2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
22 package org.onap.aaf.cadi;
24 import java.io.BufferedReader;
26 import java.io.FileInputStream;
27 import java.io.FileOutputStream;
28 import java.io.FileReader;
29 import java.io.IOException;
30 import java.io.InputStreamReader;
31 import java.security.NoSuchAlgorithmException;
33 import org.onap.aaf.cadi.util.Chmod;
34 import org.onap.aaf.cadi.util.JsonOutputStream;
39 * A Class to run on command line to determine suitability of environment for certain TAFs.
44 public class CmdLine {
46 private static boolean systemExit = true;
50 public static void main(String[] args) {
52 if("digest".equalsIgnoreCase(args[0]) && (args.length>2 || (args.length>1 && System.console()!=null))) {
58 if("-i".equals(password)) {
60 StringBuilder sb = new StringBuilder();
62 while((c=System.in.read())>=0) {
65 } catch (IOException e) {
68 password = sb.toString();
72 password = new String(System.console().readPassword("Type here (keystrokes hidden): "));
77 FileInputStream fis = new FileInputStream(keyfile);
79 symm = Symm.obtain(fis);
83 symm.enpass(password, System.out);
87 /* testing code... don't want it exposed
88 System.out.println(" ******** Testing *********");
89 for(int i=0;i<100000;++i) {
90 System.out.println(args[1]);
91 ByteArrayOutputStream baos = new ByteArrayOutputStream();
92 b64.enpass(args[1], baos);
94 System.out.println(pass=new String(baos.toByteArray()));
95 ByteArrayOutputStream reconstituted = new ByteArrayOutputStream();
96 b64.depass(pass, reconstituted);
97 String r = reconstituted.toString();
98 System.out.println(r);
99 if(!r.equals(args[1])) {
100 System.err.println("!!!!! STOP - ERROR !!!!!");
103 System.out.println();
108 } catch (IOException e) {
109 System.err.println("Cannot digest password");
110 System.err.println(" \""+ e.getMessage() + '"');
112 // DO NOT LEAVE THIS METHOD Compiled IN CODE... Do not want looking at passwords on disk too easy
113 // Jonathan. Oh, well, Deployment services need this behavior. I will put this code in, but leave it undocumented.
114 // One still needs access to the keyfile to read.
115 // July 2016 - thought of a tool "CMPass" to regurgitate from properties, but only if allowed.
116 } else if("regurgitate".equalsIgnoreCase(args[0]) && args.length>2) {
119 FileInputStream fis = new FileInputStream(args[2]);
121 symm = Symm.obtain(fis);
125 boolean isFile = false;
126 if("-i".equals(args[1]) || (isFile="-f".equals(args[1]))) {
130 System.err.println("Filename in 4th position");
133 br = new BufferedReader(new FileReader(args[3]));
135 br = new BufferedReader(new InputStreamReader(System.in));
139 boolean cont = false;
140 StringBuffer sb = new StringBuffer();
141 JsonOutputStream jw = new JsonOutputStream(System.out);
142 while((line=br.readLine())!=null) {
145 if((end=line.indexOf('"'))>=0) {
146 sb.append(line,0,end);
153 if((idx = line.indexOf(' '))>=0
154 && (idx = line.indexOf(' ',++idx))>0
155 && (idx = line.indexOf('=',++idx))>0
157 System.out.println(line.substring(0, idx-5));
160 if((end=line.indexOf('"',start))<0) {
164 sb.append(line,start,end);
168 symm.depass(sb.toString(),jw);
170 System.out.println();
185 symm.depass(args[1], System.out);
187 System.out.println();
190 } catch (IOException e) {
191 System.err.println("Cannot regurgitate password");
192 System.err.println(" \""+ e.getMessage() + '"');
194 } else if("encode64".equalsIgnoreCase(args[0]) && args.length>1) {
196 Symm.base64.encode(args[1], System.out);
197 System.out.println();
200 } catch (IOException e) {
201 System.err.println("Cannot encode Base64 with " + args[1]);
202 System.err.println(" \""+ e.getMessage() + '"');
204 } else if("decode64".equalsIgnoreCase(args[0]) && args.length>1) {
206 Symm.base64.decode(args[1], System.out);
207 System.out.println();
210 } catch (IOException e) {
211 System.err.println("Cannot decode Base64 text from " + args[1]);
212 System.err.println(" \""+ e.getMessage() + '"');
214 } else if("encode64url".equalsIgnoreCase(args[0]) && args.length>1) {
216 Symm.base64url.encode(args[1], System.out);
217 System.out.println();
220 } catch (IOException e) {
221 System.err.println("Cannot encode Base64url with " + args[1]);
222 System.err.println(" \""+ e.getMessage() + '"');
224 } else if("decode64url".equalsIgnoreCase(args[0]) && args.length>1) {
226 Symm.base64url.decode(args[1], System.out);
227 System.out.println();
230 } catch (IOException e) {
231 System.err.println("Cannot decode Base64url text from " + args[1]);
232 System.err.println(" \""+ e.getMessage() + '"');
234 } else if("md5".equalsIgnoreCase(args[0]) && args.length>1) {
236 System.out.println(Hash.hashMD5asStringHex(args[1]));
238 } catch (NoSuchAlgorithmException e) {
239 System.err.println("Cannot hash MD5 from " + args[1]);
240 System.err.println(" \""+ e.getMessage() + '"');
243 } else if("sha256".equalsIgnoreCase(args[0]) && args.length>1) {
246 int max = args.length>7?7:args.length;
247 for(int i=2;i<max;++i) {
248 int salt = Integer.parseInt(args[i]);
249 System.out.println(Hash.hashSHA256asStringHex(args[1],salt));
252 System.out.println(Hash.hashSHA256asStringHex(args[1]));
254 } catch (NoSuchAlgorithmException e) {
255 System.err.println("Cannot hash SHA256 text from " + args[1]);
256 System.err.println(" \""+ e.getMessage() + '"');
260 } else if("keygen".equalsIgnoreCase(args[0])) {
263 File f = new File(args[1]);
264 FileOutputStream fos = new FileOutputStream(f);
266 fos.write(Symm.keygen());
270 Chmod.to400.chmod(f);
273 // create a Symmetric Key out of same characters found in base64
274 System.out.write(Symm.keygen());
278 } catch (IOException e) {
279 System.err.println("Cannot create a key " + args[0]);
280 System.err.println(" \""+ e.getMessage() + '"');
283 } else if("passgen".equalsIgnoreCase(args[0])) {
285 if(args.length <= 1) {
288 numDigits = Integer.parseInt(args[1]);
289 if(numDigits<8)numDigits = 8;
292 boolean noLower,noUpper,noDigits,noSpecial,repeatingChars,missingChars;
294 pass = Symm.randomGen(numDigits);
295 missingChars=noLower=noUpper=noDigits=noSpecial=true;
296 repeatingChars=false;
298 for(int i=0;i<numDigits;++i) {
306 noLower=!(c>=0x61 && c<=0x7A);
309 noUpper=!(c>=0x41 && c<=0x5A);
312 noDigits=!(c>=0x30 && c<=0x39);
315 noSpecial = "+!@#$%^&*(){}[]?:;,.".indexOf(c)<0;
318 missingChars = (noLower || noUpper || noDigits || noSpecial);
320 } while(missingChars || repeatingChars);
321 System.out.println(pass.substring(0,numDigits));
322 } else if("urlgen".equalsIgnoreCase(args[0])) {
324 if(args.length <= 1) {
327 numDigits = Integer.parseInt(args[1]);
329 System.out.println(Symm.randomGen(Symm.base64url.codeset, numDigits).substring(0,numDigits));
332 System.out.println("Usage: java -jar <this jar> ...");
333 System.out.println(" keygen [<keyfile>] (Generates Key on file, or Std Out)");
334 System.out.println(" digest [<passwd>|-i|] <keyfile> (Encrypts Password with \"keyfile\"");
335 System.out.println(" if passwd = -i, will read StdIn");
336 System.out.println(" if passwd is blank, will ask securely)");
337 System.out.println(" passgen <digits> (Generate Password of given size)");
338 System.out.println(" urlgen <digits> (Generate URL field of given size)");
339 System.out.println(" encode64 <your text> (Encodes to Base64)");
340 System.out.println(" decode64 <base64 encoded text> (Decodes from Base64)");
341 System.out.println(" encode64url <your text> (Encodes to Base64 URL charset)");
342 System.out.println(" decode64url <base64url encoded text> (Decodes from Base64 URL charset)");
343 System.out.println(" sha256 <text> <salts(s)> (Digest String into SHA256 Hash)");
344 System.out.println(" md5 <text> (Digest String into MD5 Hash)");
351 public static void setSystemExit(boolean shouldExit) {
352 systemExit = shouldExit;
Code Review / aaf / authz.git / blob