DriverBYOKUtilities.java

  1. /*
  2.  * GovWay - A customizable API Gateway
  3.  * https://govway.org
  4.  * 
  5.  * Copyright (c) 2005-2025 Link.it srl (https://link.it). 
  6.  * 
  7.  * This program is free software: you can redistribute it and/or modify
  8.  * it under the terms of the GNU General Public License version 3, as published by
  9.  * the Free Software Foundation.
  10.  *
  11.  * This program is distributed in the hope that it will be useful,
  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14.  * GNU General Public License for more details.
  15.  *
  16.  * You should have received a copy of the GNU General Public License
  17.  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  18.  *
  19.  */
  20. package org.openspcoop2.pdd.core.byok;

  22. import java.util.HashMap;
  23. import java.util.Map;

  25. import org.apache.commons.lang.StringUtils;
  26. import org.openspcoop2.core.byok.BYOKUtilities;
  27. import org.openspcoop2.core.byok.BYOKWrappedValue;
  28. import org.openspcoop2.pdd.config.ConfigurazioneNodiRuntime;
  29. import org.openspcoop2.pdd.config.ConfigurazioneNodiRuntimeBYOKRemoteConfig;
  30. import org.openspcoop2.pdd.core.dynamic.DynamicInfo;
  31. import org.openspcoop2.pdd.core.dynamic.DynamicUtils;
  32. import org.openspcoop2.utils.UtilsException;
  33. import org.openspcoop2.utils.certificate.byok.BYOKManager;
  34. import org.slf4j.Logger;

  36. /**
  37.  * DriverBYOKUtilities
  38.  *
  39.  * @author Andrea Poli (poli@link.it)
  40.  * @author $Author$
  41.  * @version $Rev$, $Date$
  42.  */
  43. public class DriverBYOKUtilities {

  45.     public static DriverBYOK newInstanceDriverBYOKRuntimeNode(Logger log, boolean wrap, boolean unwrap) throws UtilsException {
  46.         return newInstanceDriverBYOKRuntimeNode(log, wrap, unwrap, false);
  47.     }
  48.     public static DriverBYOK newInstanceDriverBYOKRuntimeNodeForJmxOperation(Logger log, boolean wrap, boolean unwrap) throws UtilsException {
  49.         return newInstanceDriverBYOKRuntimeNode(log, wrap, unwrap, true);
  50.     }
  51.     private static DriverBYOK newInstanceDriverBYOKRuntimeNode(Logger log, boolean wrap, boolean unwrap, boolean initFromJmx) throws UtilsException {
  52.         String securityRuntimePolicy = BYOKManager.getSecurityEngineGovWayPolicy();
  53.         if(securityRuntimePolicy!=null) {
  54.             DriverBYOKUtilities utils = new DriverBYOKUtilities(log);
  55.             utils.setInitFromJmx(initFromJmx);
  56.             return utils.getDriverBYOKRuntimeNode(wrap, unwrap);
  57.         }
  58.         return null;
  59.     }
  60.     
  61.     private Logger log;
  62.     private ConfigurazioneNodiRuntime configurazioneNodiRuntime;
  63.     private boolean nodoruntime;
  64.     private boolean initFromJmx=false;
  65.     public void setInitFromJmx(boolean initFromJmx) {
  66.         this.initFromJmx = initFromJmx;
  67.     }
  68.     
  69.     public DriverBYOKUtilities(Logger log) {
  70.         this.log = log;
  71.         this.nodoruntime = true;
  72.     }
  73.     public DriverBYOKUtilities(boolean nodoruntime, Logger log, ConfigurazioneNodiRuntime config) {
  74.         this.log = log;
  75.         this.configurazioneNodiRuntime = config;
  76.         this.nodoruntime = nodoruntime;
  77.     }
  78.     
  79.     private DriverBYOK getDriverBYOK(boolean wrap, boolean unwrap) throws UtilsException{
  80.         return this.nodoruntime ?
  81.                 getDriverBYOKRuntimeNode(wrap, unwrap) :
  82.                 getDriverBYOKManagerNode(wrap, unwrap);
  83.     }
  84.     public DriverBYOK getDriverBYOKRuntimeNode(boolean wrap, boolean unwrap) throws UtilsException{
  85.         // Se definito un remoteEngine, e sono su un nodo runtime, significa che non c'è una distinzione tra ambiente runtime e ambiente manager
  86.         String securityManagerPolicy = BYOKManager.getSecurityRemoteEngineGovWayPolicy();
  87.         if(securityManagerPolicy==null || StringUtils.isEmpty(securityManagerPolicy)) {
  88.             securityManagerPolicy = BYOKManager.getSecurityEngineGovWayPolicy();
  89.         }
  90.         return getDriverBYOK(securityManagerPolicy, null, wrap, unwrap);
  91.     }
  92.     public DriverBYOK getDriverBYOKManagerNode(boolean wrap, boolean unwrap) throws UtilsException{
  93.         return getDriverBYOK(BYOKManager.getSecurityEngineGovWayPolicy(), BYOKManager.getSecurityRemoteEngineGovWayPolicy(), wrap, unwrap);
  94.     }
  95.     private DriverBYOK getDriverBYOK(String securityManagerPolicy, String securityManagerRemotePolicy, boolean wrap, boolean unwrap) throws UtilsException{
  96.         if(securityManagerPolicy!=null && StringUtils.isNotEmpty(securityManagerPolicy)) {
  97.             Map<String, Object> dynamicMap = new HashMap<>();
  98.             DynamicInfo dynamicInfo = new  DynamicInfo();
  99.             DynamicUtils.fillDynamicMap(this.log, dynamicMap, dynamicInfo, this.initFromJmx);
  100.             
  101.             if(securityManagerRemotePolicy!=null && StringUtils.isNotEmpty(securityManagerRemotePolicy) &&
  102.                     !securityManagerPolicy.equals(securityManagerRemotePolicy) && 
  103.                     isBYOKRemoteGovWayNodeConfig(securityManagerPolicy, wrap, unwrap) // quella attuale sarà una chiamata http verso la remote
  104.                     ) {
  105.                 initBYOKDynamicMapRemoteGovWayNode(dynamicMap, wrap, unwrap);
  106.             }
  107.             
  108.             return new DriverBYOK(this.log, securityManagerPolicy, securityManagerRemotePolicy, dynamicMap, true);
  109.         }
  110.         return null;
  111.     }
  112.     private boolean isBYOKRemoteGovWayNodeConfig(String securityManagerPolicy, boolean wrap, boolean unwrap) throws UtilsException {
  113.         BYOKManager byokManager = BYOKManager.getInstance();
  114.         if(byokManager!=null) {
  115.             return byokManager.isBYOKRemoteGovWayNodeConfig(securityManagerPolicy, wrap, unwrap);
  116.         }
  117.         return false;
  118.     }
  119.     
  120.     private void initBYOKDynamicMapRemoteGovWayNode(Map<String, Object> dynamicMap, boolean wrap, boolean unwrap) {
  121.         ConfigurazioneNodiRuntimeBYOKRemoteConfig remoteConfig = new ConfigurazioneNodiRuntimeBYOKRemoteConfig();
  122.         this.configurazioneNodiRuntime.initBYOKDynamicMapRemoteGovWayNode(this.log,dynamicMap, wrap, unwrap, remoteConfig);
  123.     }
  124.     
  125.     public String wrap(String value) throws UtilsException {
  126.         try {
  127.             if(value==null || StringUtils.isEmpty(value)) {
  128.                 return value;
  129.             }
  130.             DriverBYOK driverBYOK = getDriverBYOK(true, false);
  131.             if(driverBYOK==null) {
  132.                 return value;
  133.             }
  134.             BYOKWrappedValue v = driverBYOK.wrap(value);
  135.             if(v!=null && v.getWrappedValue()!=null) {
  136.                 return v.getWrappedValue();
  137.             }
  138.             throw new UtilsException("Wrap value failed");
  139.         }catch(Exception e) {
  140.             throw new UtilsException(e.getMessage(),e);
  141.         }
  142.     }
  143.     public String unwrap(String value) throws UtilsException {
  144.         try {
  145.             if(value==null || StringUtils.isEmpty(value)) {
  146.                 return value;
  147.             }
  148.             DriverBYOK driverBYOK = getDriverBYOK(false, true);
  149.             if(driverBYOK==null) {
  150.                 return value;
  151.             }
  152.             return driverBYOK.unwrapAsString(value);
  153.         }catch(Exception e) {
  154.             throw new UtilsException(e.getMessage(),e);
  155.         }
  156.     }
  157.     
  158.     public byte[] wrap(byte[] value) throws UtilsException {
  159.         try {
  160.             if(value==null || value.length<=0) {
  161.                 return value;
  162.             }
  163.             DriverBYOK driverBYOK = getDriverBYOK(true, false);
  164.             if(driverBYOK==null) {
  165.                 return value;
  166.             }
  167.             BYOKWrappedValue v = driverBYOK.wrap(value);
  168.             if(v!=null && v.getWrappedValue()!=null) {
  169.                 return v.getWrappedValue().getBytes();
  170.             }
  171.             throw new UtilsException("Wrap value failed");
  172.         }catch(Exception e) {
  173.             throw new UtilsException(e.getMessage(),e);
  174.         }
  175.     }
  176.     public byte[] unwrap(byte[] value) throws UtilsException {
  177.         try {
  178.             if(value==null || value.length<=0) {
  179.                 return value;
  180.             }
  181.             DriverBYOK driverBYOK = getDriverBYOK(false, true);
  182.             if(driverBYOK==null) {
  183.                 return value;
  184.             }
  185.             return driverBYOK.unwrap(value);
  186.         }catch(Exception e) {
  187.             throw new UtilsException(e.getMessage(),e);
  188.         }
  189.     }
  190.     
  191.     public boolean isWrappedWithAnyPolicy(String value) {
  192.         if(value!=null && StringUtils.isNotEmpty(value)) {
  193.             return BYOKUtilities.isWrappedValue(value);
  194.         }
  195.         return false;
  196.     }
  197.     public boolean isWrappedWithActivePolicy(String value) {
  198.         String driverSecurityManagerPolicy = null;
  199.         try {
  200.             if(value==null || StringUtils.isEmpty(value) || !isEnabledBYOK()) {
  201.                 return false;
  202.             }
  203.             String securityManagerPolicy = BYOKManager.getSecurityEngineGovWayPolicy();
  204.             driverSecurityManagerPolicy = BYOKManager.getSecurityRemoteEngineGovWayPolicy();
  205.             if(driverSecurityManagerPolicy==null || StringUtils.isEmpty(driverSecurityManagerPolicy)) {
  206.                 driverSecurityManagerPolicy = securityManagerPolicy;
  207.             }
  208.         }catch(Exception e) {
  209.             this.log.error("isWrapped failed ["+value+"]: "+e.getMessage(),e);
  210.             /**throw new DriverControlStationException(e.getMessage(),e);*/
  211.             return false; 
  212.         }
  213.         return isWrappedWithPolicy(this.log, value, driverSecurityManagerPolicy);
  214.     }
  215.     
  216.     public static boolean isWrappedWithPolicy(Logger log, String value, String policy) {
  217.         try {
  218.             if(value==null || StringUtils.isEmpty(value)) {
  219.                 return false;
  220.             }
  221.             
  222.             String prefix = BYOKUtilities.newPrefixWrappedValue(policy);
  223.             return value.startsWith(prefix) && value.length()>prefix.length();
  224.             
  225.         }catch(Exception e) {
  226.             log.error("isWrapped failed ["+value+"]: "+e.getMessage(),e);
  227.             /**throw new DriverControlStationException(e.getMessage(),e);*/
  228.             return false; 
  229.         }
  230.     }
  231.     
  232.     public boolean isEnabledBYOK() {
  233.         return BYOKManager.isEnabledBYOK();
  234.     }
  235. }
Created with JaCoCo 0.8.8.202204050719