CopyKeys.java

// CopyKeys
// migration script that copies keys generated by one source into another one
// typically used when switching authentication back-ends such that
// encrypted content is still available
//
// Author: Simon Urbanek

package com.att.research.RCloud;

import java.io.IOException;
import java.io.OutputStream;
import java.io.InputStream;
import java.io.FileInputStream;
import java.io.File;
import java.io.FileReader;
import java.io.BufferedReader;
import java.net.InetSocketAddress;
import java.net.InetAddress;
import java.net.URI;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.Map;
import java.util.HashMap;
import java.util.Date;
import java.util.StringTokenizer;
import java.util.concurrent.Executors;
import java.security.MessageDigest;
import java.security.SecureRandom;

import com.sun.net.httpserver.Headers;
import com.sun.net.httpserver.HttpExchange;
import com.sun.net.httpserver.HttpHandler;
import com.sun.net.httpserver.HttpServer;
import com.sun.net.httpserver.HttpsServer;
import com.sun.net.httpserver.HttpsConfigurator;
import com.sun.net.httpserver.HttpsParameters;

import javax.net.ssl.SSLContext;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLParameters;

import com.sleepycat.je.DatabaseException;
import com.sleepycat.je.Environment;
import com.sleepycat.je.EnvironmentConfig;
import com.sleepycat.je.Database;
import com.sleepycat.je.DatabaseConfig;
import com.sleepycat.je.DatabaseEntry;
import com.sleepycat.je.LockMode;
import com.sleepycat.je.OperationStatus;

public class CopyKeys {
    public static final String version = "1.4";
    public static String default_module = "pam", pam_realm = null;
    public static void main(String[] args) throws IOException, DatabaseException {
	int i = 0;
	String bdb = null, src = null, dst = null;
        boolean overwrite = false, list = false;
	while (i < args.length) {
	    if (args[i].equals("-d") && ++i < args.length) bdb = args[i];
            else if (args[i].equals("-o"))
                overwrite = true;
            else if (args[i].equals("-l"))
                list = true;
	    else if (args[i].equals("-h")) {
		System.out.println("\n Usage: CopyKeys -d <db-path> [-o] <from> <to>\n            -d <db-path> -l\n\n");
		System.exit(0);
	    } else if (src == null)
		src = args[i];
	    else if (dst == null)
		dst = args[i];
	    else {
		System.err.println("\nERROR: superfluous argument: " + args[i]);
		System.exit(1);
	    }
	    i++;
	}
	if (bdb == null || (!list && (src == null || dst == null))) {
	    System.err.println("\nERROR: db-path, from and to are mandatory - see -h if in doubt.");
	    System.exit(1);
	}

        if (src != null && src.equals(dst)) {
	    System.err.println("\nERROR: <from> and <to> must be different.");
	    System.exit(1);
        }
        
	Environment env;
	Database db;

        EnvironmentConfig envConfig = new EnvironmentConfig();
        envConfig.setAllowCreate(true);
        env = new Environment(new File(bdb), envConfig);
        DatabaseConfig dbConfig = new DatabaseConfig();
        dbConfig.setAllowCreate(true);
        db = env.openDatabase(null, "sessionKeyStore", dbConfig);

        int copied = 0;
        
        com.sleepycat.je.DiskOrderedCursor cur = db.openCursor(null);
        DatabaseEntry key = new DatabaseEntry(), val = new DatabaseEntry();
        while (cur.getNext(key, val, null) == OperationStatus.SUCCESS) {
            String s = (key.getData() == null) ? null : new String(key.getData(), "UTF-8");
            if (s != null && s.startsWith("k:")) { // key entry
                if (list)
                    System.out.println("KEY: "+s+"\n");
                else if ((i = s.indexOf("\n")) > 0) {
                    int j = s.indexOf("\n", i + 1);
                    if (j > 0) {
                        String old_source = s.substring(i + 1, j);
                        if (old_source.equals(src)) {
                            boolean do_copy = false;
                            String new_key = s.substring(0, i + 1) + dst + s.substring(j);
                            if (overwrite)
                                do_copy = true;
                            else {
                                DatabaseEntry theKey = new DatabaseEntry(new_key.getBytes("UTF-8"));
                                DatabaseEntry theData = new DatabaseEntry();
                                if (db.get(null, theKey, theData, LockMode.DEFAULT) == OperationStatus.SUCCESS) {
                                    System.out.println("NOTE: " + s.substring(0, i) + " key exists, NOT overwriting");
                                    if (!theData.equals(val))
                                        System.err.println("WARN: " + s.substring(0, i) + " keys for from and to differ");
                                } else do_copy = true;
                            }
                            if (do_copy) {
                                System.out.println("INFO: copying key for " + s.substring(0, i));
                                DatabaseEntry theKey = new DatabaseEntry(new_key.getBytes("UTF-8"));
                                db.put(null, theKey, val);
                                copied++;
                            }
                        }
                    }
                }
            }
        }
        env.flushLog(true);
        cur.close();
    }
}