Code Review / netconf.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Bump upstreams
[netconf.git] / apps / netconf-topology / src / main / java / org / opendaylight / netconf / topology / spi / NetconfClientConfigurationBuilderFactoryImpl.java
diff --git a/apps/netconf-topology/src/main/java/org/opendaylight/netconf/topology/spi/NetconfClientConfigurationBuilderFactoryImpl.java b/apps/netconf-topology/src/main/java/org/opendaylight/netconf/topology/spi/NetconfClientConfigurationBuilderFactoryImpl.java
index ad5c935f446ae8323c5e478f21e465d34cc80fcb..1e9ef1e57fec97788fed7abce442c5abe607a636 100644 (file)
--- a/apps/netconf-topology/src/main/java/org/opendaylight/netconf/topology/spi/NetconfClientConfigurationBuilderFactoryImpl.java
+++ b/apps/netconf-topology/src/main/java/org/opendaylight/netconf/topology/spi/NetconfClientConfigurationBuilderFactoryImpl.java
@@ -13,6 +13,8 @@ import com.google.common.annotations.VisibleForTesting;
 import com.google.common.base.Strings;
 import java.io.IOException;
 import java.io.StringReader;
+import java.nio.charset.StandardCharsets;
+import java.security.GeneralSecurityException;
 import java.security.KeyPair;
 import java.security.Provider;
 import java.security.Security;
@@ -119,8 +121,16 @@ public final class NetconfClientConfigurationBuilderFactoryImpl implements Netco
         } else if (credentials instanceof LoginPw loginPw) {
             final var loginPassword = loginPw.getLoginPassword();
             final var username = loginPassword.getUsername();
-            final var password = Base64.getEncoder().encodeToString(loginPassword.getPassword());
-            sshParamsBuilder.setClientIdentity(loginPasswordIdentity(username, encryptionService.decrypt(password)));
+
+            final byte[] plainBytes;
+            try {
+                plainBytes = encryptionService.decrypt(loginPassword.getPassword());
+            } catch (GeneralSecurityException e) {
+                throw new IllegalStateException("Failed to decrypt password", e);
+            }
+
+            sshParamsBuilder.setClientIdentity(loginPasswordIdentity(username,
+                new String(plainBytes, StandardCharsets.UTF_8)));
         } else if (credentials instanceof KeyAuth keyAuth) {
             final var keyBased = keyAuth.getKeyBased();
             sshParamsBuilder.setClientIdentity(new ClientIdentityBuilder().setUsername(keyBased.getUsername()).build());
@@ -156,13 +166,24 @@ public final class NetconfClientConfigurationBuilderFactoryImpl implements Netco
         }
         final var passPhrase = Strings.isNullOrEmpty(dsKeypair.getPassphrase()) ? "" : dsKeypair.getPassphrase();
         try {
-            return decodePrivateKey(encryptionService.decrypt(dsKeypair.getPrivateKey()),
-                encryptionService.decrypt(passPhrase));
+            return decodePrivateKey(decryptString(dsKeypair.getPrivateKey()), decryptString(passPhrase));
         } catch (IOException e) {
             throw new IllegalStateException("Could not decode private key with keyId=" + keyId, e);
         }
     }
 
+    private String decryptString(final String encrypted) {
+        final byte[] cryptobytes = Base64.getDecoder().decode(encrypted);
+        final byte[] clearbytes;
+        try {
+            clearbytes = encryptionService.decrypt(cryptobytes);
+        } catch (GeneralSecurityException e) {
+            throw new IllegalStateException("Failed to decrypt", e);
+        }
+        return new String(clearbytes, StandardCharsets.UTF_8);
+    }
+
+
     @VisibleForTesting
     static KeyPair decodePrivateKey(final String privateKey, final String passphrase) throws IOException {
         try (var keyReader = new PEMParser(new StringReader(privateKey.replace("\\n", "\n")))) {
Netconf