Added config file password encryption capabilities.

Author: dstreev

README.md

@@ -82,6 +82,70 @@ hive-sre sre -db priv_dstreev -o ./sre-out`
 
 **NOTE** It is NOT necessary to use the `-cfg` option if your config is `$HOME/.hive-sre/cfg/default`.
 
+### Using Encrypted Password in the config 'yaml'
+
+#### Generate the Encrypted Password
+
+Use the `-pkey <password-key>` and `-p <password-to-encrypt` options of `hive-sre`
+
+`hive-sre u3 -pkey cloudera -p have-a-nice-day`
+
+Will generate:
+```
+...
+Encrypted password: HD1eNF8NMFahA2smLM9c4g==
+```
+
+Copy this encrypted password and place it in your configuration file for the connection `password`.  Repeat for the other passwords, if it's different, and paste it in the configuration as well.
+
+#### Running with Encrypted Passwords
+
+Using the **same** `-pkey <password-key>` you used to generate the encrypted password, we'll run `hive-sre`
+
+`hive-sre u3 -pkey cloudera ...`
+
+When the `-pkey` option is specified **WITHOUT** the `-p` option (used previously), `hive-sre` will understand to **decrypt** the configuration passwords before connecting to the resources.  If you receive jdbc connection exceptions, recheck the `-pkey` and encrypted password from before.
+
+**NOTE**: The encrypted password process is shared by `u3`, `sre`, and `perf`.  It's not necessary to use different configs or password keys.
+
+#### Checking the 'encrypted' password with Key
+
+If you're not sure the password is correct, copy the 'encrypted' password from the config file and run: 
+
+```
+hive-sre u3 -pkey <password-key> -dp <encrypted_password>
+```
+
+For example:
+```
+# Encrypt
+dstreev@e01 ~ $ hive-sre u3 -pkey cloudera -p have-a-nice-day
+APP_DIR: /usr/local/hive-sre/bin
+Running Host instance
+Application JAVA_OPTS=-Djavax.net.ssl.trustStore=/home/dstreev/bin/certs/gateway-client-trust.jks -Djavax.net.ssl.trustStorePassword=changeit
+PRG_ARGS= "u3" "-pkey" "cloudera" "-p" "have-a-nice-day"
+openjdk version "1.8.0_272"
+OpenJDK Runtime Environment (build 1.8.0_272-b10)
+OpenJDK 64-Bit Server VM (build 25.272-b10, mixed mode)
+Launching: u3
+Using Config: /home/dstreev/.hive-sre/cfg/default.yaml
+1:Encrypted Password: HD1eNF8NMFahA2smLM9c4g==
+
+# Decrypt
+dstreev@e01 ~ $ hive-sre u3 -pkey cloudera -dp HD1eNF8NMFahA2smLM9c4g==
+APP_DIR: /usr/local/hive-sre/bin
+Running Host instance
+Application JAVA_OPTS=-Djavax.net.ssl.trustStore=/home/dstreev/bin/certs/gateway-client-trust.jks -Djavax.net.ssl.trustStorePassword=changeit
+PRG_ARGS= "u3" "-pkey" "cloudera" "-dp" "HD1eNF8NMFahA2smLM9c4g=="
+openjdk version "1.8.0_272"
+OpenJDK Runtime Environment (build 1.8.0_272-b10)
+OpenJDK 64-Bit Server VM (build 25.272-b10, mixed mode)
+Launching: u3
+Using Config: /home/dstreev/.hive-sre/cfg/default.yaml
+2:Decrypted Password: have-a-nice-day
+```
+
+
 ### Output
 
 The output is a set of files with actions and error (when encountered).  The files maybe `txt` files or `markdown`.  You may want to use a `markdown` viewer for easier viewing of those reports.  The markdown viewer needs to support [github markdown tables](https://github.com/adam-p/markdown-here/wiki/Markdown-Cheatsheet#tables) .

pom.xml

@@ -22,7 +22,7 @@
 
     <groupId>com.cloudera.utils.hive</groupId>
     <artifactId>hive-sre</artifactId>
-    <version>2.4.0.22.0-SNAPSHOT</version>
+    <version>2.4.0.23.0-SNAPSHOT</version>
 
     <name>hive-sre</name>
 

src/main/java/com/cloudera/utils/Messages.java

@@ -0,0 +1,67 @@
+package com.cloudera.utils;
+
+import com.cloudera.utils.hive.sre.MessageCode;
+
+import java.text.MessageFormat;
+import java.util.*;
+
+public class Messages {
+
+    private final BitSet bitSet;
+    private final Map<Integer, Object[]> argMap = new TreeMap<Integer, Object[]>();
+
+    public Messages(int size) {
+        bitSet = new BitSet(size);
+    }
+
+    public void set(int bit, Object... args) {
+        bitSet.set(bit);
+        if (args != null) {
+            argMap.put(bit, args);
+        }
+    }
+
+    public void set(int bit) {
+        bitSet.set(bit);
+    }
+
+    public long getReturnCode() {
+        long rtn = 0;
+        long[] messageSet = bitSet.toLongArray();
+        for (long messageBit : messageSet) {
+            rtn = rtn | messageBit;
+        }
+        return rtn;
+    }
+
+    public String getMessage(int bit) {
+        String rtn = null;
+        for (MessageCode messageCode : MessageCode.values()) {
+            if (messageCode.getCode() == bit) {
+                if (argMap.containsKey(bit)) {
+                    Object[] args = argMap.get(messageCode.getCode());
+                    rtn = MessageFormat.format(messageCode.getDesc(), args);
+                } else {
+                    rtn = messageCode.getDesc();
+                }
+
+            }
+        }
+        return rtn;
+    }
+
+    public String[] getMessages() {
+        List<String> messageList = new ArrayList<String>();
+        for (MessageCode messageCode : MessageCode.getCodes(bitSet)) {
+            if (!argMap.containsKey(messageCode.getCode())) {
+                messageList.add(messageCode.getCode()+":"+messageCode.getDesc());
+            } else {
+                messageList.add(messageCode.getCode()+":"+MessageFormat.format(messageCode.getDesc(), argMap.get(messageCode.getCode())));
+            }
+        }
+        String[] rtn = messageList.toArray(new String[0]);
+
+        return rtn;
+    }
+
+}

src/main/java/com/cloudera/utils/Protect.java

@@ -0,0 +1,143 @@
+/*
+ * Copyright 2021 Cloudera, Inc. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.cloudera.utils;
+
+import javax.crypto.BadPaddingException;
+import javax.crypto.Cipher;
+import javax.crypto.IllegalBlockSizeException;
+import javax.crypto.NoSuchPaddingException;
+import javax.crypto.spec.SecretKeySpec;
+import javax.xml.bind.DatatypeConverter;
+import java.nio.charset.StandardCharsets;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+
+public class Protect {
+
+
+//    KeyGenerator keyGenerator = null;
+    String key = null;
+    SecretKeySpec keySpec = null;
+//    SecretKey secretKey = null;
+    Cipher cipher = null;
+    final String initialVector = "ae280ckq";
+
+    final protected static char[] hexArray = "0123456789ABCDEF".toCharArray();
+
+    // Converts byte array to hex string
+    // From: http://stackoverflow.com/questions/9655181/convert-from-byte-array-to-hex-string-in-java
+    public static String bytesToHex(byte[] bytes) {
+        char[] hexChars = new char[bytes.length * 2];
+        for ( int j = 0; j < bytes.length; j++ ) {
+            int v = bytes[j] & 0xFF;
+            hexChars[j * 2] = hexArray[v >>> 4];
+            hexChars[j * 2 + 1] = hexArray[v & 0x0F];
+        }
+        return new String(hexChars);
+    }
+
+    public Protect(String key) {
+        this.key = key;
+        try {
+            /*
+            Create key spec seeded with a user defined key.
+             */
+            keySpec = new SecretKeySpec(key.getBytes(StandardCharsets.UTF_8), "Blowfish");
+
+            /**
+             * Create an instance of cipher mentioning the name of algorithm
+             *     - Blowfish
+             */
+            cipher = Cipher.getInstance("Blowfish/CBC/PKCS5Padding");
+        } catch (NoSuchPaddingException ex) {
+            System.out.println(ex);
+        } catch (NoSuchAlgorithmException ex) {
+            System.out.println(ex);
+        }
+
+    }
+
+    /**
+     * @param plainText
+     * @return cipherBytes
+     */
+    public String encrypt(String plainText) {
+
+        String rtn = null;
+        byte[] encoding = new byte[0];
+        try {
+            cipher.init(Cipher.ENCRYPT_MODE, keySpec, new javax.crypto.spec.IvParameterSpec(initialVector.getBytes()));
+            encoding = cipher.doFinal(plainText.getBytes());
+        } catch (InvalidKeyException|InvalidAlgorithmParameterException|IllegalBlockSizeException|BadPaddingException e) {
+            e.printStackTrace();
+            throw new RuntimeException(e);
+        }
+
+        rtn = DatatypeConverter.printBase64Binary(encoding);
+
+//        System.out.println("-- Encrypted -----------");
+//        System.out.println("Base64:\t " + rtn);
+//        System.out.println("HEX:\t " + bytesToHex(encoding));
+
+        return rtn;
+    }
+
+    /**
+     * @param text
+     * @return plainText
+     */
+    public String decrypt(String text) throws RuntimeException {
+        String plainText = null;
+        byte[] ciphertext = DatatypeConverter.parseBase64Binary(text);
+
+        // Decrypt
+        try {
+            cipher.init(Cipher.DECRYPT_MODE, keySpec, new javax.crypto.spec.IvParameterSpec(initialVector.getBytes()));
+        } catch (InvalidKeyException e) {
+            e.printStackTrace();
+        } catch (InvalidAlgorithmParameterException e) {
+            e.printStackTrace();
+        }
+        byte[] message = new byte[0];
+        try {
+            message = cipher.doFinal(ciphertext);
+        } catch (IllegalBlockSizeException e) {
+            throw new RuntimeException(e);
+        } catch (BadPaddingException e) {
+            throw new RuntimeException(e);
+        }
+        plainText = new String(message);
+
+//        System.out.println("-- Decrypted -----------");
+//        System.out.println("HEX:\t " + bytesToHex(message));
+//        System.out.println("PLAIN:\t " + plainText);
+
+        return plainText;
+    }
+
+    public static void main(String[] args) {
+        Protect blowfishAlgorithm = new Protect("hello2");
+        String textToEncrypt = "Blowfish Algorithm";
+        System.out.println("Text before Encryption: " + textToEncrypt);
+        String cipherText = blowfishAlgorithm.encrypt(textToEncrypt);
+        System.out.println("Cipher Text: " + cipherText);
+        System.out.println("Text after Decryption: " + blowfishAlgorithm.decrypt(cipherText));
+    }
+
+}
+