Skip to content

Commit

Permalink
optional<bytebuffer> password
Browse files Browse the repository at this point in the history
  • Loading branch information
mwangggg committed Aug 21, 2024
1 parent 0f503b6 commit 4de581e
Show file tree
Hide file tree
Showing 2 changed files with 40 additions and 15 deletions.
47 changes: 34 additions & 13 deletions src/main/java/io/cryostat/agent/ConfigModule.java
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,6 @@
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.NoSuchElementException;
import java.util.Optional;
import java.util.UUID;
import java.util.function.Predicate;
Expand Down Expand Up @@ -276,23 +275,21 @@ public static Optional<String> provideCryostatAgentWebclientTlsTruststorePath(Co
@Provides
@Singleton
@Named(CRYOSTAT_AGENT_WEBCLIENT_TLS_TRUSTSTORE_PASS_FILE)
public static Optional<String> provideCryostatAgentWebclientTlsTruststorePassFromFile(
public static Optional<ByteBuffer> provideCryostatAgentWebclientTlsTruststorePassFromFile(
Config config,
@Named(CRYOSTAT_AGENT_WEBCLIENT_TLS_TRUSTSTORE_PASS_CHARSET) String passCharset) {
Optional<String> truststorePassFile =
config.getOptionalValue(
CRYOSTAT_AGENT_WEBCLIENT_TLS_TRUSTSTORE_PASS_FILE, String.class);
Optional<String> password = Optional.empty();
if (truststorePassFile.isEmpty()) {
return Optional.empty();
}
try (FileInputStream passFile = new FileInputStream(truststorePassFile.get())) {
String pass = IOUtils.toString(passFile, Charset.forName(passCharset));
pass = pass.substring(0, pass.length() - 1);
password = Optional.ofNullable(pass);
} catch (NoSuchElementException e) {
return password;
String pass = IOUtils.toString(passFile, Charset.forName(passCharset)).trim();
return Optional.ofNullable(new ByteBuffer(pass, passCharset));
} catch (IOException e) {
throw new RuntimeException(e);
}
return password;
}

@Provides
Expand All @@ -305,13 +302,16 @@ public static String provideCryostatAgentWebclientTlsTruststorePassCharset(Confi
@Provides
@Singleton
@Named(CRYOSTAT_AGENT_WEBCLIENT_TLS_TRUSTSTORE_PASS)
public static Optional<String> provideCryostatAgentWebclientTlsTruststorePass(
public static Optional<ByteBuffer> provideCryostatAgentWebclientTlsTruststorePass(
Config config,
@Named(CRYOSTAT_AGENT_WEBCLIENT_TLS_TRUSTSTORE_PASS_FILE)
Optional<String> truststorePass) {
Optional<ByteBuffer> truststorePass) {
Optional<String> opt =
config.getOptionalValue(CRYOSTAT_AGENT_WEBCLIENT_TLS_TRUSTSTORE_PASS, String.class);
return opt.or(() -> truststorePass);
if (opt.isEmpty()) {
return truststorePass;
}
return Optional.ofNullable(new ByteBuffer(opt.get(), "utf-8"));
}

@Provides
Expand All @@ -326,7 +326,8 @@ public static String provideCryostatAgentWebclientTlsTruststoreType(Config confi
@Named(CRYOSTAT_AGENT_WEBCLIENT_TLS_TRUSTSTORE_CERTS)
public static List<TruststoreConfig> provideCryostatAgentWecblientTlsTruststoreCerts(
Config config,
@Named(CRYOSTAT_AGENT_WEBCLIENT_TLS_TRUSTSTORE_PASS) Optional<String> truststorePass,
@Named(CRYOSTAT_AGENT_WEBCLIENT_TLS_TRUSTSTORE_PASS)
Optional<ByteBuffer> truststorePass,
@Named(CRYOSTAT_AGENT_WEBCLIENT_TLS_TRUSTSTORE_PATH) Optional<String> truststorePath) {
Map<Integer, TruststoreConfig.Builder> truststoreBuilders = new HashMap<>();
List<TruststoreConfig> truststoreConfigs = new ArrayList<>();
Expand Down Expand Up @@ -709,4 +710,24 @@ public static URIRange fromString(String s) {
return SITE_LOCAL;
}
}

public static class ByteBuffer {
private final byte[] buf;

public ByteBuffer(int len) {
this.buf = new byte[len];
}

public ByteBuffer(String s, String charset) {
this.buf = Arrays.copyOf(s.getBytes(Charset.forName(charset)), s.length());
}

public String get(String charset) {
return new String(this.buf, Charset.forName(charset));
}

public void clear() {
Arrays.fill(this.buf, (byte) 0);
}
}
}
8 changes: 6 additions & 2 deletions src/main/java/io/cryostat/agent/MainModule.java
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,7 @@
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

import io.cryostat.agent.ConfigModule.ByteBuffer;
import io.cryostat.agent.harvest.HarvestModule;
import io.cryostat.agent.remote.RemoteContext;
import io.cryostat.agent.remote.RemoteModule;
Expand Down Expand Up @@ -135,7 +136,9 @@ public static SSLContext provideClientSslContext(
@Named(ConfigModule.CRYOSTAT_AGENT_WEBCLIENT_TLS_TRUSTSTORE_PATH)
Optional<String> truststorePath,
@Named(ConfigModule.CRYOSTAT_AGENT_WEBCLIENT_TLS_TRUSTSTORE_PASS)
Optional<String> truststorePass,
Optional<ByteBuffer> truststorePass,
@Named(ConfigModule.CRYOSTAT_AGENT_WEBCLIENT_TLS_TRUSTSTORE_PASS_CHARSET)
String passCharset,
@Named(ConfigModule.CRYOSTAT_AGENT_WEBCLIENT_TLS_TRUSTSTORE_TYPE) String truststoreType,
@Named(ConfigModule.CRYOSTAT_AGENT_WEBCLIENT_TLS_TRUSTSTORE_CERTS)
List<TruststoreConfig> truststoreCerts) {
Expand Down Expand Up @@ -187,7 +190,8 @@ public X509Certificate[] getAcceptedIssuers() {
// initialize truststore with user provided path and pass
if (!truststorePath.isEmpty() && !truststorePass.isEmpty()) {
try (InputStream truststore = new FileInputStream(truststorePath.get())) {
ts.load(truststore, truststorePass.get().toCharArray());
ts.load(truststore, truststorePass.get().get(passCharset).toCharArray());
truststorePass.get().clear();
} catch (IOException e) {
throw new RuntimeException(e);
}
Expand Down

0 comments on commit 4de581e

Please sign in to comment.