diff --git a/silk-core/src/main/scala/org/silkframework/runtime/plugin/ParameterType.scala b/silk-core/src/main/scala/org/silkframework/runtime/plugin/ParameterType.scala index d317d8f38a..f3340bbe7f 100644 --- a/silk-core/src/main/scala/org/silkframework/runtime/plugin/ParameterType.scala +++ b/silk-core/src/main/scala/org/silkframework/runtime/plugin/ParameterType.scala @@ -18,6 +18,7 @@ import java.util.logging.{Level, Logger} import javax.crypto.SecretKey import scala.language.existentials import scala.reflect.ClassTag +import scala.util.control.NonFatal import scala.util.{Failure, Success, Try} /** Represents a plugin parameter type and provides serialization. */ @@ -663,7 +664,7 @@ object StringParameterType { } object PasswordParameterType extends StringParameterType[PasswordParameter] { - // This preamble should be added to all serializations to mark the string as a encrypted password, else it will be interpreted as plain + // This preamble should be added to all serializations to mark the string as an encrypted password, else it will be interpreted as plain final val PREAMBLE = "PASSWORD_PARAMETER:" final val CONFIG_KEY = "plugin.parameters.password.crypt.key" @@ -698,7 +699,10 @@ object StringParameterType { val encryptedPassword = if (str == null || str == "") { str // Handle empty string as empty password and vice versa } else if (str.startsWith(PREAMBLE)) { - str.stripPrefix(PREAMBLE) + val encryptedPassword = str.stripPrefix(PREAMBLE) + // Test that it can be decrypted + PasswordParameter.decrypt(encryptedPassword) + encryptedPassword } else { AesCrypto.encrypt(key, str) } diff --git a/silk-core/src/main/scala/org/silkframework/runtime/plugin/types/PasswordParameter.scala b/silk-core/src/main/scala/org/silkframework/runtime/plugin/types/PasswordParameter.scala index 70b7639043..ecf4f8a959 100644 --- a/silk-core/src/main/scala/org/silkframework/runtime/plugin/types/PasswordParameter.scala +++ b/silk-core/src/main/scala/org/silkframework/runtime/plugin/types/PasswordParameter.scala @@ -15,7 +15,6 @@ import javax.crypto.BadPaddingException * @param encryptedValue The AES encrypted Base64-encoded password */ case class PasswordParameter(encryptedValue: String) { - private val log: Logger = Logger.getLogger(getClass.getName) override def toString: String = if(encryptedValue == null || encryptedValue == "") { encryptedValue // Handle empty string as empty password and vice versa @@ -24,20 +23,7 @@ case class PasswordParameter(encryptedValue: String) { } def decryptedString: String = { - if(encryptedValue == null || encryptedValue == "") { - encryptedValue // Handle empty string as empty password and vice versa - } else { - try { - AesCrypto.decrypt(PasswordParameterType.key, encryptedValue) - } catch { - case ex: InvalidKeyException => - throw AbortExecutionException(s"The password parameter encryption key is invalid. Value for " + - s"${PasswordParameterType.CONFIG_KEY} needs to be a character string of length 16.", cause = Some(ex)) - case _: BadPaddingException => - throw AbortExecutionException(s"Password parameter value could not be decrypted. If the value for config key ${PasswordParameterType.CONFIG_KEY} has been changed, " + - s"all passwords for the operator need to be re-entered.") - } - } + PasswordParameter.decrypt(encryptedValue) } } @@ -51,4 +37,20 @@ object PasswordParameter { ) } + def decrypt(encryptedValue: String): String = { + if(encryptedValue == null || encryptedValue == "") { + encryptedValue // Handle empty string as empty password and vice versa + } else { + try { + AesCrypto.decrypt(PasswordParameterType.key, encryptedValue) + } catch { + case ex: InvalidKeyException => + throw AbortExecutionException(s"The password parameter encryption key is invalid. Value for " + + s"${PasswordParameterType.CONFIG_KEY} needs to be a character string of length 16.", cause = Some(ex)) + case _: BadPaddingException => + throw AbortExecutionException(s"Password parameter value could not be decrypted. If the value for config key ${PasswordParameterType.CONFIG_KEY} has been changed, " + + s"all passwords for the operator need to be re-entered.") + } + } + } }