Further split out encrypt-service-config

We have two distinct services being configured -- one is the
configurator and the other one is the service. These two are distinct,
yet overlap. Model them accordingly.

JIRA: AAA-250
Change-Id: I6ec62a0e660ca551389fe3112a71079db9627b01
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>

diff --git a/aaa-encrypt-service/impl/src/main/java/org/opendaylight/aaa/encrypt/impl/AAAEncryptionServiceConfigurator.java b/aaa-encrypt-service/impl/src/main/java/org/opendaylight/aaa/encrypt/impl/AAAEncryptionServiceConfigurator.java
index cc7471869c752ff409412e1c97e92c92116a4437..31e6f77c488916ee4afec83a535fe33e86517179 100644 (file)
--- a/aaa-encrypt-service/impl/src/main/java/org/opendaylight/aaa/encrypt/impl/AAAEncryptionServiceConfigurator.java
+++ b/aaa-encrypt-service/impl/src/main/java/org/opendaylight/aaa/encrypt/impl/AAAEncryptionServiceConfigurator.java
@@ -50,7 +50,7 @@ public final class AAAEncryptionServiceConfigurator implements EncryptServiceCon
         + "aaa-encrypt-service-config.xml";
     private static final SecureRandom RANDOM = new SecureRandom();
 
-    private final EncryptServiceConfig delegate;
+    private final AaaEncryptServiceConfig delegate;
 
     public AAAEncryptionServiceConfigurator(final DataBroker dataBroker,
             final AaaEncryptServiceConfig blueprintConfig) {
@@ -68,7 +68,7 @@ public final class AAAEncryptionServiceConfigurator implements EncryptServiceCon
         }
     }
 
-    private static @NonNull AaaEncryptServiceConfig generateConfig(final EncryptServiceConfig blueprintConfig) {
+    private static @NonNull AaaEncryptServiceConfig generateConfig(final AaaEncryptServiceConfig blueprintConfig) {
         LOG.debug("Set the Encryption service password and encrypt salt");
         final var salt = new byte[16];
         RANDOM.nextBytes(salt);
@@ -143,17 +143,12 @@ public final class AAAEncryptionServiceConfigurator implements EncryptServiceCon
 
     @Override
     public String getEncryptKey() {
-        return delegate.getEncryptKey();
+        return delegate.requireEncryptKey();
     }
 
     @Override
-    public Integer getPasswordLength() {
-        return delegate.getPasswordLength();
-    }
-
-    @Override
-    public String getEncryptSalt() {
-        return delegate.getEncryptSalt();
+    public byte[] getEncryptSalt() {
+        return Base64.getDecoder().decode(delegate.requireEncryptSalt());
     }
 
     @Override

diff --git a/aaa-encrypt-service/impl/src/main/java/org/opendaylight/aaa/encrypt/impl/AAAEncryptionServiceImpl.java b/aaa-encrypt-service/impl/src/main/java/org/opendaylight/aaa/encrypt/impl/AAAEncryptionServiceImpl.java
index 8ffba0059bfbb70bfe1296b18abdb24bfe854a3d..2ebe15246e06ddd38727d300de3f8b7fd2295d3b 100644 (file)
--- a/aaa-encrypt-service/impl/src/main/java/org/opendaylight/aaa/encrypt/impl/AAAEncryptionServiceImpl.java
+++ b/aaa-encrypt-service/impl/src/main/java/org/opendaylight/aaa/encrypt/impl/AAAEncryptionServiceImpl.java
@@ -42,7 +42,7 @@ public class AAAEncryptionServiceImpl implements AAAEncryptionService {
     private final Cipher decryptCipher;
 
     public AAAEncryptionServiceImpl(final EncryptServiceConfig encrySrvConfig) {
-        final byte[] encryptionKeySalt = Base64.getDecoder().decode(encrySrvConfig.requireEncryptSalt());
+        final byte[] encryptionKeySalt = encrySrvConfig.requireEncryptSalt();
         IvParameterSpec tempIvSpec = null;
         SecretKey tempKey = null;
         try {

diff --git a/aaa-encrypt-service/impl/src/main/yang/aaa-encrypt-service-config.yang b/aaa-encrypt-service/impl/src/main/yang/aaa-encrypt-service-config.yang
index c19a934a31f0368203c67cbce2b7c3e29445509b..be3a78dd785db37ac6e635dc47b26559570dbd1d 100644 (file)
--- a/aaa-encrypt-service/impl/src/main/yang/aaa-encrypt-service-config.yang
+++ b/aaa-encrypt-service/impl/src/main/yang/aaa-encrypt-service-config.yang
@@ -10,19 +10,7 @@ module aaa-encrypt-service-config {
     description "Initial revision.";
   }
 
-  grouping encrypt-service-config {
-    leaf encrypt-key {
-      description "Encryption key";
-      type string;
-    }
-    leaf password-length {
-      description "Encryption key password length";
-      type int32;
-    }
-    leaf encrypt-salt {
-      description "Encryption key salt";
-      type string;
-    }
+  grouping encrypt-service-preferences {
     leaf encrypt-method {
       description "The encryption method to use";
       type string;
@@ -45,7 +33,46 @@ module aaa-encrypt-service-config {
     }
   }
 
+  grouping encrypt-service-secrets {
+    leaf encrypt-key {
+      description "Encryption key";
+      type string;
+      mandatory true;
+    }
+    leaf encrypt-salt {
+      description "Encryption key salt";
+      type binary {
+        length 1..max;
+      }
+      mandatory true;
+    }
+  }
+
+  grouping encrypt-service-config {
+    uses encrypt-service-secrets;
+    uses encrypt-service-preferences;
+  }
+
+  grouping encrypt-service-generator-config {
+    leaf password-length {
+      description "Encryption key password length";
+      // FIXME: uint16, really, with a minimum of .. 8?
+      type int32;
+      default 12;
+    }
+    uses encrypt-service-preferences;
+  }
+
   container aaa-encrypt-service-config {
-    uses encrypt-service-config;
+    uses encrypt-service-generator-config;
+
+    leaf encrypt-key {
+      description "Encryption key";
+      type string;
+    }
+    leaf encrypt-salt {
+      description "Encryption key salt";
+      type string;
+    }
   }
 }