All Downloads are FREE. Search and download functionalities are using the official Maven repository.

src-main.org.awakefw.file.servlet.convert.StreamsEncrypted Maven / Gradle / Ivy

Go to download

Awake FILE is a secure Open Source framework that allows to program very easily file uploads/downloads and RPC through http. File transfers include powerful features like file chunking and automatic recovery mechanism. Security has been taken into account from the design: server side allows to specify strong security rules in order to protect the files and to secure the RPC calls.

There is a newer version: 3.0
Show newest version
/*
 * This file is part of Awake FILE. 
 * Awake FILE: Easy file upload & download over HTTP with Java.                                    
 * Copyright (C) 2014,  KawanSoft SAS
 * (http://www.kawansoft.com). All rights reserved.                                
 *                                                                               
 * Awake FILE is free software; you can redistribute it and/or                 
 * modify it under the terms of the GNU Lesser General Public                    
 * License as published by the Free Software Foundation; either                  
 * version 2.1 of the License, or (at your option) any later version.            
 *                                                                               
 * Awake FILE is distributed in the hope that it will be useful,               
 * but WITHOUT ANY WARRANTY; without even the implied warranty of                
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU             
 * Lesser General Public License for more details.                               
 *                                                                               
 * You should have received a copy of the GNU Lesser General Public              
 * License along with this library; if not, write to the Free Software           
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  
 * 02110-1301  USA
 *
 * Any modifications to this file must keep this entire header
 * intact.
 */
package org.awakefw.file.servlet.convert;

import java.io.IOException;
import java.io.InputStream;
import java.sql.SQLException;

import org.apache.commons.fileupload.util.Streams;
import org.apache.commons.lang3.StringUtils;
import org.awakefw.commons.api.server.AwakeCommonsConfigurator;
import org.awakefw.file.servlet.AwakeCommonsConfiguratorCall;
import org.awakefw.file.util.Tag;
import org.awakefw.file.util.convert.Pbe;

/**
 * 
 * Wrapper/holder for org.apache.commons.fileupload.util.Streams that will allow
 * to decrypt correctly the request.getParameter()
 * 
 * @author Nicolas de Pomereu
 * 
 */

public class StreamsEncrypted {

    /**
     * Protected constructor
     */
    protected StreamsEncrypted() {

    }

    /**
     * @param stream
     *            The ServletFileUpload input stream
     * @param awakeCommonsConfigurator
     *            Used to get the password for encryption
     */
    public static String asString(InputStream stream,
	    AwakeCommonsConfigurator awakeCommonsConfigurator)
	    throws IOException {
	String value = Streams.asString(stream);

	if (isEncrypted(value, awakeCommonsConfigurator)) {
	    try {
		value = StringUtils.substringAfter(value, Pbe.AWAKE_ENCRYPTED);
		
//		value = new Pbe().decryptFromHexa(value,
//			awakeCommonsConfigurator
//				.getEncryptionPassword());
		
		value = new Pbe().decryptFromHexa(value,
			AwakeCommonsConfiguratorCall.getEncryptionPassword(awakeCommonsConfigurator));		
		
		return value;
	    } catch (Exception e) {
		String message = Tag.AWAKE_USER_CONFIG_FAIL
			+ "Impossible to decrypt the value " + value;
		message += ". Check that password values are the same on client and server side.";

		throw new IOException(message, e);
	    }
	} else {
	    return value;
	}
    }

    /**
     * Says it the request is encrypted
     * 
     * @param parameterName
     *            the parameter name
     * @return if the request is encrypted
     */
    private static boolean isEncrypted(String value,
	    AwakeCommonsConfigurator awakeCommonsConfigurator) throws IOException {
	
//	if (awakeCommonsConfigurator != null
//		&& awakeCommonsConfigurator
//			.getEncryptionPassword() != null) {
//	    if (value != null && !value.isEmpty()
//		    && value.startsWith(Pbe.AWAKE_ENCRYPTED)) {
//		return true;
//	    } else {
//		return false;
//	    }
//	} else {
//	    return false;
//	}
	
	char [] password = null;

	try {
	    password = AwakeCommonsConfiguratorCall
		    .getEncryptionPassword(awakeCommonsConfigurator);
	} catch (SQLException e) {
	    throw new IOException(e);
	}

	if (awakeCommonsConfigurator != null
		&& password != null) {
	    if (value != null && !value.isEmpty()
		    && value.startsWith(Pbe.AWAKE_ENCRYPTED)) {
		return true;
	    } else {
		return false;
	    }
	} else {
	    return false;
	}	
	
    }

}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy