Пример #1
0
 private boolean savePassword(String password, IPreferencesContainer container) {
   byte[] data = winencrypt(password.getBytes());
   if (data == null) { // this is bad. Something wrong with OS or JNI.
     StorageException e =
         new StorageException(
             StorageException.ENCRYPTION_ERROR, WinCryptoMessages.encryptPasswordFailed);
     AuthPlugin.getDefault().logError(WinCryptoMessages.encryptPasswordFailed, e);
     return false;
   }
   String encodedEncryptyedPassword = Base64.encode(data);
   ISecurePreferences node = container.getPreferences().node(WIN_PROVIDER_NODE);
   try {
     node.put(
         PASSWORD_KEY,
         encodedEncryptyedPassword,
         false); // note we don't recursively try to encrypt
   } catch (StorageException e) { // should never happen in this scenario
     AuthPlugin.getDefault().logError(SecAuthMessages.errorOnSave, e);
     return false;
   }
   try {
     node.flush(); // save right away
   } catch (IOException e) {
     AuthPlugin.getDefault().logError(SecAuthMessages.errorOnSave, e);
     return false;
   }
   return true;
 }
    public synchronized Authorization authorize(URI uri) {
      String host = getHost(uri);
      if (host != null) {
        Authorization cachedAuthorization = authorizations.get(host);
        if (cachedAuthorization == Authorization.UNAUTHORIZEABLE) {
          return cachedAuthorization;
        }

        if (securePreferences != null) {
          try {
            ISecurePreferences node = securePreferences.node(host);
            String user = node.get("user", "");
            String password = node.get("password", "");

            Authorization authorization = new Authorization(user, password);
            if (authorization.isAuthorized()) {
              authorizations.put(host, authorization);
              return authorization;
            }
          } catch (StorageException ex) {
            SetupCorePlugin.INSTANCE.log(ex);
          }
        }

        if (cachedAuthorization != null) {
          return cachedAuthorization;
        }
      }

      return Authorization.UNAUTHORIZED;
    }
  /**
   * An internal method only available for the {@link PlatformCredentialsProvider} to clear all
   * secure preferences nodes. This method is called e.g. when the master password is to be changed
   * or disabled.
   */
  public void clear() {

    /* Clear In-Memory Store */
    fInMemoryStore.clear();

    /* Clear unprotected links cache */
    fUnprotectedLinksCache.clear();

    /* Clear cached info */
    InternalExchangeUtils.passwordProvidersReset();

    /* Remove all Nodes */
    ISecurePreferences secureRoot = getSecurePreferences();

    /* Check if Bundle is Stopped */
    if (secureRoot == null) return;

    String[] childrenNames = secureRoot.childrenNames();
    for (String child : childrenNames) {
      secureRoot.node(child).removeNode();
    }

    /* Flush to Disk */
    try {
      secureRoot.flush();
    } catch (IOException e) {
      Activator.getDefault().logError(e.getMessage(), e);
    }
  }
Пример #4
0
 /**
  * Answer secured preferences which can be used for storing sensitive information of this tab
  *
  * @return default instance of secure preferences for this tab, <code>null</code> if application
  *     was unable to create secure preferences using default location
  */
 private ISecurePreferences getPreferences(String sectionName) {
   ISecurePreferences preferences = SecurePreferencesFactory.getDefault();
   if (preferences == null) {
     return null;
   }
   return preferences.node(IPDEUIConstants.PLUGIN_ID).node(sectionName);
 }
 private String loadSecurePassword(String login) {
   ISecurePreferences node = getPasswordNode(login);
   if (node != null)
     try {
       return node.get("password", null);
     } catch (StorageException e) {
     }
   return null;
 }
 private void saveSecurePassword(String login, String password) {
   ISecurePreferences node = getPasswordNode(login);
   if (node != null) {
     try {
       node.put("password", password, true); // $NON-NLS-1$
     } catch (StorageException ex) {
       /* ignored on purpose */
     }
   }
 }
Пример #7
0
 private byte[] getEncryptedPassword(IPreferencesContainer container) {
   ISecurePreferences node = container.getPreferences().node(WIN_PROVIDER_NODE);
   String passwordHint;
   try {
     passwordHint = node.get(PASSWORD_KEY, null);
   } catch (StorageException e) { // should never happen in this scenario
     AuthPlugin.getDefault().logError(WinCryptoMessages.decryptPasswordFailed, e);
     return null;
   }
   if (passwordHint == null) return null;
   return Base64.decode(passwordHint);
 }
Пример #8
0
 private String getString(ISecurePreferences settings, String key) {
   try {
     return settings.get(key, ""); // $NON-NLS-1$
   } catch (StorageException e) {
     return ""; //$NON-NLS-1$
   }
 }
Пример #9
0
 private boolean getBoolean(ISecurePreferences settings, String key) {
   try {
     return settings.getBoolean(key, false);
   } catch (StorageException e) {
     return false;
   }
 }
  private ISecurePreferences getPasswordNode(String login) {
    if (login == null) return null;

    ISecurePreferences preferences = SecurePreferencesFactory.getDefault();
    if (preferences == null) return null;

    String host = Strings.trimToNull(preferenceHelper.getForgeURI());
    if (host == null) return null;

    StringBuilder bld = new StringBuilder();
    bld.append("/Puppetforge Credentials/"); // $NON-NLS-1$
    bld.append(login);
    bld.append('/');
    Checksums.appendSHA1(bld, host);
    return preferences.node(bld.toString());
  }
    public synchronized Authorization reauthorize(URI uri, Authorization authorization) {
      // Double check that another thread hasn't already prompted and updated the secure store or
      // has not already permanently failed to authorize.
      Authorization currentAuthorization = authorize(uri);
      if (!currentAuthorization.equals(authorization)
          || currentAuthorization == Authorization.UNAUTHORIZEABLE) {
        return currentAuthorization;
      }

      if (uiServices != null) {
        String host = getHost(uri);
        if (host != null) {
          AuthenticationInfo authenticationInfo = uiServices.getUsernamePassword(uri.toString());
          String user = authenticationInfo.getUserName();
          String password = authenticationInfo.getPassword();
          Authorization reauthorization = new Authorization(user, password);
          if (reauthorization.isAuthorized()) {
            if (authenticationInfo.saveResult() && securePreferences != null) {
              try {
                ISecurePreferences node = securePreferences.node(host);
                node.put("user", user, false);
                node.put("password", password, true);
                node.flush();
              } catch (IOException ex) {
                SetupCorePlugin.INSTANCE.log(ex);
              } catch (StorageException ex) {
                SetupCorePlugin.INSTANCE.log(ex);
              }
            }

            authorizations.put(host, reauthorization);
            return reauthorization;
          } else {
            authorizations.put(host, Authorization.UNAUTHORIZEABLE);
            return Authorization.UNAUTHORIZEABLE;
          }
        }
      }

      return currentAuthorization;
    }
Пример #12
0
  protected void saveSettings(IDialogSettings settings) {
    ISecurePreferences preferences = getPreferences(settings.getName());
    if (preferences == null) {
      // only in case it is not possible to create secured storage in
      // default location -> in that case do not persist settings
      return;
    }

    try {
      preferences.putBoolean(S_SIGN_JARS, fButton.getSelection(), true);
      preferences.put(S_KEYSTORE, fKeystoreText.getText().trim(), true);
      preferences.put(S_ALIAS, fAliasText.getText().trim(), true);
      preferences.put(S_PASSWORD, fPasswordText.getText().trim(), true);
      preferences.put(S_KEYPASS, fKeypassText.getText().trim(), true);

      // bug387565 - for keys which are starting with this bugfix to be
      // stored
      // in secured storage, replace value in settings with empty string
      // to avoid keeping sensitive info in plain text
      String[] obsoleted = new String[] {S_KEYSTORE, S_ALIAS, S_PASSWORD, S_KEYPASS};
      for (String key : obsoleted) {
        if (settings.get(key) != null) {
          settings.put(key, ""); // $NON-NLS-1$
        }
      }
    } catch (StorageException e) {
      PDEPlugin.log(
          "Failed to store JarSigning settings in secured preferences store"); //$NON-NLS-1$
    }
  }
 /**
  * Stores the username and matching password for a particular user.
  *
  * @param forUser the user for whom the credentials are stored
  * @param username the username to store
  * @param password the password to store
  */
 public static void storeCredentials(Optional<String> forUser, String username, char[] password) {
   String user = forUser.orElse(System.getProperty(SYSTEM_PROPERTY_USER_NAME));
   try {
     ISecurePreferences prefs =
         SecurePreferences.getSecurePreferences().node(Activator.ID).node(user);
     if (username == null) {
       return;
     } else {
       prefs.put(PREF_USERNAME, username, false);
     }
     if (password == null) {
       prefs.node(username).remove(PREF_PASSWORD);
     } else {
       ByteBuffer buffer = StandardCharsets.UTF_8.newEncoder().encode(CharBuffer.wrap(password));
       byte[] passwordData = Arrays.copyOfRange(buffer.array(), buffer.position(), buffer.limit());
       prefs.node(username).putByteArray(PREF_PASSWORD, passwordData, false);
     }
     SaveRestoreService.LOGGER.log(
         Level.FINE, "Stored new username and password for {0}.", new Object[] {user});
   } catch (StorageException | IOException e) {
     SaveRestoreService.LOGGER.log(Level.WARNING, "Could not store the username and password.", e);
   }
 }
Пример #14
0
  protected void initialize(IDialogSettings settings) {
    ISecurePreferences preferences = getPreferences(settings.getName());
    if (preferences == null) {
      // only in case it is not possible to create secured storage in
      // default location -> in that case default values are used
      return;
    }

    String keystore = ""; // $NON-NLS-1$
    String keypass = ""; // $NON-NLS-1$
    String alias = ""; // $NON-NLS-1$
    String password = ""; // $NON-NLS-1$
    boolean signJars = false;
    if (preferences.keys().length <= 0) {
      // nothing stored in secured preferences, check settings for values
      // from before bug387565 fix
      keystore = getString(settings, S_KEYSTORE);
      keypass = getString(settings, S_KEYPASS);
      alias = getString(settings, S_ALIAS);
      password = getString(settings, S_PASSWORD);
      signJars = getBoolean(settings, S_SIGN_JARS);
    } else {
      // from secured preferences after bug387565 fix
      keystore = getString(preferences, S_KEYSTORE);
      keypass = getString(preferences, S_KEYPASS);
      alias = getString(preferences, S_ALIAS);
      password = getString(preferences, S_PASSWORD);
      signJars = getBoolean(preferences, S_SIGN_JARS);
    }

    fKeystoreText.setText(keystore);
    fKeypassText.setText(keypass);
    fAliasText.setText(alias);
    fPasswordText.setText(password);
    fButton.setSelection(signJars);
    updateGroup(fButton.getSelection());
  }
  public ProxyPreferencesHandler() {
    try {
      ISecurePreferences securePref = SecurePreferencesFactory.getDefault();
      node = securePref.node("proxy");
      staticMethod = node.get("method", "No proxy");
      staticAuthRequired = false;

      staticHost = node.get("host", "");
      staticPort = node.get("port", "");
      staticAuthRequired = node.getBoolean("authRequired", false);
      if (staticAuthRequired) {
        staticUser = node.get("user", "");
        staticPass = node.get("password", "");
      }
    } catch (StorageException e1) {
      e1.printStackTrace();
      staticMethod = "No proxy";
    }
  }
  private ICredentials getAuthorizationInfo(URI link, String realm) throws CredentialsException {
    ISecurePreferences securePreferences = getSecurePreferences();

    /* Check if Bundle is Stopped */
    if (securePreferences == null) return null;

    /* Return from Equinox Security Storage */
    if (securePreferences.nodeExists(SECURE_FEED_NODE)) { // Global Feed Node
      ISecurePreferences allFeedsPreferences = securePreferences.node(SECURE_FEED_NODE);
      if (allFeedsPreferences.nodeExists(
          EncodingUtils.encodeSlashes(link.toString()))) { // Feed Node
        ISecurePreferences feedPreferences =
            allFeedsPreferences.node(EncodingUtils.encodeSlashes(link.toString()));
        if (feedPreferences.nodeExists(
            EncodingUtils.encodeSlashes(realm != null ? realm : REALM))) { // Realm Node
          ISecurePreferences realmPreferences =
              feedPreferences.node(EncodingUtils.encodeSlashes(realm != null ? realm : REALM));

          try {
            String username = realmPreferences.get(USERNAME, null);
            String password = realmPreferences.get(PASSWORD, null);
            String domain = realmPreferences.get(DOMAIN, null);

            if (username != null && password != null)
              return new Credentials(username, password, domain);
          } catch (StorageException e) {
            throw new CredentialsException(
                Activator.getDefault().createErrorStatus(e.getMessage(), e));
          }
        }
      }
    }

    return null;
  }
  private void internalSetAuthCredentials(
      ICredentials credentials, URI link, String realm, boolean persist)
      throws CredentialsException {

    /* Store Credentials in In-Memory Store */
    if (!persist) {
      fInMemoryStore.put(toCacheKey(link, realm), credentials);
    }

    /* Store Credentials in secure Storage */
    else {
      ISecurePreferences securePreferences = getSecurePreferences();

      /* Check if Bundle is Stopped */
      if (securePreferences == null) return;

      /* Store in Equinox Security Storage */
      ISecurePreferences allFeedsPreferences = securePreferences.node(SECURE_FEED_NODE);
      ISecurePreferences feedPreferences =
          allFeedsPreferences.node(EncodingUtils.encodeSlashes(link.toString()));
      ISecurePreferences realmPreference =
          feedPreferences.node(EncodingUtils.encodeSlashes(realm != null ? realm : REALM));

      IPreferenceScope globalScope = Owl.getPreferenceService().getGlobalScope();

      /* OS Password is only supported on Windows and Mac */
      boolean useOSPassword = globalScope.getBoolean(DefaultPreferences.USE_OS_PASSWORD);
      if (!Platform.OS_WIN32.equals(Platform.getOS())
          && !Platform.OS_MACOSX.equals(Platform.getOS())) useOSPassword = false;

      boolean encryptPW =
          useOSPassword || globalScope.getBoolean(DefaultPreferences.USE_MASTER_PASSWORD);
      try {
        if (credentials.getUsername() != null)
          realmPreference.put(USERNAME, credentials.getUsername(), encryptPW);

        if (credentials.getPassword() != null)
          realmPreference.put(PASSWORD, credentials.getPassword(), encryptPW);

        if (credentials.getDomain() != null)
          realmPreference.put(DOMAIN, credentials.getDomain(), encryptPW);

        realmPreference.flush(); // Flush to disk early
      } catch (StorageException e) {
        throw new CredentialsException(Activator.getDefault().createErrorStatus(e.getMessage(), e));
      } catch (IOException e) {
        throw new CredentialsException(Activator.getDefault().createErrorStatus(e.getMessage(), e));
      }
    }

    /* Uncache */
    removeUnprotected(link, realm);
  }
  /*
   * @see
   * org.rssowl.core.connection.ICredentialsProvider#deleteAuthCredentials(java
   * .net.URI, java.lang.String)
   */
  public synchronized void deleteAuthCredentials(URI link, String realm)
      throws CredentialsException {

    /* Delete from In-Memory Store if present */
    fInMemoryStore.remove(toCacheKey(link, realm));

    /* Delete from Cache */
    removeUnprotected(link, realm);

    /* Check if Bundle is Stopped */
    ISecurePreferences securePreferences = getSecurePreferences();
    if (securePreferences == null) return;

    /* Remove from Equinox Security Storage */
    if (securePreferences.nodeExists(SECURE_FEED_NODE)) { // Global Feed Node
      ISecurePreferences allFeedsPreferences = securePreferences.node(SECURE_FEED_NODE);
      if (allFeedsPreferences.nodeExists(
          EncodingUtils.encodeSlashes(link.toString()))) { // Feed Node
        ISecurePreferences feedPreferences =
            allFeedsPreferences.node(EncodingUtils.encodeSlashes(link.toString()));
        if (feedPreferences.nodeExists(
            EncodingUtils.encodeSlashes(realm != null ? realm : REALM))) { // Realm Node
          ISecurePreferences realmPreferences =
              feedPreferences.node(EncodingUtils.encodeSlashes(realm != null ? realm : REALM));
          realmPreferences.clear();
          realmPreferences.removeNode();
          try {
            feedPreferences.flush();
          } catch (IOException e) {
            throw new CredentialsException(
                Activator.getDefault().createErrorStatus(e.getMessage(), e));
          }
        }
      }
    }
  }