hatter/tiny-encrypt-java
1
1
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

feat add init config

Browse Source
This commit is contained in:
Hatter Jiang
2021-04-16 01:03:59 +08:00
parent c1fe49608b
commit 8d656b518e
7 changed files with 121 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/main/java/me/hatter/tools/tinyencrypt/TinyEncryptArgs.java
View File

@@ -7,7 +7,7 @@ import java.io.File;
@CommandLine.Command(name = "tiny-encrypt", version = "tiny-encrypt v0.1.0")
public class TinyEncryptArgs {
@CommandLine.Option(names = {"-e", "--encrypt"}, description = "Encrypt file")
boolean encrypt = false;
boolean encrypt = false;
@CommandLine.Option(names = {"-d", "--decrypt"}, description = "Decrypt file")
boolean decrypt = false;
@@ -18,9 +18,15 @@ public class TinyEncryptArgs {
@CommandLine.Option(names = {"-c", "--comment"}, description = "Encrypt comment")
String comment;
@CommandLine.Option(names = {"--config"}, description = "Encrypt config")
File config;
@CommandLine.Parameters(paramLabel = "FILE", description = "Encrypt or Decrypt files")
File[] files;
@CommandLine.Option(names = {"--init-config"}, description = "Init encrypt config")
boolean doInitConfig = false;
@CommandLine.Option(names = {"-h", "--help"}, usageHelp = true, description = "Display a help message")
boolean helpRequested = false;

56
src/main/java/me/hatter/tools/tinyencrypt/TinyEncryptMain.java
View File

@@ -1,16 +1,26 @@
package me.hatter.tools.tinyencrypt;
import com.alibaba.fastjson.JSON;
import me.hatter.tools.commons.exception.JumpOutException;
import me.hatter.tools.commons.io.RFile;
import me.hatter.tools.commons.log.LogConfig;
import me.hatter.tools.commons.log.LogTool;
import me.hatter.tools.commons.log.LogTools;
import me.hatter.tools.commons.security.key.KeyPairTool;
import me.hatter.tools.commons.security.key.KeyUtil;
import me.hatter.tools.commons.security.key.PKType;
import me.hatter.tools.commons.string.StringUtil;
import me.hatter.tools.tinyencrypt.config.TinyEncryptConfig;
import me.hatter.tools.tinyencrypt.encrypt.EncryptedFileUtil;
import me.hatter.tools.tinyencrypt.encrypt.TinyEncryptMetaUtil;
import me.hatter.tools.tinyencrypt.util.BCUtil;
import picocli.CommandLine;
import java.io.File;
import java.security.KeyPair;
public class TinyEncryptMain {
private static final String DEFAULT_TINY_ENCRYPT_CONFIG = "~/.tinyencrypt_config.json";
private static final LogTool log;
static {
@@ -32,6 +42,33 @@ public class TinyEncryptMain {
return;
}
// ====================================================================================
if (tinyEncryptArgs.doInitConfig) {
if (StringUtil.isEmpty(tinyEncryptArgs.key)) {
log.error("Default key is not assigned");
return;
}
RFile writeTinyEncryptConfigRFile;
if (tinyEncryptArgs.config != null) {
writeTinyEncryptConfigRFile = RFile.from(tinyEncryptArgs.config);
} else {
writeTinyEncryptConfigRFile = RFile.from(DEFAULT_TINY_ENCRYPT_CONFIG);
}
if (writeTinyEncryptConfigRFile.exists()) {
log.error("File exists: " + tinyEncryptArgs.config);
return;
}
KeyPair keyPair = KeyPairTool.ins(PKType.secp256r1).generate().getKeyPair();
TinyEncryptConfig writeTinyEncryptConfig = new TinyEncryptConfig();
writeTinyEncryptConfig.setDefaultKeyName(tinyEncryptArgs.key);
writeTinyEncryptConfig.setLocalPublicKeyPem(KeyUtil.serializePublicKeyToPEM(keyPair.getPublic()));
writeTinyEncryptConfig.setLocalPrivateKeyPem(KeyUtil.serializePrivateKeyToPEM(keyPair.getPrivate()));
writeTinyEncryptConfigRFile.write(JSON.toJSONString(writeTinyEncryptConfig, true));
log.info("Write file success: " + writeTinyEncryptConfigRFile.file());
return;
}
// ====================================================================================
boolean isEncrypt = tinyEncryptArgs.encrypt;
boolean isDecrypt = tinyEncryptArgs.decrypt;
if (isEncrypt && isDecrypt) {
@@ -43,17 +80,34 @@ public class TinyEncryptMain {
return;
}
TinyEncryptConfig config;
if (tinyEncryptArgs.config != null) {
config = RFile.from(tinyEncryptArgs.config).parseJSONObject(TinyEncryptConfig.class);
} else {
RFile defaultTinyEncryptConfigFile = RFile.from(DEFAULT_TINY_ENCRYPT_CONFIG);
if (defaultTinyEncryptConfigFile.notExists()) {
log.error("Config file not assigned, and no default config file: " + DEFAULT_TINY_ENCRYPT_CONFIG);
return;
}
config = defaultTinyEncryptConfigFile.parseJSONObject(TinyEncryptConfig.class);
}
if (StringUtil.isNotBlank(tinyEncryptArgs.key)) {
log.info("Using key from args: " + tinyEncryptArgs.key);
config.setDefaultKeyName(tinyEncryptArgs.key);
}
if ((tinyEncryptArgs.files == null) || (tinyEncryptArgs.files.length == 0)) {
log.error("FILE is not assigned.");
return;
}
int total = tinyEncryptArgs.files.length;
try {
int index = 1;
for (File f : tinyEncryptArgs.files) {
log.info("Start processing file: " + f + ", " + index + " of " + total);
if (tinyEncryptArgs.encrypt) {
EncryptedFileUtil.encryptFile(tinyEncryptArgs.key, f, tinyEncryptArgs.comment);
EncryptedFileUtil.encryptFile(config, tinyEncryptArgs.key, f, tinyEncryptArgs.comment);
} else {
EncryptedFileUtil.decryptFile(f);
}

18
src/main/java/me/hatter/tools/tinyencrypt/config/TinyEncryptConfig.java
View File

@@ -2,6 +2,8 @@ package me.hatter.tools.tinyencrypt.config;
public class TinyEncryptConfig {
private String defaultKeyName;
private String localPublicKeyPem;
private String localPrivateKeyPem;
public String getDefaultKeyName() {
return defaultKeyName;
@@ -10,4 +12,20 @@ public class TinyEncryptConfig {
public void setDefaultKeyName(String defaultKeyName) {
this.defaultKeyName = defaultKeyName;
}
public String getLocalPublicKeyPem() {
return localPublicKeyPem;
}
public void setLocalPublicKeyPem(String localPublicKeyPem) {
this.localPublicKeyPem = localPublicKeyPem;
}
public String getLocalPrivateKeyPem() {
return localPrivateKeyPem;
}
public void setLocalPrivateKeyPem(String localPrivateKeyPem) {
this.localPrivateKeyPem = localPrivateKeyPem;
}
}

5
src/main/java/me/hatter/tools/tinyencrypt/encrypt/EncryptedFileUtil.java
View File

@@ -9,6 +9,7 @@ import me.hatter.tools.commons.log.LogTools;
import me.hatter.tools.commons.security.crypt.CryptOutputStream;
import me.hatter.tools.commons.tlv.Tlv;
import me.hatter.tools.commons.tlv.TlvUtil;
import me.hatter.tools.tinyencrypt.config.TinyEncryptConfig;
import me.hatter.tools.tinyencrypt.util.BCUtil;
import java.io.*;
@@ -52,7 +53,7 @@ public class EncryptedFileUtil {
}
}
public static void encryptFile(String keyName, File file, String comment) {
public static void encryptFile(TinyEncryptConfig config, String keyName, File file, String comment) {
File encFile = getEncryptFile(file);
if (encFile.exists()) {
log.warn("File exists, skip: " + encFile);
@@ -61,7 +62,7 @@ public class EncryptedFileUtil {
try {
try (FileInputStream fis = new FileInputStream(file)) {
try (FileOutputStream fos = new FileOutputStream(encFile)) {
TinyEncryptMeta meta = TinyEncryptMetaUtil.create(keyName, comment);
TinyEncryptMeta meta = TinyEncryptMetaUtil.create(config, comment);
TlvUtil.writeTlv(fos, TlvUtil.create(1, TinyEncryptMetaUtil.toString(meta)));
fos.flush();
try (OutputStream newOs = getEncryptOutputStream(fos, meta)) {

15
src/main/java/me/hatter/tools/tinyencrypt/encrypt/TinyEncryptMeta.java
View File

@@ -2,6 +2,8 @@ package me.hatter.tools.tinyencrypt.encrypt;
import com.alibaba.fastjson.annotation.JSONField;
import java.util.Arrays;
public class TinyEncryptMeta {
private String version;
private long created;
@@ -67,4 +69,17 @@ public class TinyEncryptMeta {
public void setNonce(byte[] nonce) {
this.nonce = nonce;
}
@Override
public String toString() {
return "TinyEncryptMeta{" +
"version='" + version + '\'' +
", created=" + created +
", userAgent='" + userAgent + '\'' +
", comment='" + comment + '\'' +
", envelop='" + envelop + '\'' +
", dataKey=***" +
", nonce=***" +
'}';
}
}

23
src/main/java/me/hatter/tools/tinyencrypt/encrypt/TinyEncryptMetaUtil.java
View File

@@ -8,9 +8,19 @@ import me.hatter.tools.commons.log.LogTool;
import me.hatter.tools.commons.log.LogTools;
import me.hatter.tools.commons.network.HttpRequest;
import me.hatter.tools.commons.os.OSUtil;
import me.hatter.tools.commons.security.key.KeyPairTool;
import me.hatter.tools.commons.security.key.KeyUtil;
import me.hatter.tools.commons.security.key.PKType;
import me.hatter.tools.commons.security.pem.PEMUtil;
import me.hatter.tools.commons.security.random.RandomTool;
import me.hatter.tools.commons.security.rsa.PrivateKeyParseTool;
import me.hatter.tools.commons.security.sign.Signatures;
import me.hatter.tools.tinyencrypt.config.TinyEncryptConfig;
import me.hatter.tools.tinyencrypt.config.TinyEncryptConstant;
import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.util.ArrayList;
import java.util.Base64;
import java.util.List;
@@ -27,9 +37,20 @@ public class TinyEncryptMetaUtil {
return JSON.parseObject(meta, TinyEncryptMeta.class);
}
public static TinyEncryptMeta create(String name, String comment) {
public static TinyEncryptMeta create(TinyEncryptConfig config, String comment) {
PublicKey publicKey = KeyUtil.parsePublicKeyPEM(config.getLocalPublicKeyPem());
PrivateKey privateKey = KeyUtil.parsePrivateKeyPEM(config.getLocalPrivateKeyPem());
String name = config.getDefaultKeyName();
String timestamp = String.valueOf(System.currentTimeMillis());
String toBeSigned = name + "|" + timestamp;
Bytes sign = Signatures.sha256(privateKey).sign(toBeSigned);
List<HttpRequest.KeyValue> keyValues = new ArrayList<>();
keyValues.add(new HttpRequest.KeyValue("name", name));
keyValues.add(new HttpRequest.KeyValue("timestamp", timestamp));
keyValues.add(new HttpRequest.KeyValue("dataKeyPublicKey", KeyUtil.serializePublicKeyToPEM(publicKey)));
keyValues.add(new HttpRequest.KeyValue("dataKeyRequestSign", sign.asBase64()));
log.info("Get data key from kms, key name: " + name);
Bytes response = HttpRequest.fromUrl(KMS_GET_DATA_KEY).post(keyValues);
JSONObject responseObject = response.asJSON();