1 /*******************************************************************************
2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
10 * http://www.apache.org/licenses/LICENSE-2.0
12 * Unless required by applicable law or agreed to in writing, software
13 * distributed under the License is distributed on an "AS IS" BASIS,
14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 * See the License for the specific language governing permissions and
16 * limitations under the License.
17 * ============LICENSE_END=========================================================
19 * ECOMP is a trademark and service mark of AT&T Intellectual Property.
21 *******************************************************************************/
22 package org.onap.dmaap.dmf.mr.beans;
24 import java.security.Key;
27 import org.springframework.beans.factory.annotation.Autowired;
29 import org.onap.dmaap.dmf.mr.constants.CambriaConstants;
30 import com.att.eelf.configuration.EELFLogger;
31 import com.att.eelf.configuration.EELFManager;
32 import com.att.nsa.configs.ConfigDb;
33 import com.att.nsa.configs.ConfigDbException;
34 import com.att.nsa.configs.confimpl.EncryptingLayer;
35 import com.att.nsa.drumlin.till.nv.rrNvReadable;
36 import com.att.nsa.drumlin.till.nv.rrNvReadable.missingReqdSetting;
37 import com.att.nsa.security.db.BaseNsaApiDbImpl;
38 import com.att.nsa.security.db.EncryptingApiDbImpl;
39 import com.att.nsa.security.db.NsaApiDb;
40 import com.att.nsa.security.db.simple.NsaSimpleApiKey;
41 import com.att.nsa.security.db.simple.NsaSimpleApiKeyFactory;
42 import com.att.nsa.util.rrConvertor;
46 * @author anowarul.islam
49 public class DMaaPNsaApiDb {
52 private DMaaPZkConfigDb cdb;
54 //private static final Logger log = Logger
56 private static final EELFLogger log = EELFManager.getInstance().getLogger(DMaaPNsaApiDb.class);
60 * Constructor initialized
65 public DMaaPNsaApiDb(rrNvReadable settings, DMaaPZkConfigDb cdb) {
74 * @throws ConfigDbException
75 * @throws missingReqdSetting
77 public static NsaApiDb<NsaSimpleApiKey> buildApiKeyDb(
78 rrNvReadable settings, ConfigDb cdb) throws ConfigDbException,
80 // Cambria uses an encrypted api key db
83 final String keyBase64 =com.att.ajsc.filemonitor.AJSCPropertiesMap.getProperty(CambriaConstants.msgRtr_prop,"cambria.secureConfig.key");
87 final String initVectorBase64 =com.att.ajsc.filemonitor.AJSCPropertiesMap.getProperty(CambriaConstants.msgRtr_prop,"cambria.secureConfig.iv");
88 // if neither value was provided, don't encrypt api key db
89 if (keyBase64 == null && initVectorBase64 == null) {
90 log.info("This server is configured to use an unencrypted API key database. See the settings documentation.");
91 return new BaseNsaApiDbImpl<>(cdb,
92 new NsaSimpleApiKeyFactory());
93 } else if (keyBase64 == null) {
94 // neither or both, otherwise something's goofed
95 throw new missingReqdSetting("cambria.secureConfig.key");
96 } else if (initVectorBase64 == null) {
97 // neither or both, otherwise something's goofed
98 throw new missingReqdSetting("cambria.secureConfig.iv");
100 log.info("This server is configured to use an encrypted API key database.");
101 final Key key = EncryptingLayer.readSecretKey(keyBase64);
102 final byte[] iv = rrConvertor.base64Decode(initVectorBase64);
103 return new EncryptingApiDbImpl<>(cdb,
104 new NsaSimpleApiKeyFactory(), key, iv);
128 public DMaaPZkConfigDb getCdb() {
135 public void setCdb(DMaaPZkConfigDb cdb) {