}.
+ *
+ * @param value the value to check.
+ * @return true/false;
+ */
+ private static boolean isEncrypted(final String value) {
+ return value != null && value.startsWith(ENCRYPTED_VALUE_PREFIX);
+ }
+
+ /**
+ * XORs the input byte array with the secret key, padding 0x0 to the end of the secret key if the
+ * input is longer and returns a byte array the same size as input
+ *
+ * @param inp The byte array to be XORed with secret
+ * @return A byte array the same size as inp or null if input is null.
+ */
+ private byte[] xorWithSecret(byte[] inp) {
+ if (inp == null) {
+ return new byte[0];
+ }
+
+ byte[] secretBytes = new String(secret).getBytes();
+ int size = inp.length;
+
+ byte[] out = new byte[size];
+ for (int i = 0; i < size; i++) {
+ out[i] = (byte) ((inp[i]) ^ (secretBytes[i % secretBytes.length]));
+ }
+ return out;
+ }
+
+}
+
diff --git a/core/utils/provider/src/test/java/org/onap/ccsdk/sli/core/utils/encryption/EncryptionToolTest.java b/core/utils/provider/src/test/java/org/onap/ccsdk/sli/core/utils/encryption/EncryptionToolTest.java
new file mode 100644
index 000000000..e3712334e
--- /dev/null
+++ b/core/utils/provider/src/test/java/org/onap/ccsdk/sli/core/utils/encryption/EncryptionToolTest.java
@@ -0,0 +1,66 @@
+package org.onap.ccsdk.sli.core.utils.encryption;/*-
+ * ============LICENSE_START=======================================================
+ * ONAP : APPC
+ * ================================================================================
+ * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Copyright (C) 2017 Amdocs
+ * =============================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END=========================================================
+ */
+
+import org.junit.Test;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotEquals;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertTrue;
+
+public class EncryptionToolTest {
+
+ private static final String PLAIN_TEXT = "text to encrypt";
+ private static final String EMPTY_STR = "";
+
+ private final EncryptionTool encryptionTool = EncryptionTool.getInstance();
+
+ @Test
+ public void should_return_prefix_given_empty_string() {
+ assertEquals("enc:", encryptionTool.encrypt(EMPTY_STR));
+ }
+
+ @Test
+ public void should_return_null_given_null() {
+ assertNull(encryptionTool.encrypt(null));
+ }
+
+ @Test
+ public void should_encrypt_given_string() {
+ String encrypted = encryptionTool.encrypt(PLAIN_TEXT);
+ assertNotEquals(encrypted, PLAIN_TEXT);
+ assertTrue(encrypted.startsWith(EncryptionTool.ENCRYPTED_VALUE_PREFIX));
+ }
+
+ @Test
+ public void should_not_decrypt_string_when_not_starting_with_prefix() {
+ assertNull(encryptionTool.decrypt(null));
+ assertEquals("mdi/12!dsao91", encryptionTool.decrypt("mdi/12!dsao91"));
+ }
+
+ @Test
+ public void should_decrypt_given_encrypted_string() {
+ String encrypted = encryptionTool.encrypt(PLAIN_TEXT);
+ assertEquals(PLAIN_TEXT, encryptionTool.decrypt(encrypted));
+ }
+}