+ "aaa-encrypt-service-config.xml";
private static final SecureRandom RANDOM = new SecureRandom();
- private final EncryptServiceConfig delegate;
+ private final AaaEncryptServiceConfig delegate;
public AAAEncryptionServiceConfigurator(final DataBroker dataBroker,
final AaaEncryptServiceConfig blueprintConfig) {
}
}
- private static @NonNull AaaEncryptServiceConfig generateConfig(final EncryptServiceConfig blueprintConfig) {
+ private static @NonNull AaaEncryptServiceConfig generateConfig(final AaaEncryptServiceConfig blueprintConfig) {
LOG.debug("Set the Encryption service password and encrypt salt");
final var salt = new byte[16];
RANDOM.nextBytes(salt);
@Override
public String getEncryptKey() {
- return delegate.getEncryptKey();
+ return delegate.requireEncryptKey();
}
@Override
- public Integer getPasswordLength() {
- return delegate.getPasswordLength();
- }
-
- @Override
- public String getEncryptSalt() {
- return delegate.getEncryptSalt();
+ public byte[] getEncryptSalt() {
+ return Base64.getDecoder().decode(delegate.requireEncryptSalt());
}
@Override
private final Cipher decryptCipher;
public AAAEncryptionServiceImpl(final EncryptServiceConfig encrySrvConfig) {
- final byte[] encryptionKeySalt = Base64.getDecoder().decode(encrySrvConfig.requireEncryptSalt());
+ final byte[] encryptionKeySalt = encrySrvConfig.requireEncryptSalt();
IvParameterSpec tempIvSpec = null;
SecretKey tempKey = null;
try {
description "Initial revision.";
}
- grouping encrypt-service-config {
- leaf encrypt-key {
- description "Encryption key";
- type string;
- }
- leaf password-length {
- description "Encryption key password length";
- type int32;
- }
- leaf encrypt-salt {
- description "Encryption key salt";
- type string;
- }
+ grouping encrypt-service-preferences {
leaf encrypt-method {
description "The encryption method to use";
type string;
}
}
+ grouping encrypt-service-secrets {
+ leaf encrypt-key {
+ description "Encryption key";
+ type string;
+ mandatory true;
+ }
+ leaf encrypt-salt {
+ description "Encryption key salt";
+ type binary {
+ length 1..max;
+ }
+ mandatory true;
+ }
+ }
+
+ grouping encrypt-service-config {
+ uses encrypt-service-secrets;
+ uses encrypt-service-preferences;
+ }
+
+ grouping encrypt-service-generator-config {
+ leaf password-length {
+ description "Encryption key password length";
+ // FIXME: uint16, really, with a minimum of .. 8?
+ type int32;
+ default 12;
+ }
+ uses encrypt-service-preferences;
+ }
+
container aaa-encrypt-service-config {
- uses encrypt-service-config;
+ uses encrypt-service-generator-config;
+
+ leaf encrypt-key {
+ description "Encryption key";
+ type string;
+ }
+ leaf encrypt-salt {
+ description "Encryption key salt";
+ type string;
+ }
}
}