cloudstack-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From wid...@apache.org
Subject [35/50] [abbrv] git commit: updated refs/heads/rbd-snap-clone to bc82173
Date Sat, 18 May 2013 12:57:00 GMT
CLOUDSTACK-2552. Modify AWSAPI to decrypt db values using the decrypted database_key and not
management_server_key


Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/046580fc
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/046580fc
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/046580fc

Branch: refs/heads/rbd-snap-clone
Commit: 046580fcf117aadf77179011ecfb5dfffdcca65f
Parents: adbebc1
Author: Likitha Shetty <likitha.shetty@citrix.com>
Authored: Fri May 17 13:12:36 2013 +0530
Committer: Likitha Shetty <likitha.shetty@citrix.com>
Committed: Fri May 17 13:16:04 2013 +0530

----------------------------------------------------------------------
 .../bridge/persist/dao/CloudStackUserDaoImpl.java  |   12 +++---------
 1 files changed, 3 insertions(+), 9 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cloudstack/blob/046580fc/awsapi/src/com/cloud/bridge/persist/dao/CloudStackUserDaoImpl.java
----------------------------------------------------------------------
diff --git a/awsapi/src/com/cloud/bridge/persist/dao/CloudStackUserDaoImpl.java b/awsapi/src/com/cloud/bridge/persist/dao/CloudStackUserDaoImpl.java
index f108a20..5aac396 100644
--- a/awsapi/src/com/cloud/bridge/persist/dao/CloudStackUserDaoImpl.java
+++ b/awsapi/src/com/cloud/bridge/persist/dao/CloudStackUserDaoImpl.java
@@ -19,15 +19,14 @@ package com.cloud.bridge.persist.dao;
 import javax.ejb.Local;
 
 import org.apache.log4j.Logger;
-import org.jasypt.encryption.pbe.StandardPBEStringEncryptor;
 import org.springframework.stereotype.Component;
 
 import com.cloud.bridge.model.CloudStackUserVO;
-import com.cloud.bridge.util.EncryptionSecretKeyCheckerUtil;
 import com.cloud.utils.db.GenericDaoBase;
 import com.cloud.utils.db.SearchBuilder;
 import com.cloud.utils.db.SearchCriteria;
 import com.cloud.utils.db.Transaction;
+import com.cloud.utils.crypt.DBEncryptionUtil;
 
 @Component
 @Local(value={CloudStackUserDao.class})
@@ -51,13 +50,8 @@ public class CloudStackUserDaoImpl extends GenericDaoBase<CloudStackUserVO,
Stri
             sc.setParameters("apiKey", accessKey);
             user =  findOneBy(sc);
             if ( user != null && user.getSecretKey() != null) {
-                // if the cloud db is encrypted, decrypt the secret_key returned by cloud
db before signature generation
-                if( EncryptionSecretKeyCheckerUtil.useEncryption() ) {
-                    StandardPBEStringEncryptor encryptor = EncryptionSecretKeyCheckerUtil.getEncryptor();
-                    cloudSecretKey = encryptor.decrypt( user.getSecretKey() );
-                } else {
-                    cloudSecretKey = user.getSecretKey();
-                }
+                // User secret key could be encrypted
+                cloudSecretKey = DBEncryptionUtil.decrypt(user.getSecretKey());
             }
             return cloudSecretKey;
         } finally {


Mime
View raw message