Browse Source

Pull request #2337: REPORT-38872 设计器https证书密码明文存储

Merge in DESIGN/design from ~HADES/design:release/10.0 to release/10.0

* commit 'eeda38b25a41a2b981aed9f69243448900448e1e':
  REPORT-38872 设计器https证书密码明文存储
feature/big-screen
Hades 4 years ago
parent
commit
5328e10e6c
  1. 38
      designer-base/src/main/java/com/fr/design/env/RemoteDesignerWorkspaceInfo.java
  2. 24
      designer-base/src/main/java/com/fr/env/EnvListPane.java
  3. 67
      designer-base/src/test/java/com/fr/design/env/RemoteDesignerWorkspaceInfoTest.java

38
designer-base/src/main/java/com/fr/design/env/RemoteDesignerWorkspaceInfo.java vendored

@ -40,6 +40,12 @@ public class RemoteDesignerWorkspaceInfo implements DesignerWorkspaceInfo {
private WorkspaceConnectionInfo connection; private WorkspaceConnectionInfo connection;
/**
* 标记下新创建的远程工作目录 兼容存留的远程目录客户升级后再回退 读取为密文
* 仅保证当前新增是加密的
*/
private boolean newCreated;
public static RemoteDesignerWorkspaceInfo create(WorkspaceConnectionInfo connection) { public static RemoteDesignerWorkspaceInfo create(WorkspaceConnectionInfo connection) {
RemoteDesignerWorkspaceInfo info = new RemoteDesignerWorkspaceInfo(); RemoteDesignerWorkspaceInfo info = new RemoteDesignerWorkspaceInfo();
info.connection = connection; info.connection = connection;
@ -79,12 +85,21 @@ public class RemoteDesignerWorkspaceInfo implements DesignerWorkspaceInfo {
return remindTime; return remindTime;
} }
public boolean isNewCreated() {
return newCreated;
}
public void setNewCreated(boolean newCreated) {
this.newCreated = newCreated;
}
@Override @Override
public void readXML(XMLableReader reader) { public void readXML(XMLableReader reader) {
if (reader.isAttr()) { if (reader.isAttr()) {
this.name = reader.getAttrAsString("name", StringUtils.EMPTY); this.name = reader.getAttrAsString("name", StringUtils.EMPTY);
this.remindTime = reader.getAttrAsString("remindTime", StringUtils.EMPTY); this.remindTime = reader.getAttrAsString("remindTime", StringUtils.EMPTY);
this.newCreated = reader.getAttrAsBoolean("newCreated", false);
} }
if (reader.isChildNode()) { if (reader.isChildNode()) {
String tagName = reader.getTagName(); String tagName = reader.getTagName();
@ -92,32 +107,49 @@ public class RemoteDesignerWorkspaceInfo implements DesignerWorkspaceInfo {
String url = reader.getAttrAsString("url", StringUtils.EMPTY); String url = reader.getAttrAsString("url", StringUtils.EMPTY);
String username = reader.getAttrAsString("username", StringUtils.EMPTY); String username = reader.getAttrAsString("username", StringUtils.EMPTY);
//密码解密 //密码解密
String password = SecurityToolbox.defaultDecrypt(reader.getAttrAsString("password", StringUtils.EMPTY).replaceAll(" ", "\r\n")); String password = SecurityToolbox.defaultDecrypt(reader.getAttrAsString("password", StringUtils.EMPTY).replaceAll(StringUtils.BLANK, "\r\n"));
String certPath = reader.getAttrAsString("certPath", StringUtils.EMPTY); String certPath = reader.getAttrAsString("certPath", StringUtils.EMPTY);
String certSecretKey = reader.getAttrAsString("certSecretKey", StringUtils.EMPTY); String certSecretKey = readCertSecretKey(reader);
boolean rememberPwd = reader.getAttrAsBoolean("rememberPwd", true); boolean rememberPwd = reader.getAttrAsBoolean("rememberPwd", true);
this.connection = new WorkspaceConnectionInfo(url, username, password, certPath, certSecretKey, rememberPwd); this.connection = new WorkspaceConnectionInfo(url, username, password, certPath, certSecretKey, rememberPwd);
} }
} }
} }
private String readCertSecretKey(XMLableReader reader) {
if (isNewCreated()) {
return SecurityToolbox.defaultDecrypt(reader.getAttrAsString("certSecretKey", StringUtils.EMPTY).replaceAll(StringUtils.BLANK, "\r\n"));
} else {
return reader.getAttrAsString("certSecretKey", StringUtils.EMPTY);
}
}
@Override @Override
public void writeXML(XMLPrintWriter writer) { public void writeXML(XMLPrintWriter writer) {
writer.attr("name", name); writer.attr("name", name);
writer.attr("remindTime", remindTime); writer.attr("remindTime", remindTime);
writer.attr("newCreated", isNewCreated());
if (this.connection != null) { if (this.connection != null) {
writer.startTAG("Connection"); writer.startTAG("Connection");
writer.attr("url", connection.getUrl()); writer.attr("url", connection.getUrl());
writer.attr("username", connection.getUserName()); writer.attr("username", connection.getUserName());
writer.attr("password", SecurityToolbox.defaultEncrypt(connection.getPassword())); writer.attr("password", SecurityToolbox.defaultEncrypt(connection.getPassword()));
writer.attr("certPath", connection.getCertPath()); writer.attr("certPath", connection.getCertPath());
writer.attr("certSecretKey", connection.getCertSecretKey()); writeCertSecretKey(writer);
writer.attr("rememberPwd", connection.isRememberPwd()); writer.attr("rememberPwd", connection.isRememberPwd());
writer.end(); writer.end();
} }
} }
private void writeCertSecretKey(XMLPrintWriter writer) {
if (isNewCreated()) {
writer.attr("certSecretKey", SecurityToolbox.defaultEncrypt(connection.getCertSecretKey()));
} else {
writer.attr("certSecretKey", connection.getCertSecretKey());
}
}
@Override @Override
@SuppressWarnings("squid:S2975") @SuppressWarnings("squid:S2975")
public Object clone() throws CloneNotSupportedException { public Object clone() throws CloneNotSupportedException {

24
designer-base/src/main/java/com/fr/env/EnvListPane.java vendored

@ -3,6 +3,7 @@ package com.fr.env;
import com.fr.design.DesignerEnvManager; import com.fr.design.DesignerEnvManager;
import com.fr.design.dialog.FineJOptionPane; import com.fr.design.dialog.FineJOptionPane;
import com.fr.design.env.DesignerWorkspaceInfo; import com.fr.design.env.DesignerWorkspaceInfo;
import com.fr.design.env.DesignerWorkspaceType;
import com.fr.design.env.LocalDesignerWorkspaceInfo; import com.fr.design.env.LocalDesignerWorkspaceInfo;
import com.fr.design.env.RemoteDesignerWorkspaceInfo; import com.fr.design.env.RemoteDesignerWorkspaceInfo;
import com.fr.design.gui.controlpane.JListControlPane; import com.fr.design.gui.controlpane.JListControlPane;
@ -17,8 +18,10 @@ import com.fr.stable.core.PropertyChangeAdapter;
import javax.swing.*; import javax.swing.*;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Arrays; import java.util.Arrays;
import java.util.HashSet;
import java.util.Iterator; import java.util.Iterator;
import java.util.List; import java.util.List;
import java.util.Set;
/** /**
* @author yaohwu * @author yaohwu
@ -98,11 +101,30 @@ public class EnvListPane extends JListControlPane {
DesignerEnvManager mgr = DesignerEnvManager.getEnvManager(); DesignerEnvManager mgr = DesignerEnvManager.getEnvManager();
//这里代码时序换一下,因为update中需要借助mgr来获取提醒时间,已确认mgr对res无依赖 //这里代码时序换一下,因为update中需要借助mgr来获取提醒时间,已确认mgr对res无依赖
Nameable[] res = this.update(); Nameable[] res = this.update();
Set<Nameable> set = findNewWorkSpaceInfo(res);
mgr.clearAllEnv(); mgr.clearAllEnv();
for (Nameable re : res) { for (Nameable re : res) {
NameObject nameObject = (NameObject) re; NameObject nameObject = (NameObject) re;
mgr.putEnv(nameObject.getName(), (DesignerWorkspaceInfo) nameObject.getObject()); DesignerWorkspaceInfo info = (DesignerWorkspaceInfo) nameObject.getObject();
if (set.contains(re) && info.getType() == DesignerWorkspaceType.Remote) {
RemoteDesignerWorkspaceInfo newInfo = (RemoteDesignerWorkspaceInfo) info;
newInfo.setNewCreated(true);
mgr.putEnv(nameObject.getName(), newInfo);
} else {
mgr.putEnv(nameObject.getName(), info);
}
} }
return this.getSelectedName(); return this.getSelectedName();
} }
private Set<Nameable> findNewWorkSpaceInfo(Nameable[] res) {
Set<Nameable> set = new HashSet<>();
for (Nameable val : res) {
NameObject nameObject = (NameObject) val;
if (DesignerEnvManager.getEnvManager().getWorkspaceInfo(nameObject.getName()) == null) {
set.add(val);
}
}
return set;
}
} }

67
designer-base/src/test/java/com/fr/design/env/RemoteDesignerWorkspaceInfoTest.java vendored

@ -1,9 +1,16 @@
package com.fr.design.env; package com.fr.design.env;
import com.fr.invoke.Reflect;
import com.fr.stable.xml.XMLPrintWriter;
import com.fr.stable.xml.XMLReaderHelper;
import com.fr.stable.xml.XMLableReader;
import com.fr.workspace.connect.WorkspaceConnectionInfo; import com.fr.workspace.connect.WorkspaceConnectionInfo;
import junit.framework.TestCase; import junit.framework.TestCase;
import org.junit.Assert; import org.junit.Assert;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
/** /**
* @author hades * @author hades
* @version 10.0 * @version 10.0
@ -22,4 +29,64 @@ public class RemoteDesignerWorkspaceInfoTest extends TestCase {
Assert.assertFalse(workspaceInfo3.checkValid()); Assert.assertFalse(workspaceInfo3.checkValid());
} }
public void testReadXml() {
String xml0 = "<Connection url=\"https://192.168.101.171:8075/webroot/decision\" username=\"1\" password=\"EclFl2zl5ti32lqQIh9r/7iCd0Vmhm5uuLol+zs+oi4JWN8F6JA2Ym4PYeQOAR5cjvIdzhUgwoG/\n" +
"AJF1Ht1CFLfZqrztuJsWpP8GlMvqZb/Gi3TT2idJC/qHU6Am1jFe0qJoytyWUi5zGnZicTfVgDir\n" +
"gE0kuw1ONOzFCkVfNbLrC+DXIIbVa7ramqbsVa6/LDEqOJvfAE36cBYJjWGHjOT91ixldaCyEX8m\n" +
"0xmw5xvEuEiTgRUHufbKCEG0FOR1xvS3D3C9vlauoqDI1INOyUOawQvpuQ552AjZi/FH1v+eNt+q\n" +
"eU7iCzsKb6P5KomaKUTZ8EPlSR/+Ihzg5VjAyg==\" certPath=\"\" certSecretKey=\"bofKLt/G93T2NudGR71Npb1GCPSUVeC34dtFGa+DHRl2GfP3WM4Nitb/LwdA/mml5BNl/S5f4txt\n" +
"0jxK4r08BoWoleKt5r7C0Fapj6Ccm+qVP6ywaxN1PSC0ML8Fowo3VYhv2BVzdodMLLliIVngostk\n" +
"76gqsiatzJb0XiPnzb0UpjWs7lpgCw+XDBk2Qfpv/U8fyPmLkAxA+085w55vzLluu7o2ilaveOUk\n" +
"hmT3NfZinTTZd+dQJxfVfUgjKJdZ9C+EM/IkzY1gVYXYuZ8gl5wd5RkjC3VUOu36akmB09gXJ4S8\n" +
"z8ZdHilA5L9tneuS5C05DMRJ6CdO+avGJgJAtw==\" rememberPwd=\"true\"/>";
String xml1 = "<Connection url=\"https://192.168.101.171:8075/webroot/decision\" username=\"1\" password=\"EclFl2zl5ti32lqQIh9r/7iCd0Vmhm5uuLol+zs+oi4JWN8F6JA2Ym4PYeQOAR5cjvIdzhUgwoG/\n" +
"AJF1Ht1CFLfZqrztuJsWpP8GlMvqZb/Gi3TT2idJC/qHU6Am1jFe0qJoytyWUi5zGnZicTfVgDir\n" +
"gE0kuw1ONOzFCkVfNbLrC+DXIIbVa7ramqbsVa6/LDEqOJvfAE36cBYJjWGHjOT91ixldaCyEX8m\n" +
"0xmw5xvEuEiTgRUHufbKCEG0FOR1xvS3D3C9vlauoqDI1INOyUOawQvpuQ552AjZi/FH1v+eNt+q\n" +
"eU7iCzsKb6P5KomaKUTZ8EPlSR/+Ihzg5VjAyg==\" certPath=\"\" certSecretKey=\"xxxxxxx\" rememberPwd=\"true\"/>";
byte[] bytes0 = xml0.getBytes();
byte[] bytes1 = xml1.getBytes();
RemoteDesignerWorkspaceInfo info = new RemoteDesignerWorkspaceInfo();
ByteArrayInputStream in0 = new ByteArrayInputStream(bytes0);
ByteArrayInputStream in1 = new ByteArrayInputStream(bytes1);
try {
XMLableReader reader0 = XMLReaderHelper.createXMLableReader(in0, XMLPrintWriter.XML_ENCODER);
Reflect.on(reader0).set("state", 1);
info.setNewCreated(true);
info.readXML(reader0);
Assert.assertEquals("xxxxxxx", info.getConnection().getCertSecretKey());
XMLableReader reader1 = XMLReaderHelper.createXMLableReader(in1, XMLPrintWriter.XML_ENCODER);
Reflect.on(reader1).set("state", 1);
info.setNewCreated(false);
info.readXML(reader1);
Assert.assertEquals("xxxxxxx", info.getConnection().getCertSecretKey());
} catch (Exception ignore) {
}
}
public void testWriteXml() {
ByteArrayOutputStream out0 = new ByteArrayOutputStream();
XMLPrintWriter writer0 = XMLPrintWriter.create(out0);
RemoteDesignerWorkspaceInfo info0 = RemoteDesignerWorkspaceInfo.create(new WorkspaceConnectionInfo("127.0.0.1", "1", "1", "/xxx", "xxxxx", true));
info0.setNewCreated(true);
info0.writeXML(writer0);
writer0.close();
String result0 = new String(out0.toByteArray());
Assert.assertTrue(result0.contains("certSecretKey"));
Assert.assertFalse(result0.contains("certSecretKey=\"xxxxx\""));
ByteArrayOutputStream out1 = new ByteArrayOutputStream();
XMLPrintWriter writer1 = XMLPrintWriter.create(out1);
RemoteDesignerWorkspaceInfo info1 = RemoteDesignerWorkspaceInfo.create(new WorkspaceConnectionInfo("127.0.0.1", "1", "1", "/xxx", "xxxxx", true));
info1.writeXML(writer1);
writer1.close();
String result1 = new String(out1.toByteArray());
Assert.assertTrue(result1.contains("certSecretKey"));
Assert.assertTrue(result1.contains("certSecretKey=\"xxxxx\""));
}
} }

Loading…
Cancel
Save