Author: gk
Date: Wed May 20 12:41:33 2020
New Revision: 1877951
URL: http://svn.apache.org/viewvc?rev=1877951&view=rev
Log:
- update parent pom.xml
- add examples.html to site, update index.xml
- fix command line help default
Added:
turbine/fulcrum/trunk/yaafi-crypto/xdocs/examples.xml
Modified:
turbine/fulcrum/trunk/yaafi-crypto/pom.xml
turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/cli/CLI2.java
turbine/fulcrum/trunk/yaafi-crypto/src/site/site.xml
turbine/fulcrum/trunk/yaafi-crypto/xdocs/index.xml
Modified: turbine/fulcrum/trunk/yaafi-crypto/pom.xml
URL:
http://svn.apache.org/viewvc/turbine/fulcrum/trunk/yaafi-crypto/pom.xml?rev=1877951&r1=1877950&r2=1877951&view=diff
==============================================================================
--- turbine/fulcrum/trunk/yaafi-crypto/pom.xml (original)
+++ turbine/fulcrum/trunk/yaafi-crypto/pom.xml Wed May 20 12:41:33 2020
@@ -21,7 +21,7 @@
<parent>
<artifactId>turbine-parent</artifactId>
<groupId>org.apache.turbine</groupId>
- <version>6</version>
+ <version>7-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
@@ -55,6 +55,15 @@
<organization />
<roles>
<role>Java Developer</role>
+ </roles>
+ </developer>
+ <developer>
+ <name>Georg Kallidis </name>
+ <id>gk</id>
+ <email>[email protected]</email>
+ <organization />
+ <roles>
+ <role>Java Developer</role>
</roles>
</developer>
</developers>
Modified:
turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/cli/CLI2.java
URL:
http://svn.apache.org/viewvc/turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/cli/CLI2.java?rev=1877951&r1=1877950&r2=1877951&view=diff
==============================================================================
---
turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/cli/CLI2.java
(original)
+++
turbine/fulcrum/trunk/yaafi-crypto/src/java/org/apache/fulcrum/jce/crypto/cli/CLI2.java
Wed May 20 12:41:33 2020
@@ -66,6 +66,10 @@ public class CLI2
try
{
+ if (args.length ==0 ){
+ printHelp();
+ return;
+ }
String operationMode = args[0];
String msg = "No operationMode" ;
@@ -125,18 +129,17 @@ public class CLI2
*/
public static void printHelp()
{
- System.out.println("\r\n*** Command line tool for
encrypting/decrypting strings/files ***\r\n*** algorithm based on "+
CryptoParametersJ8.TYPES_IMPL.ALGORITHM_J8_PBE+ "***\r\n");
- System.out.println("java -cp target\\classes; "+ CLI2.class.getName()+
" <operation mode> <coding mode> <password> <path|string> [target]");
- System.out.println( "*** Usage: ***\r\n");
- System.out.println("java -cp target\\classes; "+ CLI2.class.getName()+
" <operation mode:file|string|info> <coding
mode:enc<optional:algoshortcut>|dec<optional:algoshortcut>> <password>
<code|coderef> [target]\r\ne.g.\r\n");
- System.out.println("operation mode: file|string|info");
- System.out.println("coding mode: enc|dec|enc:GCM. Default algorithm is
" + TYPES.PBE);
- System.out.println("<password: string or empty:''");
- System.out.println("code|coderef: path|string");
- System.out.println("target: ");
- System.out.println( CLI2.class.getSimpleName()+ " file [enc|dec]
passwd source [target]");
- System.out.println(CLI2.class.getSimpleName() + " string [enc|dec]
passwd source");
- System.out.println(CLI2.class.getSimpleName() + " info");
+ System.out.println("\r\n\t*** Command line tool for
encrypting/decrypting strings/files ***\r\n\t*** algorithm based on "+
CryptoParametersJ8.TYPES_IMPL.ALGORITHM_J8_PBE+ "***\r\n");
+ System.out.println("\tjava -cp target\\classes; "+
CLI2.class.getName()+ " <operation mode> <coding mode> <password> <path|string>
[target]\r\n");
+ System.out.println("\t\toperation mode: file|string|info");
+ System.out.println("\t\tcoding mode: enc|dec|enc:GCM. Default
algorithm is " + TYPES.PBE);
+ System.out.println("\t\t<password: string or empty:''");
+ System.out.println("\t\tcode|coderef: path|string");
+ System.out.println("\t\ttarget: optional\r\n");
+ System.out.println( "\t*** Usage: ***\r\n");
+ System.out.println("\t\t"+ CLI2.class.getSimpleName()+ " file
[enc|dec] passwd source [target]");
+ System.out.println("\t\t"+ CLI2.class.getSimpleName() + " string
[enc|dec] passwd source");
+ System.out.println("\t\t"+ CLI2.class.getSimpleName() + " info");
}
/**
Modified: turbine/fulcrum/trunk/yaafi-crypto/src/site/site.xml
URL:
http://svn.apache.org/viewvc/turbine/fulcrum/trunk/yaafi-crypto/src/site/site.xml?rev=1877951&r1=1877950&r2=1877951&view=diff
==============================================================================
--- turbine/fulcrum/trunk/yaafi-crypto/src/site/site.xml (original)
+++ turbine/fulcrum/trunk/yaafi-crypto/src/site/site.xml Wed May 20 12:41:33
2020
@@ -24,6 +24,7 @@
<body>
<menu name="Overview">
<item name="Overview" href="/index.html"/>
+ <item name="Examples" href="/examples.html"/>
<item name="Downloads" href="/downloads.html"/>
</menu>
<menu ref="reports"></menu>
Added: turbine/fulcrum/trunk/yaafi-crypto/xdocs/examples.xml
URL:
http://svn.apache.org/viewvc/turbine/fulcrum/trunk/yaafi-crypto/xdocs/examples.xml?rev=1877951&view=auto
==============================================================================
--- turbine/fulcrum/trunk/yaafi-crypto/xdocs/examples.xml (added)
+++ turbine/fulcrum/trunk/yaafi-crypto/xdocs/examples.xml Wed May 20 12:41:33
2020
@@ -0,0 +1,287 @@
+<?xml version="1.0"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+
+<document>
+
+ <properties>
+ <title>Fulcrum Crypto Library Examples</title>
+ <author email="[email protected]">Georg Kallidis</author>
+ </properties>
+
+ <body>
+ <section name="Short Examples">
+ <subsection name="Command line Usage">
+ <p>
+ <source>
+ <![CDATA[
+ java -classpath target/classes org.apache.fulcrum.jce.crypto.cli.CLI2 string
enc changeit mysecretgeheim
+ ]]>
+ </source>
+ </p>
+ </subsection>
+ <subsection name="Code Usage">
+ <p>
+ <source>
+<![CDATA[
+ // provide target_password, meta_password
+ char[] password = meta_password.toCharArray();
+ // default
+ CryptoUtilJ8 cryptoUtilJ8 = CryptoUtilJ8.getInstance();
+
+ String result = null;
+ String encryptedValue;targetValue
+
+ try {
+ encryptedValue = cryptoUtilJ8.encryptString(target_password, password);
+ System.out.println("encrypted:" + encryptedValue);
+ } catch (GeneralSecurityException | IOException e) {
+ // fail();
+ }
+ try {
+ String encryptedValue = target_password_encrypted;
+ result = cryptoUtilJ8.decryptString(encryptedValue, password);
+ // should equal targetValue
+ System.out.println("decrypted result:" + result);
+ } catch (GeneralSecurityException | IOException e) {
+ ...
+ }
+ ]]>
+ </source>
+ </p>
+ </subsection>
+ </section>
+ <section name="Building a Project">
+ <subsection name="Prepare the crypto-tool with Maven Assembly">
+ <p>First we build our crypto tool as executable jar in phase
initialize (i.e. very early, to use it later) and name it <i>crypto-tool</i>
using the assembly description saved in the file <i>build/assembly.xml</i>
described below. Add this into your project pom.xml file.
+ <source>
+ <![CDATA[
+<plugin>
+ <artifactId>maven-assembly-plugin</artifactId>
+ <version>3.3.0</version>
+ <configuration>
+ <finalName>crypto-tool</finalName>
+ <archive>
+ <manifest>
+ <mainClass>org.apache.fulcrum.jce.crypto.cli.CLI2</mainClass>
+ </manifest>
+ </archive>
+ <descriptors>
+ <descriptor>build/assembly.xml</descriptor>
+ </descriptors>
+ <appendAssemblyId>false</appendAssemblyId>
+ </configuration>
+ <executions>
+ <execution>
+ <id>make-assembly</id> <!-- this is used for inheritance merges -->
+ <phase>initialize</phase> <!-- bind to the packaging phase -->
+ <goals>
+ <goal>single</goal>
+ </goals>
+ </execution>
+</executions>
+</plugin>
+ ]]>
+ </source>
+ </p>
+ <p>Using this assembly description (adapted to our needs from
the descriptor-ref jar-with-dependencies) the executable jar will be generated
in target folder and will just include fulcrum yaafi-crypto classes. Here you
will get a very tiny jar (build with java 8 on windows less than 45kb), as the
tool has no library dependencies!
+ <source>
+ <![CDATA[
+<assembly xmlns="http://maven.apache.org/ASSEMBLY/2.1.0";
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
+ xsi:schemaLocation="http://maven.apache.org/ASSEMBLY/2.1.0
http://maven.apache.org/xsd/assembly-2.1.0.xsd";>
+ <id>crypto-tool-jar-with-dependencies</id>
+ <formats>
+ <format>jar</format>
+ </formats>
+ <includeBaseDirectory>false</includeBaseDirectory>
+ <dependencySets>
+ <dependencySet>
+ <outputDirectory>/</outputDirectory>
+ <useProjectArtifact>true</useProjectArtifact>
+ <unpack>true</unpack>
+ <scope>runtime</scope>
+ <includes>
+ <include>org.apache.fulcrum:fulcrum-yaafi-crypto</include>
+ </includes>
+ </dependencySet>
+ </dependencySets>
+</assembly>
+ ]]>
+ </source>
+ </p>
+ <p>After executing the following command the <i>crypto tool</i>
is available in your project and we could use it to generate an encrypted
password using a master password (to be saved separately and not in the
project). This is done in the step.
+ <source>
+ <![CDATA[
+ mvn initialize
+ ]]>
+ </source>
+ </p>
+ </subsection>
+ <subsection name="Integrate with Ant Tool">
+ <p>First we encrypt the password using our master password and after
that copying and save the encrypted password in one of our project's
configuration files. Running the following command will show the encrypted
password. Save the encrypted password as value with key key
<i>password_encrypted</i> in an existing source property file, i.e. a
configuration file of your project, which will be used later.
+ <source>
+ <![CDATA[
+ java -jar target\crypto-tool.jar string enc <master.pw>
<unencrypted.password>
+ ]]>
+ </source>
+ </p>
+ <p>Use the following xml code and save it into
<i>build/build-pw.xml</i>. This is the ant build file we use to <i>decrypt</i>
the encrypted password and use it while building the project. The example is
configured as follows:
+ The global master password is set as environment variable
"<i>meta.pw</i>". The already encrypted password is expected to be set in a
source property file <i>source.property.path</i> (i.e. configuration file of
your project) as value in key <i>password_encrypted</i> . It will be read in
automatically as ant variable ${password_encrypted}. The <i>decrypted</i>
password will be saved to key "<i>password</i>" in another property file
(<i>target.property.path</i>), which should not be set into version control.
You may need to create it new.
+ You may use the ant tool as is setting the variables in
<i>.build.properties</i> or integrate it in your pom.xml build process (see
below).
+ <source>
+ <![CDATA[
+<project basedir="." default="build" name="build">
+ <property environment="env"/>
+ <property file=".build.properties"/>
+ <property file="${source.property.path}"/>
+ <property name="meta.pw" value="${env.meta.pw}"/>
+
+ <target name="testjava">
+ <echo message="executing java -version"/>
+ <exec executable="cmd" dir="" osfamily="windows" >
+ <arg value="/c"/>
+ <arg value="java -version"/>
+ </exec>
+ </target>
+ <target name="decrypt">
+ <echo message="executing java -jar target/${jarname}.jar string dec
${meta.pw} ${password_encrypted}."/>
+ <exec executable="cmd" dir="${build.path}/../" osfamily="windows"
resultproperty="success" outputproperty="decoded.pw">
+ <arg value="/c"/>
+ <arg value="java -jar target/${jarname}.jar string dec ${meta.pw}
${password_encrypted}"/>
+ </exec>
+ </target>
+
+ <target name="run">
+ <echo message="test output java -jar target/${jarname}.jar string dec
${meta.pw} ${password_encrypted}."/>
+ <java jar="./../target/${jarname}.jar" fork="true">
+ <arg value="string"/>
+ <arg value="dec"/>
+ <arg value="${meta_password}"/>
+ <arg value="${password_encrypted}"/>
+ </java>
+ </target>
+
+ <target name="update">
+ <echo message="updating propert file: ${target.property.path}."/>
+ <propertyfile file="${target.property.path}" >
+ <entry key="password" value="${decoded.pw}"/>
+ </propertyfile>
+ </target>
+
+<target name="clean">
+ <echo message="cleaning up key password in propert file:
${target.property.path}."/>
+ <propertyfile file="${target.property.path}" >
+ <entry key="password" value=""/>
+ </propertyfile>
+ </target>
+
+ <target name="build" depends="testjava, decrypt, update">
+ </target>
+
+ </project>
+
+ ]]>
+ </source>
+ </p>
+ </subsection>
+ <subsection name="Integration ANT Task into Maven Life cycle">
+ <p>Integrate the ant tool, check the file name and run maven command below
after setting your configuration or filter files in <i>source.property.path</i>
and <i>target.property.path</i>. You may add another clean-up in a later life
cycle phase, e.g. post-integration-test. You may also simplify the process by
cleaning always and using the same source and target property file.
+ <source>
+ <![CDATA[
+<plugin>
+ <artifactId>maven-antrun-plugin</artifactId>
+ <version>3.0.0</version>
+ <executions>
+ <execution>
+ <id>build</id>
+ <phase>process-sources</phase>
+ <configuration>
+ <skip>${skip.pw.gen}</skip>
+ <target>
+ <ant antfile="${basedir}/build/build-pw.xml" target="build">
+ <property name="build.path" value="${basedir}/build" />
+ <property name="meta.pw" value="${meta.pw}" /><!--
provided by env variable -->
+ <property name="jarname" value="crypto-tool" /><!-- by
default ${project.build.finalName} -->
+ <!-- contains encrypted password, saved in vcs: -->
+ <property name="source.property.path"
value="${basedir}/src/main/filters/${env}-app.properties" />
+ <!-- should NOT be saved in vcs: -->
+ <property name="target.property.path"
value="${basedir}/src/main/filters/${env}-pw.properties" />
+ </ant>
+ </target>
+ </configuration>
+ <goals>
+ <goal>run</goal>
+ </goals>
+ </execution>
+ <execution>
+ <id>clean</id>
+ <phase>clean</phase>
+ <configuration>
+ <skip>${skip.pw.gen}</skip>
+ <target>
+ <ant antfile="${basedir}/build/build-pw.xml" target="clean">
+ <property name="build.path" value="${basedir}/build" />
+ <property name="target.property.path"
value="${basedir}/src/main/filters/filter-${env}-pw.properties" />
+ </ant>
+ </target>
+ </configuration>
+ <goals>
+ <goal>run</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+ ]]>
+ </source>
+ </p>
+ </subsection>
+ <subsection name="Maven Command line examples">
+ <p>Save the decrypted password for the build
+ <source>
+ <![CDATA[
+mvn clean test -Dmeta.pw=<securepwd>
+ ]]>
+ </source>
+ </p>
+ <p>Keep the unencrypted password in source property files to use
it during development or later (you may add a profile).
+ <source>
+ <![CDATA[
+mvn clean test install -Dskip.pw.gen=true
+ ]]>
+ </source>
+ </p>
+ <p>Clean up finally.
+ <source>
+ <![CDATA[
+mvn clean
+ ]]>
+ </source>
+ </p>
+ <p>This example could be extended or adapted, eg. by using
multiple passwords, or encrypting an entire file.
+ Have fun!
+ </p><p>
+ TODO Show gradle example..
+ </p>
+ </subsection>
+ </section>
+
+ </body>
+
+</document>
Modified: turbine/fulcrum/trunk/yaafi-crypto/xdocs/index.xml
URL:
http://svn.apache.org/viewvc/turbine/fulcrum/trunk/yaafi-crypto/xdocs/index.xml?rev=1877951&r1=1877950&r2=1877951&view=diff
==============================================================================
--- turbine/fulcrum/trunk/yaafi-crypto/xdocs/index.xml (original)
+++ turbine/fulcrum/trunk/yaafi-crypto/xdocs/index.xml Wed May 20 12:41:33 2020
@@ -29,8 +29,7 @@
<section name="Overview">
<p> Fulcrum YAFFI Crypto Library is an extension library for Fulcrum
YAAFI to support
- transparent decryption of configuration files. The
encryption/decryption is based on DES
- using 56 bit key length. </p>
+ transparent decryption of configuration files. The
encryption/decryption is based by default on <a
href="https://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html";
target="blank_">PBEWithHmacSHA256AndAES_256</a>
(PBEWith<digest>And<encryption>algorithm.) with 128bit key
length.</p>
</section>
<section name="Functionality">
@@ -135,8 +134,7 @@
</tr>
</table>
</subsection>
- </section>
-
+ </section>
</body>
</document>
