Improved Encryption Logging

ggallotti · ggallotti · commit 811677ec9f99 · 2021-12-03T10:29:39.000-03:00
diff --git a/common/src/main/java/com/genexus/util/Encryption.java b/common/src/main/java/com/genexus/util/Encryption.java
@@ -5,6 +5,8 @@
 import com.genexus.common.interfaces.SpecificImplementation;
 import java.nio.charset.StandardCharsets;
 
+import com.genexus.diagnostics.core.ILogger;
+import com.genexus.diagnostics.core.LogManager;
 import org.apache.commons.codec.binary.Base64;
 import org.bouncycastle.crypto.BlockCipher;
 import org.bouncycastle.crypto.BufferedBlockCipher;
@@ -23,6 +25,7 @@
 
 public class Encryption
 {
+	public static final ILogger logger = LogManager.getLogger(Encryption.class);
     public static String AJAX_ENCRYPTION_KEY = "GX_AJAX_KEY";
 	public static String AJAX_ENCRYPTION_IV = "GX_AJAX_IV";
 	public static String AJAX_SECURITY_TOKEN = "AJAX_SECURITY_TOKEN";
@@ -180,12 +183,12 @@ public static String decrypt64(String value, String key, boolean safeEncoding)
 		}
 		catch (InvalidKeyException e)
 		{
-			System.err.println(e);
+			logger.error("decrypt64 error", e);
 			throw new InvalidGXKeyException(e.getMessage());
 		}
 		catch(UnsupportedEncodingException e)
 		{
-			System.err.println(e);
+			logger.error("decrypt64 error", e);
 			throw new RuntimeException(e.getMessage());
 		}
 		catch (ArrayIndexOutOfBoundsException e)
@@ -374,7 +377,7 @@ public static String encryptRijndael(String plainText, String key) {
 		try {
 			outputBytes = aesCipher(inputBytes, true, key, GX_AJAX_PRIVATE_IV);
 		} catch (DataLengthException | IllegalStateException | InvalidCipherTextException e) {
-			e.printStackTrace();
+			logger.error("encryptRijndael error", e);
 			return "";
 		}
 		return Hex.toHexString(outputBytes);
diff --git a/java/src/main/java/com/genexus/security/web/WebSecurityHelper.java b/java/src/main/java/com/genexus/security/web/WebSecurityHelper.java
@@ -56,10 +56,5 @@ public static boolean verify(String pgmName, String issuer, String value, String
 		 }
 		 return ret;
      }
-    		 
-     /*public static boolean verify(String pgmName, String issuer, String value, String jwtToken, WebSecureToken token)
-     {     	 
-         boolean ok = SecureTokenHelper.Verify(jwtToken, token, GetSecretKey());            
-         return ok && !string.IsNullOrEmpty(pgmName) && token.ProgramName == pgmName && issuer == token.Issuer &&
-         */
+
 }
diff --git a/java/src/main/java/com/genexus/webpanels/WebUtils.java b/java/src/main/java/com/genexus/webpanels/WebUtils.java
@@ -17,6 +17,7 @@
 import com.genexus.diagnostics.core.ILogger;
 import com.genexus.diagnostics.core.LogManager;
 import com.genexus.xml.XMLReader;
+import org.apache.commons.lang.StringUtils;
 
 
 public class WebUtils
@@ -437,29 +438,32 @@ public static String decryptParm(Object parm, String encryptionKey) {
 		
 		public static String parmsEncryptionKey(com.genexus.ModelContext context)
 		{
-			String GXKey = "";
             String keySourceType = com.genexus.Application.getClientPreferences().getUSE_ENCRYPTION();
-            if (!keySourceType.equals("")) {
-                GXKey = getEncryptionKey(context, keySourceType);
-            }
-            return GXKey;
+            if (keySourceType.equals(""))
+            	return "";
+            return getEncryptionKey(context, keySourceType);
 		}
 		
 		public static String getEncryptionKey(com.genexus.ModelContext context, String keySourceType){
 			if (keySourceType.equals(""))
 			{
 				keySourceType = com.genexus.Application.getClientPreferences().getUSE_ENCRYPTION();
 			}
-            String GXKey = "";
+
+            String encryptionKey;
             if (keySourceType.equalsIgnoreCase("SESSION"))
 			{
-            	GXKey = com.genexus.util.Encryption.decrypt64(((HttpContext) context.getHttpContext()).getCookie("GX_SESSION_ID"), context.getServerKey());
+            	encryptionKey = com.genexus.util.Encryption.decrypt64(((HttpContext) context.getHttpContext()).getCookie("GX_SESSION_ID"), context.getServerKey());
             }
             else
 			{            	
-            	GXKey = context.getSiteKey();                
-            }                                                                                     
-            return GXKey;			
+            	encryptionKey = context.getSiteKey();
+            }
+			if (StringUtils.isEmpty(encryptionKey)) {
+				logger.error("Encryption Key cannot be empty");
+				logger.debug(keySourceType);
+			}
+            return encryptionKey;
 		}
 		
 	private static final String gxApplicationClassesFileName = "GXApplicationClasses.txt";

Original file line number	Diff line number	Diff line change
`@@ -5,6 +5,8 @@`
`5`	`5`	`import com.genexus.common.interfaces.SpecificImplementation;`
`6`	`6`	`import java.nio.charset.StandardCharsets;`
`7`	`7`
	`8`	`+import com.genexus.diagnostics.core.ILogger;`
	`9`	`+import com.genexus.diagnostics.core.LogManager;`
`8`	`10`	`import org.apache.commons.codec.binary.Base64;`
`9`	`11`	`import org.bouncycastle.crypto.BlockCipher;`
`10`	`12`	`import org.bouncycastle.crypto.BufferedBlockCipher;`
`@@ -23,6 +25,7 @@`
`23`	`25`
`24`	`26`	`public class Encryption`
`25`	`27`	`{`
	`28`	`+ public static final ILogger logger = LogManager.getLogger(Encryption.class);`
`26`	`29`	`public static String AJAX_ENCRYPTION_KEY = "GX_AJAX_KEY";`
`27`	`30`	`public static String AJAX_ENCRYPTION_IV = "GX_AJAX_IV";`
`28`	`31`	`public static String AJAX_SECURITY_TOKEN = "AJAX_SECURITY_TOKEN";`
`@@ -180,12 +183,12 @@ public static String decrypt64(String value, String key, boolean safeEncoding)`
`180`	`183`	`}`
`181`	`184`	`catch (InvalidKeyException e)`
`182`	`185`	`{`
`183`		`- System.err.println(e);`
	`186`	`+ logger.error("decrypt64 error", e);`
`184`	`187`	`throw new InvalidGXKeyException(e.getMessage());`
`185`	`188`	`}`
`186`	`189`	`catch(UnsupportedEncodingException e)`
`187`	`190`	`{`
`188`		`- System.err.println(e);`
	`191`	`+ logger.error("decrypt64 error", e);`
`189`	`192`	`throw new RuntimeException(e.getMessage());`
`190`	`193`	`}`
`191`	`194`	`catch (ArrayIndexOutOfBoundsException e)`
`@@ -374,7 +377,7 @@ public static String encryptRijndael(String plainText, String key) {`
`374`	`377`	`try {`
`375`	`378`	`outputBytes = aesCipher(inputBytes, true, key, GX_AJAX_PRIVATE_IV);`
`376`	`379`	`} catch (DataLengthException \| IllegalStateException \| InvalidCipherTextException e) {`
`377`		`- e.printStackTrace();`
	`380`	`+ logger.error("encryptRijndael error", e);`
`378`	`381`	`return "";`
`379`	`382`	`}`
`380`	`383`	`return Hex.toHexString(outputBytes);`
Original file line number	Diff line number	Diff line change
`@@ -56,10 +56,5 @@ public static boolean verify(String pgmName, String issuer, String value, String`
`56`	`56`	`}`
`57`	`57`	`return ret;`
`58`	`58`	`}`
`59`		`-`
`60`		`- /*public static boolean verify(String pgmName, String issuer, String value, String jwtToken, WebSecureToken token)`
`61`		`- {`
`62`		`- boolean ok = SecureTokenHelper.Verify(jwtToken, token, GetSecretKey());`
`63`		`- return ok && !string.IsNullOrEmpty(pgmName) && token.ProgramName == pgmName && issuer == token.Issuer &&`
`64`		`- */`
	`59`	`+`
`65`	`60`	`}`