1 /*******************************************************************************
\r
2 * ============LICENSE_START====================================================
\r
4 * * ===========================================================================
\r
5 * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
\r
6 * * Copyright © 2017 Amdocs
\r
7 * * ===========================================================================
\r
8 * * Licensed under the Apache License, Version 2.0 (the "License");
\r
9 * * you may not use this file except in compliance with the License.
\r
10 * * You may obtain a copy of the License at
\r
12 * * http://www.apache.org/licenses/LICENSE-2.0
\r
14 * * Unless required by applicable law or agreed to in writing, software
\r
15 * * distributed under the License is distributed on an "AS IS" BASIS,
\r
16 * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
\r
17 * * See the License for the specific language governing permissions and
\r
18 * * limitations under the License.
\r
19 * * ============LICENSE_END====================================================
\r
21 * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
\r
23 ******************************************************************************/
\r
24 package com.att.cadi;
\r
26 import java.io.BufferedReader;
\r
27 import java.io.File;
\r
28 import java.io.FileInputStream;
\r
29 import java.io.FileOutputStream;
\r
30 import java.io.FileReader;
\r
31 import java.io.IOException;
\r
32 import java.io.InputStreamReader;
\r
33 import java.net.InetAddress;
\r
34 import java.net.UnknownHostException;
\r
35 import java.security.NoSuchAlgorithmException;
\r
37 import com.att.cadi.util.Chmod;
\r
38 import com.att.cadi.util.JsonOutputStream;
\r
43 * A Class to run on command line to determine suitability of environment for certain TAFs.
\r
45 * For instance, CSP supports services only in certain domains, and while dynamic host
\r
46 * lookups on the machine work in most cases, sometimes, names and IPs are unexpected (and
\r
47 * invalid) for CSP because of multiple NetworkInterfaces, etc
\r
51 public class CmdLine {
\r
56 public static void main(String[] args) {
\r
58 if("digest".equalsIgnoreCase(args[0]) && (args.length>2 || (args.length>1 && System.console()!=null))) {
\r
66 password = new String(System.console().readPassword("Type here (keystrokes hidden): "));
\r
71 FileInputStream fis = new FileInputStream(keyfile);
\r
73 symm = Symm.obtain(fis);
\r
77 symm.enpass(password, System.out);
\r
78 System.out.println();
\r
81 /* testing code... don't want it exposed
\r
82 System.out.println(" ******** Testing *********");
\r
83 for(int i=0;i<100000;++i) {
\r
84 System.out.println(args[1]);
\r
85 ByteArrayOutputStream baos = new ByteArrayOutputStream();
\r
86 b64.enpass(args[1], baos);
\r
88 System.out.println(pass=new String(baos.toByteArray()));
\r
89 ByteArrayOutputStream reconstituted = new ByteArrayOutputStream();
\r
90 b64.depass(pass, reconstituted);
\r
91 String r = reconstituted.toString();
\r
92 System.out.println(r);
\r
93 if(!r.equals(args[1])) {
\r
94 System.err.println("!!!!! STOP - ERROR !!!!!");
\r
97 System.out.println();
\r
102 } catch (IOException e) {
\r
103 System.err.println("Cannot digest password");
\r
104 System.err.println(" \""+ e.getMessage() + '"');
\r
106 // . Oh, well, Deployment services need this behavior. I will put this code in, but leave it undocumented.
\r
107 // One still needs access to the keyfile to read.
\r
108 // July 2016 - thought of a tool "CMPass" to reguritate from properties, but only if allowed.
\r
109 } else if("regurgitate".equalsIgnoreCase(args[0]) && args.length>2) {
\r
112 FileInputStream fis = new FileInputStream(args[2]);
\r
114 symm = Symm.obtain(fis);
\r
118 boolean isFile = false;
\r
119 if("-i".equals(args[1]) || (isFile="-f".equals(args[1]))) {
\r
122 if(args.length<4) {
\r
123 System.err.println("Filename in 4th position");
\r
126 br = new BufferedReader(new FileReader(args[3]));
\r
128 br = new BufferedReader(new InputStreamReader(System.in));
\r
132 boolean cont = false;
\r
133 StringBuffer sb = new StringBuffer();
\r
134 JsonOutputStream jw = new JsonOutputStream(System.out);
\r
135 while((line=br.readLine())!=null) {
\r
138 if((end=line.indexOf('"'))>=0) {
\r
139 sb.append(line,0,end);
\r
146 if((idx = line.indexOf(' '))>=0
\r
147 && (idx = line.indexOf(' ',++idx))>0
\r
148 && (idx = line.indexOf('=',++idx))>0
\r
149 && (idx = line.indexOf('=',++idx))>0
\r
151 System.out.println(line.substring(0, idx-5));
\r
154 if((end=line.indexOf('"',start))<0) {
\r
155 end = line.length();
\r
158 sb.append(line,start,end);
\r
161 if(sb.length()>0) {
\r
162 symm.depass(sb.toString(),jw);
\r
164 System.out.println();
\r
167 System.out.flush();
\r
179 symm.depass(args[1], System.out);
\r
181 System.out.println();
\r
182 System.out.flush();
\r
184 } catch (IOException e) {
\r
185 System.err.println("Cannot regurgitate password");
\r
186 System.err.println(" \""+ e.getMessage() + '"');
\r
188 } else if("encode64".equalsIgnoreCase(args[0]) && args.length>1) {
\r
190 Symm.base64.encode(args[1], System.out);
\r
191 System.out.println();
\r
192 System.out.flush();
\r
194 } catch (IOException e) {
\r
195 System.err.println("Cannot encode Base64 with " + args[1]);
\r
196 System.err.println(" \""+ e.getMessage() + '"');
\r
198 } else if("decode64".equalsIgnoreCase(args[0]) && args.length>1) {
\r
200 Symm.base64.decode(args[1], System.out);
\r
201 System.out.println();
\r
202 System.out.flush();
\r
204 } catch (IOException e) {
\r
205 System.err.println("Cannot decode Base64 text from " + args[1]);
\r
206 System.err.println(" \""+ e.getMessage() + '"');
\r
208 } else if("encode64url".equalsIgnoreCase(args[0]) && args.length>1) {
\r
210 Symm.base64url.encode(args[1], System.out);
\r
211 System.out.println();
\r
212 System.out.flush();
\r
214 } catch (IOException e) {
\r
215 System.err.println("Cannot encode Base64url with " + args[1]);
\r
216 System.err.println(" \""+ e.getMessage() + '"');
\r
218 } else if("decode64url".equalsIgnoreCase(args[0]) && args.length>1) {
\r
220 Symm.base64url.decode(args[1], System.out);
\r
221 System.out.println();
\r
222 System.out.flush();
\r
224 } catch (IOException e) {
\r
225 System.err.println("Cannot decode Base64url text from " + args[1]);
\r
226 System.err.println(" \""+ e.getMessage() + '"');
\r
228 } else if("md5".equalsIgnoreCase(args[0]) && args.length>1) {
\r
230 System.out.println(Hash.encryptMD5asStringHex(args[1]));
\r
231 System.out.flush();
\r
232 } catch (NoSuchAlgorithmException e) {
\r
233 System.err.println("Cannot hash MD5 from " + args[1]);
\r
234 System.err.println(" \""+ e.getMessage() + '"');
\r
237 } else if("sha256".equalsIgnoreCase(args[0]) && args.length>1) {
\r
239 if(args.length>2) {
\r
240 int salt = Integer.parseInt(args[2]);
\r
241 System.out.println(Hash.hashSHA256asStringHex(args[1],salt));
\r
243 System.out.println(Hash.hashSHA256asStringHex(args[1]));
\r
245 } catch (NoSuchAlgorithmException e) {
\r
246 System.err.println("Cannot hash SHA256 text from " + args[1]);
\r
247 System.err.println(" \""+ e.getMessage() + '"');
\r
249 System.out.flush();
\r
251 } else if("keygen".equalsIgnoreCase(args[0])) {
\r
253 if(args.length>1) {
\r
254 File f = new File(args[1]);
\r
255 FileOutputStream fos = new FileOutputStream(f);
\r
257 fos.write(Symm.baseCrypt().keygen());
\r
261 Chmod.to400.chmod(f);
\r
264 // create a Symmetric Key out of same characters found in base64
\r
265 System.out.write(Symm.baseCrypt().keygen());
\r
266 System.out.flush();
\r
269 } catch (IOException e) {
\r
270 System.err.println("Cannot create a key " + args[0]);
\r
271 System.err.println(" \""+ e.getMessage() + '"');
\r
274 } else if("passgen".equalsIgnoreCase(args[0])) {
\r
276 if(args.length <= 1) {
\r
279 numDigits = Integer.parseInt(args[1]);
\r
280 if(numDigits<8)numDigits = 8;
\r
283 boolean noLower,noUpper,noDigits,noSpecial,repeats;
\r
285 pass = Symm.randomGen(numDigits);
\r
286 noLower=noUpper=noDigits=noSpecial=true;
\r
289 for(int i=0;i<numDigits;++i) {
\r
291 c = pass.charAt(i);
\r
298 noLower=!(c>=0x61 && c<=0x7A);
\r
302 noUpper=!(c>=0x41 && c<=0x5A);
\r
306 noDigits=!(c>=0x30 && c<=0x39);
\r
310 noSpecial = "+!@#$%^&*(){}[]?:;,.".indexOf(c)<0;
\r
316 } while(noLower || noUpper || noDigits || noSpecial || repeats);
\r
317 System.out.println(pass.substring(0,numDigits));
\r
318 } else if("urlgen".equalsIgnoreCase(args[0])) {
\r
320 if(args.length < 1) {
\r
323 numDigits = Integer.parseInt(args[1]);
\r
325 System.out.println(Symm.randomGen(Symm.base64url.codeset, numDigits).substring(0,numDigits));
\r
327 } else if("csptest".equalsIgnoreCase(args[0])) {
\r
329 System.out.println("CSP Compatibility test");
\r
331 String hostName = InetAddress.getLocalHost().getCanonicalHostName();
\r
333 System.out.println(" Your automatic hostname is reported as \"" + hostName + "\"\n");
\r
334 System.out.flush();
\r
336 } catch (UnknownHostException e) {
\r
337 e.printStackTrace(System.err);
\r
341 System.out.println("Usage: java -jar <this jar> ...");
\r
342 System.out.println(" keygen [<keyfile>] (Generates Key on file, or Std Out)");
\r
343 System.out.println(" digest <keyfile> (Encrypts to Key with \"keyfile\")");
\r
344 System.out.println(" passgen <digits> (Generate Password of given size)");
\r
345 System.out.println(" urlgen <digits> (Generate URL field of given size)");
\r
346 System.out.println(" csptest (Tests for CSP compatibility)");
\r
347 System.out.println(" encode64 <your text> (Encodes to Base64)");
\r
348 System.out.println(" decode64 <base64 encoded text> (Decodes from Base64)");
\r
349 System.out.println(" encode64url <your text> (Encodes to Base64 URL charset)");
\r
350 System.out.println(" decode64url <base64url encoded text> (Decodes from Base64 URL charset)");
\r
351 System.out.println(" sha256 <text> (Digest String into SHA256 Hash)");
\r
352 System.out.println(" md5 <text> (Digest String into MD5 Hash)");
\r