Skip to content

Commit

Permalink
Excavator: Upgrades Baseline to the latest version (#384)
Browse files Browse the repository at this point in the history
  • Loading branch information
svc-excavator-bot authored Oct 20, 2022
1 parent 0f8bf91 commit 1101749
Show file tree
Hide file tree
Showing 12 changed files with 49 additions and 27 deletions.
6 changes: 4 additions & 2 deletions .baseline/checkstyle/checkstyle.xml
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@
</module>
<module name="LineLength"> <!-- Java Style Guide: No line-wrapping -->
<property name="max" value="120"/>
<property name="ignorePattern" value="^package.*|^import.*|a href|href|http://|https://|ftp://"/>
<property name="ignorePattern" value="^package.*|^import.*|a href|href|http://|https://|ftp://|\{@link"/>
</module>
<module name="TreeWalker">
<module name="SuppressionCommentFilter"/> <!-- baseline-gradle: README.md -->
Expand Down Expand Up @@ -402,7 +402,9 @@
<property name="tagOrder" value="@param, @return, @throws, @deprecated"/>
<property name="target" value="CLASS_DEF, INTERFACE_DEF, ENUM_DEF, METHOD_DEF, CTOR_DEF, VARIABLE_DEF"/>
</module>
<module name="CyclomaticComplexity"/> <!-- Java Coding Guidelines: Reduce Cyclomatic Complexity -->
<module name="CyclomaticComplexity"> <!-- Java Coding Guidelines: Reduce Cyclomatic Complexity -->
<property name="switchBlockAsSingleDecisionPoint" value="true"/>
</module>
<module name="DesignForExtension"> <!-- Java Coding Guidelines: Design for extension -->
<property name="ignoredAnnotations" value="ParameterizedTest, Test, Before, BeforeEach, After, AfterEach, BeforeClass, BeforeAll, AfterClass, AfterAll"/>
</module>
Expand Down
2 changes: 1 addition & 1 deletion build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ buildscript {
classpath 'com.palantir.javaformat:gradle-palantir-java-format:2.27.0'
classpath 'com.palantir.gradle.externalpublish:gradle-external-publish-plugin:1.11.0'
classpath 'com.palantir.gradle.docker:gradle-docker:0.27.0'
classpath 'com.palantir.baseline:gradle-baseline-java:4.108.0'
classpath 'com.palantir.baseline:gradle-baseline-java:4.182.0'
classpath 'com.palantir.gradle.consistentversions:gradle-consistent-versions:2.11.0'
}
}
Expand Down
2 changes: 2 additions & 0 deletions encrypted-config-value/build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,8 @@ dependencies {
implementation 'com.fasterxml.jackson.core:jackson-annotations'
implementation 'com.fasterxml.jackson.core:jackson-core'
implementation 'com.google.code.findbugs:jsr305'
implementation 'com.palantir.safe-logging:safe-logging'
implementation 'com.palantir.safe-logging:preconditions'

testImplementation 'org.hamcrest:hamcrest-all'
testImplementation 'junit:junit'
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@
import com.google.common.io.BaseEncoding;
import com.palantir.config.crypto.algorithm.aes.AesEncryptedValue;
import com.palantir.config.crypto.algorithm.rsa.RsaEncryptedValue;
import com.palantir.logsafe.exceptions.SafeRuntimeException;
import java.io.IOException;

/**
Expand Down Expand Up @@ -104,7 +105,7 @@ private static byte[] getJsonBytes(Object value) {
try {
return MAPPER.writeValueAsBytes(value);
} catch (JsonProcessingException e) {
throw new RuntimeException(e);
throw new SafeRuntimeException(e);
}
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -16,12 +16,14 @@

package com.palantir.config.crypto;

import com.palantir.logsafe.exceptions.SafeRuntimeException;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.nio.file.StandardOpenOption;
import java.util.Objects;

public final class KeyFileUtils {
public static final String KEY_PATH_PROPERTY = "palantir.config.key_path";
Expand All @@ -32,7 +34,7 @@ public static String decryptUsingDefaultKeys(EncryptedValue encryptedValue) {
try {
keyPair = keyPairFromDefaultPath();
} catch (IOException e) {
throw new RuntimeException("Failed to read key", e);
throw new SafeRuntimeException("Failed to read key", e);
}
return encryptedValue.decrypt(keyPair.decryptionKey());
}
Expand All @@ -51,7 +53,7 @@ public static KeyPairFiles keyPairToFile(KeyPair keyPair, Path path) throws IOEx
keyWithTypeToFile(keyPair.encryptionKey(), path);

Path decryptionKeyPath = path;
if (keyPair.encryptionKey() != keyPair.decryptionKey()) {
if (!Objects.equals(keyPair.encryptionKey(), keyPair.decryptionKey())) {
decryptionKeyPath = privatePath(path);
keyWithTypeToFile(keyPair.decryptionKey(), decryptionKeyPath);
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@

package com.palantir.config.crypto;

import static com.google.common.base.Preconditions.checkArgument;
import static com.palantir.logsafe.Preconditions.checkArgument;

import com.fasterxml.jackson.annotation.JsonCreator;
import com.fasterxml.jackson.annotation.JsonValue;
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -16,18 +16,22 @@

package com.palantir.config.crypto.algorithm;

import static com.google.common.base.Preconditions.checkArgument;
import static com.palantir.logsafe.Preconditions.checkArgument;

import com.google.errorprone.annotations.CompileTimeConstant;
import com.palantir.config.crypto.Key;
import com.palantir.config.crypto.KeyWithType;
import com.palantir.config.crypto.algorithm.aes.AesKey;
import com.palantir.config.crypto.algorithm.rsa.RsaPrivateKey;
import com.palantir.config.crypto.algorithm.rsa.RsaPublicKey;
import com.palantir.logsafe.Safe;
import com.palantir.logsafe.SafeArg;

/**
* KeyType defines the universe of available key types. Each key type has a unique name and supports creating a new
* {@link KeyWithType} based on key bytes.
*/
@Safe
public enum KeyType {
AES("AES", AesKey.AesKeyGenerator.INSTANCE, Algorithm.AES),
RSA_PUBLIC("RSA-PUB", RsaPublicKey.RsaPublicKeyGenerator.INSTANCE, Algorithm.RSA),
Expand All @@ -42,11 +46,13 @@ public static KeyType from(String name) {
throw new IllegalArgumentException("unrecognized key algorithm: " + name);
}

@Safe
private final String name;

private final KeyGenerator generator;
private final Algorithm algorithm;

KeyType(String name, KeyGenerator generator, Algorithm algorithm) {
KeyType(@CompileTimeConstant String name, KeyGenerator generator, Algorithm algorithm) {
this.name = name;
this.generator = generator;
this.algorithm = algorithm;
Expand All @@ -66,11 +72,15 @@ public Algorithm getAlgorithm() {
}

public void checkKeyArgument(KeyWithType kwt, Class<? extends Key> keyClazz) {
checkArgument(kwt.getType().equals(this), "key must be for %s algorithm but was %s", this, kwt.getType());
checkArgument(
kwt.getType().equals(this),
"key type did not match expected type for algorithm",
SafeArg.of("algorithm", name),
SafeArg.of("type", kwt.getType()));
checkArgument(
keyClazz.isAssignableFrom(kwt.getKey().getClass()),
"key must be of type %s but was %s",
keyClazz,
kwt.getKey().getClass());
"key type did not match expected type",
SafeArg.of("expected", keyClazz),
SafeArg.of("actual", kwt.getKey().getClass()));
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@
import com.palantir.config.crypto.KeyWithType;
import com.palantir.config.crypto.algorithm.Algorithm;
import com.palantir.config.crypto.algorithm.KeyType;
import com.palantir.logsafe.exceptions.SafeRuntimeException;
import java.security.NoSuchAlgorithmException;
import javax.crypto.SecretKey;

Expand All @@ -33,7 +34,7 @@ public static KeyPair newKeyPair() {
try {
keyGen = javax.crypto.KeyGenerator.getInstance(Algorithm.AES.toString());
} catch (NoSuchAlgorithmException e) {
throw new RuntimeException(e);
throw new SafeRuntimeException(e);
}
keyGen.init(KEY_SIZE_BITS);
SecretKey secretKey = keyGen.generateKey();
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@
import com.palantir.config.crypto.KeyWithType;
import com.palantir.config.crypto.algorithm.Algorithm;
import com.palantir.config.crypto.algorithm.KeyType;
import com.palantir.logsafe.exceptions.SafeRuntimeException;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;

Expand All @@ -33,7 +34,7 @@ public static KeyPair newKeyPair() {
try {
keyPairGenerator = KeyPairGenerator.getInstance(Algorithm.RSA.toString());
} catch (NoSuchAlgorithmException e) {
throw new RuntimeException(e);
throw new SafeRuntimeException(e);
}
keyPairGenerator.initialize(KEY_SIZE_BITS);

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@
import com.palantir.config.crypto.algorithm.Algorithm;
import com.palantir.config.crypto.algorithm.KeyGenerator;
import com.palantir.config.crypto.algorithm.KeyType;
import com.palantir.logsafe.exceptions.SafeRuntimeException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
Expand Down Expand Up @@ -56,7 +57,7 @@ public KeyWithType keyFromBytes(byte[] key) {
localPrivateKey =
KeyFactory.getInstance(Algorithm.RSA.toString()).generatePrivate(new PKCS8EncodedKeySpec(key));
} catch (InvalidKeySpecException | NoSuchAlgorithmException e) {
throw new RuntimeException(e);
throw new SafeRuntimeException(e);
}
return ImmutableKeyWithType.builder()
.type(KeyType.RSA_PRIVATE)
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@
import com.palantir.config.crypto.algorithm.Algorithm;
import com.palantir.config.crypto.algorithm.KeyGenerator;
import com.palantir.config.crypto.algorithm.KeyType;
import com.palantir.logsafe.exceptions.SafeRuntimeException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
Expand Down Expand Up @@ -56,7 +57,7 @@ public KeyWithType keyFromBytes(byte[] key) {
localPublicKey =
KeyFactory.getInstance(Algorithm.RSA.toString()).generatePublic(new X509EncodedKeySpec(key));
} catch (InvalidKeySpecException | NoSuchAlgorithmException e) {
throw new RuntimeException(e);
throw new SafeRuntimeException(e);
}
return ImmutableKeyWithType.builder()
.type(KeyType.RSA_PUBLIC)
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@
package com.palantir.config.crypto.util;

import com.palantir.config.crypto.supplier.ThrowingSupplier;
import java.io.IOException;
import com.palantir.logsafe.exceptions.SafeRuntimeException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
Expand All @@ -37,24 +37,25 @@ public static <T> T silently(ThrowingSupplier<T> supplier) {
try {
return supplier.get();
} catch (AEADBadTagException e) {
throw new RuntimeException(
throw new SafeRuntimeException(
"couldn't verify the message's authentication tag "
+ "- either the message was tampered with, or the key is invalid",
e);
} catch (InvalidKeyException | InvalidKeySpecException e) {
throw new RuntimeException("the key was invalid", e);
throw new SafeRuntimeException("the key was invalid", e);
} catch (NoSuchPaddingException | BadPaddingException e) {
throw new RuntimeException("the padding was invalid", e);
throw new SafeRuntimeException("the padding was invalid", e);
} catch (IllegalBlockSizeException e) {
throw new RuntimeException("illegal block size", e);
throw new SafeRuntimeException("illegal block size", e);
} catch (NoSuchProviderException | NoSuchAlgorithmException e) {
throw new RuntimeException("there was not a provider for the given algorithm", e);
throw new SafeRuntimeException("there was not a provider for the given algorithm", e);
} catch (InvalidAlgorithmParameterException e) {
throw new RuntimeException("the algorithm parameter was invalid", e);
} catch (IOException e) {
throw new RuntimeException(e);
throw new SafeRuntimeException("the algorithm parameter was invalid", e);
} catch (InterruptedException e) {
Thread.currentThread().interrupt();
throw new SafeRuntimeException(e);
} catch (Exception e) {
throw new RuntimeException(e);
throw new SafeRuntimeException(e);
}
}
}

0 comments on commit 1101749

Please sign in to comment.