From c755bec0c80cafcc9f68f4a86d4603fdb54567a1 Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Thu, 9 Oct 2014 18:07:44 +0200 Subject: Cleanup of AsymKeyHolder, Globals and Identity classes --- .../org/openslx/satellitedaemon/AsymKeyHolder.java | 216 +++++---------------- .../java/org/openslx/satellitedaemon/Globals.java | 32 ++- .../java/org/openslx/satellitedaemon/Identity.java | 58 +++--- .../org/openslx/satellitedaemon/util/Util.java | 17 +- 4 files changed, 116 insertions(+), 207 deletions(-) diff --git a/src/main/java/org/openslx/satellitedaemon/AsymKeyHolder.java b/src/main/java/org/openslx/satellitedaemon/AsymKeyHolder.java index d69ce76..d6ee625 100644 --- a/src/main/java/org/openslx/satellitedaemon/AsymKeyHolder.java +++ b/src/main/java/org/openslx/satellitedaemon/AsymKeyHolder.java @@ -1,9 +1,5 @@ package org.openslx.satellitedaemon; -import java.io.BufferedReader; -import java.io.FileNotFoundException; -import java.io.FileReader; -import java.io.IOException; import java.math.BigInteger; import java.security.KeyFactory; import java.security.KeyPair; @@ -22,195 +18,89 @@ import org.apache.log4j.Logger; public class AsymKeyHolder { private static final Logger LOG = Logger.getLogger( AsymKeyHolder.class ); - - private static PrivateKey privKey = null; - private static PublicKey pubKey = null; - public AsymKeyHolder(BigInteger privExp, BigInteger pubExp, BigInteger mod) - throws InvalidKeySpecException, NoSuchAlgorithmException { + private static RSAPrivateKey privKey = null; + private static RSAPublicKey pubKey = null; + + public AsymKeyHolder( BigInteger privExp, BigInteger pubExp, BigInteger mod ) + throws NoSuchAlgorithmException, InvalidKeySpecException + { + if ( mod == null ) + throw new InvalidKeySpecException( "No modulus given!" ); final KeyFactory keyFact; - try { - keyFact = KeyFactory.getInstance( "RSA" ); - } catch ( NoSuchAlgorithmException e ) { - throw new NoSuchAlgorithmException(e.getMessage()); + keyFact = KeyFactory.getInstance( "RSA" ); + if ( pubExp != null ) { + RSAPublicKeySpec keySpec = new RSAPublicKeySpec( mod, pubExp ); + pubKey = (RSAPublicKey)keyFact.generatePublic( keySpec ); } - if (privExp == null) { - // private exponent == null. Generate public key. - if (mod != null) { - try { - RSAPublicKeySpec keySpec = new RSAPublicKeySpec( mod, pubExp ); - synchronized ( keyFact ) { - pubKey = keyFact.generatePublic( keySpec ); - } - } catch ( InvalidKeySpecException e ) { - LOG.error( "Not able to build key with given numbers.", e ); - throw new InvalidKeySpecException( e.getMessage() ); - } catch ( NumberFormatException e ) { - LOG.error( "Invalid number format.", e ); - throw new NumberFormatException( e.toString() ); - } - } - } else if (pubExp == null) { - // public exponent == null. Generate private key. - if (mod != null) { - try { - RSAPrivateKeySpec keySpec = new RSAPrivateKeySpec( mod, privExp ); - synchronized ( keyFact ) { - privKey = keyFact.generatePrivate( keySpec ); - } - } catch ( InvalidKeySpecException e ) { - LOG.error( "Not able to build key with given numbers.", e ); - throw new InvalidKeySpecException( e.getMessage() ); - } catch ( NumberFormatException e ) { - LOG.error( "Invalid number format.", e ); - throw new NumberFormatException( e.toString() ); - } - } - } else { - // create both keys. - if (mod != null) { - try { - RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec( mod, pubExp ); - RSAPrivateKeySpec privkeySpec = new RSAPrivateKeySpec( mod, privExp ); - synchronized ( keyFact ) { - privKey = keyFact.generatePrivate( privkeySpec ); - pubKey = keyFact.generatePublic( pubKeySpec ); - } - } catch ( InvalidKeySpecException e ) { - LOG.error( "Not able to build key with given numbers.", e ); - throw new InvalidKeySpecException( e.getMessage() ); - } catch ( NumberFormatException e ) { - LOG.error( "Invalid number format.", e ); - throw new NumberFormatException( e.toString() ); - } - } + if ( privExp != null ) { + RSAPrivateKeySpec keySpec = new RSAPrivateKeySpec( mod, privExp ); + privKey = (RSAPrivateKey)keyFact.generatePrivate( keySpec ); } } - - public AsymKeyHolder() throws NoSuchAlgorithmException { + + public AsymKeyHolder() + { generateKey(); } - - + /** - * Get private key for this server. If none exists yet, create a new one. + * Get private key. * * @return */ public PrivateKey getPrivateKey() { - if (privKey == null) { - if (!generateKey()) { - LOG.warn( "Could not load or generate keypair for communication with masterserver" ); - } - } - return privKey; } - + public PublicKey getPublicKey() { - if (pubKey == null) { - if (!generateKey()) { - LOG.warn( "Could not generate keypair for communication with masterserver" ); - } - } return pubKey; } -// private boolean loadKey() -// { -// BufferedReader br = null; -// String modulus, exponent; -// KeyFactory keyFact; -// -// try { -// keyFact = KeyFactory.getInstance( "RSA" ); -// } catch ( NoSuchAlgorithmException e ) { -// LOG.warn( "Could not get a KeyFactory to load the key from disk", e ); -// return false; -// } -// -// try { -// br = new BufferedReader( new FileReader( "config/private.key" ) ); -// modulus = br.readLine(); -// exponent = br.readLine(); -// } catch ( FileNotFoundException e ) { -// LOG.error( "File 'private.key' not found!", e ); -// return false; -// } catch ( IOException e ) { -// LOG.error( "File 'private.key' not correct readable.", e ); -// return false; -// } finally { -// try { -// br.close(); -// } catch ( IOException e ) { -// } -// } -// if ( modulus == null || exponent == null ) { -// return false; -// } -// -// try { -// BigInteger mod = new BigInteger( modulus ); -// BigInteger exp = new BigInteger( exponent ); -// -// RSAPrivateKeySpec keySpec = new RSAPrivateKeySpec( mod, exp ); -// synchronized ( keyFact ) { -// privKey = keyFact.generatePrivate( keySpec ); -// } -// return privKey != null; -// } catch ( InvalidKeySpecException e ) { -// LOG.error( "Not able to build key with given numbers.", e ); -// } catch ( NumberFormatException e ) { -// LOG.error( "Invalid number format.", e ); -// } -// return false; -// } - private boolean generateKey() { KeyPairGenerator kpg; try { - kpg = KeyPairGenerator.getInstance("RSA"); + kpg = KeyPairGenerator.getInstance( "RSA" ); } catch ( NoSuchAlgorithmException e ) { LOG.error( "NoSuchAlgorithmException", e ); return false; } - - kpg.initialize(4096); + + kpg.initialize( 4096 ); KeyPair kp = kpg.generateKeyPair(); - RSAPrivateKey privateKey = (RSAPrivateKey) kp.getPrivate(); - RSAPublicKey publicKey = (RSAPublicKey) kp.getPublic(); - - BigInteger pubMod = publicKey.getModulus(); - BigInteger privMod = privateKey.getModulus(); - assert(pubMod == privMod); - - BigInteger pubExp = publicKey.getPublicExponent(); - BigInteger privExp = privateKey.getPrivateExponent(); - - RSAPrivateKeySpec privKeySpec = new RSAPrivateKeySpec( privMod, privExp ); - RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec( pubMod, pubExp ); - - KeyFactory keyFact; - try { - keyFact = KeyFactory.getInstance( "RSA" ); - } catch ( NoSuchAlgorithmException e ) { - LOG.error( "NoSuchAlgorithmException", e ); - return false; - } - - synchronized ( keyFact ) { - try { - privKey = keyFact.generatePrivate( privKeySpec ); - pubKey = keyFact.generatePublic( pubKeySpec ); - } catch ( InvalidKeySpecException e ) { - LOG.error( "InvalidKeySpecException", e ); - return false; - } - } + privKey = (RSAPrivateKey)kp.getPrivate(); + pubKey = (RSAPublicKey)kp.getPublic(); + + BigInteger pubMod = pubKey.getModulus(); + BigInteger privMod = privKey.getModulus(); + assert ( pubMod.equals( privMod ) ); return true; } + public BigInteger getModulus() + { + if ( privKey != null ) + return privKey.getModulus(); + if ( pubKey != null ) + return pubKey.getModulus(); + return null; // Should never happen + } + + public BigInteger getPrivateExponent() + { + if ( privKey == null ) + return null; + return privKey.getPrivateExponent(); + } + + public BigInteger getPublicExponent() + { + if ( pubKey == null ) + return null; + return pubKey.getPublicExponent(); + } + } diff --git a/src/main/java/org/openslx/satellitedaemon/Globals.java b/src/main/java/org/openslx/satellitedaemon/Globals.java index a14f825..0b0d287 100644 --- a/src/main/java/org/openslx/satellitedaemon/Globals.java +++ b/src/main/java/org/openslx/satellitedaemon/Globals.java @@ -35,7 +35,7 @@ public class Globals */ // * Properties *// - + public static String getMasterserverHost() { return properties.getProperty( "MASTERSERVER_HOST" ); @@ -43,7 +43,7 @@ public class Globals public static String getTruststorePath() { - return properties.getProperty( "FILETRANSFER_KEYSTORE_PATH" ); + return properties.getProperty( "TRUSTSTORE_PATH" ); } public static String getImageFolder() @@ -51,8 +51,6 @@ public class Globals return properties.getProperty( "IMAGE_FOLDER" ); } - - // Integers // public static int getThriftPort() @@ -64,29 +62,43 @@ public class Globals * Load properties */ static { + InputStreamReader stream = null; try { // Load all entries of the config file into properties - InputStreamReader stream = new InputStreamReader( + stream = new InputStreamReader( new FileInputStream( "config/global.properties" ), StandardCharsets.UTF_8 ); properties.load( stream ); stream.close(); } catch ( IOException e ) { - log.error( "Could not load properties. Exiting." ); + log.error( "Could not load global.properties. Exiting." ); System.exit( 2 ); + } finally { + Util.streamClose( stream ); } Util.notNullOrEmptyFatal( getMasterserverHost(), "Masterserver Host must not be empty!" ); - Util.notNullOrEmptyFatal( getTruststorePath(), "Truststore Path must not be empty!" ); Util.notNullOrEmptyFatal( getImageFolder(), "Image Folder must not be empty!" ); } /***********************************************************************************************/ /** + * Initialize the ssl context used everywhere for outgoing connections. * - * @return + * @return true on success, false on error */ public static boolean masterServerSslContextInit() { + if ( context != null ) + return true; + if ( getTruststorePath() == null || getTruststorePath().isEmpty() ) { + try { + context = SSLContext.getDefault(); + } catch ( NoSuchAlgorithmException e ) { + log.error( "could not load system default ssl context.", e ); + return false; + } + return true; + } KeyStore keystore; try { keystore = KeyStore.getInstance( "JKS" ); @@ -110,7 +122,7 @@ public class Globals public static SSLContext getMasterServerSslContext() { - return Globals.context; + return context; } /** @@ -128,4 +140,4 @@ public class Globals return 0; } } -} \ No newline at end of file +} diff --git a/src/main/java/org/openslx/satellitedaemon/Identity.java b/src/main/java/org/openslx/satellitedaemon/Identity.java index ae28def..8126aa9 100644 --- a/src/main/java/org/openslx/satellitedaemon/Identity.java +++ b/src/main/java/org/openslx/satellitedaemon/Identity.java @@ -19,10 +19,6 @@ public class Identity private static Logger log = Logger.getLogger( Identity.class ); private static final Properties properties = new Properties(); - private static BigInteger mod = null; - private static BigInteger privExp = null; - private static BigInteger pubExp = null; - private static AsymKeyHolder akh = null; public static String getOrganizationName() @@ -30,47 +26,44 @@ public class Identity return properties.getProperty( "ORGANIZATION_NAME" ); } - public static BigInteger getModulus() + private static BigInteger getModulus() { - String privateModulus = properties.getProperty( "MODULUS" ); - mod = new BigInteger( privateModulus ); - return mod; + return toBigInt( properties.getProperty( "MODULUS" ) ); } - public static BigInteger getPublicExponent() + private static BigInteger getPublicExponent() { - String publicModulus = properties.getProperty( "PUBLIC_EXPONENT" ); - pubExp = new BigInteger( publicModulus ); - return pubExp; + return toBigInt( properties.getProperty( "PUBLIC_EXPONENT" ) ); } - public static BigInteger getPrivateExponent() + private static BigInteger getPrivateExponent() { - String exponent = properties.getProperty( "PRIVATE_EXPONENT" ); - privExp = new BigInteger( exponent ); - return privExp; + return toBigInt( properties.getProperty( "PRIVATE_EXPONENT" ) ); } /** * Load properties */ static { + InputStreamReader stream = null; try { // Load all entries of the config file into properties - InputStreamReader stream = new InputStreamReader( + stream = new InputStreamReader( new FileInputStream( "config/identity.properties" ), StandardCharsets.UTF_8 ); properties.load( stream ); stream.close(); } catch ( IOException e ) { - log.error( "Could not load properties. Exiting." ); + log.error( "Could not load identity.properties. Exiting." ); System.exit( 2 ); + } finally { + Util.streamClose( stream ); } - + Util.notNullOrEmptyFatal( getOrganizationName(), "Organiziation Name must not be empty!" ); try { - akh = new AsymKeyHolder( privExp, pubExp, mod ); + akh = new AsymKeyHolder( getPrivateExponent(), getPublicExponent(), getModulus() ); } catch ( InvalidKeySpecException e ) { - log.error( "InvalidKeySpecException", e); + log.error( "InvalidKeySpecException", e ); } catch ( NoSuchAlgorithmException e ) { log.error( "NoSuchAlgorithmException", e ); } @@ -83,15 +76,10 @@ public class Identity */ public static PrivateKey getPrivateKey() { - if (akh != null) { + if ( akh != null ) { return akh.getPrivateKey(); - } - try { - akh = new AsymKeyHolder(); - } catch ( NoSuchAlgorithmException e ) { - log.error( "NoSuchAlgorithmException", e ); - return null; } + akh = new AsymKeyHolder(); return akh.getPrivateKey(); } @@ -102,14 +90,18 @@ public class Identity */ public static PublicKey getPublicKey() { - if (akh != null) + if ( akh != null ) return akh.getPublicKey(); + akh = new AsymKeyHolder(); + return akh.getPublicKey(); + } + + private static BigInteger toBigInt( String str ) + { try { - akh = new AsymKeyHolder(); - } catch ( NoSuchAlgorithmException e) { - log.error("NoSuchAlgorithmException", e); + return new BigInteger( str ); + } catch ( Exception e ) { return null; } - return akh.getPublicKey(); } } diff --git a/src/main/java/org/openslx/satellitedaemon/util/Util.java b/src/main/java/org/openslx/satellitedaemon/util/Util.java index 24f9883..986ff73 100644 --- a/src/main/java/org/openslx/satellitedaemon/util/Util.java +++ b/src/main/java/org/openslx/satellitedaemon/util/Util.java @@ -1,5 +1,7 @@ package org.openslx.satellitedaemon.util; +import java.io.Closeable; + import org.apache.log4j.Logger; public class Util @@ -29,7 +31,7 @@ public class Util System.exit( 2 ); } } - + public static void notNullOrEmptyFatal( String something, String message ) { if ( something == null || something.isEmpty() ) { @@ -39,4 +41,17 @@ public class Util System.exit( 2 ); } } + + public static void streamClose( Closeable... closeable ) + { + for ( Closeable c : closeable ) { + if ( c == null ) + continue; + try { + c.close(); + } catch ( Throwable t ) { + } + } + } + } -- cgit v1.2.3-55-g7522