Skip to content

Commit 1d0b146

Browse files
Damodar ReddyKishan Kavala
authored andcommitted
CLOUDSTACK-6354 : removing the hard coding of key path in EncryptionSecretKeyChecker
1 parent 0615d4e commit 1d0b146

2 files changed

Lines changed: 55 additions & 11 deletions

File tree

utils/src/com/cloud/utils/crypt/EncryptionSecretKeyChecker.java

Lines changed: 10 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -20,10 +20,8 @@
2020
package com.cloud.utils.crypt;
2121

2222
import java.io.BufferedReader;
23-
import java.io.File;
24-
import java.io.FileNotFoundException;
25-
import java.io.FileReader;
2623
import java.io.IOException;
24+
import java.io.InputStream;
2725
import java.io.InputStreamReader;
2826
import java.io.PrintWriter;
2927
import java.net.ServerSocket;
@@ -45,8 +43,8 @@ public class EncryptionSecretKeyChecker {
4543
private static final Logger s_logger = Logger.getLogger(EncryptionSecretKeyChecker.class);
4644

4745
// Two possible locations with the new packaging naming
48-
private static final String s_altKeyFile = "/etc/cloudstack/management/key";
49-
private static final String s_keyFile = "/etc/cloudstack/management/key";
46+
private static final String s_altKeyFile = "key";
47+
private static final String s_keyFile = "key";
5048
private static final String s_envKey = "CLOUD_SECRET_KEY";
5149
private static StandardPBEStringEncryptor s_encryptor = new StandardPBEStringEncryptor();
5250
private static boolean s_useEncryption = false;
@@ -78,17 +76,18 @@ public void check(Properties dbProps) throws IOException {
7876
SimpleStringPBEConfig stringConfig = new SimpleStringPBEConfig();
7977

8078
if (encryptionType.equals("file")) {
81-
File keyFile = new File(s_keyFile);
82-
if (!keyFile.exists()) {
83-
keyFile = new File(s_altKeyFile);
79+
InputStream is = this.getClass().getClassLoader().getResourceAsStream(s_keyFile);
80+
if (is == null) {
81+
is = this.getClass().getClassLoader().getResourceAsStream(s_altKeyFile);
82+
}
83+
if(is == null) { //This is means we are not able to load key file from the classpath.
84+
throw new CloudRuntimeException(s_keyFile + " File containing secret key not found in the classpath: ");
8485
}
8586
BufferedReader in = null;
8687
try {
87-
in = new BufferedReader(new FileReader(keyFile));
88+
in = new BufferedReader(new InputStreamReader(is));
8889
secretKey = in.readLine();
8990
//Check for null or empty secret key
90-
} catch (FileNotFoundException e) {
91-
throw new CloudRuntimeException("File containing secret key not found: " + s_keyFile, e);
9291
} catch (IOException e) {
9392
throw new CloudRuntimeException("Error while reading secret key from: " + s_keyFile, e);
9493
} finally {
Lines changed: 45 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,45 @@
1+
//
2+
// Licensed to the Apache Software Foundation (ASF) under one
3+
// or more contributor license agreements. See the NOTICE file
4+
// distributed with this work for additional information
5+
// regarding copyright ownership. The ASF licenses this file
6+
// to you under the Apache License, Version 2.0 (the
7+
// "License"); you may not use this file except in compliance
8+
// with the License. You may obtain a copy of the License at
9+
//
10+
// http://www.apache.org/licenses/LICENSE-2.0
11+
//
12+
// Unless required by applicable law or agreed to in writing,
13+
// software distributed under the License is distributed on an
14+
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15+
// KIND, either express or implied. See the License for the
16+
// specific language governing permissions and limitations
17+
// under the License.
18+
//
19+
20+
package com.cloud.utils.crypto;
21+
22+
import java.io.IOException;
23+
import java.net.URISyntaxException;
24+
import java.util.Properties;
25+
26+
import org.junit.Assert;
27+
import org.junit.Test;
28+
29+
import com.cloud.utils.crypt.EncryptionSecretKeyChecker;
30+
import com.cloud.utils.db.DbProperties;
31+
import com.cloud.utils.exception.CloudRuntimeException;
32+
33+
public class EncryptionSecretKeyCheckerTest {
34+
35+
private EncryptionSecretKeyChecker checker = new EncryptionSecretKeyChecker();
36+
37+
@Test(expected = CloudRuntimeException.class)
38+
public void testKeyFileDoesNotExists() throws IOException, URISyntaxException {
39+
Assert.assertNotNull(checker);
40+
Properties properties = DbProperties.getDbProperties();
41+
properties.setProperty("db.cloud.encryption.type", "file");
42+
checker.check(properties);
43+
}
44+
45+
}

0 commit comments

Comments
 (0)