plexus-sec-dispatcher-1.3.1/0000755000175000017500000000000011225172204015662 5ustar twernertwernerplexus-sec-dispatcher-1.3.1/src/0000755000175000017500000000000011225172204016451 5ustar twernertwernerplexus-sec-dispatcher-1.3.1/src/test/0000755000175000017500000000000011225172204017430 5ustar twernertwernerplexus-sec-dispatcher-1.3.1/src/test/resources/0000755000175000017500000000000011225172204021442 5ustar twernertwernerplexus-sec-dispatcher-1.3.1/src/test/resources/test-sec.xml0000644000175000017500000000043311142114265023714 0ustar twernertwerner {CFxZA99+BAZVLyBgcmvfLZciAWn31QdSjVpSXodH13MAkHoTl8JPLGpt1rFTh07dnKoNiOUh92sash3p0PXbKi2NhY3sxvmVXnlCf+Vdz38uaZBQ7L0ebNt+YhpsyUE33iKqMwZt4oWr1acD3mpIufk2godfNP2nKGO2ufIFfIbqO4mGMWQ5VIQ=} plexus-sec-dispatcher-1.3.1/src/test/java/0000755000175000017500000000000011225172204020351 5ustar twernertwernerplexus-sec-dispatcher-1.3.1/src/test/java/org/0000755000175000017500000000000011225172204021140 5ustar twernertwernerplexus-sec-dispatcher-1.3.1/src/test/java/org/sonatype/0000755000175000017500000000000011225172204023002 5ustar twernertwernerplexus-sec-dispatcher-1.3.1/src/test/java/org/sonatype/plexus/0000755000175000017500000000000011225172204024322 5ustar twernertwernerplexus-sec-dispatcher-1.3.1/src/test/java/org/sonatype/plexus/components/0000755000175000017500000000000011225172204026507 5ustar twernertwernerplexus-sec-dispatcher-1.3.1/src/test/java/org/sonatype/plexus/components/sec/0000755000175000017500000000000011225172204027261 5ustar twernertwernerplexus-sec-dispatcher-1.3.1/src/test/java/org/sonatype/plexus/components/sec/dispatcher/0000755000175000017500000000000011225172204031407 5ustar twernertwerner././@LongLink0000000000000000000000000000015100000000000011562 Lustar rootrootplexus-sec-dispatcher-1.3.1/src/test/java/org/sonatype/plexus/components/sec/dispatcher/SecUtilTest.javaplexus-sec-dispatcher-1.3.1/src/test/java/org/sonatype/plexus/components/sec/dispatcher/SecUtilTest.0000644000175000017500000000651611145116332033631 0ustar twernertwerner/** * Copyright (c) 2008 Sonatype, Inc. All rights reserved. * * This program is licensed to you under the Apache License Version 2.0, * and you may not use this file except in compliance with the Apache License Version 2.0. * You may obtain a copy of the Apache License Version 2.0 at http://www.apache.org/licenses/LICENSE-2.0. * * Unless required by applicable law or agreed to in writing, * software distributed under the Apache License Version 2.0 is distributed on an * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the Apache License Version 2.0 for the specific language governing permissions and limitations there under. */ package org.sonatype.plexus.components.sec.dispatcher; import java.io.FileWriter; import java.util.Map; import junit.framework.TestCase; import org.sonatype.plexus.components.cipher.DefaultPlexusCipher; import org.sonatype.plexus.components.sec.dispatcher.model.Config; import org.sonatype.plexus.components.sec.dispatcher.model.ConfigProperty; import org.sonatype.plexus.components.sec.dispatcher.model.SettingsSecurity; import org.sonatype.plexus.components.sec.dispatcher.model.io.xpp3.SecurityConfigurationXpp3Writer; /** * * * @author Oleg Gusakov * @version $Id: SecUtilTest.java 882 2009-02-12 22:04:10Z oleg $ * */ public class SecUtilTest extends TestCase { String _pw = "{1wQaa6S/o8MH7FnaTNL53XmhT5O0SEGXQi3gC49o6OY=}"; String _clear = "testtest"; String _encrypted = "{BteqUEnqHecHM7MZfnj9FwLcYbdInWxou1C929Txa0A=}"; String _confName = "cname"; String _propName = "pname"; String _propVal = "pval"; protected void setUp() throws Exception { System.setProperty( DefaultSecDispatcher.SYSTEM_PROPERTY_SEC_LOCATION, "./target/sec.xml" ); //DefaultPlexusCipher c = new DefaultPlexusCipher(); //System.out.println(_clear+" -> "+c.encrypt( _clear, "testtest" )); SettingsSecurity sec = new SettingsSecurity(); sec.setRelocation( "./target/sec1.xml" ); new SecurityConfigurationXpp3Writer().write( new FileWriter("./target/sec.xml"), sec ); sec.setRelocation( null ); sec.setMaster( _pw ); ConfigProperty cp = new ConfigProperty(); cp.setName( _propName ); cp.setValue( _propVal ); Config conf = new Config(); conf.setName( _confName ); conf.addProperty( cp ); sec.addConfiguration( conf ); new SecurityConfigurationXpp3Writer().write( new FileWriter("./target/sec1.xml"), sec ); } public void testRead() throws Exception { SettingsSecurity sec = SecUtil.read( "./target/sec.xml", true ); assertNotNull( sec ); assertEquals( _pw, sec.getMaster() ); Map conf = SecUtil.getConfig( sec, _confName ); assertNotNull( conf ); assertNotNull( conf.get( _propName ) ); assertEquals( _propVal, conf.get( _propName ) ); } public void testDecrypt() throws Exception { DefaultSecDispatcher sd = new DefaultSecDispatcher(); sd._cipher = new DefaultPlexusCipher(); String pass = sd.decrypt( _encrypted ); assertNotNull( pass ); assertEquals( _clear, pass ); } } plexus-sec-dispatcher-1.3.1/src/main/0000755000175000017500000000000011225172204017375 5ustar twernertwernerplexus-sec-dispatcher-1.3.1/src/main/mdo/0000755000175000017500000000000011225172204020154 5ustar twernertwernerplexus-sec-dispatcher-1.3.1/src/main/mdo/settings-security.mdo0000644000175000017500000000622111142114265024364 0ustar twernertwerner settings-security SecurityConfiguration SecurityConfiguration package org.sonatype.plexus.components.sec.dispatcher.model SettingsSecurity 1.0.0 master 1.0.0 String encrypted master password relocation 1.0.0 String reference to the location of the security file configurations 1.0.0 named configurations Config * Config 1.0.0 Named configuration name String true 1.0.0 name of this configuration properties 1.0.0 properties ConfigProperty * ConfigProperty 1.0.0 generic property - name/value pair name String true 1.0.0 name of this property value String true 1.0.0 value of this property plexus-sec-dispatcher-1.3.1/src/main/java/0000755000175000017500000000000011225172204020316 5ustar twernertwernerplexus-sec-dispatcher-1.3.1/src/main/java/org/0000755000175000017500000000000011225172204021105 5ustar twernertwernerplexus-sec-dispatcher-1.3.1/src/main/java/org/sonatype/0000755000175000017500000000000011225172204022747 5ustar twernertwernerplexus-sec-dispatcher-1.3.1/src/main/java/org/sonatype/plexus/0000755000175000017500000000000011225172204024267 5ustar twernertwernerplexus-sec-dispatcher-1.3.1/src/main/java/org/sonatype/plexus/components/0000755000175000017500000000000011225172204026454 5ustar twernertwernerplexus-sec-dispatcher-1.3.1/src/main/java/org/sonatype/plexus/components/sec/0000755000175000017500000000000011225172204027226 5ustar twernertwernerplexus-sec-dispatcher-1.3.1/src/main/java/org/sonatype/plexus/components/sec/dispatcher/0000755000175000017500000000000011225172204031354 5ustar twernertwerner././@LongLink0000000000000000000000000000017000000000000011563 Lustar rootrootplexus-sec-dispatcher-1.3.1/src/main/java/org/sonatype/plexus/components/sec/dispatcher/PasswordDecryptorException.javaplexus-sec-dispatcher-1.3.1/src/main/java/org/sonatype/plexus/components/sec/dispatcher/PasswordDecr0000644000175000017500000000316011145116332033700 0ustar twernertwerner/** * Copyright (c) 2008 Sonatype, Inc. All rights reserved. * * This program is licensed to you under the Apache License Version 2.0, * and you may not use this file except in compliance with the Apache License Version 2.0. * You may obtain a copy of the Apache License Version 2.0 at http://www.apache.org/licenses/LICENSE-2.0. * * Unless required by applicable law or agreed to in writing, * software distributed under the Apache License Version 2.0 is distributed on an * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the Apache License Version 2.0 for the specific language governing permissions and limitations there under. */ package org.sonatype.plexus.components.sec.dispatcher; /** * * * @author Oleg Gusakov * @version $Id: PasswordDecryptorException.java 882 2009-02-12 22:04:10Z oleg $ * */ public class PasswordDecryptorException extends Exception { /** * */ public PasswordDecryptorException() { // TODO Auto-generated constructor stub } /** * @param message */ public PasswordDecryptorException( String message ) { super( message ); // TODO Auto-generated constructor stub } /** * @param cause */ public PasswordDecryptorException( Throwable cause ) { super( cause ); // TODO Auto-generated constructor stub } /** * @param message * @param cause */ public PasswordDecryptorException( String message, Throwable cause ) { super( message, cause ); // TODO Auto-generated constructor stub } } ././@LongLink0000000000000000000000000000015300000000000011564 Lustar rootrootplexus-sec-dispatcher-1.3.1/src/main/java/org/sonatype/plexus/components/sec/dispatcher/SecDispatcher.javaplexus-sec-dispatcher-1.3.1/src/main/java/org/sonatype/plexus/components/sec/dispatcher/SecDispatche0000644000175000017500000000264311153323521033643 0ustar twernertwerner/** * Copyright (c) 2008 Sonatype, Inc. All rights reserved. * * This program is licensed to you under the Apache License Version 2.0, * and you may not use this file except in compliance with the Apache License Version 2.0. * You may obtain a copy of the Apache License Version 2.0 at http://www.apache.org/licenses/LICENSE-2.0. * * Unless required by applicable law or agreed to in writing, * software distributed under the Apache License Version 2.0 is distributed on an * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the Apache License Version 2.0 for the specific language governing permissions and limitations there under. */ package org.sonatype.plexus.components.sec.dispatcher; /** * This component descrypts a string, passed to it * * @author Oleg Gusakov */ public interface SecDispatcher { public static String ROLE = SecDispatcher.class.getName(); public static final String [] SYSTEM_PROPERTY_MASTER_PASSWORD = new String [] {"settings.master.password","settings-master-password"}; public static final String [] SYSTEM_PROPERTY_SERVER_PASSWORD = new String [] {"settings.server.password","settings-server-password"}; /** * decrypt given encrypted string * * @param str * @return decrypted string * @throws SecDispatcherException */ String decrypt( String str ) throws SecDispatcherException; } ././@LongLink0000000000000000000000000000016200000000000011564 Lustar rootrootplexus-sec-dispatcher-1.3.1/src/main/java/org/sonatype/plexus/components/sec/dispatcher/DefaultSecDispatcher.javaplexus-sec-dispatcher-1.3.1/src/main/java/org/sonatype/plexus/components/sec/dispatcher/DefaultSecDi0000644000175000017500000002415311176442304033606 0ustar twernertwerner/** * Copyright (c) 2008 Sonatype, Inc. All rights reserved. * * This program is licensed to you under the Apache License Version 2.0, * and you may not use this file except in compliance with the Apache License Version 2.0. * You may obtain a copy of the Apache License Version 2.0 at http://www.apache.org/licenses/LICENSE-2.0. * * Unless required by applicable law or agreed to in writing, * software distributed under the Apache License Version 2.0 is distributed on an * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the Apache License Version 2.0 for the specific language governing permissions and limitations there under. */ package org.sonatype.plexus.components.sec.dispatcher; import java.io.BufferedReader; import java.io.IOException; import java.io.InputStreamReader; import java.util.HashMap; import java.util.Map; import java.util.StringTokenizer; import org.codehaus.plexus.logging.AbstractLogEnabled; import org.sonatype.plexus.components.cipher.DefaultPlexusCipher; import org.sonatype.plexus.components.cipher.PlexusCipher; import org.sonatype.plexus.components.cipher.PlexusCipherException; import org.sonatype.plexus.components.sec.dispatcher.model.SettingsSecurity; /** * @plexus.component role-hint="default" * @author Oleg Gusakov */ public class DefaultSecDispatcher extends AbstractLogEnabled implements SecDispatcher { public static final String SYSTEM_PROPERTY_SEC_LOCATION = "settings.security"; public static final String TYPE_ATTR = "type"; public static final char ATTR_START = '['; public static final char ATTR_STOP = ']'; /** * DefaultHandler * * @plexus.requirement */ protected PlexusCipher _cipher; /** * All available dispatchers * * @plexus.requirement role="org.sonatype.plexus.components.sec.dispatcher.PasswordDecryptor" */ protected Map _decryptors; /** * * @plexus.configuration default-value="~/.settings-security.xml" */ protected String _configurationFile = "~/.settings-security.xml"; // --------------------------------------------------------------- public String decrypt( String str ) throws SecDispatcherException { if( ! isEncryptedString( str ) ) return str; String bare = null; try { bare = _cipher.unDecorate( str ); } catch ( PlexusCipherException e1 ) { throw new SecDispatcherException( e1 ); } try { Map attr = stripAttributes( bare ); String res = null; SettingsSecurity sec = getSec(); if( attr == null || attr.get( "type" ) == null ) { String master = getMaster( sec ); res = _cipher.decrypt( bare, master ); } else { String type = (String) attr.get( TYPE_ATTR ); if( _decryptors == null ) throw new SecDispatcherException( "plexus container did not supply any required dispatchers - cannot lookup "+type ); Map conf = SecUtil.getConfig( sec, type ); PasswordDecryptor dispatcher = (PasswordDecryptor) _decryptors.get( type ); if( dispatcher == null ) throw new SecDispatcherException( "no dispatcher for hint "+type ); String pass = attr == null ? bare : strip( bare ); return dispatcher.decrypt( pass, attr, conf ); } return res; } catch ( Exception e ) { throw new SecDispatcherException(e); } } private String strip( String str ) { int pos = str.indexOf( ATTR_STOP ); if( pos == str.length() ) return null; if( pos != -1 ) return str.substring( pos+1 ); return str; } private Map stripAttributes( String str ) { int start = str.indexOf( ATTR_START ); int stop = str.indexOf( ATTR_STOP ); if ( start != -1 && stop != -1 && stop > start ) { if( stop == start+1 ) return null; String attrs = str.substring( start+1, stop ).trim(); if( attrs == null || attrs.length() < 1 ) return null; Map res = null; StringTokenizer st = new StringTokenizer( attrs, ", " ); while( st.hasMoreTokens() ) { if( res == null ) res = new HashMap( st.countTokens() ); String pair = st.nextToken(); int pos = pair.indexOf( '=' ); if( pos == -1 ) continue; String key = pair.substring( 0, pos ).trim(); if( pos == pair.length() ) { res.put( key, null ); continue; } String val = pair.substring( pos+1 ); res.put( key, val.trim() ); } return res; } return null; } //---------------------------------------------------------------------------- private boolean isEncryptedString( String str ) { if( str == null ) return false; return _cipher.isEncryptedString( str ); } //---------------------------------------------------------------------------- private SettingsSecurity getSec() throws SecDispatcherException { String location = System.getProperty( SYSTEM_PROPERTY_SEC_LOCATION , getConfigurationFile() ); String realLocation = location.charAt( 0 ) == '~' ? System.getProperty( "user.home" ) + location.substring( 1 ) : location ; SettingsSecurity sec = SecUtil.read( realLocation, true ); if( sec == null ) throw new SecDispatcherException( "cannot retrieve master password. Please check that "+realLocation+" exists and has data" ); return sec; } //---------------------------------------------------------------------------- private String getMaster( SettingsSecurity sec ) throws SecDispatcherException { String master = sec.getMaster(); if( master == null ) throw new SecDispatcherException( "master password is not set" ); try { return _cipher.decryptDecorated( master, SYSTEM_PROPERTY_SEC_LOCATION ); } catch ( PlexusCipherException e ) { throw new SecDispatcherException(e); } } //--------------------------------------------------------------- public String getConfigurationFile() { return _configurationFile; } public void setConfigurationFile( String file ) { _configurationFile = file; } //---------------------------------------------------------------------------- // *************************************************************** /** * Encrytion helper * @throws IOException */ //--------------------------------------------------------------- private static boolean propertyExists( String [] values, String [] av ) { if( values != null ) { for( int i=0; i< values.length; i++ ) { String p = System.getProperty( values[i] ); if( p != null ) return true; } if( av != null ) for( int i=0; i< values.length; i++ ) for( int j=0; j< av.length; j++ ) { if( ("--"+values[i]).equals( av[j] ) ) return true; } } return false; } private static final void usage() { System.out.println("usage: java -jar ...jar [-m|-p]\n-m: encrypt master password\n-p: encrypt password"); } //--------------------------------------------------------------- public static void main( String[] args ) throws Exception { if( args == null || args.length < 1 ) { usage(); return; } if( "-m".equals( args[0] ) || propertyExists( SYSTEM_PROPERTY_MASTER_PASSWORD, args ) ) show( true ); else if( "-p".equals( args[0] ) || propertyExists( SYSTEM_PROPERTY_SERVER_PASSWORD, args ) ) show( false ); else usage(); } //--------------------------------------------------------------- private static void show( boolean showMaster ) throws Exception { if( showMaster ) System.out.print("\nsettings master password\n"); else System.out.print("\nsettings server password\n"); System.out.print("enter password: "); BufferedReader r = new BufferedReader( new InputStreamReader( System.in ) ); String pass = r.readLine(); System.out.println("\n"); DefaultPlexusCipher dc = new DefaultPlexusCipher(); DefaultSecDispatcher dd = new DefaultSecDispatcher(); dd._cipher = dc; if( showMaster ) System.out.println( dc.encryptAndDecorate( pass, DefaultSecDispatcher.SYSTEM_PROPERTY_SEC_LOCATION ) ); else { SettingsSecurity sec = dd.getSec(); System.out.println( dc.encryptAndDecorate( pass, dd.getMaster(sec) ) ); } } //--------------------------------------------------------------- //--------------------------------------------------------------- } ././@LongLink0000000000000000000000000000014500000000000011565 Lustar rootrootplexus-sec-dispatcher-1.3.1/src/main/java/org/sonatype/plexus/components/sec/dispatcher/SecUtil.javaplexus-sec-dispatcher-1.3.1/src/main/java/org/sonatype/plexus/components/sec/dispatcher/SecUtil.java0000644000175000017500000001106311144645013033573 0ustar twernertwerner/** * Copyright (c) 2008 Sonatype, Inc. All rights reserved. * * This program is licensed to you under the Apache License Version 2.0, * and you may not use this file except in compliance with the Apache License Version 2.0. * You may obtain a copy of the Apache License Version 2.0 at http://www.apache.org/licenses/LICENSE-2.0. * * Unless required by applicable law or agreed to in writing, * software distributed under the Apache License Version 2.0 is distributed on an * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the Apache License Version 2.0 for the specific language governing permissions and limitations there under. */ package org.sonatype.plexus.components.sec.dispatcher; import java.io.File; import java.io.FileInputStream; import java.io.IOException; import java.io.InputStream; import java.net.MalformedURLException; import java.net.URL; import java.util.HashMap; import java.util.Iterator; import java.util.List; import java.util.Map; import org.sonatype.plexus.components.sec.dispatcher.model.Config; import org.sonatype.plexus.components.sec.dispatcher.model.ConfigProperty; import org.sonatype.plexus.components.sec.dispatcher.model.SettingsSecurity; import org.sonatype.plexus.components.sec.dispatcher.model.io.xpp3.SecurityConfigurationXpp3Reader; /** * * * @author Oleg Gusakov * @version $Id: SecUtil.java 877 2009-02-11 21:58:35Z oleg $ * */ public class SecUtil { public static final String PROTOCOL_DELIM = "://"; public static final int PROTOCOL_DELIM_LEN = PROTOCOL_DELIM.length(); public static final String [] URL_PROTOCOLS = new String [] {"http","https","dav","file","davs","webdav","webdavs","dav+http","dav+https"}; public static SettingsSecurity read( String location, boolean cycle ) throws SecDispatcherException { if( location == null ) throw new SecDispatcherException("location to read from is null"); InputStream in = null; try { in = toStream( location ); SettingsSecurity sec = new SecurityConfigurationXpp3Reader().read( in ); in.close(); if( cycle && sec.getRelocation() != null ) return read( sec.getRelocation(), true ); return sec; } catch ( Exception e ) { throw new SecDispatcherException(e); } finally { if( in != null ) try { in.close(); } catch( Exception e ) {} } } //--------------------------------------------------------------------------------------------------------------- private static InputStream toStream( String resource ) throws MalformedURLException, IOException { if( resource == null ) return null; int ind = resource.indexOf( PROTOCOL_DELIM ); if( ind > 1 ) { String protocol = resource.substring( 0, ind ); resource = resource.substring( ind + PROTOCOL_DELIM_LEN ); for( int i=0; i org.sonatype.spice spice-parent 12 4.0.0 org.sonatype.plexus plexus-sec-dispatcher http://spice.sonatype.org/${project.artifactId} Plexus Security Dispatcher Component 1.3.1 sonatype.org-sites ${spiceSiteBaseUrl}/${project.artifactId} org.codehaus.plexus plexus-maven-plugin 1.3.5 descriptor maven-compiler-plugin 1.4 1.4 org.codehaus.modello modello-maven-plugin 1.0.0 src/main/mdo/settings-security.mdo standard java xpp3-reader xpp3-writer org.codehaus.plexus plexus-utils org.sonatype.plexus plexus-cipher 1.4 org.codehaus.plexus plexus-container-default 1.0-alpha-9-stable-1 provided junit junit 3.8.2 scm:svn:http://svn.sonatype.org/spice/tags/plexus-sec-dispatcher-1.3.1 scm:svn:https://svn.sonatype.org/spice/tags/plexus-sec-dispatcher-1.3.1 http://svn.sonatype.org/spice/tags/plexus-sec-dispatcher-1.3.1