issue #15 : support GAE (where KS files cannot be created)

OhadR · Apr 4, 2014 · 0edc55e · 0edc55e
1 parent cbd18a9
commit 0edc55e
Show file tree

Hide file tree

Showing 3 changed files with 49 additions and 24 deletions.
diff --git a/common-crypto/src/main/java/com/ohadr/crypto/config/CryptoProperties.java b/common-crypto/src/main/java/com/ohadr/crypto/config/CryptoProperties.java
@@ -16,6 +16,9 @@ public class CryptoProperties
 	@Value("${com.ohadr.crypto.keyAlias}")
 	private String keyAlias;
 
+	@Value("${com.ohadr.crypto.createKeystoreFileIfNotExist}")
+	private String createKeystoreFileIfNotExist;
+
 	public String getSimpleKeystore()
 	{
 		return simpleKeystore;
@@ -40,4 +43,9 @@ public String getKeyAlias()
 	{
 		return keyAlias;
 	}
+
+	public boolean getCreateKeystoreFileIfNotExist()
+	{
+		return Boolean.parseBoolean( createKeystoreFileIfNotExist );
+	}
 }
diff --git a/common-crypto/src/main/java/com/ohadr/crypto/service/CryptoUtilImpl.java b/common-crypto/src/main/java/com/ohadr/crypto/service/CryptoUtilImpl.java
@@ -57,8 +57,10 @@ public void afterPropertiesSet() throws Exception
 			throw new CryptoException("No AES provider is installed on your system ?!", e);
 		}
 
-		activeProvider = new DefaultCryptoProvider(cryptoProperties.getSimpleKeystore(),
-			    cryptoProperties.getSimplePassword());
+		activeProvider = new DefaultCryptoProvider(
+				cryptoProperties.getSimpleKeystore(),
+			    cryptoProperties.getSimplePassword(),
+			    cryptoProperties.getCreateKeystoreFileIfNotExist());
 
 	}
 

diff --git a/common-crypto/src/main/java/com/ohadr/crypto/service/DefaultCryptoProvider.java b/common-crypto/src/main/java/com/ohadr/crypto/service/DefaultCryptoProvider.java
@@ -28,6 +28,17 @@
 import com.ohadr.crypto.interfaces.KeyHive;
 
 
+/**
+ * this class tries to load key-store file, and load the keys from it. if file does not exist, it creates it,
+ * creates the keys and stores it. if file exists but one or more keys are missing - it creates the keys and 
+ * stores to the file. 
+ * 
+ * if this jar is deplyed on GAE, for example, where files cannot be stored - we have a flag for these cases,
+ * so this class will not try to store the key-store file, but will work in-mem.
+ * 
+ * @author OhadR
+ *
+ */
 public class DefaultCryptoProvider implements CryptoProvider
 {
 	private static final Logger logger = Logger.getLogger(DefaultCryptoProvider.class);
@@ -50,29 +61,18 @@ public class DefaultCryptoProvider implements CryptoProvider
 	private PrivateKey privateKey;
 	private Certificate certificate;
 
-	public DefaultCryptoProvider(String keystoreFile, String keystorePassword)
+	public DefaultCryptoProvider(
+			String keystoreFile, 
+			String keystorePassword, 
+			boolean createFileIfNotExist)
 	{
 		try
 		{
-/*			Security.addProvider(new BouncyCastleProvider());
-
-			// Wait intil bouncy castle provider is loaded - to preven exceptions later on
-			for (int i=0; i<10; i++){
-				try {
-					Cipher.getInstance("RSA/None/OAEPWithSHA1AndMGF1Padding", BouncyCastleProvider.PROVIDER_NAME);
-					break;
-				} catch(NoSuchAlgorithmException e){
-					logger.info("Waiting for Bouncy Castel to load...");
-					Thread.sleep(5000);
-					continue;
-				}
-			}
-*/			
 			keys = new HashMap<KeyHive, Key>();
 
 			keyStore = KeyStore.getInstance(KEYSTORE_TYPE);
 			logger.info("Using keystore " + keystoreFile);
-			loadMasterKeys(keystoreFile, keystorePassword);
+			loadMasterKeys(keystoreFile, keystorePassword, createFileIfNotExist);
 		}
 		catch (Exception e)
 		{
@@ -82,11 +82,26 @@ public DefaultCryptoProvider(String keystoreFile, String keystorePassword)
 
 
 
-	private void loadMasterKeys(String fileName, String password) throws NoSuchAlgorithmException,
-	                                                             KeyStoreException,
-	                                                             CertificateException,
-	                                                             FileNotFoundException,
-	                                                             IOException
+	/**
+	 * loads the keys from file. if file does not exist, it creates it, 
+	 * creates the keys and stores it. if file exists but one or more keys are missing - it creates the keys and
+	 * stores to the file.
+	 * @param fileName
+	 * @param password
+	 * @param createFileIfNotExist 
+	 * @throws NoSuchAlgorithmException
+	 * @throws KeyStoreException
+	 * @throws CertificateException
+	 * @throws FileNotFoundException
+	 * @throws IOException
+	 */
+	private void loadMasterKeys(String fileName, String password,
+			boolean createFileIfNotExist) 
+					throws NoSuchAlgorithmException,
+					KeyStoreException,
+		            CertificateException,
+		            FileNotFoundException,
+		            IOException
 	{
 		boolean keystoreModified = false;
 		KeyGenerator keyGen = null;
@@ -159,7 +174,7 @@ private void loadMasterKeys(String fileName, String password) throws NoSuchAlgor
 			logger.info("Loaded asymmetric key-pair: " + ASYMMETRIC_KEY_NAME);
 		}
 
-		if (keystoreModified)
+		if (keystoreModified && createFileIfNotExist)
 		{
 			// We loaded some keys, we need to update the keystore
 			keyStore.store(new FileOutputStream(fileName), password.toCharArray());