-
Notifications
You must be signed in to change notification settings - Fork 373
Expand file tree
/
Copy pathencryptProperties.sh
More file actions
executable file
·74 lines (68 loc) · 2.93 KB
/
Copy pathencryptProperties.sh
File metadata and controls
executable file
·74 lines (68 loc) · 2.93 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
#!/bin/bash
# Create or display encrypted properties.
#
# Usage: encryptedProperties.sh {-display|-create} [encrypted_properties_filename]
# You can use the file 'encrypted.properties' in this directory
# as a sample if you so wish. That's what it defaults to.
USAGE="Usage: encryptedProperties.sh {-display|-create} [encrypted_properties_filename]"
if [[ -z "$esapi_classpath" ]]
then
echo >&2 "esapi_classpath not set. Did you dot the appropriate env file?"
echo >&2 "If you are using ESAPI from downloaded zip file, use:"
echo >&2 " . ./setenv-zip.sh"
echo >&2 "If you are using ESAPI pulled from SVN repository, use:"
echo >&2 " . ./setenv-git.sh"
exit 1
fi
case $1 in
-display|-create) action="$1" ;;
*) echo "Missing '-display' or '-create' arg."; echo $USAGE; exit 2 ;;
esac
filename=${2:-encrypted.properties}
case "$filename" in
/*) ;;
*) filename="$PWD/$filename" ;;
esac
if [[ -f "$filename" && "$action" == "-create" ]]
then echo "Output file '$filename' already exists; will not overwrite."
echo "Remove manually if you want it overwritten."
exit 1
elif [[ -f "$filename" && "$action" == "-display" ]]
then
[[ ! -s "$filename" ]] && { echo "file has zero size"; exit 1; }
else # File doesn't exist, so try to create it to see if we can write it.
> "$filename" || exit 1
fi
cd ../java
# Here, we want to use the ESAPI.properties in $esapi_resources_test since
# we know the Encryptor.MasterKey that it was encrypted with and we need
# to decrypt with the same one. The one in $esapi_resources doesn't have
# one set by default, and if 'setMasterKey.sh' is called first to create
# that property, it will differ what was used in the 'encrypted.properties'
# file.
if [[ "$action" == "-display" ]]
then
set -x
java -Dorg.owasp.esapi.resources="$esapi_resources_test" \
-classpath "$esapi_classpath" \
DisplayEncryptedProperties "$filename"
else
echo
echo ======================= Instructions ======================
echo "When you see 'Enter key: ', enter the property name."
echo "When you see 'Enter value: ', enter the property value."
echo "The property value will be encrypted and the value will be in plaintext"
echo "and they will be placed in the specified output file."
echo "End entering key/value pairs by entering an empty key & value."
echo
echo "Using your TEST version of ESAPI.properties file: $esapi_resources_test/ESAPI.properties"
echo ===========================================================
echo
echo "Hit <Enter> to continue..."; read GO
set -x
java -Dorg.owasp.esapi.resources="$esapi_resources_test" \
-Djava.util.logging.config.file="$esapi_resources/esapi-java-logging.properties" \
-classpath "$esapi_classpath" \
org.owasp.esapi.reference.crypto.DefaultEncryptedProperties "$filename" &&
echo "Output of encrypted properties in file: $filename"
fi