From b8ddbe8ffa5718c5ab5c9b3438467c284af0de50 Mon Sep 17 00:00:00 2001 From: Kishan Kavala Date: Fri, 28 Mar 2014 18:47:05 +0530 Subject: [PATCH] CLOUDSTACK-6239: Encrypt security related config values before inserting into DB --- .../framework/security/keys/KeysManagerImpl.java | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/framework/security/src/org/apache/cloudstack/framework/security/keys/KeysManagerImpl.java b/framework/security/src/org/apache/cloudstack/framework/security/keys/KeysManagerImpl.java index 550bd155c95..15bb49c65ff 100644 --- a/framework/security/src/org/apache/cloudstack/framework/security/keys/KeysManagerImpl.java +++ b/framework/security/src/org/apache/cloudstack/framework/security/keys/KeysManagerImpl.java @@ -61,7 +61,7 @@ public class KeysManagerImpl implements KeysManager, Configurable { public String getHashKey() { String value = HashKey.value(); if (value == null) { - _configDepot.set(HashKey, getBase64EncodedRandomKey(128)); + _configDao.getValueAndInitIfNotExist(HashKey.key(), HashKey.category(), getBase64EncodedRandomKey(128), HashKey.description()); } return HashKey.value(); @@ -71,7 +71,8 @@ public class KeysManagerImpl implements KeysManager, Configurable { public String getEncryptionKey() { String value = EncryptionKey.value(); if (value == null) { - _configDepot.set(EncryptionKey, getBase64EncodedRandomKey(128)); + _configDao.getValueAndInitIfNotExist(EncryptionKey.key(), EncryptionKey.category(), getBase64EncodedRandomKey(128), + EncryptionKey.description()); } return EncryptionKey.value(); } @@ -80,7 +81,8 @@ public class KeysManagerImpl implements KeysManager, Configurable { public String getEncryptionIV() { String value = EncryptionIV.value(); if (value == null) { - _configDepot.set(EncryptionIV, getBase64EncodedRandomKey(128)); + _configDao.getValueAndInitIfNotExist(EncryptionIV.key(), EncryptionIV.category(), getBase64EncodedRandomKey(128), + EncryptionIV.description()); } return EncryptionIV.value(); }