2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
22 package org.onap.aaf.cadi;
24 import java.io.BufferedReader;
26 import java.io.FileInputStream;
27 import java.io.FileOutputStream;
28 import java.io.FileReader;
29 import java.io.IOException;
30 import java.io.InputStreamReader;
31 import java.net.InetAddress;
32 import java.net.UnknownHostException;
33 import java.security.NoSuchAlgorithmException;
35 import org.onap.aaf.cadi.util.Chmod;
36 import org.onap.aaf.cadi.util.JsonOutputStream;
41 * A Class to run on command line to determine suitability of environment for certain TAFs.
43 * For instance, CSP supports services only in certain domains, and while dynamic host
44 * lookups on the machine work in most cases, sometimes, names and IPs are unexpected (and
45 * invalid) for CSP because of multiple NetworkInterfaces, etc
50 public class CmdLine {
52 public static Access access;
57 public static void main(String[] args) {
59 if("digest".equalsIgnoreCase(args[0]) && (args.length>2 || (args.length>1 && System.console()!=null))) {
65 if("-i".equals(password)) {
67 StringBuilder sb = new StringBuilder();
69 while((c=System.in.read())>=0) {
72 } catch (IOException e) {
75 password = sb.toString();
79 password = new String(System.console().readPassword("Type here (keystrokes hidden): "));
84 FileInputStream fis = new FileInputStream(keyfile);
86 symm = Symm.obtain(fis);
90 symm.enpass(password, System.out);
94 /* testing code... don't want it exposed
95 System.out.println(" ******** Testing *********");
96 for(int i=0;i<100000;++i) {
97 System.out.println(args[1]);
98 ByteArrayOutputStream baos = new ByteArrayOutputStream();
99 b64.enpass(args[1], baos);
101 System.out.println(pass=new String(baos.toByteArray()));
102 ByteArrayOutputStream reconstituted = new ByteArrayOutputStream();
103 b64.depass(pass, reconstituted);
104 String r = reconstituted.toString();
105 System.out.println(r);
106 if(!r.equals(args[1])) {
107 System.err.println("!!!!! STOP - ERROR !!!!!");
110 System.out.println();
115 } catch (IOException e) {
116 System.err.println("Cannot digest password");
117 System.err.println(" \""+ e.getMessage() + '"');
119 // DO NOT LEAVE THIS METHOD Compiled IN CODE... Do not want looking at passwords on disk too easy
120 // Jonathan. Oh, well, Deployment services need this behavior. I will put this code in, but leave it undocumented.
121 // One still needs access to the keyfile to read.
122 // July 2016 - thought of a tool "CMPass" to regurgitate from properties, but only if allowed.
123 } else if("regurgitate".equalsIgnoreCase(args[0]) && args.length>2) {
126 FileInputStream fis = new FileInputStream(args[2]);
128 symm = Symm.obtain(fis);
132 boolean isFile = false;
133 if("-i".equals(args[1]) || (isFile="-f".equals(args[1]))) {
137 System.err.println("Filename in 4th position");
140 br = new BufferedReader(new FileReader(args[3]));
142 br = new BufferedReader(new InputStreamReader(System.in));
146 boolean cont = false;
147 StringBuffer sb = new StringBuffer();
148 JsonOutputStream jw = new JsonOutputStream(System.out);
149 while((line=br.readLine())!=null) {
152 if((end=line.indexOf('"'))>=0) {
153 sb.append(line,0,end);
160 if((idx = line.indexOf(' '))>=0
161 && (idx = line.indexOf(' ',++idx))>0
162 && (idx = line.indexOf('=',++idx))>0
163 && (idx = line.indexOf('=',++idx))>0
165 System.out.println(line.substring(0, idx-5));
168 if((end=line.indexOf('"',start))<0) {
172 sb.append(line,start,end);
176 symm.depass(sb.toString(),jw);
178 System.out.println();
193 symm.depass(args[1], System.out);
195 System.out.println();
198 } catch (IOException e) {
199 System.err.println("Cannot regurgitate password");
200 System.err.println(" \""+ e.getMessage() + '"');
202 } else if("encode64".equalsIgnoreCase(args[0]) && args.length>1) {
204 Symm.base64.encode(args[1], System.out);
205 System.out.println();
208 } catch (IOException e) {
209 System.err.println("Cannot encode Base64 with " + args[1]);
210 System.err.println(" \""+ e.getMessage() + '"');
212 } else if("decode64".equalsIgnoreCase(args[0]) && args.length>1) {
214 Symm.base64.decode(args[1], System.out);
215 System.out.println();
218 } catch (IOException e) {
219 System.err.println("Cannot decode Base64 text from " + args[1]);
220 System.err.println(" \""+ e.getMessage() + '"');
222 } else if("encode64url".equalsIgnoreCase(args[0]) && args.length>1) {
224 Symm.base64url.encode(args[1], System.out);
225 System.out.println();
228 } catch (IOException e) {
229 System.err.println("Cannot encode Base64url with " + args[1]);
230 System.err.println(" \""+ e.getMessage() + '"');
232 } else if("decode64url".equalsIgnoreCase(args[0]) && args.length>1) {
234 Symm.base64url.decode(args[1], System.out);
235 System.out.println();
238 } catch (IOException e) {
239 System.err.println("Cannot decode Base64url text from " + args[1]);
240 System.err.println(" \""+ e.getMessage() + '"');
242 } else if("md5".equalsIgnoreCase(args[0]) && args.length>1) {
244 System.out.println(Hash.hashMD5asStringHex(args[1]));
246 } catch (NoSuchAlgorithmException e) {
247 System.err.println("Cannot hash MD5 from " + args[1]);
248 System.err.println(" \""+ e.getMessage() + '"');
251 } else if("sha256".equalsIgnoreCase(args[0]) && args.length>1) {
254 int max = args.length>7?7:args.length;
255 for(int i=2;i<max;++i) {
256 int salt = Integer.parseInt(args[i]);
257 System.out.println(Hash.hashSHA256asStringHex(args[1],salt));
260 System.out.println(Hash.hashSHA256asStringHex(args[1]));
262 } catch (NoSuchAlgorithmException e) {
263 System.err.println("Cannot hash SHA256 text from " + args[1]);
264 System.err.println(" \""+ e.getMessage() + '"');
268 } else if("keygen".equalsIgnoreCase(args[0])) {
271 File f = new File(args[1]);
272 FileOutputStream fos = new FileOutputStream(f);
274 fos.write(Symm.keygen());
278 Chmod.to400.chmod(f);
281 // create a Symmetric Key out of same characters found in base64
282 System.out.write(Symm.keygen());
286 } catch (IOException e) {
287 System.err.println("Cannot create a key " + args[0]);
288 System.err.println(" \""+ e.getMessage() + '"');
291 } else if("passgen".equalsIgnoreCase(args[0])) {
293 if(args.length <= 1) {
296 numDigits = Integer.parseInt(args[1]);
297 if(numDigits<8)numDigits = 8;
300 boolean noLower,noUpper,noDigits,noSpecial,repeatingChars,missingChars;
302 pass = Symm.randomGen(numDigits);
303 missingChars=noLower=noUpper=noDigits=noSpecial=true;
304 repeatingChars=false;
306 for(int i=0;i<numDigits;++i) {
314 noLower=!(c>=0x61 && c<=0x7A);
317 noUpper=!(c>=0x41 && c<=0x5A);
320 noDigits=!(c>=0x30 && c<=0x39);
323 noSpecial = "+!@#$%^&*(){}[]?:;,.".indexOf(c)<0;
326 missingChars = (noLower || noUpper || noDigits || noSpecial);
328 } while(missingChars || repeatingChars);
329 System.out.println(pass.substring(0,numDigits));
330 } else if("urlgen".equalsIgnoreCase(args[0])) {
332 if(args.length <= 1) {
335 numDigits = Integer.parseInt(args[1]);
337 System.out.println(Symm.randomGen(Symm.base64url.codeset, numDigits).substring(0,numDigits));
340 System.out.println("Usage: java -jar <this jar> ...");
341 System.out.println(" keygen [<keyfile>] (Generates Key on file, or Std Out)");
342 System.out.println(" digest [<passwd>|-i|] <keyfile> (Encrypts Password with \"keyfile\"");
343 System.out.println(" if passwd = -i, will read StdIin");
344 System.out.println(" if passwd is blank, will ask securely)");
345 System.out.println(" passgen <digits> (Generate Password of given size)");
346 System.out.println(" urlgen <digits> (Generate URL field of given size)");
347 System.out.println(" csptest (Tests for CSP compatibility)");
348 System.out.println(" encode64 <your text> (Encodes to Base64)");
349 System.out.println(" decode64 <base64 encoded text> (Decodes from Base64)");
350 System.out.println(" encode64url <your text> (Encodes to Base64 URL charset)");
351 System.out.println(" decode64url <base64url encoded text> (Decodes from Base64 URL charset)");
352 System.out.println(" sha256 <text> <salts(s)> (Digest String into SHA256 Hash)");
353 System.out.println(" md5 <text> (Digest String into MD5 Hash)");
355 String forceExit = access.getProperty("force_exit", null);
356 if (forceExit == null) {
Code Review / aaf / authz.git / blob