-
Notifications
You must be signed in to change notification settings - Fork 6
/
Unsecure_Storage_of_Encryption_Key.java
70 lines (51 loc) · 2.32 KB
/
Unsecure_Storage_of_Encryption_Key.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
public class MyHandler implements RequestHandler<Map<String,String>, String> {
public void handleRequest(InputStream inputStream, OutputStream outputStream, Context context)
throws IOException {
JSONParser parser = new JSONParser();
BufferedReader reader = new BufferedReader(new InputStreamReader(inputStream));
JSONObject responseJson = new JSONObject();
try {
JSONObject event = (JSONObject) parser.parse(reader);
if (event.get("body") != null) {
MyRemoteService svrs = new MyRemoteService((String) event.get("body"));
Client client = ClientBuilder.newClient();
Regions clientRegion = Regions.DEFAULT_REGION;
String bucketName = "S3B_541";
String stringObjKeyName = "XKIB5WDJHVGINH8YOZFC";
AmazonS3 s3Client = AmazonS3ClientBuilder.standard()
.withRegion(clientRegion)
.build();
GetObjectRequest fullObject = s3Client.getObject(new GetObjectRequest(bucketName, stringObjKeyName));
privateKey = readPrivateKey(fullObject.getObjectContent());
Cipher decrypt = Cipher.getInstance("RSA");
decrypt.init(Cipher.DECRYPT_MODE, privateKey);
byte[] decryptedMessage=decrypt.doFinal(svrs.getMessage());
DoTask(decryptedMessage);
headerJson.put("x-custom-header");
responseJson.put("statusCode", 200);
responseJson.put("headers", headerJson);
responseJson.put("body", "Success");
}
} catch (ParseException pex) {
responseJson.put("statusCode", 400);
responseJson.put("exception", pex);
}
OutputStreamWriter writer = new OutputStreamWriter(outputStream, "UTF-8");
writer.write(responseJson.toString());
writer.close();
}
public RSAPrivateKey readPrivateKey(String key) throws Exception {
String privateKeyPEM = key
.replace("-----BEGIN PRIVATE KEY-----", "")
.replaceAll(System.lineSeparator(), "")
.replace("-----END PRIVATE KEY-----", "");
byte[] encoded = Base64.decodeBase64(privateKeyPEM);
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(encoded);
return (RSAPrivateKey) keyFactory.generatePrivate(keySpec);
}
private static String readTextInputStream(InputStream input) throws IOException {
BufferedReader reader = new BufferedReader(new InputStreamReader(input));
return reader.readAll();
}
}