Skip to content
Permalink
Browse files
remove default encrypt key (#42)
remove default encrypt key
  • Loading branch information
liruixl committed Apr 13, 2022
1 parent 3b32660 commit cd14bcd8fb037f0f69ee9d0dc01cc44d8970fb98
Showing 6 changed files with 66 additions and 7 deletions.
@@ -40,6 +40,10 @@ MB_DB_TYPE=mysql
# Database accessed by the service(database)
#MB_DB_DBNAME=manager

# AES key used to encrypt password
# it must be 128 bits
ENCRYPT_KEY=12dfA67887iyW321

# The name of the deployed service. The default is manager
#DEPLOY_NAME=manager

@@ -62,6 +62,9 @@ private EnvironmentDefine() {
// Data storage connection port environment variable
public static final String STUDIO_PORT_ENV = "STUDIO_PORT";

// key used to encrypt password
public static final String ENCRYPT_KEY_ENV = "ENCRYPT_KEY";

// spring tomcat waiting queue length
public static final String WEB_ACCEPT_COUNT_ENV = "WEB_ACCEPT_COUNT";

@@ -0,0 +1,27 @@
// Licensed to the Apache Software Foundation (ASF) under one
// or more contributor license agreements. See the NOTICE file
// distributed with this work for additional information
// regarding copyright ownership. The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. See the License for the
// specific language governing permissions and limitations
// under the License.

package org.apache.doris.stack.exception;

public class ConfigItemException extends Exception {

public static final String MESSAGE = "配置信息错误,请检查后重新配置:";

public ConfigItemException(String errorInfo) {
super(MESSAGE + errorInfo);
}
}
@@ -20,6 +20,7 @@
import lombok.extern.slf4j.Slf4j;
import org.apache.doris.stack.constant.EnvironmentDefine;
import org.apache.doris.stack.constant.PropertyDefine;
import org.apache.doris.stack.exception.ConfigItemException;
import org.springframework.util.StringUtils;

import java.util.HashMap;
@@ -50,6 +51,8 @@ private CommonPropertyUtil() {

private static final String STUDIO_PORT = System.getenv(EnvironmentDefine.STUDIO_PORT_ENV);

private static final String ENCRYPT_KEY = System.getenv(EnvironmentDefine.ENCRYPT_KEY_ENV);

private static final String NGINX_PORT = System.getenv(EnvironmentDefine.NGINX_PORT_ENV);

private static final String STUDIO_COOKIE_MAX_AGE = System.getenv(EnvironmentDefine.STUDIO_COOKIE_MAX_AGE_ENV);
@@ -88,7 +91,7 @@ private CommonPropertyUtil() {

private static final String LOG_PATH = System.getenv(EnvironmentDefine.LOG_PATH_ENV);

public static Map<String, Object> getProperties() {
public static Map<String, Object> getProperties() throws ConfigItemException {
Map<String, Object> properties = new HashMap<>();
// log path configuration

@@ -103,6 +106,17 @@ public static Map<String, Object> getProperties() {
properties.put(PropertyDefine.SERVER_PORT_PROPERTY, STUDIO_PORT);
}

if (ENCRYPT_KEY == null || ENCRYPT_KEY.isEmpty()) {
log.error("config item [ENCRYPT_KEY] is not set");
throw new ConfigItemException("config item [ENCRYPT_KEY] is not set");
} else if (ENCRYPT_KEY.length() != CredsUtil.getAesKeyStrLen()) {
log.error("encrypt key {} string length is not {}", ENCRYPT_KEY, CredsUtil.getAesKeyStrLen());
throw new ConfigItemException("config item [ENCRYPT_KEY] is not correct");
} else {
log.debug("set encrypt key: " + ENCRYPT_KEY);
CredsUtil.setEncryptKey(ENCRYPT_KEY);
}

// Nginx service port configuration
if (NGINX_PORT == null || NGINX_PORT.isEmpty()) {
properties.put(PropertyDefine.NGINX_PORT_PROPERTY, 8090);
@@ -34,10 +34,12 @@
public class CredsUtil {

/**
* Encrypt Key
* Default Encrypt Key
* AES must be 128 bits
*/
private static final String ENCRYPT_KEY = "12dfA67887iyW321";
private static String encryptKey = "";

private static final int AES_KEY_STR_LEN = 16;

private static final String ALGORITHM_STR = "AES/ECB/PKCS5Padding";

@@ -47,6 +49,14 @@ private CredsUtil() {
throw new UnsupportedOperationException();
}

public static void setEncryptKey(String encryptKey) {
CredsUtil.encryptKey = encryptKey;
}

public static int getAesKeyStrLen() {
return AES_KEY_STR_LEN;
}

/**
* One way encryption password
*
@@ -147,7 +157,7 @@ private static byte[] aesEncryptToBytes(String content) throws Exception {
KeyGenerator kgen = KeyGenerator.getInstance("AES");
kgen.init(128);
Cipher cipher = Cipher.getInstance(ALGORITHM_STR);
cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(ENCRYPT_KEY.getBytes(), "AES"));
cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(encryptKey.getBytes(), "AES"));

return cipher.doFinal(content.getBytes("utf-8"));
}
@@ -176,7 +186,7 @@ private static String aesDecryptByBytes(byte[] encryptBytes) throws Exception {
kgen.init(128);

Cipher cipher = Cipher.getInstance(ALGORITHM_STR);
cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(ENCRYPT_KEY.getBytes(), "AES"));
cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(encryptKey.getBytes(), "AES"));
byte[] decryptBytes = cipher.doFinal(encryptBytes);

return new String(decryptBytes);
@@ -18,6 +18,7 @@
package org.apache.doris.stack;

import org.apache.doris.stack.constant.PropertyDefine;
import org.apache.doris.stack.exception.ConfigItemException;
import org.apache.doris.stack.util.CommonPropertyUtil;
import org.apache.doris.stack.util.DeployType;
import org.springframework.boot.autoconfigure.SpringBootApplication;
@@ -46,14 +47,14 @@ protected SpringApplicationBuilder configure(SpringApplicationBuilder applicatio
return application.sources(DorisManager.class);
}

public static void main(String[] args) {
public static void main(String[] args) throws ConfigItemException {
DorisManager studio = new DorisManager();
SpringApplicationBuilder builder = getBuilder();
studio.configure(builder);
builder.run(args);
}

public static SpringApplicationBuilder getBuilder() {
public static SpringApplicationBuilder getBuilder() throws ConfigItemException {
Map<String, Object> properties = CommonPropertyUtil.getProperties();

// Configure the service name. The default is manager

0 comments on commit cd14bcd

Please sign in to comment.