Merge branch '1.1.x'
This commit is contained in:
@@ -40,6 +40,8 @@ class BaseEncryptOptionHandler extends OptionHandler {
|
||||
|
||||
private OptionSpec<String> passwordOption;
|
||||
|
||||
private OptionSpec<String> keyPassOption;
|
||||
|
||||
private Charset charset;
|
||||
|
||||
{
|
||||
@@ -48,16 +50,18 @@ class BaseEncryptOptionHandler extends OptionHandler {
|
||||
|
||||
@Override
|
||||
protected final void options() {
|
||||
this.keyOption = option(
|
||||
asList("key", "k"),
|
||||
this.keyOption = option(asList("key", "k"),
|
||||
"Specify key (symmetric secret, or pem-encoded key). If the value starts with @ it is interpreted as a file location.")
|
||||
.withRequiredArg();
|
||||
.withRequiredArg();
|
||||
this.passwordOption = option("password",
|
||||
"A password for the keyfile (assuming the --key option is a KetStore file).")
|
||||
.withRequiredArg();
|
||||
"A password for the keyfile (assuming the --key option is a KeyStore file).")
|
||||
.withRequiredArg();
|
||||
this.keyPassOption = option("keypass",
|
||||
"A password for the key, defaults to the same as the store password (assuming the --key option is a KeyStore file).")
|
||||
.withRequiredArg();
|
||||
this.aliasOption = option("alias",
|
||||
"An alias for the the key in a keyfile (assuming the --key option is a KetStore file).")
|
||||
.withRequiredArg();
|
||||
"An alias for the the key in a keyfile (assuming the --key option is a KeyStore file).")
|
||||
.withRequiredArg();
|
||||
doOptions();
|
||||
}
|
||||
|
||||
@@ -66,17 +70,25 @@ class BaseEncryptOptionHandler extends OptionHandler {
|
||||
|
||||
protected TextEncryptor createEncryptor(OptionSet options) {
|
||||
String value = keyOption.value(options);
|
||||
if (value==null) {
|
||||
if (value == null) {
|
||||
throw new MissingKeyException();
|
||||
}
|
||||
if (options.has(passwordOption)) { // it's a keystore
|
||||
String password = options.valueOf(passwordOption);
|
||||
String alias = options.valueOf(aliasOption);
|
||||
KeyStoreKeyFactory factory = new KeyStoreKeyFactory(new FileSystemResource(
|
||||
value), password.toCharArray());
|
||||
RsaSecretEncryptor encryptor = new RsaSecretEncryptor(
|
||||
factory.getKeyPair(alias));
|
||||
return encryptor;
|
||||
KeyStoreKeyFactory factory = new KeyStoreKeyFactory(
|
||||
new FileSystemResource(value), password.toCharArray());
|
||||
if (options.has(keyPassOption)) {
|
||||
String keypass = options.valueOf(keyPassOption);
|
||||
RsaSecretEncryptor encryptor = new RsaSecretEncryptor(
|
||||
factory.getKeyPair(alias, keypass.toCharArray()));
|
||||
return encryptor;
|
||||
}
|
||||
else {
|
||||
RsaSecretEncryptor encryptor = new RsaSecretEncryptor(
|
||||
factory.getKeyPair(alias));
|
||||
return encryptor;
|
||||
}
|
||||
}
|
||||
boolean verbose = Boolean.getBoolean("debug");
|
||||
if (value.startsWith("@")) {
|
||||
|
||||
@@ -22,6 +22,7 @@ import java.nio.charset.Charset;
|
||||
import org.junit.Test;
|
||||
import org.springframework.boot.cli.command.status.ExitStatus;
|
||||
import org.springframework.core.io.ClassPathResource;
|
||||
import org.springframework.security.rsa.crypto.KeyStoreKeyFactory;
|
||||
import org.springframework.security.rsa.crypto.RsaSecretEncryptor;
|
||||
import org.springframework.util.StreamUtils;
|
||||
|
||||
@@ -49,6 +50,19 @@ public class DecryptCommandTests {
|
||||
command.run("-k", "@src/test/resources/private.pem", cipher));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void decryptsFromRsaKeyWithKeyStore() throws Exception {
|
||||
KeyStoreKeyFactory factory = new KeyStoreKeyFactory(
|
||||
new ClassPathResource("keystore.jks"), "letmein".toCharArray());
|
||||
RsaSecretEncryptor encryptor = new RsaSecretEncryptor(
|
||||
factory.getKeyPair("mytestkey", "changeme".toCharArray()));
|
||||
String cipher = encryptor.encrypt("foo");
|
||||
assertEquals(ExitStatus.OK,
|
||||
command.run("-k", "src/test/resources/keystore.jks", "--password",
|
||||
"letmein", "--keypass", "changeme", "--alias", "mytestkey",
|
||||
cipher));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
public void failsWithPlainText() throws Exception {
|
||||
assertEquals(ExitStatus.OK, command.run("-k", "deadbeef", "foo"));
|
||||
|
||||
BIN
spring-cloud-cli/src/test/resources/keystore.jks
Normal file
BIN
spring-cloud-cli/src/test/resources/keystore.jks
Normal file
Binary file not shown.
Reference in New Issue
Block a user