public class BootstrapConfig
extends java.lang.Object
Provides a command line driver for config file encryption and decryption.
The root element of a valid bootstrap configuration file is always
<node type="type">
where type is either client or
server.
The rest of the file is not checked and can be made of any elements. Only those elements that are organized in three levels, can be queried or set.
The first level of elements under the root are considered categories. They may have attributes, but those can't be accessed.
The second level of elements are considered groups. Groups may have accessible atributes and those attributes are considered keys.
Each key has a value. These values are the only part of the tree that can be read or written.
Here is a sample bootstrap configuration file:
<?xml version="1.0"?> <node type="client"> <net> <server host="p2jserver"/> <server port="3333"/> <dispatcher threads="4"/> </net> <security> <truststore filename="trust.store"/> <truststore alias="mainserver"/> <keystore filename="key.store"/> </security> </node>
Internally, the contents of the file is represented as a tree of maps. The root map names defined categories and contains references to group maps one map per category.
Group maps name defined groups and contain references to key maps. The latter contain the value definitions for keys.
Based on this 3 part naming scheme (category, group, key), values can be
retrieved using getConfigItem(java.lang.String, java.lang.String, java.lang.String)
and can be assigned using
setConfigItem(java.lang.String, java.lang.String, java.lang.String, java.lang.String)
.
Modifier and Type | Field and Description |
---|---|
private static java.lang.String |
ALGORITHM
JSSE encryption algorithm name.
|
private java.util.Map |
categories
The collection of known categories.
|
private static int |
count
Encryption algorithm
iterations parameter. |
private boolean |
isServer
Client or server configuration type indicator.
|
private static byte[] |
salt
Encryption algorithm
salt parameter. |
Constructor and Description |
---|
BootstrapConfig()
Constructs an instance with no backing configuration file.
|
BootstrapConfig(BootstrapConfig config)
Initialize a new instance as a copy of the given config.
|
BootstrapConfig(java.lang.String file,
char[] passphrase)
Constructs an instance, loads the associated configuration file,
decrypts it if passwords are given, parses the content and makes it
available for subsequent queries.
|
BootstrapConfig(java.lang.String sharedFile,
char[] sharedPassphrase,
java.lang.String privateFile,
char[] privatePassphrase)
Constructs an instance, loads the associated configuration files,
decrypts them if passwords are given, parses the content and makes it
available for subsequent queries.
|
Modifier and Type | Method and Description |
---|---|
private boolean |
addConfigItem(java.lang.String cname,
java.lang.String gname,
java.lang.String kname,
java.lang.String kvalue,
boolean force)
Utility method to add a value for a tripplet {category, group, key}
into internal maps.
|
void |
copyConfigItems(java.lang.String[] items,
BootstrapConfig source)
Copy the given configuration items from the specified source.
|
boolean |
getBoolean(java.lang.String cname,
java.lang.String gname,
java.lang.String kname,
boolean def)
Queries the value for a given key within the specified category and
group.
|
private static javax.crypto.Cipher |
getCipher(char[] passphrase,
boolean mode)
Initialize and return an appropriate cipher instance.
|
java.lang.String |
getConfigItem(java.lang.String cname,
java.lang.String gname,
java.lang.String kname)
Queries the value for a given key within the specified category and
group.
|
java.io.InputStream |
getInputStream(java.lang.String cname,
java.lang.String gname,
java.lang.String kname,
java.lang.String def)
Queries the value for a given key within the specified category and
group.
|
int |
getInt(java.lang.String cname,
java.lang.String gname,
java.lang.String kname,
int def)
Queries the value for a given key within the specified category and
group.
|
java.lang.String |
getString(java.lang.String cname,
java.lang.String gname,
java.lang.String kname,
java.lang.String def)
Queries the value for a given key within the specified category and
group.
|
boolean |
isServer()
Queries the configuration type.
|
java.lang.String[] |
listCategories()
Enumerates all defined categories.
|
java.lang.String[] |
listGroups(java.lang.String cname)
Enumerates all defined groups for a category.
|
java.lang.String[] |
listKeys(java.lang.String cname,
java.lang.String gname)
Enumerates all defined keys for a group in a category.
|
private static org.w3c.dom.Element |
loadXml(java.lang.String filename,
char[] passphrase)
Utility method to load and optionally decrypt an XML configuration
file.
|
static void |
main(java.lang.String[] args)
Serves as a command line encryption/decryption utility that transforms
the input file into the output file.
|
void |
setConfigItem(java.lang.String cname,
java.lang.String gname,
java.lang.String kname,
java.lang.String kvalue)
Adds or sets a value for a triplet {category, group, key}.
|
void |
setServer(boolean type)
Sets the configuration type.
|
java.lang.String |
toString()
Prints the bootstrap configuration.
|
private void |
walkXml(org.w3c.dom.Element root)
Utility method to walk an in memory DOM document and extract all
categories, groups, keys and values.
|
private static final byte[] salt
salt
parameter.private static final int count
iterations
parameter.private static final java.lang.String ALGORITHM
private java.util.Map categories
private boolean isServer
public BootstrapConfig(BootstrapConfig config)
config
- The config instance to copy.public BootstrapConfig() throws ConfigurationException
setConfigItem(java.lang.String, java.lang.String, java.lang.String, java.lang.String)
will
be needed to load values.ConfigurationException
public BootstrapConfig(java.lang.String file, char[] passphrase) throws ConfigurationException
No secondary configuration file will be supported in this case.
file
- The filename of the primary or only configuration file. May
be null
if no configuration file is to be used.passphrase
- The passphrase used for decryption of the primary file. May
be null
if no decryption is needed.ConfigurationException
public BootstrapConfig(java.lang.String sharedFile, char[] sharedPassphrase, java.lang.String privateFile, char[] privatePassphrase) throws ConfigurationException
For client configurations, either one or two files can be given. In case of two files, both have to specify the node type as client. For server configurations only one file can be given and it is expected to have the node type of server.
The advantage of using 2 files is that one may include shared definitions for a large number of users where the second file would be specific to the given user.
sharedFile
- The filename of the primary or only configuration file. May
be null
if no configuration file is to be used.sharedPassphrase
- The passphrase used for decryption of the primary file. May
be null
if no decryption is needed.privateFile
- The filename of the secondary configuration file or
null
if not to be used.privatePassphrase
- The passphrase used for decryption of the secondary file. May
be null
if no decryption is needed.ConfigurationException
private static org.w3c.dom.Element loadXml(java.lang.String filename, char[] passphrase) throws ConfigurationException
filename
- The name of an (optionally encrypted) XML file.passphrase
- The passphrase to be used for decryption of the file. Use
null
if the file is unencrypted.ConfigurationException
public boolean isServer()
true
if this is a server configurationpublic void setServer(boolean type)
type
- true
to mark this as a server, false
to represent a client.public java.lang.String[] listCategories()
null
.public java.lang.String[] listGroups(java.lang.String cname)
cname
- The category name.null
.public java.lang.String[] listKeys(java.lang.String cname, java.lang.String gname)
cname
- The category name.gname
- The group name.null
.public java.lang.String getString(java.lang.String cname, java.lang.String gname, java.lang.String kname, java.lang.String def)
Recursive references are specially coded values, whick look like "#category.group.key". They start with '#' character and contain two dots. An attempt is made to query the referenced key, which in turn may be a reference. However, no more than 5 references are allowed in the chain.
cname
- The category name.gname
- The group name.kname
- The key name.def
- The default value to return if the specified value does not
exist.public int getInt(java.lang.String cname, java.lang.String gname, java.lang.String kname, int def)
Recursive references are specially coded values, whick look like "#category.group.key". They start with '#' character and contain two dots. An attempt is made to query the referenced key, which in turn may be a reference. However, no more than 5 references are allowed in the chain.
Any value found will be parsed as a base-10 integer and returned.
cname
- The category name.gname
- The group name.kname
- The key name.def
- The default value to return if the specified value does not
exist.public boolean getBoolean(java.lang.String cname, java.lang.String gname, java.lang.String kname, boolean def)
Recursive references are specially coded values, whick look like "#category.group.key". They start with '#' character and contain two dots. An attempt is made to query the referenced key, which in turn may be a reference. However, no more than 5 references are allowed in the chain.
Any value found will be parsed as a boolean
literal (the
value must be the text "true" or "false").
cname
- The category name.gname
- The group name.kname
- The key name.def
- The default value to return if the specified value does not
exist.public java.io.InputStream getInputStream(java.lang.String cname, java.lang.String gname, java.lang.String kname, java.lang.String def)
Recursive references are specially coded values, which look like "#category.group.key". They start with '#' character and contain two dots. An attempt is made to query the referenced key, which in turn may be a reference. However, no more than 5 references are allowed in the chain.
Any value found will be used as a simple filename first. If a file system resource can be accessed via this name, then that input stream will be returned. Otherwise, that value will be assumed to be a URL and the system's classloader will be used to access the resource as an input stream.
cname
- The category name.gname
- The group name.kname
- The key name.def
- The default input stream specification (as a simple filename
or as a URL from which to load as a system resource) to use
for creating an input stream if the specified value does not
exist.null
is returned
if there is no stream that can be created to represent the
value found or the default value provided.public java.lang.String getConfigItem(java.lang.String cname, java.lang.String gname, java.lang.String kname) throws ConfigurationException
Recursive references are specially coded values, whick look like "#category.group.key". They start with '#' character and contain two dots. An attempt is made to query the referenced key, which in turn may be a reference. However, no more than 5 references are allowed in the chain.
cname
- The category name.gname
- The group name.kname
- The key name.null
if
undefined.ConfigurationException
- If recursive references are too deeply nested.public void setConfigItem(java.lang.String cname, java.lang.String gname, java.lang.String kname, java.lang.String kvalue)
All names are uppercased before use.
cname
- The category name.gname
- The group name.kname
- The key name.kvalue
- The value to be stored.public void copyConfigItems(java.lang.String[] items, BootstrapConfig source) throws ConfigurationException
items
- A list of items, specified using the "category:group:key" format.source
- The source from which to copy the configuration.ConfigurationException
- If an item is not set (null
or empty), doesn't follow the categ:group:key
format or recursive references are too deeply nested.private boolean addConfigItem(java.lang.String cname, java.lang.String gname, java.lang.String kname, java.lang.String kvalue, boolean force)
All names are uppercased before use. Duplicating keys are ignored.
cname
- The category name.gname
- The group name.kname
- The key name.kvalue
- The value to be stored.force
- true
to set the value regardless of whether the
specified category + group + key already exists.true
if added successfully, false
if the key is already defined (and force
is
also false
since otherwise the set will always
occur).private void walkXml(org.w3c.dom.Element root)
root
- The root element of a loaded XML document.private static javax.crypto.Cipher getCipher(char[] passphrase, boolean mode) throws java.security.NoSuchAlgorithmException, java.security.spec.InvalidKeySpecException, java.security.InvalidKeyException, javax.crypto.NoSuchPaddingException, java.security.InvalidAlgorithmParameterException
passphrase
- The password on which the encryption or decryption will be
based.mode
- true
to encrypt, false
to decrypt.java.security.NoSuchAlgorithmException
java.security.spec.InvalidKeySpecException
java.security.InvalidKeyException
javax.crypto.NoSuchPaddingException
java.security.InvalidAlgorithmParameterException
public static void main(java.lang.String[] args)
Syntax:
java BootstrapConfig [encrypt | decrypt] infile outfile
As this is a command line tool, the user is prompted for a passphrase.
This method employs the javax.crypto package's "PBEWithMD5AndDES" algorithm.
args
- The command line arguments.public java.lang.String toString()
toString
in class java.lang.Object