/** Initializing the encryption key store which uses to encypt the given plain text */
public void initEncrypt() {
if (encryptionProvider != null) return;
Properties properties = SecureVaultUtil.loadProperties();
String keyStoreFile = null;
String keyType = null;
String aliasName = null;
String password = null;
String provider = null;
Cipher cipher = null;
keyStoreFile = properties.getProperty("keystore.identity.location");
File keyStore = new File(keyStoreFile);
if (!keyStore.exists()) {
handleException("Primary Key Store Can not be found at Default location");
}
keyType = properties.getProperty("keystore.identity.type");
aliasName = properties.getProperty("keystore.identity.alias");
;
// Create a KeyStore Information for private key entry KeyStore
IdentityKeyStoreInformation identityInformation =
KeyStoreInformationFactory.createIdentityKeyStoreInformation(properties);
password = identityInformation.getKeyPasswordProvider().getResolvedSecret();
try {
KeyStore primaryKeyStore = getKeyStore(keyStoreFile, password, keyType, provider);
java.security.cert.Certificate certs = primaryKeyStore.getCertificate(aliasName);
cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.ENCRYPT_MODE, certs);
} catch (InvalidKeyException e) {
handleException("Error initializing Cipher ", e);
} catch (NoSuchAlgorithmException e) {
handleException("Error initializing Cipher ", e);
} catch (KeyStoreException e) {
handleException("Error initializing Cipher ", e);
} catch (NoSuchPaddingException e) {
handleException("Error initializing Cipher ", e);
}
encryptionProvider = cipher;
}
private boolean init() {
Properties properties = SecureVaultUtil.loadProperties(); // loadProperties();
if (properties == null) {
log.error("KeyStore configuration properties cannot be found");
return false;
}
String configurationFile =
MiscellaneousUtil.getProperty(
properties,
SecureVaultConstants.PROP_SECRET_MANAGER_CONF,
SecureVaultConstants.PROP_DEFAULT_CONF_LOCATION);
Properties configurationProperties = MiscellaneousUtil.loadProperties(configurationFile);
if (configurationProperties == null || configurationProperties.isEmpty()) {
if (log.isDebugEnabled()) {
log.debug(
"Configuration properties can not be loaded form : "
+ configurationFile
+ " Will use synapse properties");
}
configurationProperties = properties;
}
globalSecretProvider =
MiscellaneousUtil.getProperty(
configurationProperties, SecureVaultConstants.PROP_SECRET_PROVIDER, null);
if (globalSecretProvider == null || "".equals(globalSecretProvider)) {
if (log.isDebugEnabled()) {
log.debug("No global secret provider is configured.");
}
}
String repositoriesString =
MiscellaneousUtil.getProperty(
configurationProperties, SecureVaultConstants.PROP_SECRET_REPOSITORIES, null);
if (repositoriesString == null || "".equals(repositoriesString)) {
log.error("No secret repositories have been configured");
return false;
}
String[] repositories = repositoriesString.split(",");
if (repositories == null || repositories.length == 0) {
log.error("No secret repositories have been configured");
return false;
}
// Create a KeyStore Information for private key entry KeyStore
IdentityKeyStoreInformation identityInformation =
KeyStoreInformationFactory.createIdentityKeyStoreInformation(properties);
// Create a KeyStore Information for trusted certificate KeyStore
TrustKeyStoreInformation trustInformation =
KeyStoreInformationFactory.createTrustKeyStoreInformation(properties);
String identityKeyPass = null;
String identityStorePass = null;
String trustStorePass = null;
if (identityInformation != null) {
identityKeyPass = identityInformation.getKeyPasswordProvider().getResolvedSecret();
identityStorePass = identityInformation.getKeyStorePasswordProvider().getResolvedSecret();
}
if (trustInformation != null) {
trustStorePass = trustInformation.getKeyStorePasswordProvider().getResolvedSecret();
}
if (!validatePasswords(identityStorePass, identityKeyPass, trustStorePass)) {
log.error(
"Either Identity or Trust keystore password is mandatory"
+ " in order to initialized secret manager.");
return false;
}
identityKeyStoreWrapper = new IdentityKeyStoreWrapper();
identityKeyStoreWrapper.init(identityInformation, identityKeyPass);
trustKeyStoreWrapper = new TrustKeyStoreWrapper();
if (trustInformation != null) {
trustKeyStoreWrapper.init(trustInformation);
}
SecretRepository currentParent = null;
for (String secretRepo : repositories) {
StringBuffer sb = new StringBuffer();
sb.append(SecureVaultConstants.PROP_SECRET_REPOSITORIES);
sb.append(SecureVaultConstants.DOT);
sb.append(secretRepo);
String id = sb.toString();
sb.append(SecureVaultConstants.DOT);
sb.append(SecureVaultConstants.PROP_PROVIDER);
String provider = MiscellaneousUtil.getProperty(configurationProperties, sb.toString(), null);
if (provider == null || "".equals(provider)) {
handleException("Repository provider cannot be null ");
}
if (log.isDebugEnabled()) {
log.debug("Initiating a File Based Secret Repository");
}
}
return true;
}