2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
22 package org.onap.aaf.cadi;
24 import java.io.BufferedReader;
26 import java.io.FileInputStream;
27 import java.io.FileOutputStream;
28 import java.io.FileReader;
29 import java.io.IOException;
30 import java.io.InputStreamReader;
31 import java.security.NoSuchAlgorithmException;
33 import org.onap.aaf.cadi.util.Chmod;
34 import org.onap.aaf.cadi.util.JsonOutputStream;
39 * A Class to run on command line to determine suitability of environment for certain TAFs.
41 * For instance, CSP supports services only in certain domains, and while dynamic host
42 * lookups on the machine work in most cases, sometimes, names and IPs are unexpected (and
43 * invalid) for CSP because of multiple NetworkInterfaces, etc
48 public class CmdLine {
50 public static Access access;
55 public static void main(String[] args) {
57 if("digest".equalsIgnoreCase(args[0]) && (args.length>2 || (args.length>1 && System.console()!=null))) {
63 if("-i".equals(password)) {
65 StringBuilder sb = new StringBuilder();
67 while((c=System.in.read())>=0) {
70 } catch (IOException e) {
73 password = sb.toString();
77 password = new String(System.console().readPassword("Type here (keystrokes hidden): "));
82 FileInputStream fis = new FileInputStream(keyfile);
84 symm = Symm.obtain(fis);
88 symm.enpass(password, System.out);
92 /* testing code... don't want it exposed
93 System.out.println(" ******** Testing *********");
94 for(int i=0;i<100000;++i) {
95 System.out.println(args[1]);
96 ByteArrayOutputStream baos = new ByteArrayOutputStream();
97 b64.enpass(args[1], baos);
99 System.out.println(pass=new String(baos.toByteArray()));
100 ByteArrayOutputStream reconstituted = new ByteArrayOutputStream();
101 b64.depass(pass, reconstituted);
102 String r = reconstituted.toString();
103 System.out.println(r);
104 if(!r.equals(args[1])) {
105 System.err.println("!!!!! STOP - ERROR !!!!!");
108 System.out.println();
113 } catch (IOException e) {
114 System.err.println("Cannot digest password");
115 System.err.println(" \""+ e.getMessage() + '"');
117 // DO NOT LEAVE THIS METHOD Compiled IN CODE... Do not want looking at passwords on disk too easy
118 // Jonathan. Oh, well, Deployment services need this behavior. I will put this code in, but leave it undocumented.
119 // One still needs access to the keyfile to read.
120 // July 2016 - thought of a tool "CMPass" to regurgitate from properties, but only if allowed.
121 } else if("regurgitate".equalsIgnoreCase(args[0]) && args.length>2) {
124 FileInputStream fis = new FileInputStream(args[2]);
126 symm = Symm.obtain(fis);
130 boolean isFile = false;
131 if("-i".equals(args[1]) || (isFile="-f".equals(args[1]))) {
135 System.err.println("Filename in 4th position");
138 br = new BufferedReader(new FileReader(args[3]));
140 br = new BufferedReader(new InputStreamReader(System.in));
144 boolean cont = false;
145 StringBuffer sb = new StringBuffer();
146 JsonOutputStream jw = new JsonOutputStream(System.out);
147 while((line=br.readLine())!=null) {
150 if((end=line.indexOf('"'))>=0) {
151 sb.append(line,0,end);
158 if((idx = line.indexOf(' '))>=0
159 && (idx = line.indexOf(' ',++idx))>0
160 && (idx = line.indexOf('=',++idx))>0
162 System.out.println(line.substring(0, idx-5));
165 if((end=line.indexOf('"',start))<0) {
169 sb.append(line,start,end);
173 symm.depass(sb.toString(),jw);
175 System.out.println();
190 symm.depass(args[1], System.out);
192 System.out.println();
195 } catch (IOException e) {
196 System.err.println("Cannot regurgitate password");
197 System.err.println(" \""+ e.getMessage() + '"');
199 } else if("encode64".equalsIgnoreCase(args[0]) && args.length>1) {
201 Symm.base64.encode(args[1], System.out);
202 System.out.println();
205 } catch (IOException e) {
206 System.err.println("Cannot encode Base64 with " + args[1]);
207 System.err.println(" \""+ e.getMessage() + '"');
209 } else if("decode64".equalsIgnoreCase(args[0]) && args.length>1) {
211 Symm.base64.decode(args[1], System.out);
212 System.out.println();
215 } catch (IOException e) {
216 System.err.println("Cannot decode Base64 text from " + args[1]);
217 System.err.println(" \""+ e.getMessage() + '"');
219 } else if("encode64url".equalsIgnoreCase(args[0]) && args.length>1) {
221 Symm.base64url.encode(args[1], System.out);
222 System.out.println();
225 } catch (IOException e) {
226 System.err.println("Cannot encode Base64url with " + args[1]);
227 System.err.println(" \""+ e.getMessage() + '"');
229 } else if("decode64url".equalsIgnoreCase(args[0]) && args.length>1) {
231 Symm.base64url.decode(args[1], System.out);
232 System.out.println();
235 } catch (IOException e) {
236 System.err.println("Cannot decode Base64url text from " + args[1]);
237 System.err.println(" \""+ e.getMessage() + '"');
239 } else if("md5".equalsIgnoreCase(args[0]) && args.length>1) {
241 System.out.println(Hash.hashMD5asStringHex(args[1]));
243 } catch (NoSuchAlgorithmException e) {
244 System.err.println("Cannot hash MD5 from " + args[1]);
245 System.err.println(" \""+ e.getMessage() + '"');
248 } else if("sha256".equalsIgnoreCase(args[0]) && args.length>1) {
251 int max = args.length>7?7:args.length;
252 for(int i=2;i<max;++i) {
253 int salt = Integer.parseInt(args[i]);
254 System.out.println(Hash.hashSHA256asStringHex(args[1],salt));
257 System.out.println(Hash.hashSHA256asStringHex(args[1]));
259 } catch (NoSuchAlgorithmException e) {
260 System.err.println("Cannot hash SHA256 text from " + args[1]);
261 System.err.println(" \""+ e.getMessage() + '"');
265 } else if("keygen".equalsIgnoreCase(args[0])) {
268 File f = new File(args[1]);
269 FileOutputStream fos = new FileOutputStream(f);
271 fos.write(Symm.keygen());
275 Chmod.to400.chmod(f);
278 // create a Symmetric Key out of same characters found in base64
279 System.out.write(Symm.keygen());
283 } catch (IOException e) {
284 System.err.println("Cannot create a key " + args[0]);
285 System.err.println(" \""+ e.getMessage() + '"');
288 } else if("passgen".equalsIgnoreCase(args[0])) {
290 if(args.length <= 1) {
293 numDigits = Integer.parseInt(args[1]);
294 if(numDigits<8)numDigits = 8;
297 boolean noLower,noUpper,noDigits,noSpecial,repeatingChars,missingChars;
299 pass = Symm.randomGen(numDigits);
300 missingChars=noLower=noUpper=noDigits=noSpecial=true;
301 repeatingChars=false;
303 for(int i=0;i<numDigits;++i) {
311 noLower=!(c>=0x61 && c<=0x7A);
314 noUpper=!(c>=0x41 && c<=0x5A);
317 noDigits=!(c>=0x30 && c<=0x39);
320 noSpecial = "+!@#$%^&*(){}[]?:;,.".indexOf(c)<0;
323 missingChars = (noLower || noUpper || noDigits || noSpecial);
325 } while(missingChars || repeatingChars);
326 System.out.println(pass.substring(0,numDigits));
327 } else if("urlgen".equalsIgnoreCase(args[0])) {
329 if(args.length <= 1) {
332 numDigits = Integer.parseInt(args[1]);
334 System.out.println(Symm.randomGen(Symm.base64url.codeset, numDigits).substring(0,numDigits));
337 System.out.println("Usage: java -jar <this jar> ...");
338 System.out.println(" keygen [<keyfile>] (Generates Key on file, or Std Out)");
339 System.out.println(" digest [<passwd>|-i|] <keyfile> (Encrypts Password with \"keyfile\"");
340 System.out.println(" if passwd = -i, will read StdIin");
341 System.out.println(" if passwd is blank, will ask securely)");
342 System.out.println(" passgen <digits> (Generate Password of given size)");
343 System.out.println(" urlgen <digits> (Generate URL field of given size)");
344 System.out.println(" csptest (Tests for CSP compatibility)");
345 System.out.println(" encode64 <your text> (Encodes to Base64)");
346 System.out.println(" decode64 <base64 encoded text> (Decodes from Base64)");
347 System.out.println(" encode64url <your text> (Encodes to Base64 URL charset)");
348 System.out.println(" decode64url <base64url encoded text> (Decodes from Base64 URL charset)");
349 System.out.println(" sha256 <text> <salts(s)> (Digest String into SHA256 Hash)");
350 System.out.println(" md5 <text> (Digest String into MD5 Hash)");
352 String forceExit = access.getProperty("force_exit", null);
353 if (forceExit == null) {
Code Review / aaf / authz.git / blob