def __get_encryption_service(self, domain_home): """ Get the encryption service for the specified domain. :param domain_home: the domain home directory :return: the encryption service :raises: EncryptionException: if an error occurs getting the WebLogic encryption services """ _method_name = '__get_encryption_service' system_ini = SerializedSystemIni.getEncryptionService(domain_home) if system_ini is None: ex = exception_helper.create_encryption_exception('WLSDPLY-01740') self.logger.throwing(ex, class_name=self._class_name, method_name=_method_name) raise ex encryption_service = ClearOrEncryptedService(system_ini) if encryption_service is None: ex = exception_helper.create_encryption_exception('WLSDPLY-01741') self.logger.throwing(ex, class_name=self._class_name, method_name=_method_name) raise ex return encryption_service
def _initialize_password_field_names(): """ Initialize the password field names structure. :raises: EncryptionException: if an error occurs while loading and parsing the password field names file """ global _password_field_names _method_name = '_initialize_password_field_names' if _password_field_names is None: password_field_names_stream = FileUtils.getResourceAsStream(_password_field_names_file) if password_field_names_stream is None: ex = exception_helper.create_encryption_exception('WLSDPLY-04100', _password_field_names_file) _logger.throwing(ex, class_name=_class_name, method_name=_method_name) raise ex try: password_field_names_dict = \ JsonStreamTranslator(_password_field_names_file, password_field_names_stream).parse() except JsonException, je: ex = exception_helper.create_encryption_exception('WLSDPLY-04101', _password_field_names_file, je.getLocalizedMessage(), error=je) _logger.throwing(ex, class_name=_class_name, method_name=_method_name) raise ex if password_field_names_dict is not None and 'passwordFieldNames' in password_field_names_dict: _password_field_names = password_field_names_dict['passwordFieldNames'] else: ex = exception_helper.create_encryption_exception('WLSDPLY-04102', _password_field_names_file) _logger.throwing(ex, class_name=_class_name, method_name=_method_name) raise ex
def __process_args(args): """ Process the command-line arguments and prompt the user for any missing information :param args: the command-line arguments list :raises CLAException: if an error occurs while validating and processing the command-line arguments """ _method_name = '__process_args' cla_util = CommandLineArgUtil(_program_name, __required_arguments, __optional_arguments) required_arg_map, optional_arg_map = cla_util.process_args(args) __verify_required_args_present(required_arg_map) __validate_mode_args(optional_arg_map) __process_passphrase_arg(optional_arg_map) # # Prompt for the password to encrypt if the -manual switch was specified # if CommandLineArgUtil.ENCRYPT_MANUAL_SWITCH in optional_arg_map and \ CommandLineArgUtil.ONE_PASS_SWITCH not in optional_arg_map: try: pwd = getcreds.getpass('WLSDPLY-04200') except IOException, ioe: ex = exception_helper.create_encryption_exception( 'WLSDPLY-04201', ioe.getLocalizedMessage(), error=ioe) __logger.throwing(ex, class_name=_class_name, method_name=_method_name) raise ex optional_arg_map[CommandLineArgUtil.ONE_PASS_SWITCH] = String(pwd)
def __process_passphrase_arg(optional_arg_map): """ Prompt for the passphrase. :param optional_arg_map: the optional arguments map :raises CLAException: if an error occurs reading the passphrase input from the user """ _method_name = '__process_passphrase_arg' if CommandLineArgUtil.PASSPHRASE_SWITCH not in optional_arg_map: got_matching_passphrases = False while not got_matching_passphrases: try: passphrase = getcreds.getpass('WLSDPLY-04203') passphrase2 = getcreds.getpass('WLSDPLY-04204') except IOException, ioe: ex = exception_helper.create_encryption_exception( 'WLSDPLY-04205', ioe.getLocalizedMessage(), error=ioe) __logger.throwing(ex, class_name=_class_name, method_name=_method_name) raise ex if passphrase == passphrase2: got_matching_passphrases = True optional_arg_map[ CommandLineArgUtil.PASSPHRASE_SWITCH] = String(passphrase)
def _encrypt_variable_value(self, folder_name, field_name, var_name): """ Encrypt the variable value, and replace it in the variable set. :param folder_name: text describing the folder location, used for logging :param field_name: the attribute name :param var_name: the variable name :return: the number of variable changes """ _method_name = '_encrypt_variable_value' # if variables file was not specified, don't try to encrypt if self.variables is None: return # Do not encrypt already encrypted to match model encryption: Don't encrypt encrypted value if var_name in self.variables: var_value = self.variables[var_name] if len(var_value) > 0: # don't encrypt an already encrypted variable. Matches logic in model if EncryptionUtils.isEncryptedString(var_value): self._logger.fine('WLSDPLY-04109', folder_name, field_name, var_name) return encrypted_value = EncryptionUtils.encryptString(var_value, String(self.passphrase).toCharArray()) self.variables[var_name] = encrypted_value self.variable_changes += 1 self._logger.fine('WLSDPLY-04106', folder_name, field_name, var_name, class_name=self._class_name, method_name=_method_name) else: ex = exception_helper.create_encryption_exception('WLSDPLY-04107', var_name, field_name, folder_name) self._logger.throwing(ex, class_name=self._class_name, method_name=_method_name) raise ex
def _encrypt_variable_value(passphrase, dict_name, field_name, var_name, variables): """ Encrypt the variable value. :param passphrase: the encryption passphrase :param dict_name: the model element name :param field_name: the attribute name :param var_name: the variable name :param variables: the variables :return: the number of variable changes """ _method_name = '_encrypt_variable_value' variable_changes = 0 if variables is None: return variable_changes if var_name in variables: var_value = variables[var_name] if len(var_value) > 0: encrypted_value = EncryptionUtils.encryptString(var_value, String(passphrase).toCharArray()) variables[var_name] = encrypted_value _logger.fine('WLSDPLY-04106', dict_name, field_name, var_name, class_name=_class_name, method_name=_method_name) variable_changes = 1 else: ex = exception_helper.create_encryption_exception('WLSDPLY-04107', var_name, field_name, dict_name) _logger.throwing(ex, class_name=_class_name, method_name=_method_name) raise ex return variable_changes
def _encrypt_variable_value(self, folder_name, field_name, var_name): """ Encrypt the variable value, and replace it in the variable set. :param folder_name: text describing the folder location, used for logging :param field_name: the attribute name :param var_name: the variable name :return: the number of variable changes """ _method_name = '_encrypt_variable_value' # if variables file was not specified, don't try to encrypt if self.variables is None: return # this variable may have been encrypted for another attribute if var_name in self.variables_changed: return if var_name in self.variables: var_value = self.variables[var_name] if len(var_value) > 0: encrypted_value = EncryptionUtils.encryptString( var_value, String(self.passphrase).toCharArray()) self.variables[var_name] = encrypted_value self.variables_changed.append(var_name) self._logger.fine('WLSDPLY-04106', folder_name, field_name, var_name, class_name=self._class_name, method_name=_method_name) else: ex = exception_helper.create_encryption_exception( 'WLSDPLY-04107', var_name, field_name, folder_name) self._logger.throwing(ex, class_name=self._class_name, method_name=_method_name) raise ex