From d28f883dc8a354be113242a06c815f2320486c76 Mon Sep 17 00:00:00 2001 From: Dave Syer Date: Wed, 30 Jul 2014 15:32:50 -0700 Subject: [PATCH] Add support for keystore in server E.g. encrypt.keystore.location: file:///var/keys/keystore.jks encrypt.keystore.password: ${KEYSTORE_PASSWORD} encrypt.keystore.alias: myKey Fixes gh-3 --- .../platform/config/server/Application.java | 59 +++++++++++++++++-- .../config/server/EncryptionController.java | 2 + 2 files changed, 56 insertions(+), 5 deletions(-) diff --git a/spring-platform-config-server/src/main/java/org/springframework/platform/config/server/Application.java b/spring-platform-config-server/src/main/java/org/springframework/platform/config/server/Application.java index 8f0ba7f5..e16911b3 100644 --- a/spring-platform-config-server/src/main/java/org/springframework/platform/config/server/Application.java +++ b/spring-platform-config-server/src/main/java/org/springframework/platform/config/server/Application.java @@ -1,4 +1,3 @@ - package org.springframework.platform.config.server; import javax.annotation.PostConstruct; @@ -12,6 +11,9 @@ import org.springframework.context.annotation.ComponentScan; import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Profile; import org.springframework.core.env.ConfigurableEnvironment; +import org.springframework.core.io.Resource; +import org.springframework.security.rsa.crypto.KeyStoreKeyFactory; +import org.springframework.security.rsa.crypto.RsaSecretEncryptor; @Configuration @ComponentScan @@ -27,9 +29,11 @@ public class Application { protected static class KeyConfiguration { @Autowired private EncryptionController controller; - + private String key; - + + private KeyStore keyStore = new KeyStore(); + public String getKey() { return key; } @@ -38,12 +42,57 @@ public class Application { this.key = key; } + public KeyStore getKeyStore() { + return keyStore; + } + + public void setKeyStore(KeyStore keyStore) { + this.keyStore = keyStore; + } + @PostConstruct public void init() { - if (key!=null) { + if (keyStore.getLocation() != null) { + controller.setEncryptor(new RsaSecretEncryptor(new KeyStoreKeyFactory( + keyStore.getLocation(), keyStore.getPassword().toCharArray()) + .getKeyPair(keyStore.getAlias()))); + } + if (key != null) { controller.uploadKey(key); } } + + public static class KeyStore { + + private Resource location; + private String password; + private String alias; + + public String getAlias() { + return alias; + } + + public void setAlias(String alias) { + this.alias = alias; + } + + public Resource getLocation() { + return location; + } + + public void setLocation(Resource location) { + this.location = location; + } + + public String getPassword() { + return password; + } + + public void setPassword(String password) { + this.password = password; + } + + } } @Configuration @@ -51,7 +100,7 @@ public class Application { protected static class NativeRepositoryConfiguration { @Autowired private ConfigurableEnvironment environment; - + @Bean public NativeEnvironmentRepository repository() { return new NativeEnvironmentRepository(environment); diff --git a/spring-platform-config-server/src/main/java/org/springframework/platform/config/server/EncryptionController.java b/spring-platform-config-server/src/main/java/org/springframework/platform/config/server/EncryptionController.java index 10e0ecad..f207bfc9 100644 --- a/spring-platform-config-server/src/main/java/org/springframework/platform/config/server/EncryptionController.java +++ b/spring-platform-config-server/src/main/java/org/springframework/platform/config/server/EncryptionController.java @@ -22,6 +22,7 @@ import java.util.Map; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; import org.springframework.platform.config.Environment; @@ -51,6 +52,7 @@ public class EncryptionController { private TextEncryptor encryptor; + @Autowired(required=false) public void setEncryptor(TextEncryptor encryptor) { this.encryptor = encryptor; }