Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add Cache for KeyStore implementation #13

Merged
merged 5 commits into from
May 27, 2024
Merged
Show file tree
Hide file tree
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
110 changes: 110 additions & 0 deletions src/main/java/com/teragrep/jai_02/keystore/CachingKeyStoreAccess.java
Original file line number Diff line number Diff line change
@@ -0,0 +1,110 @@
/*
* Java Authentication Info jai_02
* Copyright (C) 2021 Suomen Kanuuna Oy
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://github.com/teragrep/teragrep/blob/main/LICENSE>.
*
*
* Additional permission under GNU Affero General Public License version 3
* section 7
*
* If you modify this Program, or any covered work, by linking or combining it
* with other code, such other code is not for that reason alone subject to any
* of the requirements of the GNU Affero GPL version 3 as long as this Program
* is the same Program as licensed from Suomen Kanuuna Oy without any additional
* modifications.
*
* Supplemented terms under GNU Affero General Public License version 3
* section 7
*
* Origin of the software must be attributed to Suomen Kanuuna Oy. Any modified
* versions must be marked as "Modified version of" The Program.
*
* Names of the licensors and authors may not be used for publicity purposes.
*
* No rights are granted for use of trade names, trademarks, or service marks
* which are in The Program if any.
*
* Licensee must indemnify licensors and authors for any liability that these
* contractual assumptions impose on licensors and authors.
*
* To the extent this program is licensed as part of the Commercial versions of
* Teragrep, the applicable Commercial License may apply to this file if you as
* a licensee so wish it.
*/
package com.teragrep.jai_02.keystore;

import com.google.common.cache.CacheBuilder;
import com.google.common.cache.CacheLoader;
import com.google.common.cache.LoadingCache;

import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.security.*;
import java.security.cert.CertificateException;
import java.security.spec.InvalidKeySpecException;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.List;

/**
* Provides access to the KeyStore, such as loading, saving
* and deleting entries. Keeps track of the username->alias mapping
* via the UserToAliasMapping object.
*/
public class CachingKeyStoreAccess {
kortemik marked this conversation as resolved.
Show resolved Hide resolved
private final KeyStoreAccess keyStoreAccess;

// cache
private final LoadingCache<String, PasswordEntry> loadingCache;

public CachingKeyStoreAccess(final KeyStoreAccess keyStoreAccess) {
this.keyStoreAccess = keyStoreAccess;

CacheLoader<String, PasswordEntry> cacheLoader = new CacheLoader<String, PasswordEntry>() {

@Override
public PasswordEntry load(String username) throws Exception {
return keyStoreAccess.loadKey(username);
}
};

this.loadingCache = CacheBuilder.newBuilder().build(cacheLoader);

}

public PasswordEntry loadKey(final String username) throws UnrecoverableEntryException, KeyStoreException, InvalidKeyException {
return loadingCache.getIfPresent(username);
}

public void saveKey(final String username, final char[] password) throws KeyStoreException {
keyStoreAccess.saveKey(username, password);
}

public boolean verifyKey(final String username, final char[] password) throws InvalidKeySpecException,
UnrecoverableEntryException, KeyStoreException, InvalidKeyException {
return keyStoreAccess.verifyKey(username, password);
}

public int deleteKey(final String usernameToRemove) throws KeyStoreException, IOException {
return keyStoreAccess.deleteKey(usernameToRemove);
}

private boolean checkForExistingAlias(final String usernameToCheck) throws KeyStoreException {
return keyStoreAccess.checkForExistingAlias(usernameToCheck);
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -164,7 +164,7 @@ public int deleteKey(final String usernameToRemove) throws KeyStoreException, IO
return aliasesToRemove.size();
}

private boolean checkForExistingAlias(final String usernameToCheck) throws KeyStoreException {
public boolean checkForExistingAlias(final String usernameToCheck) throws KeyStoreException {
boolean exists = false;

final Enumeration<String> aliases = keyStore.aliases();
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,99 @@
/*
* Java Authentication Info jai_02
* Copyright (C) 2021 Suomen Kanuuna Oy
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://github.com/teragrep/teragrep/blob/main/LICENSE>.
*
*
* Additional permission under GNU Affero General Public License version 3
* section 7
*
* If you modify this Program, or any covered work, by linking or combining it
* with other code, such other code is not for that reason alone subject to any
* of the requirements of the GNU Affero GPL version 3 as long as this Program
* is the same Program as licensed from Suomen Kanuuna Oy without any additional
* modifications.
*
* Supplemented terms under GNU Affero General Public License version 3
* section 7
*
* Origin of the software must be attributed to Suomen Kanuuna Oy. Any modified
* versions must be marked as "Modified version of" The Program.
*
* Names of the licensors and authors may not be used for publicity purposes.
*
* No rights are granted for use of trade names, trademarks, or service marks
* which are in The Program if any.
*
* Licensee must indemnify licensors and authors for any liability that these
* contractual assumptions impose on licensors and authors.
*
* To the extent this program is licensed as part of the Commercial versions of
* Teragrep, the applicable Commercial License may apply to this file if you as
* a licensee so wish it.
*/

package com.teragrep.jai_02.tests;

import com.teragrep.jai_02.keystore.CachingKeyStoreAccess;
import com.teragrep.jai_02.keystore.KeyStoreAccess;
import com.teragrep.jai_02.keystore.KeyStoreFactory;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeAll;
import org.junit.jupiter.api.Test;

import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.KeyStoreException;
import java.security.UnrecoverableEntryException;
import java.security.spec.InvalidKeySpecException;

public class CachingKeyStoreAccessTest {

private static String keyStorePath = "target/keystore.p12";
private static String keyStorePassword = "changeit";
private static String userName = "trusted-12";
private static String userPassWord = "XOsAqIhmKUTwWMjWwDaYmVgR8sl_l70H1oDPBw9z2yY";

private static CachingKeyStoreAccess cksa;
@BeforeAll
public static void prepare() throws KeyStoreException, IOException {
cksa = new CachingKeyStoreAccess(new KeyStoreAccess(new KeyStoreFactory(keyStorePath, keyStorePassword.toCharArray()).build(), keyStorePath, keyStorePassword.toCharArray()));
cksa.deleteKey(userName);
}

public void save() throws KeyStoreException {
cksa.saveKey(
userName,
userPassWord.toCharArray());
}

public void verify() throws UnrecoverableEntryException, KeyStoreException,
InvalidKeySpecException, InvalidKeyException {

boolean authOk = cksa.verifyKey(
userName,
userPassWord.toCharArray());

Assertions.assertTrue(authOk);
}

@Test
public void saveAndVerifyTest() throws KeyStoreException,
InvalidKeySpecException, UnrecoverableEntryException, InvalidKeyException {
save();
verify();
}
}