From 8a188b387305f06257964822af69c258993117fe Mon Sep 17 00:00:00 2001 From: insanity Date: Mon, 2 Jul 2018 15:33:27 +0900 Subject: [PATCH] sensorconfig encryption --- .../service/CentralNoAuthProbeService.java | 6 +- .../service/CentralSensorConfigService.java | 114 +++++++++++++++--- .../sensor/service/SensorServiceTest.java | 2 - 3 files changed, 97 insertions(+), 25 deletions(-) diff --git a/src/main/java/com/loafle/overflow/central/module/noauthprobe/service/CentralNoAuthProbeService.java b/src/main/java/com/loafle/overflow/central/module/noauthprobe/service/CentralNoAuthProbeService.java index bc9ee28..0b70c9f 100644 --- a/src/main/java/com/loafle/overflow/central/module/noauthprobe/service/CentralNoAuthProbeService.java +++ b/src/main/java/com/loafle/overflow/central/module/noauthprobe/service/CentralNoAuthProbeService.java @@ -28,7 +28,6 @@ import com.loafle.overflow.service.central.probe.ProbeService; import com.fasterxml.jackson.databind.ObjectMapper; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.stereotype.Service; import inet.ipaddr.IPAddress; @@ -152,15 +151,12 @@ public class CentralNoAuthProbeService implements NoAuthProbeService { throw new OverflowException("InfraHostMachine is not valid"); } - BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder(); - String encryptKey = passwordEncoder.encode(UUID.randomUUID().toString()); - ApiKey apiKey = apiKeyService.readByApiKey(noAuthProbe.getApiKey()); String memberEmail = SessionMetadata.getTargetID(); DomainMember domainMember = domainMemberService.readByMemberEmail(memberEmail); Probe probe = new Probe(); - probe.setEncryptionKey(encryptKey); + probe.setEncryptionKey(UUID.randomUUID().toString() + UUID.randomUUID().toString()); probe.setProbeKey(GenerateKey.getKey()); probe.setDomain(new Domain(apiKey.getDomain().getId())); probe.setAuthorizeMember(new Member(domainMember.getMember().getId())); diff --git a/src/main/java/com/loafle/overflow/central/module/sensor/service/CentralSensorConfigService.java b/src/main/java/com/loafle/overflow/central/module/sensor/service/CentralSensorConfigService.java index 8d78671..d15c41d 100644 --- a/src/main/java/com/loafle/overflow/central/module/sensor/service/CentralSensorConfigService.java +++ b/src/main/java/com/loafle/overflow/central/module/sensor/service/CentralSensorConfigService.java @@ -1,20 +1,33 @@ package com.loafle.overflow.central.module.sensor.service; +import java.io.BufferedReader; +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.InputStreamReader; import java.util.ArrayList; +import java.util.Base64; import java.util.List; +import java.util.zip.GZIPInputStream; +import java.util.zip.GZIPOutputStream; +import javax.crypto.Cipher; +import javax.crypto.SecretKeyFactory; +import javax.crypto.spec.DESKeySpec; import javax.transaction.Transactional; +import com.fasterxml.jackson.databind.ObjectMapper; +import com.loafle.overflow.central.commons.service.MessagePublisher; import com.loafle.overflow.core.exception.OverflowException; import com.loafle.overflow.model.infra.Infra; import com.loafle.overflow.model.infra.InfraHost; -import com.loafle.overflow.model.infra.InfraHostIP; import com.loafle.overflow.model.infra.InfraHostPort; import com.loafle.overflow.model.infra.InfraService; +import com.loafle.overflow.model.infra.InfraZone; import com.loafle.overflow.model.meta.MetaCollectionItem; import com.loafle.overflow.model.meta.MetaCollectionItemMapping; import com.loafle.overflow.model.meta.MetaCryptoType; import com.loafle.overflow.model.meta.MetaInfraType; +import com.loafle.overflow.model.probe.Probe; import com.loafle.overflow.model.sensor.Sensor; import com.loafle.overflow.model.sensor.SensorItem; import com.loafle.overflow.model.sensorconfig.SensorConfig; @@ -34,6 +47,10 @@ public class CentralSensorConfigService { MetaCollectionItemMappingService metaCollectionItemMappingService; @Autowired CentralSensorItemService sensorItemService; + @Autowired + ObjectMapper objectMapper; + @Autowired + private MessagePublisher messagePublisher; @Transactional public SensorConfig regist(Sensor sensor) throws OverflowException { @@ -42,15 +59,68 @@ public class CentralSensorConfigService { } SensorConfig sensorConfig = new SensorConfig(); sensorConfig.setSensorID(sensor.getId()); - sensorConfig.setCrawler(this.configCrawler(sensorConfig, sensor)); - sensorConfig.setConnection(this.configConnection(sensorConfig, sensor)); - sensorConfig.setSchedule(this.configSchedule(sensorConfig, sensor)); - sensorConfig.setItems(this.configItems(sensorConfig, sensor)); + sensorConfig.setCrawler(this.configCrawler(sensor)); + sensorConfig.setConnection(this.configConnection(sensor)); + sensorConfig.setSchedule(this.configSchedule(sensor)); + sensorConfig.setItems(this.configItems(sensor)); + + Probe probe = sensor.getTarget().getInfra().getProbe(); + String encryptedSensorConfigBase64 = this.toEncryptString(sensorConfig, probe.getEncryptionKey()); + this.messagePublisher.publishToProbe(probe.getProbeKey(), "SensorService.AddSensor", encryptedSensorConfigBase64); return sensorConfig; } - private SensorConfigCrawler configCrawler(SensorConfig config, Sensor sensor) throws OverflowException { + private String toEncryptString(SensorConfig sensorConfig, String encryptKey) throws OverflowException { + try { + String sensorConfigJsonStr = this.objectMapper.writeValueAsString(sensorConfig); + // gzip + ByteArrayOutputStream obj = new ByteArrayOutputStream(); + GZIPOutputStream gzip = new GZIPOutputStream(obj); + gzip.write(sensorConfigJsonStr.getBytes("UTF-8")); + gzip.flush(); + gzip.close(); + byte[] compressedByte = obj.toByteArray(); + + // DES encryption + Cipher cipher = Cipher.getInstance("DES/ECB/PKCS5Padding"); + SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DES"); + DESKeySpec desKeySpec = new DESKeySpec(encryptKey.getBytes()); + cipher.init(Cipher.ENCRYPT_MODE, keyFactory.generateSecret(desKeySpec)); + byte[] outputBytes = cipher.doFinal(compressedByte); + + // Base64 + return Base64.getEncoder().encodeToString(outputBytes); + + } catch (Exception e) { + throw new OverflowException("", e); + } + + } + + /* + * private String testDecrypt(String encryptKey, String encrypted) throws + * OverflowException { try { byte[] inputBytes = + * Base64.getDecoder().decode(encrypted.getBytes()); + * + * Cipher cipher = Cipher.getInstance("DES/ECB/PKCS5Padding"); SecretKeyFactory + * keyFactory = SecretKeyFactory.getInstance("DES"); DESKeySpec desKeySpec = new + * DESKeySpec(encryptKey.getBytes()); cipher.init(Cipher.DECRYPT_MODE, + * keyFactory.generateSecret(desKeySpec)); + * + * byte[] outputBytes = cipher.doFinal(inputBytes); + * + * GZIPInputStream gis = new GZIPInputStream(new + * ByteArrayInputStream(outputBytes)); BufferedReader bf = new + * BufferedReader(new InputStreamReader(gis, "UTF-8")); String result = ""; + * String line; while ((line = bf.readLine()) != null) { result += line; } + * + * return result; + * + * } catch (Exception e) { throw new OverflowException("", e); } } + */ + + private SensorConfigCrawler configCrawler(Sensor sensor) throws OverflowException { if (null == sensor.getMetaCrawlerMapping() || null == sensor.getMetaCrawlerMapping().getMetaCrawler() || null == sensor.getMetaCrawlerMapping().getMetaCrawlerContainer()) { throw new OverflowException(String.format("ID[%s] of Sensor is not valid", sensor.getId())); @@ -62,32 +132,40 @@ public class CentralSensorConfigService { return sensorConfigCrawler; } - private SensorConfigConnection configConnection(SensorConfig config, Sensor sensor) throws OverflowException { + private SensorConfigConnection configConnection(Sensor sensor) throws OverflowException { if (null == sensor.getTarget() || null == sensor.getTarget().getInfra() || null == sensor.getTarget().getInfra().getMetaInfraType()) { throw new OverflowException(String.format("ID[%s] of Sensor is not valid", sensor.getId())); } Infra infra = sensor.getTarget().getInfra(); MetaInfraType metaInfraType = infra.getMetaInfraType(); - InfraHostIP infraHostIP = null; - ; + String InfraHostIPAddress = null; + String metaIPTypeKey = null; InfraHostPort infraHostPort = null; MetaCryptoType metaCryptoType = null; - ; if (metaInfraType.getKey().equals("HOST")) { - infraHostIP = ((InfraHost) infra).getInfraHostIPs().get(0); + InfraHost infraHost = (InfraHost) infra; + metaIPTypeKey = infraHost.getInfraHostIPs().get(0).getMetaIPType().getKey(); + InfraHostIPAddress = infraHost.getInfraHostIPs().get(0).getAddress(); + } else if (metaInfraType.getKey().equals("SERVICE")) { - infraHostIP = ((InfraService) infra).getInfraHostPort().getInfraHostIP(); - infraHostPort = ((InfraService) infra).getInfraHostPort(); - metaCryptoType = ((InfraService) infra).getMetaCryptoType(); + InfraService infraService = (InfraService) infra; + InfraHostIPAddress = infraService.getInfraHostPort().getInfraHostIP().getAddress(); + infraHostPort = infraService.getInfraHostPort(); + metaCryptoType = infraService.getMetaCryptoType(); + + } else if (metaInfraType.getKey().equals("ZONE")) { + InfraZone infraZone = (InfraZone) infra; + InfraHostIPAddress = infraZone.getAddress(); + metaIPTypeKey = infraZone.getMetaIPType().getKey(); } else { throw new OverflowException(String.format("ID[%s] of Sensor is not valid", sensor.getId())); } SensorConfigConnection sensorConfigConnection = new SensorConfigConnection(); - sensorConfigConnection.setMetaIPTypeKey(infraHostIP.getMetaIPType().getKey()); - sensorConfigConnection.setIp(infraHostIP.getAddress()); + sensorConfigConnection.setMetaIPTypeKey(metaIPTypeKey); + sensorConfigConnection.setIp(InfraHostIPAddress); if (null != infraHostPort) { sensorConfigConnection.setMetaPortTypeKey(infraHostPort.getMetaPortType().getKey()); sensorConfigConnection.setPort(infraHostPort.getPort()); @@ -99,7 +177,7 @@ public class CentralSensorConfigService { return sensorConfigConnection; } - private SensorConfigSchedule configSchedule(SensorConfig config, Sensor sensor) throws OverflowException { + private SensorConfigSchedule configSchedule(Sensor sensor) throws OverflowException { Integer interval = null != sensor.getInterval() ? sensor.getInterval() : sensor.getMetaCrawlerMapping().getDefaultInterval(); SensorConfigSchedule sensorConfigSchedule = new SensorConfigSchedule(); @@ -107,7 +185,7 @@ public class CentralSensorConfigService { return sensorConfigSchedule; } - private SensorConfigItems configItems(SensorConfig config, Sensor sensor) throws OverflowException { + private SensorConfigItems configItems(Sensor sensor) throws OverflowException { List sensorItems = this.sensorItemService.readAllBySensorID(sensor.getId()); if (null == sensorItems || sensorItems.size() == 0) { throw new OverflowException(String.format("ID[%s] of Sensor has no SensorItem", sensor.getId())); diff --git a/src/test/java/com/loafle/overflow/central/module/sensor/service/SensorServiceTest.java b/src/test/java/com/loafle/overflow/central/module/sensor/service/SensorServiceTest.java index 7a01c62..b69b6e5 100644 --- a/src/test/java/com/loafle/overflow/central/module/sensor/service/SensorServiceTest.java +++ b/src/test/java/com/loafle/overflow/central/module/sensor/service/SensorServiceTest.java @@ -44,7 +44,6 @@ public class SensorServiceTest { InfraService infraService; @Test - @Ignore public void registDefault() throws Exception { Long tempInfraID = Long.valueOf(28); // ssh Long tempProbeID = Long.valueOf(3); @@ -58,7 +57,6 @@ public class SensorServiceTest { } @Test - @Ignore public void regist() throws Exception { Target target = this.targetService.read(Long.valueOf(1));