BYOKInstance.java

  1. /*
  2.  * GovWay - A customizable API Gateway 
  3.  * https://govway.org
  4.  * 
  5.  * Copyright (c) 2005-2025 Link.it srl (https://link.it). 
  6.  * 
  7.  * This program is free software: you can redistribute it and/or modify
  8.  * it under the terms of the GNU General Public License version 3, as published by
  9.  * the Free Software Foundation.
  10.  *
  11.  * This program is distributed in the hope that it will be useful,
  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14.  * GNU General Public License for more details.
  15.  *
  16.  * You should have received a copy of the GNU General Public License
  17.  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  18.  *
  19.  */
  20. package org.openspcoop2.utils.certificate.byok;

  22. import java.util.HashMap;
  23. import java.util.List;
  24. import java.util.Map;

  26. import org.apache.commons.lang.StringUtils;
  27. import org.openspcoop2.utils.DynamicStringReplace;
  28. import org.openspcoop2.utils.UtilsException;
  29. import org.openspcoop2.utils.digest.DigestEncoding;
  30. import org.openspcoop2.utils.io.Base64Utilities;
  31. import org.openspcoop2.utils.io.HexBinaryUtilities;
  32. import org.openspcoop2.utils.resources.Charset;
  33. import org.openspcoop2.utils.resources.FileSystemUtilities;
  34. import org.openspcoop2.utils.transport.TransportUtils;
  35. import org.openspcoop2.utils.transport.http.HttpConstants;
  36. import org.openspcoop2.utils.transport.http.HttpRequest;
  37. import org.openspcoop2.utils.transport.http.HttpRequestMethod;
  38. import org.slf4j.Logger;

  40. /**
  41.  * BYOKInstance
  42.  *
  43.  * @author Poli Andrea (apoli@link.it)
  44.  * @author $Author$
  45.  * @version $Rev$, $Date$
  46.  */
  47. public class BYOKInstance {

  49.     private BYOKConfig config;
  50.     
  51.     private HttpRequest httpRequest;
  52.     
  53.     private byte [] localKey;
  54.     private BYOKLocalConfig localConfigResolved;
  55.     
  56.     private String keyCache;
  57.     
  58.     public BYOKInstance(BYOKConfig config, HttpRequest httpRequest, String keyCache) {
  59.         this.config = config;
  60.         this.httpRequest = httpRequest;
  61.         this.keyCache = keyCache;
  62.     }
  63.     public BYOKInstance(BYOKConfig config, BYOKLocalConfig localConfigResolved, byte[] key, String keyCache) {
  64.         this.config = config;
  65.         this.localConfigResolved = localConfigResolved;
  66.         this.localKey = key;
  67.         this.keyCache = keyCache;
  68.     }
  69.     
  70.     public BYOKConfig getConfig() {
  71.         return this.config;
  72.     }
  73.     
  74.     public BYOKLocalConfig getLocalConfigResolved() {
  75.         return this.localConfigResolved;
  76.     }
  77.     public byte[] getLocalKey() {
  78.         return this.localKey;
  79.     }
  80.     
  81.     public HttpRequest getHttpRequest() {
  82.         return this.httpRequest;
  83.     }
  84.     
  85.     public String getKeyCache() {
  86.         return this.keyCache;
  87.     }
  88.     
  89.     private static final String BYOK_REQUEST_PARAMS_UNDEFINED = "BYOKRequestParams undefined";
  90.     private static final String BYOK_REQUEST_PARAMS_CONFIG_UNDEFINED = "BYOKRequestParams config undefined";

  92.     public static BYOKInstance newInstance(Logger log, BYOKRequestParams requestParams, byte[] key) throws UtilsException {
  93.         if(requestParams==null) {
  94.             throw new UtilsException(BYOK_REQUEST_PARAMS_UNDEFINED);
  95.         }
  96.         if(requestParams.getConfig()==null) {
  97.             throw new UtilsException(BYOK_REQUEST_PARAMS_CONFIG_UNDEFINED);
  98.         }
  99.         if(BYOKEncryptionMode.LOCAL.equals(requestParams.getConfig().getEncryptionMode())) {
  100.             return BYOKInstance.newLocalInstance(log, requestParams, key);
  101.         }
  102.         else {
  103.             return BYOKInstance.newRemoteInstance(log, requestParams, key);
  104.         }
  105.     }
  106.     public static BYOKInstance newInstance(Logger log, Map<String,Object> dynamicMap, BYOKConfig config, Map<String,String> inputMap, String keyCache, byte[] key) throws UtilsException {
  107.         if(config==null) {
  108.             throw new UtilsException(BYOK_REQUEST_PARAMS_CONFIG_UNDEFINED);
  109.         }
  110.         if(BYOKEncryptionMode.LOCAL.equals(config.getEncryptionMode())) {
  111.             return BYOKInstance.newLocalInstance(log, dynamicMap, config, inputMap, keyCache, key);
  112.         }
  113.         else {
  114.             return BYOKInstance.newRemoteInstance(log, dynamicMap, config, inputMap, key);
  115.         }
  116.     }
  117.     
  118.     public static BYOKInstance newRemoteInstance(Logger log, BYOKRequestParams requestParams, byte[] key) throws UtilsException {
  119.         if(requestParams==null) {
  120.             throw new UtilsException(BYOK_REQUEST_PARAMS_UNDEFINED);
  121.         }
  122.         return newRemoteInstance(log, requestParams.getDynamicMap(), requestParams.getConfig(), requestParams.getInputMap(), key);
  123.     }
  124.     public static BYOKInstance newRemoteInstance(Logger log, Map<String,Object> dynamicMap, BYOKConfig config, Map<String,String> inputMap, byte[] key) throws UtilsException {
  125.         HttpRequest httpRequest = buildHttpRequest(log, config, dynamicMap, inputMap, key);
  126.         String keyCache = buildKeyCache(httpRequest);
  127.         return new BYOKInstance(config, httpRequest, keyCache);
  128.     }
  129.     
  130.     public static BYOKInstance newLocalInstance(Logger log, BYOKRequestParams requestParams, byte[] key) throws UtilsException {
  131.         if(requestParams==null) {
  132.             throw new UtilsException(BYOK_REQUEST_PARAMS_UNDEFINED);
  133.         }
  134.         if(requestParams.getKeyIdentity()==null) {
  135.             throw new UtilsException("BYOKRequestParams key identity undefined");
  136.         }
  137.         return newLocalInstance(log, requestParams.getDynamicMap(), requestParams.getConfig(), requestParams.getInputMap(), requestParams.getKeyIdentity(), key);
  138.     }
  139.     public static BYOKInstance newLocalInstance(Logger log, Map<String,Object> dynamicMap, BYOKConfig config, Map<String,String> inputMap, String keyCache, byte[] key) throws UtilsException {
  140.         if(log!=null) {
  141.              // nop
  142.         }
  143.         BYOKLocalConfig localConfig = buildBYOKLocalConfig(config, dynamicMap, inputMap, null);
  144.         return new BYOKInstance(config, localConfig, key, keyCache);
  145.     }
  146.     
  147.     private static BYOKLocalConfig buildBYOKLocalConfig(BYOKConfig config, Map<String,Object> dynamicMap, Map<String,String> inputMap, byte[] key) throws UtilsException {
  148.         
  149.         BYOKLocalConfig localConfig = new BYOKLocalConfig();
  150.         
  151.         List<BYOKConfigParameter> inputParameters = config.getInputParameters();
  152.         
  153.         localConfig.encryptionEngine = resolveKmsConstants(dynamicMap, inputParameters, inputMap, key,
  154.                 BYOKCostanti.PROPERTY_SUFFIX_LOCAL_IMPL, config.getLocalConfig().encryptionEngine);
  155.         
  156.         localConfig.keystoreType = config.getLocalConfig().keystoreType;
  157.         localConfig.keystoreHsmType = config.getLocalConfig().keystoreHsmType;
  158.         localConfig.keystorePath = resolveKmsConstants(dynamicMap, inputParameters, inputMap, key,
  159.                 BYOKCostanti.PROPERTY_SUFFIX_LOCAL_KEYSTORE_PATH, config.getLocalConfig().keystorePath);
  160.         localConfig.keystorePassword = resolveKmsConstants(dynamicMap, inputParameters, inputMap, key,
  161.                 BYOKCostanti.PROPERTY_SUFFIX_LOCAL_KEYSTORE_PASSWORD, config.getLocalConfig().keystorePassword);
  162.         
  163.         localConfig.keyPath = resolveKmsConstants(dynamicMap, inputParameters, inputMap, key,
  164.                 BYOKCostanti.PROPERTY_SUFFIX_LOCAL_KEY_PATH, config.getLocalConfig().keyPath);
  165.         localConfig.keyInline = resolveKmsConstants(dynamicMap, inputParameters, inputMap, key,
  166.                 BYOKCostanti.PROPERTY_SUFFIX_LOCAL_KEY_INLINE, config.getLocalConfig().keyInline);
  167.         localConfig.keyEncoding = resolveKmsConstants(dynamicMap, inputParameters, inputMap, key,
  168.                 BYOKCostanti.PROPERTY_SUFFIX_LOCAL_KEY_ENCODING, config.getLocalConfig().keyEncoding);
  169.         localConfig.keyAlgorithm = resolveKmsConstants(dynamicMap, inputParameters, inputMap, key,
  170.                 BYOKCostanti.PROPERTY_SUFFIX_LOCAL_KEY_ALGORITHM, config.getLocalConfig().keyAlgorithm);
  171.         localConfig.keyAlias = resolveKmsConstants(dynamicMap, inputParameters, inputMap, key,
  172.                 BYOKCostanti.PROPERTY_SUFFIX_LOCAL_KEY_ALIAS, config.getLocalConfig().keyAlias);
  173.         localConfig.keyPassword = resolveKmsConstants(dynamicMap, inputParameters, inputMap, key,
  174.                 BYOKCostanti.PROPERTY_SUFFIX_LOCAL_KEY_PASSWORD, config.getLocalConfig().keyPassword);
  175.         localConfig.keyId = resolveKmsConstants(dynamicMap, inputParameters, inputMap, key,
  176.                 BYOKCostanti.PROPERTY_SUFFIX_LOCAL_KEY_ID, config.getLocalConfig().keyId);
  177.         localConfig.keyWrap = config.getLocalConfig().keyWrap;
  178.         
  179.         localConfig.publicKeyPath = resolveKmsConstants(dynamicMap, inputParameters, inputMap, key,
  180.                 BYOKCostanti.PROPERTY_SUFFIX_LOCAL_PUBLIC_KEY_PATH, config.getLocalConfig().publicKeyPath);
  181.         localConfig.publicKeyInline = resolveKmsConstants(dynamicMap, inputParameters, inputMap, key,
  182.                 BYOKCostanti.PROPERTY_SUFFIX_LOCAL_PUBLIC_KEY_INLINE, config.getLocalConfig().publicKeyInline);
  183.         localConfig.publicKeyEncoding = resolveKmsConstants(dynamicMap, inputParameters, inputMap, key,
  184.                 BYOKCostanti.PROPERTY_SUFFIX_LOCAL_PUBLIC_KEY_ENCODING, config.getLocalConfig().publicKeyEncoding);
  185.         
  186.         localConfig.pw = resolveKmsConstants(dynamicMap, inputParameters, inputMap, key,
  187.                 BYOKCostanti.PROPERTY_SUFFIX_LOCAL_PW, config.getLocalConfig().pw);
  188.         localConfig.pwType = resolveKmsConstants(dynamicMap, inputParameters, inputMap, key,
  189.                 BYOKCostanti.PROPERTY_SUFFIX_LOCAL_PW_TYPE, config.getLocalConfig().pwType);
  190.         localConfig.pwIteration = config.getLocalConfig().pwIteration;
  191.         
  192.         localConfig.contentAlgorithm = resolveKmsConstants(dynamicMap, inputParameters, inputMap, key,
  193.                 BYOKCostanti.PROPERTY_SUFFIX_LOCAL_CONTENT_ALGORITHM, config.getLocalConfig().contentAlgorithm);
  194.         
  195.         localConfig.encoding = resolveKmsConstants(dynamicMap, inputParameters, inputMap, key,
  196.                 BYOKCostanti.PROPERTY_SUFFIX_LOCAL_ENCODING, config.getLocalConfig().encoding);

  198.         localConfig.joseIncludeCert = config.getLocalConfig().joseIncludeCert;
  199.         localConfig.joseIncludePublicKey = config.getLocalConfig().joseIncludePublicKey;
  200.         localConfig.joseIncludeKeyId = config.getLocalConfig().joseIncludeKeyId;
  201.         localConfig.joseIncludeCertSha1 = config.getLocalConfig().joseIncludeCertSha1;
  202.         localConfig.joseIncludeCertSha256 = config.getLocalConfig().joseIncludeCertSha256;
  203.         
  204.         return localConfig;
  205.     }
  206.     
  207.     private static HttpRequest buildHttpRequest(Logger log, BYOKConfig configParam, Map<String,Object> dynamicMap, Map<String,String> inputMap, byte[] key) throws UtilsException {
  208.         
  209.         HttpRequest http = new HttpRequest();
  210.         
  211.         BYOKRemoteConfig config = configParam.getRemoteConfig();
  212.         List<BYOKConfigParameter> inputParameters = configParam.getInputParameters();
  213.         
  214.         http.setUrl(resolveKmsConstants(dynamicMap, inputParameters, inputMap, key,
  215.             BYOKCostanti.PROPERTY_SUFFIX_HTTP_ENDPOINT, config.getHttpEndpoint()));
  216.         String m = null;
  217.         try {
  218.             m = resolveKmsConstants(dynamicMap, inputParameters, inputMap, key,
  219.                     BYOKCostanti.PROPERTY_SUFFIX_HTTP_METHOD, config.getHttpMethod());
  220.             if(m==null) {
  221.                 throw new UtilsException("Undefined");
  222.             }
  223.             http.setMethod(HttpRequestMethod.valueOf(m.toUpperCase()));
  224.         }catch(Exception e) {
  225.             throw new UtilsException("Invalid request http method ("+config.getHttpEndpoint()+"; resolved:"+m+"): "+e.getMessage(),e);
  226.         }
  227.         
  228.         if(config.getHttpConnectionTimeout()!=null) {
  229.             http.setConnectTimeout(config.getHttpConnectionTimeout());
  230.         }
  231.         if(config.getHttpReadTimeout()!=null) {
  232.             http.setReadTimeout(config.getHttpReadTimeout());
  233.         }
  234.         
  235.         setHttpHeader(config, dynamicMap, 
  236.                 inputParameters, inputMap, key, http);
  237.         
  238.         setPayload(config, dynamicMap, 
  239.                 inputParameters, inputMap, key, http);
  240.         
  241.         setHttps(log, config, dynamicMap,
  242.                 inputParameters, inputMap, key, http);
  243.         
  244.         return http;
  245.     }
  246.     private static void setHttpHeader(BYOKRemoteConfig config, Map<String,Object> dynamicMap, 
  247.             List<BYOKConfigParameter> inputParameters, Map<String,String> inputMap, byte[] key,
  248.             HttpRequest http) throws UtilsException {
  249.         if(config.getHttpHeaders()!=null && !config.getHttpHeaders().isEmpty()) {
  250.             for(Map.Entry<String,String> entry : config.getHttpHeaders().entrySet()) {
  251.                 String nome = resolveKmsConstants(dynamicMap, inputParameters, inputMap, key,
  252.                         BYOKCostanti.PROPERTY_SUFFIX_HTTP_HEADER+"<name>", entry.getKey());
  253.                 String valore = resolveKmsConstants(dynamicMap, inputParameters, inputMap, key,
  254.                         BYOKCostanti.PROPERTY_SUFFIX_HTTP_HEADER+entry.getKey(), entry.getValue());
  255.                 if(nome!=null && valore!=null) {
  256.                     http.addHeader(nome, valore);
  257.                 }
  258.             }
  259.         }
  260.         if(config.getHttpUsername()!=null) {
  261.             http.setUsername(resolveKmsConstants(dynamicMap, inputParameters, inputMap, key,
  262.                         BYOKCostanti.PROPERTY_SUFFIX_HTTP_USERNAME, config.getHttpUsername()));
  263.         }
  264.         if(config.getHttpPassword()!=null) {
  265.             http.setPassword(resolveKmsConstants(dynamicMap, inputParameters, inputMap, key,
  266.                         BYOKCostanti.PROPERTY_SUFFIX_HTTP_PASSWORD, config.getHttpPassword()));
  267.         }
  268.     }
  269.     private static void setPayload(BYOKRemoteConfig config, Map<String,Object> dynamicMap, 
  270.             List<BYOKConfigParameter> inputParameters, Map<String,String> inputMap, byte[] key,
  271.             HttpRequest http) throws UtilsException {
  272.         if(config.getHttpPayloadInLine()!=null) {
  273.             String content = resolveKmsConstants(dynamicMap, inputParameters, inputMap, key,
  274.                     BYOKCostanti.PROPERTY_SUFFIX_HTTP_PAYLOAD_INLINE, config.getHttpPayloadInLine());
  275.             if(content!=null) {
  276.                 http.setContent(content.getBytes());
  277.             }
  278.         }
  279.         else if(config.getHttpPayloadPath()!=null) {
  280.             byte[]fileContent = null;
  281.             try {
  282.                 fileContent = FileSystemUtilities.readBytesFromFile(config.getHttpPayloadPath());
  283.             }catch(Exception e) {
  284.                 throw new UtilsException("Invalid request payload file ("+config.getHttpPayloadPath()+"): "+e.getMessage(),e);
  285.             }
  286.             http.setContent(resolveKmsConstants(dynamicMap, inputParameters, inputMap, key,
  287.                     BYOKCostanti.PROPERTY_SUFFIX_HTTP_PAYLOAD_PATH, fileContent));
  288.         }
  289.         
  290.         if(http.getContent()!=null) {
  291.             String ct = http.getHeaderFirstValue(HttpConstants.CONTENT_TYPE);
  292.             if(ct==null || StringUtils.isEmpty(ct)) {
  293.                 http.setContentType(HttpConstants.CONTENT_TYPE_APPLICATION_OCTET_STREAM);
  294.             }
  295.         }
  296.     }
  297.     
  298.     private static void setHttps(Logger log, BYOKRemoteConfig config, Map<String,Object> dynamicMap, 
  299.             List<BYOKConfigParameter> inputParameters, Map<String,String> inputMap, byte[] key,
  300.             HttpRequest http) throws UtilsException {
  301.         
  302.         if(log!=null) {
  303.             // nop
  304.         }
  305.         
  306.         if(config.isHttps()) {
  307.             
  308.             http.setHostnameVerifier(config.isHttpsHostnameVerifier());
  309.             
  310.             setHttpsServer(config, dynamicMap, inputParameters, inputMap, key, http);
  311.             
  312.             setHttpsClient(config, dynamicMap, inputParameters, inputMap, key, http);
  313.             
  314.         }
  315.         
  316.     }
  317.     private static void setHttpsServer(BYOKRemoteConfig config, Map<String,Object> dynamicMap, 
  318.             List<BYOKConfigParameter> inputParameters, Map<String,String> inputMap, byte[] key,
  319.             HttpRequest http) throws UtilsException {
  320.         if(config.isHttpsServerAuth()) {
  321.             
  322.             if(config.getHttpsServerAuthTrustStorePath()!=null) {
  323.                 http.setTrustStorePath(resolveKmsConstants(dynamicMap, inputParameters, inputMap, key,
  324.                         BYOKCostanti.PROPERTY_SUFFIX_HTTPS_AUTENTICAZIONE_SERVER_TRUSTSTORE_PATH, config.getHttpsServerAuthTrustStorePath()));
  325.             }
  326.             if(config.getHttpsServerAuthTrustStoreType()!=null) {
  327.                 http.setTrustStoreType(resolveKmsConstants(dynamicMap, inputParameters, inputMap, key,
  328.                         BYOKCostanti.PROPERTY_SUFFIX_HTTPS_AUTENTICAZIONE_SERVER_TRUSTSTORE_TYPE, config.getHttpsServerAuthTrustStoreType()));
  329.             }
  330.             if(config.getHttpsServerAuthTrustStorePassword()!=null) {
  331.                 http.setTrustStorePassword(resolveKmsConstants(dynamicMap, inputParameters, inputMap, key,
  332.                         BYOKCostanti.PROPERTY_SUFFIX_HTTPS_AUTENTICAZIONE_SERVER_TRUSTSTORE_PASSWORD, config.getHttpsServerAuthTrustStorePassword()));
  333.             }
  334.             if(config.getHttpsServerAuthTrustStoreCrls()!=null) {
  335.                 http.setCrlPath(resolveKmsConstants(dynamicMap, inputParameters, inputMap, key,
  336.                         BYOKCostanti.PROPERTY_SUFFIX_HTTPS_AUTENTICAZIONE_SERVER_CRLS, config.getHttpsServerAuthTrustStoreCrls()));
  337.             }
  338.             if(config.getHttpsServerAuthTrustStoreOcspPolicy()!=null) {
  339.                 http.setOcspPolicy(resolveKmsConstants(dynamicMap, inputParameters, inputMap, key,
  340.                         BYOKCostanti.PROPERTY_SUFFIX_HTTPS_AUTENTICAZIONE_SERVER_OCSP_POLICY, config.getHttpsServerAuthTrustStoreOcspPolicy()));
  341.             }
  342.             
  343.         }
  344.         else {
  345.             http.setTrustAllCerts(true);
  346.         }
  347.     }
  348.     private static void setHttpsClient(BYOKRemoteConfig config, Map<String,Object> dynamicMap, 
  349.             List<BYOKConfigParameter> inputParameters, Map<String,String> inputMap, byte[] key,
  350.             HttpRequest http) throws UtilsException {
  351.         if(config.isHttpsClientAuth()) {
  352.             
  353.             if(config.getHttpsClientAuthKeyStorePath()!=null) {
  354.                 http.setKeyStorePath(resolveKmsConstants(dynamicMap, inputParameters, inputMap, key,
  355.                         BYOKCostanti.PROPERTY_SUFFIX_HTTPS_AUTENTICAZIONE_CLIENT_KEYSTORE_PATH, config.getHttpsClientAuthKeyStorePath()));
  356.             }
  357.             if(config.getHttpsClientAuthKeyStoreType()!=null) {
  358.                 http.setKeyStoreType(resolveKmsConstants(dynamicMap, inputParameters, inputMap, key,
  359.                         BYOKCostanti.PROPERTY_SUFFIX_HTTPS_AUTENTICAZIONE_CLIENT_KEYSTORE_TYPE, config.getHttpsClientAuthKeyStoreType()));
  360.             }
  361.             if(config.getHttpsClientAuthKeyStorePassword()!=null) {
  362.                 http.setKeyStorePassword(resolveKmsConstants(dynamicMap, inputParameters, inputMap, key,
  363.                         BYOKCostanti.PROPERTY_SUFFIX_HTTPS_AUTENTICAZIONE_CLIENT_KEYSTORE_PASSWORD, config.getHttpsClientAuthKeyStorePassword()));
  364.             }
  365.             
  366.             
  367.             if(config.getHttpsClientAuthKeyAlias()!=null) {
  368.                 http.setKeyAlias(resolveKmsConstants(dynamicMap, inputParameters, inputMap, key,
  369.                         BYOKCostanti.PROPERTY_SUFFIX_HTTPS_AUTENTICAZIONE_CLIENT_KEY_ALIAS, config.getHttpsClientAuthKeyAlias()));
  370.             }
  371.             if(config.getHttpsClientAuthKeyPassword()!=null) {
  372.                 http.setKeyPassword(resolveKmsConstants(dynamicMap, inputParameters, inputMap, key,
  373.                         BYOKCostanti.PROPERTY_SUFFIX_HTTPS_AUTENTICAZIONE_CLIENT_KEY_PASSWORD, config.getHttpsClientAuthKeyPassword()));
  374.             }
  375.         }
  376.     }
  377.     
  378.     private static String buildKeyCache(HttpRequest httpRequest) throws UtilsException {
  379.         StringBuilder sb = new StringBuilder();
  380.         if(httpRequest!=null) {
  381.             
  382.             sb.append(httpRequest.getMethod()).append("_").append(httpRequest.getUrl());
  383.         
  384.             addKeyCacheHttpHeader(httpRequest, sb);
  385.             
  386.             if(httpRequest.getContent()!=null && httpRequest.getContent().length>0) {
  387.                 String digestAlgorithm = "SHA256";
  388.                 String digestAuditValue = org.openspcoop2.utils.digest.DigestUtils.getDigestValue(httpRequest.getContent(), digestAlgorithm, DigestEncoding.HEX, 
  389.                         true); // se rfc3230 true aggiunge prefisso algoritmo=
  390.                 sb.append("_");
  391.                 sb.append(digestAuditValue);
  392.             }
  393.         }
  394.         return sb.toString();
  395.     }
  396.     private static void addKeyCacheHttpHeader(HttpRequest httpRequest, StringBuilder sb) {
  397.         if(httpRequest.getHeadersValues()!=null && !httpRequest.getHeadersValues().isEmpty()) {
  398.             for(String name : httpRequest.getHeadersValues().keySet()) {
  399.                 List<String> values = httpRequest.getHeadersValues().get(name);
  400.                 if(values!=null && !values.isEmpty()) {
  401.                     for (String v : values) {
  402.                         sb.append("_");
  403.                         sb.append(name).append(":").append(v);
  404.                     }
  405.                 }
  406.             }
  407.         }
  408.     }
  409.     
  410.     private static byte[] resolveKmsConstants(Map<String,Object> dynamicMap, List<BYOKConfigParameter> inputParameters,
  411.             Map<String,String> inputMap, byte[] key,
  412.             String name, byte[] value) throws UtilsException {
  413.         byte[] returnArray = null;
  414.         if(value!=null) {
  415.             String v = new String(value);
  416.             if(BYOKCostanti.VARIABILE_KMS_KEY.equals(v) || BYOKCostanti.VARIABILE_KSM_KEY_DEPRECATED.equals(v)) {
  417.                 returnArray = key;
  418.             }
  419.             else if(BYOKCostanti.VARIABILE_KMS_KEY_URL_ENCODED.equals(v) || BYOKCostanti.VARIABILE_KSM_KEY_URL_ENCODED_DEPRECATED.equals(v)) {
  420.                 returnArray = TransportUtils.urlEncodeParam(v, Charset.UTF_8.getValue()).getBytes();
  421.             }
  422.             else if(BYOKCostanti.VARIABILE_KMS_KEY_BASE64.equals(v) || BYOKCostanti.VARIABILE_KSM_KEY_BASE64_DEPRECATED.equals(v)) {
  423.                 returnArray = Base64Utilities.encode(key);
  424.             }
  425.             else if(BYOKCostanti.VARIABILE_KMS_KEY_BASE64_URL_ENCODED.equals(v) || BYOKCostanti.VARIABILE_KSM_KEY_BASE64_URL_ENCODED_DEPRECATED.equals(v)) {
  426.                 String base64 = Base64Utilities.encodeAsString(key);
  427.                 returnArray = TransportUtils.urlEncodeParam(base64, Charset.UTF_8.getValue()).getBytes();
  428.             }
  429.             else if(BYOKCostanti.VARIABILE_KMS_KEY_HEX.equals(v) || BYOKCostanti.VARIABILE_KSM_KEY_HEX_DEPRECATED.equals(v)) {
  430.                 returnArray = HexBinaryUtilities.encodeAsString(key).getBytes();
  431.             }
  432.             else if(BYOKCostanti.VARIABILE_KMS_KEY_HEX_URL_ENCODED.equals(v) || BYOKCostanti.VARIABILE_KSM_KEY_HEX_URL_ENCODED_DEPRECATED.equals(v)) {
  433.                 String hex =  HexBinaryUtilities.encodeAsString(key);
  434.                 returnArray = TransportUtils.urlEncodeParam(hex, Charset.UTF_8.getValue()).getBytes();
  435.             }
  436.             else {
  437.                 returnArray = resolveKmsConstants(dynamicMap, inputParameters, 
  438.                         inputMap, key,
  439.                         name, v).getBytes();
  440.             }
  441.         }
  442.         return returnArray;
  443.     }
  444.     private static String resolveKmsConstants(Map<String,Object> dynamicMap, List<BYOKConfigParameter> inputParameters,
  445.             Map<String,String> inputMap, byte[] key,
  446.             String name, String value) throws UtilsException {
  447.         
  448.         if(value==null) {
  449.             return value;
  450.         }
  451.         
  452.         String newValue = resolveKmsConstant(value, BYOKCostanti.VARIABILE_KMS_KEY, key);
  453.         newValue = resolveKmsConstant(newValue, BYOKCostanti.VARIABILE_KSM_KEY_DEPRECATED, key);
  454.         newValue = resolveKmsConstant(newValue, BYOKCostanti.VARIABILE_KMS_KEY_URL_ENCODED, key);
  455.         newValue = resolveKmsConstant(newValue, BYOKCostanti.VARIABILE_KSM_KEY_URL_ENCODED_DEPRECATED, key);
  456.         
  457.         newValue = resolveKmsConstant(newValue, BYOKCostanti.VARIABILE_KMS_KEY_BASE64, key);
  458.         newValue = resolveKmsConstant(newValue, BYOKCostanti.VARIABILE_KSM_KEY_BASE64_DEPRECATED, key);
  459.         newValue = resolveKmsConstant(newValue, BYOKCostanti.VARIABILE_KMS_KEY_BASE64_URL_ENCODED, key);
  460.         newValue = resolveKmsConstant(newValue, BYOKCostanti.VARIABILE_KSM_KEY_BASE64_URL_ENCODED_DEPRECATED, key);
  461.         
  462.         newValue = resolveKmsConstant(newValue, BYOKCostanti.VARIABILE_KMS_KEY_HEX, key);
  463.         newValue = resolveKmsConstant(newValue, BYOKCostanti.VARIABILE_KSM_KEY_HEX_DEPRECATED, key);
  464.         newValue = resolveKmsConstant(newValue, BYOKCostanti.VARIABILE_KMS_KEY_HEX_URL_ENCODED, key);
  465.         newValue = resolveKmsConstant(newValue, BYOKCostanti.VARIABILE_KSM_KEY_HEX_URL_ENCODED_DEPRECATED, key);
  466.         
  467.         String kmsMapId = null;
  468.         if(newValue.contains(BYOKCostanti.VARIABILE_KMS_KEY_PREFIX) && !dynamicMap.containsKey(BYOKCostanti.VARIABILE_KMS)) {
  469.             kmsMapId = BYOKCostanti.VARIABILE_KMS;
  470.         }
  471.         else if(newValue.contains(BYOKCostanti.VARIABILE_KSM_KEY_PREFIX_DEPRECATED) && !dynamicMap.containsKey(BYOKCostanti.VARIABILE_KSM_DEPRECATED)) {
  472.             kmsMapId = BYOKCostanti.VARIABILE_KSM_DEPRECATED;
  473.         }
  474.         if(kmsMapId!=null) {
  475.             Map<String, String> k = new HashMap<>();
  476.             for (BYOKConfigParameter parameter: inputParameters) {
  477.                 if(inputMap!=null && inputMap.containsKey(parameter.getName())) {
  478.                     String paramValue = inputMap.get(parameter.getName());
  479.                     String valueResolved = resolve(parameter.getName(), paramValue, dynamicMap); // potrebbe essere a sua volta dinamico
  480.                     k.put(parameter.getName(), valueResolved);
  481.                 }
  482.             } 
  483.             dynamicMap.put(kmsMapId, k);
  484.         }
  485.         
  486.         return resolve(name, newValue, dynamicMap);
  487.     }
  488.     private static String resolveKmsConstant(String value, String constant, byte[] key) throws UtilsException {
  489.         if(value!=null && value.contains(constant)){
  490.             
  491.             String replaceValue = null;
  492.             if(BYOKCostanti.VARIABILE_KMS_KEY.equals(constant) || BYOKCostanti.VARIABILE_KSM_KEY_DEPRECATED.equals(constant) ||
  493.                     BYOKCostanti.VARIABILE_KMS_KEY_URL_ENCODED.equals(constant) || BYOKCostanti.VARIABILE_KSM_KEY_URL_ENCODED_DEPRECATED.equals(constant)) {
  494.                 replaceValue = new String(key);
  495.             }
  496.             else if(BYOKCostanti.VARIABILE_KMS_KEY_BASE64.equals(constant) || BYOKCostanti.VARIABILE_KSM_KEY_BASE64_DEPRECATED.equals(constant) ||
  497.                     BYOKCostanti.VARIABILE_KMS_KEY_BASE64_URL_ENCODED.equals(constant) || BYOKCostanti.VARIABILE_KSM_KEY_BASE64_URL_ENCODED_DEPRECATED.equals(constant)) {
  498.                 replaceValue = Base64Utilities.encodeAsString(key);
  499.             }
  500.             else if(BYOKCostanti.VARIABILE_KMS_KEY_HEX.equals(constant) || BYOKCostanti.VARIABILE_KSM_KEY_HEX_DEPRECATED.equals(constant) ||
  501.                     BYOKCostanti.VARIABILE_KMS_KEY_HEX_URL_ENCODED.equals(constant) || BYOKCostanti.VARIABILE_KSM_KEY_HEX_URL_ENCODED_DEPRECATED.equals(constant)) {
  502.                 replaceValue = HexBinaryUtilities.encodeAsString(key);
  503.             }
  504.             
  505.             if(BYOKCostanti.VARIABILE_KMS_KEY_URL_ENCODED.equals(constant) || BYOKCostanti.VARIABILE_KSM_KEY_URL_ENCODED_DEPRECATED.equals(constant) ||  
  506.                     BYOKCostanti.VARIABILE_KMS_KEY_BASE64_URL_ENCODED.equals(constant) || BYOKCostanti.VARIABILE_KSM_KEY_BASE64_URL_ENCODED_DEPRECATED.equals(constant) || 
  507.                     BYOKCostanti.VARIABILE_KMS_KEY_HEX_URL_ENCODED.equals(constant) || BYOKCostanti.VARIABILE_KSM_KEY_HEX_URL_ENCODED_DEPRECATED.equals(constant)) {
  508.                 replaceValue = TransportUtils.urlEncodeParam(replaceValue,Charset.UTF_8.getValue());
  509.             }
  510.             
  511.             while(value.contains(constant)){
  512.                 value = value.replace(constant, replaceValue);
  513.             }
  514.         }
  515.         return value;
  516.     }
  517.     
  518.     private static String resolve(String name, String value, Map<String,Object> dynamicMap) throws UtilsException {
  519.         try{
  520.             return DynamicStringReplace.replace(value, dynamicMap, true);
  521.         }catch(Exception e){
  522.             String prefix = "["+name+"] contiene un valore non corretto: ";
  523.             throw new UtilsException(prefix+e.getMessage(),e);
  524.         }
  525.     }
  526. }
Created with JaCoCo 0.8.8.202204050719