2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
22 package org.onap.aaf.cadi;
24 import java.io.BufferedReader;
26 import java.io.FileInputStream;
27 import java.io.FileOutputStream;
28 import java.io.FileReader;
29 import java.io.IOException;
30 import java.io.InputStreamReader;
31 import java.security.NoSuchAlgorithmException;
33 import org.onap.aaf.cadi.util.Chmod;
34 import org.onap.aaf.cadi.util.JsonOutputStream;
39 * A Class to run on command line to determine suitability of environment for certain TAFs.
44 public class CmdLine {
46 private static boolean systemExit = true;
50 public static void main(String[] args) {
52 if ("digest".equalsIgnoreCase(args[0]) && (args.length>2 || (args.length>1 && System.console()!=null))) {
58 if ("-i".equals(password)) {
60 StringBuilder sb = new StringBuilder();
62 while ((c=System.in.read())>=0) {
65 } catch (IOException e) {
68 password = sb.toString();
72 password = new String(System.console().readPassword("Type here (keystrokes hidden): "));
77 FileInputStream fis = new FileInputStream(keyfile);
79 symm = Symm.obtain(fis);
83 symm.enpass(password, System.out);
87 /* testing code... don't want it exposed
88 System.out.println(" ******** Testing *********");
89 for (int i=0;i<100000;++i) {
90 System.out.println(args[1]);
91 ByteArrayOutputStream baos = new ByteArrayOutputStream();
92 b64.enpass(args[1], baos);
94 System.out.println(pass=new String(baos.toByteArray()));
95 ByteArrayOutputStream reconstituted = new ByteArrayOutputStream();
96 b64.depass(pass, reconstituted);
97 String r = reconstituted.toString();
98 System.out.println(r);
99 if (!r.equals(args[1])) {
100 System.err.println("!!!!! STOP - ERROR !!!!!");
103 System.out.println();
108 } catch (IOException e) {
109 System.err.println("Cannot digest password");
110 System.err.println(" \""+ e.getMessage() + '"');
112 // DO NOT LEAVE THIS METHOD Compiled IN CODE... Do not want looking at passwords on disk too easy
113 // Jonathan. Oh, well, Deployment services need this behavior. I will put this code in, but leave it undocumented.
114 // One still needs access to the keyfile to read.
115 // July 2016 - thought of a tool "CMPass" to regurgitate from properties, but only if allowed.
116 } else if (("regurgitate".equalsIgnoreCase(args[0]) || "undigest".equalsIgnoreCase(args[0]))
120 FileInputStream fis = new FileInputStream(args[2]);
122 symm = Symm.obtain(fis);
126 boolean isFile = false;
127 if ("-i".equals(args[1]) || (isFile="-f".equals(args[1]))) {
131 System.err.println("Filename in 4th position");
134 br = new BufferedReader(new FileReader(args[3]));
136 br = new BufferedReader(new InputStreamReader(System.in));
140 boolean cont = false;
141 StringBuffer sb = new StringBuffer();
142 JsonOutputStream jw = new JsonOutputStream(System.out);
143 while ((line=br.readLine())!=null) {
146 if ((end=line.indexOf('"'))>=0) {
147 sb.append(line,0,end);
154 if ((idx = line.indexOf(' '))>=0
155 && (idx = line.indexOf(' ',++idx))>0
156 && (idx = line.indexOf('=',++idx))>0
158 System.out.println(line.substring(0, idx-5));
161 if ((end=line.indexOf('"',start))<0) {
165 sb.append(line,start,end);
169 symm.depass(sb.toString(),jw);
171 System.out.println();
186 symm.depass(args[1], System.out);
188 System.out.println();
191 } catch (IOException e) {
192 System.err.println("Cannot undigest password");
193 System.err.println(" \""+ e.getMessage() + '"');
195 } else if ("encode64".equalsIgnoreCase(args[0]) && args.length>1) {
197 Symm.base64.encode(args[1], System.out);
198 System.out.println();
201 } catch (IOException e) {
202 System.err.println("Cannot encode Base64 with " + args[1]);
203 System.err.println(" \""+ e.getMessage() + '"');
205 } else if ("decode64".equalsIgnoreCase(args[0]) && args.length>1) {
207 Symm.base64.decode(args[1], System.out);
208 System.out.println();
211 } catch (IOException e) {
212 System.err.println("Cannot decode Base64 text from " + args[1]);
213 System.err.println(" \""+ e.getMessage() + '"');
215 } else if ("encode64url".equalsIgnoreCase(args[0]) && args.length>1) {
217 Symm.base64url.encode(args[1], System.out);
218 System.out.println();
221 } catch (IOException e) {
222 System.err.println("Cannot encode Base64url with " + args[1]);
223 System.err.println(" \""+ e.getMessage() + '"');
225 } else if ("decode64url".equalsIgnoreCase(args[0]) && args.length>1) {
227 Symm.base64url.decode(args[1], System.out);
228 System.out.println();
231 } catch (IOException e) {
232 System.err.println("Cannot decode Base64url text from " + args[1]);
233 System.err.println(" \""+ e.getMessage() + '"');
235 } else if ("md5".equalsIgnoreCase(args[0]) && args.length>1) {
237 System.out.println(Hash.hashMD5asStringHex(args[1]));
239 } catch (NoSuchAlgorithmException e) {
240 System.err.println("Cannot hash MD5 from " + args[1]);
241 System.err.println(" \""+ e.getMessage() + '"');
244 } else if ("sha256".equalsIgnoreCase(args[0]) && args.length>1) {
247 int max = args.length>7?7:args.length;
248 for (int i=2;i<max;++i) {
249 int salt = Integer.parseInt(args[i]);
250 System.out.println(Hash.hashSHA256asStringHex(args[1],salt));
253 System.out.println(Hash.hashSHA256asStringHex(args[1]));
255 } catch (NoSuchAlgorithmException e) {
256 System.err.println("Cannot hash SHA256 text from " + args[1]);
257 System.err.println(" \""+ e.getMessage() + '"');
261 } else if ("keygen".equalsIgnoreCase(args[0])) {
264 File f = new File(args[1]);
265 FileOutputStream fos = new FileOutputStream(f);
267 fos.write(Symm.keygen());
271 Chmod.to400.chmod(f);
274 // create a Symmetric Key out of same characters found in base64
275 System.out.write(Symm.keygen());
279 } catch (IOException e) {
280 System.err.println("Cannot create a key " + args[0]);
281 System.err.println(" \""+ e.getMessage() + '"');
284 } else if ("passgen".equalsIgnoreCase(args[0])) {
286 if (args.length <= 1) {
289 numDigits = Integer.parseInt(args[1]);
290 if (numDigits<8)numDigits = 8;
293 boolean noLower,noUpper,noDigits,noSpecial,repeatingChars,missingChars;
295 pass = Symm.randomGen(numDigits);
296 missingChars=noLower=noUpper=noDigits=noSpecial=true;
297 repeatingChars=false;
299 for (int i=0;i<numDigits;++i) {
307 noLower=!(c>=0x61 && c<=0x7A);
310 noUpper=!(c>=0x41 && c<=0x5A);
313 noDigits=!(c>=0x30 && c<=0x39);
316 noSpecial = "+!@#$%^&*(){}[]?:;,.".indexOf(c)<0;
319 missingChars = (noLower || noUpper || noDigits || noSpecial);
321 } while (missingChars || repeatingChars);
322 System.out.println(pass.substring(0,numDigits));
323 } else if ("urlgen".equalsIgnoreCase(args[0])) {
325 if (args.length <= 1) {
328 numDigits = Integer.parseInt(args[1]);
330 System.out.println(Symm.randomGen(Symm.base64url.codeset, numDigits).substring(0,numDigits));
333 System.out.println("Usage: java -jar <this jar> ...");
334 System.out.println(" keygen [<keyfile>] (Generates Key on file, or Std Out)");
335 System.out.println(" digest [<passwd>|-i|] <keyfile> (Encrypts Password with \"keyfile\"");
336 System.out.println(" if passwd = -i, will read StdIn");
337 System.out.println(" if passwd is blank, will ask securely)");
338 System.out.println(" undigest <enc:...> <keyfile> (Decrypts Encoded with \"keyfile\")");
339 System.out.println(" passgen <digits> (Generate Password of given size)");
340 System.out.println(" urlgen <digits> (Generate URL field of given size)");
341 System.out.println(" encode64 <your text> (Encodes to Base64)");
342 System.out.println(" decode64 <base64 encoded text> (Decodes from Base64)");
343 System.out.println(" encode64url <your text> (Encodes to Base64 URL charset)");
344 System.out.println(" decode64url <base64url encoded text> (Decodes from Base64 URL charset)");
345 System.out.println(" sha256 <text> <salts(s)> (Digest String into SHA256 Hash)");
346 System.out.println(" md5 <text> (Digest String into MD5 Hash)");
353 public static void setSystemExit(boolean shouldExit) {
354 systemExit = shouldExit;
Code Review / aaf / authz.git / blob