#2015 refactor aes decryption

5be3ec4c · gavin2lee · 705b93a3 · 5be3ec4c · 5be3ec4c · 5be3ec4c
Commit 5be3ec4c authored 4 years ago by gavin2lee
Hide whitespace changes
Inline Side-by-side

Showing

with 49 additions and 41 deletions
+49 -41
--- a/platform-core/src/main/java/com/webank/wecube/platform/core/service/plugin/PluginInstanceService.java
+++ b/platform-core/src/main/java/com/webank/wecube/platform/core/service/plugin/PluginInstanceService.java
@@ -325,10 +325,11 @@ public class PluginInstanceService {
                .getResourceServer();
        String password = mysqlInstance.getPassword();
        if (password.startsWith(ResourceManagementService.PASSWORD_ENCRYPT_AES_PREFIX)) {
-            password = EncryptionUtils.decryptWithAes(
-                    password.substring(ResourceManagementService.PASSWORD_ENCRYPT_AES_PREFIX.length()),
-                    resourceProperties.getPasswordEncryptionSeed(), mysqlInstance.getSchemaName());
+            password = password.substring(ResourceManagementService.PASSWORD_ENCRYPT_AES_PREFIX.length());
        }
+        password = EncryptionUtils.decryptWithAes(
+                password,
+                resourceProperties.getPasswordEncryptionSeed(), mysqlInstance.getSchemaName());
        DriverManagerDataSource dataSource = new DriverManagerDataSource(
                "jdbc:mysql://" + dbServer.getHost() + ":" + dbServer.getPort() + "/" + mysqlInstance.getSchemaName()
                        + "?characterEncoding=utf8&serverTimezone=UTC",
@@ -567,11 +568,12 @@ public class PluginInstanceService {

            String password = dbInfo.getPassword();
            if (password.startsWith(ResourceManagementService.PASSWORD_ENCRYPT_AES_PREFIX)) {
-
-                password = EncryptionUtils.decryptWithAes(
-                        password.substring(ResourceManagementService.PASSWORD_ENCRYPT_AES_PREFIX.length()),
-                        resourceProperties.getPasswordEncryptionSeed(), dbInfo.getSchema());
+                password = password.substring(ResourceManagementService.PASSWORD_ENCRYPT_AES_PREFIX.length());
            }
+            
+            password = EncryptionUtils.decryptWithAes(
+                    password,
+                    resourceProperties.getPasswordEncryptionSeed(), dbInfo.getSchema());

            envVariablesString = envVariablesString.replace("{{DB_HOST}}", dbInfo.getHost())
                    .replace("{{DB_PORT}}", dbInfo.getPort()).replace("{{DB_SCHEMA}}", dbInfo.getSchema())
@@ -656,10 +658,12 @@ public class PluginInstanceService {

        String password = mysqlInstance.getPassword();
        if (password.startsWith(ResourceManagementService.PASSWORD_ENCRYPT_AES_PREFIX)) {
-            password = EncryptionUtils.decryptWithAes(
-                    password.substring(ResourceManagementService.PASSWORD_ENCRYPT_AES_PREFIX.length()),
-                    resourceProperties.getPasswordEncryptionSeed(), mysqlInstance.getSchemaName());
+            password = password.substring(ResourceManagementService.PASSWORD_ENCRYPT_AES_PREFIX.length());
        }
+        
+        password = EncryptionUtils.decryptWithAes(
+                password,
+                resourceProperties.getPasswordEncryptionSeed(), mysqlInstance.getSchemaName());

        DriverManagerDataSource dataSource = new DriverManagerDataSource(
                "jdbc:mysql://" + dbServer.getHost() + ":" + dbServer.getPort() + "/" + mysqlInstance.getSchemaName()
@@ -780,15 +784,14 @@ public class PluginInstanceService {

        logger.info("scp from local:{} to remote: {}", tmpFilePath, pluginProperties.getPluginDeployPath());
        try {
-            String password = null;
            String dbPassword = hostInfo.getLoginPassword();
            if (dbPassword.startsWith(ResourceManagementService.PASSWORD_ENCRYPT_AES_PREFIX)) {
-                password = EncryptionUtils.decryptWithAes(
-                        dbPassword.substring(ResourceManagementService.PASSWORD_ENCRYPT_AES_PREFIX.length()),
-                        resourceProperties.getPasswordEncryptionSeed(), hostInfo.getName());
-            } else {
-                password = dbPassword;
+                dbPassword = dbPassword.substring(ResourceManagementService.PASSWORD_ENCRYPT_AES_PREFIX.length());
            }
+            
+            String password = EncryptionUtils.decryptWithAes(
+                    dbPassword,
+                    resourceProperties.getPasswordEncryptionSeed(), hostInfo.getName());
            scpService.put(hostIp, Integer.valueOf(hostInfo.getPort()), hostInfo.getLoginUsername(), password,
                    tmpFilePath, pluginProperties.getPluginDeployPath());
        } catch (Exception e) {

--- a/platform-core/src/main/java/com/webank/wecube/platform/core/service/resource/MysqlAccountManagementService.java
+++ b/platform-core/src/main/java/com/webank/wecube/platform/core/service/resource/MysqlAccountManagementService.java
@@ -59,12 +59,12 @@ public class MysqlAccountManagementService implements ResourceItemService {
            log.info("password before decrypt={}", password);
            String rawPassword = null;
            if (password.startsWith(ResourceManagementService.PASSWORD_ENCRYPT_AES_PREFIX)) {
-                rawPassword = EncryptionUtils.decryptWithAes(
-                        password.substring(ResourceManagementService.PASSWORD_ENCRYPT_AES_PREFIX.length()),
-                        resourceProperties.getPasswordEncryptionSeed(), item.getName());
-            } else {
-                rawPassword = password;
+                password = password.substring(ResourceManagementService.PASSWORD_ENCRYPT_AES_PREFIX.length());
            }
+            
+            rawPassword = EncryptionUtils.decryptWithAes(
+                    password,
+                    resourceProperties.getPasswordEncryptionSeed(), item.getName());
            statement.executeUpdate(String.format("CREATE USER `%s` IDENTIFIED BY '%s'", username, rawPassword));
            statement.executeUpdate(String.format("GRANT ALL ON %s.* TO %s@'%%' IDENTIFIED BY '%s'", item.getName(),
                    username, rawPassword));
@@ -93,12 +93,12 @@ public class MysqlAccountManagementService implements ResourceItemService {
        try {
            String dbPassword = item.getResourceServer().getLoginPassword();
            if (dbPassword.startsWith(ResourceManagementService.PASSWORD_ENCRYPT_AES_PREFIX)) {
-                password = EncryptionUtils.decryptWithAes(
-                        dbPassword.substring(ResourceManagementService.PASSWORD_ENCRYPT_AES_PREFIX.length()),
-                        resourceProperties.getPasswordEncryptionSeed(), item.getResourceServer().getName());
-            } else {
-                password = dbPassword;
+                dbPassword = dbPassword.substring(ResourceManagementService.PASSWORD_ENCRYPT_AES_PREFIX.length());
            }
+            
+            password = EncryptionUtils.decryptWithAes(
+                    dbPassword,
+                    resourceProperties.getPasswordEncryptionSeed(), item.getResourceServer().getName());
        } catch (Exception e) {
            throw new WecubeCoreException("3243",
                    String.format("Failed to decrypt the login password of server [%s].", item.getResourceServer()), e);

--- a/platform-core/src/main/java/com/webank/wecube/platform/core/service/resource/MysqlDatabaseManagementService.java
+++ b/platform-core/src/main/java/com/webank/wecube/platform/core/service/resource/MysqlDatabaseManagementService.java
@@ -53,10 +53,12 @@ public class MysqlDatabaseManagementService implements ResourceItemService {
    private DriverManagerDataSource newDatasource(ResourceItem item) {
        String password = item.getResourceServer().getLoginPassword();
        if (password.startsWith(ResourceManagementService.PASSWORD_ENCRYPT_AES_PREFIX)) {
-            password = EncryptionUtils.decryptWithAes(
-                    password.substring(ResourceManagementService.PASSWORD_ENCRYPT_AES_PREFIX.length()),
-                    resourceProperties.getPasswordEncryptionSeed(), item.getResourceServer().getName());
+            password = password.substring(ResourceManagementService.PASSWORD_ENCRYPT_AES_PREFIX.length());
        }
+        
+        password = EncryptionUtils.decryptWithAes(
+                password,
+                resourceProperties.getPasswordEncryptionSeed(), item.getResourceServer().getName());
        DriverManagerDataSource dataSource = newMysqlDatasource(item.getResourceServer().getHost(),
                item.getResourceServer().getPort(), item.getResourceServer().getLoginUsername(), password);
        log.info(String.format("Created new data source [host:%s,port:%s,username:%s]",

--- a/platform-core/src/main/java/com/webank/wecube/platform/core/service/resource/ResourceDataQueryService.java
+++ b/platform-core/src/main/java/com/webank/wecube/platform/core/service/resource/ResourceDataQueryService.java
@@ -296,10 +296,12 @@ public class ResourceDataQueryService {
        String dbUsername = pluginMysqlInstance.getUsername();
        String password = pluginMysqlInstance.getPassword();
        if (password.startsWith(ResourceManagementService.PASSWORD_ENCRYPT_AES_PREFIX)) {
-            password = EncryptionUtils.decryptWithAes(
-                    password.substring(ResourceManagementService.PASSWORD_ENCRYPT_AES_PREFIX.length()),
-                    resourceProperties.getPasswordEncryptionSeed(), dbUsername);
+            password = password.substring(ResourceManagementService.PASSWORD_ENCRYPT_AES_PREFIX.length());
        }
+        
+        password = EncryptionUtils.decryptWithAes(
+                password,
+                resourceProperties.getPasswordEncryptionSeed(), dbUsername);

        ResourceItem resourceItem = pluginMysqlInstance.getResourceItem();
        if (resourceItem == null) {

--- a/platform-core/src/main/java/com/webank/wecube/platform/core/service/resource/S3BucketManagementService.java
+++ b/platform-core/src/main/java/com/webank/wecube/platform/core/service/resource/S3BucketManagementService.java
@@ -37,14 +37,13 @@ public class S3BucketManagementService implements ResourceItemService {
    @Override
    public ResourceItem createItem(ResourceItem item) {
        String dbPassword = item.getResourceServer().getLoginPassword();
-        String password = null;
        if (dbPassword.startsWith(ResourceManagementService.PASSWORD_ENCRYPT_AES_PREFIX)) {
-            password = EncryptionUtils.decryptWithAes(
-                    dbPassword.substring(ResourceManagementService.PASSWORD_ENCRYPT_AES_PREFIX.length()),
-                    resourceProperties.getPasswordEncryptionSeed(), item.getResourceServer().getName());
-        } else {
-            password = dbPassword;
+            dbPassword = dbPassword.substring(ResourceManagementService.PASSWORD_ENCRYPT_AES_PREFIX.length());
        }
+        
+        String password = EncryptionUtils.decryptWithAes(
+                dbPassword,
+                resourceProperties.getPasswordEncryptionSeed(), item.getResourceServer().getName());
        AmazonS3 amazonS3 = newS3Client(item.getResourceServer().getHost(), item.getResourceServer().getPort(),
                item.getResourceServer().getLoginUsername(), password);

@@ -62,10 +61,12 @@ public class S3BucketManagementService implements ResourceItemService {
    public void deleteItem(ResourceItem item) {
        String password = item.getResourceServer().getLoginPassword();
        if (password.startsWith(ResourceManagementService.PASSWORD_ENCRYPT_AES_PREFIX)) {
-            password = EncryptionUtils.decryptWithAes(
-                    password.substring(ResourceManagementService.PASSWORD_ENCRYPT_AES_PREFIX.length()),
-                    resourceProperties.getPasswordEncryptionSeed(), item.getResourceServer().getName());
+            password = password.substring(ResourceManagementService.PASSWORD_ENCRYPT_AES_PREFIX.length());
        }
+        
+        password = EncryptionUtils.decryptWithAes(
+                password,
+                resourceProperties.getPasswordEncryptionSeed(), item.getResourceServer().getName());
        AmazonS3 amazonS3 = newS3Client(item.getResourceServer().getHost(), item.getResourceServer().getPort(),
                item.getResourceServer().getLoginUsername(), password);