2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
22 package org.onap.aaf.cadi;
24 import java.io.BufferedReader;
26 import java.io.FileInputStream;
27 import java.io.FileOutputStream;
28 import java.io.FileReader;
29 import java.io.IOException;
30 import java.io.InputStreamReader;
31 import java.security.NoSuchAlgorithmException;
33 import org.onap.aaf.cadi.util.Chmod;
34 import org.onap.aaf.cadi.util.JsonOutputStream;
39 * A Class to run on command line to determine suitability of environment for certain TAFs.
41 * For instance, CSP supports services only in certain domains, and while dynamic host
42 * lookups on the machine work in most cases, sometimes, names and IPs are unexpected (and
43 * invalid) for CSP because of multiple NetworkInterfaces, etc
48 public class CmdLine {
50 private static boolean systemExit = true;
54 public static void main(String[] args) {
56 if("digest".equalsIgnoreCase(args[0]) && (args.length>2 || (args.length>1 && System.console()!=null))) {
62 if("-i".equals(password)) {
64 StringBuilder sb = new StringBuilder();
66 while((c=System.in.read())>=0) {
69 } catch (IOException e) {
72 password = sb.toString();
76 password = new String(System.console().readPassword("Type here (keystrokes hidden): "));
81 FileInputStream fis = new FileInputStream(keyfile);
83 symm = Symm.obtain(fis);
87 symm.enpass(password, System.out);
91 /* testing code... don't want it exposed
92 System.out.println(" ******** Testing *********");
93 for(int i=0;i<100000;++i) {
94 System.out.println(args[1]);
95 ByteArrayOutputStream baos = new ByteArrayOutputStream();
96 b64.enpass(args[1], baos);
98 System.out.println(pass=new String(baos.toByteArray()));
99 ByteArrayOutputStream reconstituted = new ByteArrayOutputStream();
100 b64.depass(pass, reconstituted);
101 String r = reconstituted.toString();
102 System.out.println(r);
103 if(!r.equals(args[1])) {
104 System.err.println("!!!!! STOP - ERROR !!!!!");
107 System.out.println();
112 } catch (IOException e) {
113 System.err.println("Cannot digest password");
114 System.err.println(" \""+ e.getMessage() + '"');
116 // DO NOT LEAVE THIS METHOD Compiled IN CODE... Do not want looking at passwords on disk too easy
117 // Jonathan. Oh, well, Deployment services need this behavior. I will put this code in, but leave it undocumented.
118 // One still needs access to the keyfile to read.
119 // July 2016 - thought of a tool "CMPass" to regurgitate from properties, but only if allowed.
120 } else if("regurgitate".equalsIgnoreCase(args[0]) && args.length>2) {
123 FileInputStream fis = new FileInputStream(args[2]);
125 symm = Symm.obtain(fis);
129 boolean isFile = false;
130 if("-i".equals(args[1]) || (isFile="-f".equals(args[1]))) {
134 System.err.println("Filename in 4th position");
137 br = new BufferedReader(new FileReader(args[3]));
139 br = new BufferedReader(new InputStreamReader(System.in));
143 boolean cont = false;
144 StringBuffer sb = new StringBuffer();
145 JsonOutputStream jw = new JsonOutputStream(System.out);
146 while((line=br.readLine())!=null) {
149 if((end=line.indexOf('"'))>=0) {
150 sb.append(line,0,end);
157 if((idx = line.indexOf(' '))>=0
158 && (idx = line.indexOf(' ',++idx))>0
159 && (idx = line.indexOf('=',++idx))>0
161 System.out.println(line.substring(0, idx-5));
164 if((end=line.indexOf('"',start))<0) {
168 sb.append(line,start,end);
172 symm.depass(sb.toString(),jw);
174 System.out.println();
189 symm.depass(args[1], System.out);
191 System.out.println();
194 } catch (IOException e) {
195 System.err.println("Cannot regurgitate password");
196 System.err.println(" \""+ e.getMessage() + '"');
198 } else if("encode64".equalsIgnoreCase(args[0]) && args.length>1) {
200 Symm.base64.encode(args[1], System.out);
201 System.out.println();
204 } catch (IOException e) {
205 System.err.println("Cannot encode Base64 with " + args[1]);
206 System.err.println(" \""+ e.getMessage() + '"');
208 } else if("decode64".equalsIgnoreCase(args[0]) && args.length>1) {
210 Symm.base64.decode(args[1], System.out);
211 System.out.println();
214 } catch (IOException e) {
215 System.err.println("Cannot decode Base64 text from " + args[1]);
216 System.err.println(" \""+ e.getMessage() + '"');
218 } else if("encode64url".equalsIgnoreCase(args[0]) && args.length>1) {
220 Symm.base64url.encode(args[1], System.out);
221 System.out.println();
224 } catch (IOException e) {
225 System.err.println("Cannot encode Base64url with " + args[1]);
226 System.err.println(" \""+ e.getMessage() + '"');
228 } else if("decode64url".equalsIgnoreCase(args[0]) && args.length>1) {
230 Symm.base64url.decode(args[1], System.out);
231 System.out.println();
234 } catch (IOException e) {
235 System.err.println("Cannot decode Base64url text from " + args[1]);
236 System.err.println(" \""+ e.getMessage() + '"');
238 } else if("md5".equalsIgnoreCase(args[0]) && args.length>1) {
240 System.out.println(Hash.hashMD5asStringHex(args[1]));
242 } catch (NoSuchAlgorithmException e) {
243 System.err.println("Cannot hash MD5 from " + args[1]);
244 System.err.println(" \""+ e.getMessage() + '"');
247 } else if("sha256".equalsIgnoreCase(args[0]) && args.length>1) {
250 int max = args.length>7?7:args.length;
251 for(int i=2;i<max;++i) {
252 int salt = Integer.parseInt(args[i]);
253 System.out.println(Hash.hashSHA256asStringHex(args[1],salt));
256 System.out.println(Hash.hashSHA256asStringHex(args[1]));
258 } catch (NoSuchAlgorithmException e) {
259 System.err.println("Cannot hash SHA256 text from " + args[1]);
260 System.err.println(" \""+ e.getMessage() + '"');
264 } else if("keygen".equalsIgnoreCase(args[0])) {
267 File f = new File(args[1]);
268 FileOutputStream fos = new FileOutputStream(f);
270 fos.write(Symm.keygen());
274 Chmod.to400.chmod(f);
277 // create a Symmetric Key out of same characters found in base64
278 System.out.write(Symm.keygen());
282 } catch (IOException e) {
283 System.err.println("Cannot create a key " + args[0]);
284 System.err.println(" \""+ e.getMessage() + '"');
287 } else if("passgen".equalsIgnoreCase(args[0])) {
289 if(args.length <= 1) {
292 numDigits = Integer.parseInt(args[1]);
293 if(numDigits<8)numDigits = 8;
296 boolean noLower,noUpper,noDigits,noSpecial,repeatingChars,missingChars;
298 pass = Symm.randomGen(numDigits);
299 missingChars=noLower=noUpper=noDigits=noSpecial=true;
300 repeatingChars=false;
302 for(int i=0;i<numDigits;++i) {
310 noLower=!(c>=0x61 && c<=0x7A);
313 noUpper=!(c>=0x41 && c<=0x5A);
316 noDigits=!(c>=0x30 && c<=0x39);
319 noSpecial = "+!@#$%^&*(){}[]?:;,.".indexOf(c)<0;
322 missingChars = (noLower || noUpper || noDigits || noSpecial);
324 } while(missingChars || repeatingChars);
325 System.out.println(pass.substring(0,numDigits));
326 } else if("urlgen".equalsIgnoreCase(args[0])) {
328 if(args.length <= 1) {
331 numDigits = Integer.parseInt(args[1]);
333 System.out.println(Symm.randomGen(Symm.base64url.codeset, numDigits).substring(0,numDigits));
336 System.out.println("Usage: java -jar <this jar> ...");
337 System.out.println(" keygen [<keyfile>] (Generates Key on file, or Std Out)");
338 System.out.println(" digest [<passwd>|-i|] <keyfile> (Encrypts Password with \"keyfile\"");
339 System.out.println(" if passwd = -i, will read StdIin");
340 System.out.println(" if passwd is blank, will ask securely)");
341 System.out.println(" passgen <digits> (Generate Password of given size)");
342 System.out.println(" urlgen <digits> (Generate URL field of given size)");
343 System.out.println(" csptest (Tests for CSP compatibility)");
344 System.out.println(" encode64 <your text> (Encodes to Base64)");
345 System.out.println(" decode64 <base64 encoded text> (Decodes from Base64)");
346 System.out.println(" encode64url <your text> (Encodes to Base64 URL charset)");
347 System.out.println(" decode64url <base64url encoded text> (Decodes from Base64 URL charset)");
348 System.out.println(" sha256 <text> <salts(s)> (Digest String into SHA256 Hash)");
349 System.out.println(" md5 <text> (Digest String into MD5 Hash)");
356 public static void setSystemExit(boolean shouldExit) {
357 systemExit = shouldExit;
Code Review / aaf / authz.git / blob