From 1f71bbd259a792fc9274ce4d663e019e4c4c4c38 Mon Sep 17 00:00:00 2001
From: Joze RIHTARSIC <joze.rihtarsic@ext.ec.europa.eu>
Date: Sat, 24 Nov 2018 19:05:32 +0100
Subject: [PATCH] Fix build - keystore absolute path

---
 .../ec/edelivery/smp/SMPPropertyEnum.java     |  2 ++
 .../smp/services/ui/UIKeystoreService.java    | 16 +++++++++----
 .../smp/utils/SecurityUtilsTest.java          | 24 ++++++++-----------
 .../smp/config/PropertiesConfig.java          |  7 ++++++
 .../smp/config/PropertiesTestConfig.java      |  2 +-
 5 files changed, 31 insertions(+), 20 deletions(-)

diff --git a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/SMPPropertyEnum.java b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/SMPPropertyEnum.java
index fc8769320..2580fa730 100644
--- a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/SMPPropertyEnum.java
+++ b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/SMPPropertyEnum.java
@@ -21,6 +21,8 @@ public enum SMPPropertyEnum {
     ENCRYPTION_FILENAME("encryption.key.filename","encryptionPrivateKey.private","Path to the folder containing all the configuration files (keystore and sig0 key)"),
 
 
+    KEYSTORE_PASSWORD_DECRYPTED("smp.keystore.password.decrypted","","Only for backup purposes. This password was automatically created. Store password somewhere save and delete this entry!"),
+
     SML_KEYSTORE_PASSWORD("bdmsl.integration.keystore.password","","Deprecated "),
     SML_KEYSTORE_PATH("bdmsl.integration.keystore.path","","Deprecated "),
     SIGNATURE_KEYSTORE_PASSWORD("xmldsig.keystore.password","","Deprecated "),
diff --git a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/ui/UIKeystoreService.java b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/ui/UIKeystoreService.java
index 67bc0b7ff..d75b26baf 100644
--- a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/ui/UIKeystoreService.java
+++ b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/ui/UIKeystoreService.java
@@ -40,7 +40,7 @@ public class UIKeystoreService {
     @Value("${encryption.key.filename}")
     private String encryptionFilename;
 
-    private String smpKeyStorePasswordDecripted;
+    private String smpKeyStorePasswordDecrypted;
 
     private Map<String, Key> keystoreKeys;
     private Map<String, X509Certificate> keystoreCertificates;
@@ -60,7 +60,7 @@ public class UIKeystoreService {
         LOG.info("initialize from configuration folder:"+configurationDir
                         +", enc file: "+encryptionFilename+", keystore " +  smpKeyStoreFilename);
         if (configurationDir==null || encryptionFilename==null){
-            LOG.info("Configuration folder and/or encryption filename are not set in database!");
+            LOG.warn("Configuration folder and/or encryption filename are not set in database!");
             return;
         }
 
@@ -68,15 +68,21 @@ public class UIKeystoreService {
          File file = new File(configurationDir + File.separator +  encryptionFilename);
          File keystoreFilePath = new File(configurationDir + File.separator + smpKeyStoreFilename );
          if (!file.exists()){
+             LOG.error("Encryption key file '{}' does not exists!", file.getAbsolutePath());
             return;
         }
-        smpKeyStorePasswordDecripted = SecurityUtils.decrypt(file,smpKeyStorePasswordEncrypted);
+        if (!keystoreFilePath.exists()){
+            LOG.error("Keystore file '{}' does not exists!", keystoreFilePath.getAbsolutePath());
+            return;
+        }
+
+        smpKeyStorePasswordDecrypted = SecurityUtils.decrypt(file,smpKeyStorePasswordEncrypted);
 
         // Load the KeyStore and get the signing key and certificate.
         try (InputStream keystoreInputStream = new FileInputStream(keystoreFilePath)) {
 
             KeyStore keyStore = KeyStore.getInstance("JKS");
-            keyStore.load(keystoreInputStream, smpKeyStorePasswordDecripted.toCharArray());
+            keyStore.load(keystoreInputStream, smpKeyStorePasswordDecrypted.toCharArray());
 
 
             for (String alias : list(keyStore.aliases())) {
@@ -88,7 +94,7 @@ public class UIKeystoreService {
     }
 
     private void loadKeyAndCert(KeyStore keyStore, String alias) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
-        Key key = keyStore.getKey(alias, smpKeyStorePasswordDecripted.toCharArray());
+        Key key = keyStore.getKey(alias, smpKeyStorePasswordDecrypted.toCharArray());
         Certificate certificate = keyStore.getCertificate(alias);
         if (key == null || certificate == null || !(certificate instanceof X509Certificate)) {
             throw new IllegalStateException("Wrong entry type found in keystore, only certificates with keypair are accepted, entry alias: " + alias);
diff --git a/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/utils/SecurityUtilsTest.java b/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/utils/SecurityUtilsTest.java
index 9394946f8..c46b24c4a 100644
--- a/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/utils/SecurityUtilsTest.java
+++ b/smp-server-library/src/test/java/eu/europa/ec/edelivery/smp/utils/SecurityUtilsTest.java
@@ -2,7 +2,7 @@ package eu.europa.ec.edelivery.smp.utils;
 
 import org.junit.Assert;
 import org.junit.Test;
-import org.springframework.util.StringUtils;
+
 
 import javax.crypto.SecretKey;
 import javax.crypto.spec.SecretKeySpec;
@@ -16,10 +16,6 @@ import static org.junit.Assert.*;
 
 public class SecurityUtilsTest {
 
-    
-    @Test
-    public void mergeKeystores() {
-    }
 
     @Test
     public void generatePrivateSymmetricKey() throws IOException {
@@ -41,7 +37,7 @@ public class SecurityUtilsTest {
     }
 
     @Test
-    public void encrypt() {
+    public void encrypt() throws IOException {
         // given
         File f = generateRandomPrivateKey();
         String password = "TEST11002password1@!."+System.currentTimeMillis();
@@ -53,9 +49,9 @@ public class SecurityUtilsTest {
         assertNotEquals(password, encPassword);
     }
     @Test
-    public void encryptt() {
+    public void encryptWithSetupKey() {
         // given
-        File f = new File("/cef/code/smp/smp-server-library/src/test/resources/keystores/encryptionKey.key");
+        File f = new File("src/test/resources/keystores/encryptionKey.key");
         String password = "test123";
 
         // when
@@ -67,7 +63,7 @@ public class SecurityUtilsTest {
 
 
     @Test
-    public void decrypt() {
+    public void decrypt() throws IOException {
         // given
         File f = generateRandomPrivateKey();
         String password = "TEST11002password1@!." + System.currentTimeMillis();
@@ -81,11 +77,11 @@ public class SecurityUtilsTest {
     }
 
 
-    private File generateRandomPrivateKey(){
-        String tempPrivateKey = "enckey_"+ System.currentTimeMillis() + ".private";
-        Path resourceDirectory = Paths.get("target", tempPrivateKey);
-        File resource = resourceDirectory.toFile();
-        SecurityUtils.generatePrivateSymmetricKey(resourceDirectory.toFile());
+    private File generateRandomPrivateKey() throws IOException{
+        File resource = File.createTempFile( "test-key", ".key");
+        resource.deleteOnExit();
+
+        SecurityUtils.generatePrivateSymmetricKey(resource);
         return resource;
 
     }
diff --git a/smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/config/PropertiesConfig.java b/smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/config/PropertiesConfig.java
index 42ec4440a..da33c3b09 100644
--- a/smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/config/PropertiesConfig.java
+++ b/smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/config/PropertiesConfig.java
@@ -44,6 +44,11 @@ import static eu.europa.ec.edelivery.smp.utils.SecurityUtils.*;
 
 /**
  * Created by Flavio Santos
+ * Class read properties from configuration file if exists. Than it use datasource (default by JNDI
+ * if not defined in property file jdbc/smpDatasource) to read application properties. Because this class is
+ * invoked before datasource is initialiyzed by default - it creates it's own database connection.
+ * Also it uses hibernate to handle dates  for Configuration table.
+ *
  */
 @Configuration
 @ComponentScan(basePackages = {
@@ -158,6 +163,8 @@ public class PropertiesConfig {
         storeDBEntry(em, SMPPropertyEnum.CONFIGURATION_DIR, settingsFolder.getPath());
         initProperties.setProperty(SMPPropertyEnum.CONFIGURATION_DIR.getProperty(), settingsFolder.getPath());
         String newKeyPassword = RandomStringUtils.random(8, true, true);
+        storeDBEntry(em, SMPPropertyEnum.KEYSTORE_PASSWORD_DECRYPTED, newKeyPassword);
+
 
         // store encryption filename
         File fEncryption = new File(settingsFolder, SMPPropertyEnum.ENCRYPTION_FILENAME.getDefValue());
diff --git a/smp-webapp/src/test/java/eu/europa/ec/edelivery/smp/config/PropertiesTestConfig.java b/smp-webapp/src/test/java/eu/europa/ec/edelivery/smp/config/PropertiesTestConfig.java
index 0d8bab165..fe048fba8 100644
--- a/smp-webapp/src/test/java/eu/europa/ec/edelivery/smp/config/PropertiesTestConfig.java
+++ b/smp-webapp/src/test/java/eu/europa/ec/edelivery/smp/config/PropertiesTestConfig.java
@@ -34,7 +34,7 @@ public class PropertiesTestConfig {
     @Bean
     public static PropertySourcesPlaceholderConfigurer propertySourcesPlaceholderConfigurer() {
         Path resourceDirectory = Paths.get("src", "test", "resources",  "keystores");
-        String path = resourceDirectory.toString();
+        String path = resourceDirectory.toFile().getAbsolutePath();
 
         PropertySourcesPlaceholderConfigurer propertiesConfig = new PropertySourcesPlaceholderConfigurer();
 
-- 
GitLab