Permalink
Browse files

Initial Commit

Import of the EPS dev snapshot.
  • Loading branch information...
alsutton committed Sep 2, 2017
0 parents commit d082120d3ba9ec8b798c1828cf538f85fd112a36
Showing 502 changed files with 68,106 additions and 0 deletions.
@@ -0,0 +1,2 @@
* filter=trimWhitespace
@@ -0,0 +1,9 @@
.idea/*
.gradle/*
build/*
obfuscated/*
out/*
*.iml
.DS_Store
proguard.map
derby.log
13 LICENSE
@@ -0,0 +1,13 @@
Copyright (c) 2017 Carbon Security Ltd. <opensource@carbonsecurity.co.uk>
Permission to use, copy, modify, and distribute this software for any
purpose with or without fee is hereby granted, provided that the above
copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
@@ -0,0 +1,35 @@
# Enterprise Password Safe
## License
The Copyright (c) 2017 Carbon Security Ltd. <opensource@carbonsecurity.co.uk> and contributors
Permission to use, copy, modify, and distribute this software for any
purpose with or without fee is hereby granted, provided that the above
copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
### What is it?
The Enterprise Password Safe was sold by several companies from the mid-2000's through to 2014 and was used by customers from small businesses to multi-nationals and parts of government agencies around the globe. It is a multi-user, audited password storage solution with user and group access controls.
### How does it work?
The Enterprise Password Safe (EPS) uses a cryptographic chain to enforce password access; A key is derived from the users password which decrypts a user specific AES key. The user key is then used to decrypt the AES keys for the groups the user belongs to, and then the users AES key and the AES keys of the groups they belong to, can be used to decrypt the RSA public key (for read access), and RSA private key (for write access) associated with a password.
The key pair for each password is different, and the keys are encrypted with each group or user AES key that have access rules for that password.
### More details
The EPS is written in Java and built using [Gradle](https://gradle.org). It uses JDBC to talk to the database which is used to store the information via a custom database abstraction layer which handles the translation of EPS requests into a database specific format. The EPS includes support for Apache Derby, DB2, HSQLDB, JavaDB, MySQL, Oracle 8i, Postgresql, and SQL Server.
### Contributions
Pull requests are welcome. If you're planning to implement a new feature or work on a change, please make sure you open an issue for it and comment that you're working on it to avoid multiple people working on the same thing and producing incompatible implementations.
@@ -0,0 +1,124 @@
apply plugin: 'war'
apply plugin: 'com.bmuschko.tomcat'
repositories {
mavenCentral()
}
dependencies {
def tomcatVersion = '8.0.46'
compile 'com.sun.mail:javax.mail:1.5.2',
'com.sun.mail:smtp:1.5.2',
'commons-codec:commons-codec:1.9',
'commons-fileupload:commons-fileupload:1.3.1',
'javax.servlet:javax.servlet-api:3.0.+',
'javax.servlet.jsp:jsp-api:2.2',
'org.apache.commons:commons-collections4:4.0',
'org.apache.commons:commons-csv:1.1',
'org.apache.commons:commons-dbcp2:2.0.1',
'org.apache.commons:commons-pool2:2.2';
testCompile 'junit:junit:4.11',
'net.sourceforge.htmlunit:htmlunit:2.15',
'org.apache.derby:derby:10.11.1.1';
runtime 'opensymphony:sitemesh:2.4.2',
'javax.servlet:jstl:1.2',
'org.hsqldb:hsqldb:1.8.0.10',
'org.apache.derby:derby:10.11.1.1',
'org.postgresql:postgresql:9.3-1102-jdbc41',
'mysql:mysql-connector-java:5.1.32';
tomcat "org.apache.tomcat.embed:tomcat-embed-core:${tomcatVersion}",
"org.apache.tomcat.embed:tomcat-embed-logging-juli:${tomcatVersion}",
"org.apache.tomcat.embed:tomcat-embed-jasper:${tomcatVersion}"
}
buildscript {
repositories {
mavenCentral()
jcenter()
}
dependencies {
classpath 'net.sf.proguard:proguard-gradle:5.3'
classpath 'com.bmuschko:gradle-tomcat-plugin:2.3'
}
}
task proguard(type: proguard.gradle.ProGuardTask, dependsOn: jar) {
configurations.runtime.each {
println it
}
injars jar.archivePath
outjars 'passwordsafe.jar'
libraryjars "${System.getProperty('java.home')}/lib/rt.jar"
libraryjars "${System.getProperty('java.home')}/lib/jce.jar"
libraryjars(configurations.runtime)
printmapping 'proguard.map'
dontusemixedcaseclassnames
dontshrink
keepclassmembers 'class * extends java.lang.Enum { \
public static **[] values(); \
public static ** valueOf(java.lang.String); \
}'
keepclassmembers 'class * implements java.io.Serializable { \
static final long serialVersionUID; \
static final java.io.ObjectStreamField[] serialPersistentFields; \
private void writeObject(java.io.ObjectOutputStream); \
private void readObject(java.io.ObjectInputStream); \
java.lang.Object writeReplace(); \
java.lang.Object readResolve(); \
}'
keep 'public class * implements javax.servlet.Filter'
keep 'public class * implements javax.servlet.Servlet'
keep 'public class com.enterprisepasswordsafe.engine.configuration.JDBCConfiguration'
keep 'public class * implements com.enterprisepasswordsafe.engine.dbabstraction.AbstractDAL'
keep 'public interface com.enterprisepasswordsafe.engine.integration.PasswordChanger'
keep 'public class com.enterprisepasswordsafe.engine.integration.PasswordChangerProperty'
keep 'public class * implements com.enterprisepasswordsafe.engine.integration.PasswordChanger { \
public void rollbackChange(java.sql.Connection, java.util.Map, java.util.Map, java.lang.String); \
public void changePassword(java.sql.Connection, java.util.Map, java.util.Map, java.lang.String); \
public java.util.List getProperties(); \
public void install(java.sql.Connection); \
public void uninstall(java.sql.Connection); \
}'
keepclassmembers 'public class * implements javax.security.auth.spi.LoginModule { \
void initialize(javax.security.auth.Subject, javax.security.auth.callback.CallbackHandler, java.util.Map<java.lang.String,?>, java.util.Map<java.lang.String,?>); \
boolean login(); \
boolean commit(); \
boolean abort(); \
boolean logout(); \
}'
keep 'public interface com.enterprisepasswordsafe.proguard.ExternalInterface';
keep 'public class * implements com.enterprisepasswordsafe.proguard.ExternalInterface { \
public *** *; \
public *** *(...); \
}'
keep 'public interface com.enterprisepasswordsafe.proguard.JavaBean';
keep 'public class * implements com.enterprisepasswordsafe.proguard.JavaBean { \
void set*(***); \
void set*(int, ***); \
boolean is*(); \
boolean is*(int); \
*** get*(); \
*** get*(int); \
}'
keepclassmembers 'public class com.enterprisepasswordsafe.engine.database.ConfigurationListenersDAO { \
void addListener( java.lang.String, com.enterprisepasswordsafe.engine.database.ConfigurationListenersDAO$ConfigurationListener ); \
}'
}
Binary file not shown.
Oops, something went wrong.

0 comments on commit d082120

Please sign in to comment.