Produced by Araxis Merge on 12/5/2017 12:06:51 PM Central Standard Time. See www.araxis.com for information about Merge. This report uses XHTML and CSS2, and is best viewed with a modern standards-compliant browser. For optimum results when printing this report, use landscape orientation and enable printing of background images and colours in your browser.
| # | Location | File | Last Modified |
|---|---|---|---|
| 1 | IV-eHMP_CIF.zip\IMAG_Source\VISA\Java\VixGuiWebApp\main\src\java\gov\va\med\imaging\exchange | LogLineDecryptor.java | Mon Dec 4 21:34:30 2017 UTC |
| 2 | IV-eHMP_CIF.zip\IMAG_Source\VISA\Java\VixGuiWebApp\main\src\java\gov\va\med\imaging\exchange | LogLineDecryptor.java | Mon Dec 4 22:07:28 2017 UTC |
| Description | Between Files 1 and 2 |
|
|---|---|---|
| Text Blocks | Lines | |
| Unchanged | 3 | 418 |
| Changed | 2 | 4 |
| Inserted | 0 | 0 |
| Removed | 0 | 0 |
| Whitespace | |
|---|---|
| Character case | Differences in character case are significant |
| Line endings | Differences in line endings (CR and LF characters) are ignored |
| CR/LF characters | Not shown in the comparison detail |
No regular expressions were active.
| 1 | /** | |
| 2 | * | |
| 3 | Package: MAG - Vis tA Imaging | |
| 4 | WARNING: Per VHA D irective 2 004-038, t his routin e should n ot be modi fied. | |
| 5 | Date Cre ated: Mar 15, 2012 | |
| 6 | Site Nam e: Washin gton OI Fi eld Office , Silver S pring, MD | |
| 7 | Developer:
|
|
| 8 | Descript ion: | |
| 9 | ||
| 10 | ;; +-------- ---------- ---------- ---------- ---------- ---------- ---------- + | |
| 11 | ;; Property of the US Government . | |
| 12 | ;; No permis sion to co py or redi stribute t his softwa re is give n. | |
| 13 | ;; Use of un released v ersions of this soft ware requi res the us er | |
| 14 | ;; to execu te a writt en test ag reement wi th the Vis tA Imaging | |
| 15 | ;; Developm ent Office of the De partment o f Veterans Affairs, | |
| 16 | ;; telephon e (301) 73 4-0100. | |
| 17 | ;; | |
| 18 | ;; The Food and Drug A dministrat ion classi fies this software a s | |
| 19 | ;; a Class I I medical device. A s such, it may not b e changed | |
| 20 | ;; in any wa y. Modifi cations to this soft ware may r esult in a n | |
| 21 | ;; adulterat ed medical device un der 21CFR8 20, the us e of which | |
| 22 | ;; is consid ered to be a violati on of US F ederal Sta tutes. | |
| 23 | ;; +-------- ---------- ---------- ---------- ---------- ---------- ---------- + | |
| 24 | ||
| 25 | */ | |
| 26 | package go v.va.med.i maging.exc hange; | |
| 27 | ||
| 28 | import jav a.lang.ref lect.Invoc ationTarge tException ; | |
| 29 | import jav a.lang.ref lect.Metho d; | |
| 30 | import jav a.util.Has hMap; | |
| 31 | import jav a.util.Map ; | |
| 32 | import jav a.util.reg ex.Matcher ; | |
| 33 | import jav a.util.reg ex.Pattern ; | |
| 34 | ||
| 35 | import org .apache.lo gging.log4 j.LogManag er; | |
| 36 | import org .apache.lo gging.log4 j.Logger; | |
| 37 | ||
| 38 | /** | |
| 39 | * | |
| 40 | * The dec ryptor dec rypts each log line as decrypt () is call ed. | |
| 41 | * If the log line h as an encr ypted fiel d, i.e. it matches t he pattern , | |
| 42 | * then we create a decryptor using the name in th e log line and decry pt | |
| 43 | * field. | |
| 44 | * The dec ryptors ar e cached f or later u se, since most (usua lly all) o f the decr yption in the | |
| 45 | * log fil e should u se the sam e decrypti on. | |
| 46 | * | |
| 47 | * @author
|
|
| 48 | * | |
| 49 | */ | |
| 50 | public cla ss LogLine Decryptor | |
| 51 | { | |
| 52 | pr ivate tran sient Logg er logger = LogManag er.getLogg er(this.ge tClass()); | |
| 53 | ||
| 54 | // the encry pted field pattern m atch depen ds on havi ng BASE64 encoded en crypted fi eld values | |
| 55 | // that is A -Z a-z 0-9 / + | |
| 56 | // If we don 't use tha t characte r set for BASE64 enc oding than we need t o update t he REGEX | |
| 57 | // + is 0x2B | |
| 58 | // / is 0x2F | |
| 59 | // { is ox7B | |
| 60 | // } is 0x7D | |
| 61 | pr ivate stat ic final S tring DECR YPTION_PAT TERN_REGEX = "\\x7B( [\\w_]+)\\ x7D([A-Za- z0-9+/=]+) "; | |
| 62 | st atic final Pattern D ECRYPTION_ PATTERN = Pattern.co mpile(DECR YPTION_PAT TERN_REGEX ); | |
| 63 | st atic final int DECRY PTION_FIEL D_ENCRYPTO R_GROUP = 1; | |
| 64 | st atic final int DECRY PTION_FIEL D_VALUE_GR OUP = 2; | |
| 65 | ||
| 66 | pu blic stati c final St ring DEFAU LT_ENCRYPT ION_PACKAG E = "gov.v a.med.log4 j.encrypti on"; | |
| 67 | ||
| 68 | // IMPORTANT NOTE: | |
| 69 | // The decry ption clas s must hav e the foll owing meth ods, we ca n't rely o n the inte rface that declares these | |
| 70 | // to be ava ilable so we must us e reflecti on to vali date the d ecryption class and make the c alls. | |
| 71 | // Sometime soon we sh ould move the encryp ting layou t into the main code base and eliminate this ... m aybe | |
| 72 | // public ab stract byt e[] decryp t(byte[] e ncrypted); | |
| 73 | pu blic stati c final St ring DEFAU LT_DECRYPT ION_METHOD _NAME = "d ecrypt"; | |
| 74 | pu blic stati c final Cl ass<?>[] D ECRYPTION_ METHOD_PAR AMETER_TYP ES = new C lass<?>[]{ byte[].cla ss}; | |
| 75 | pu blic stati c final Cl ass<?> DEC RYPTION_ME THOD_RETUR N_TYPE = b yte[].clas s; | |
| 76 | // public ab stract byt e[] decode (String e ncoded); | |
| 77 | pu blic stati c final St ring DEFAU LT_DECODIN G_METHOD_N AME = "dec ode"; | |
| 78 | pu blic stati c final Cl ass<?>[] D ECODING_ME THOD_PARAM ETER_TYPES = new Cla ss<?>[]{St ring.class }; | |
| 79 | pu blic stati c final Cl ass<?> DEC ODING_METH OD_RETURN_ TYPE = byt e[].class; | |
| 80 | ||
| 81 | /* * | |
| 82 | * | |
| 83 | * / | |
| 84 | St ring decry ptLine(fin al String logLine) | |
| 85 | th rows Illeg alArgument Exception, IllegalAc cessExcept ion, Invoc ationTarge tException | |
| 86 | { | |
| 87 | // c ouldn't be encrypted , just ret urn it | |
| 88 | if(l ogLine == null || lo gLine.leng th() == 0) | |
| 89 | return logLine; | |
| 90 | ||
| 91 | Stri ngBuilder decryptedL ogLine = n ew StringB uilder(); | |
| 92 | ||
| 93 | int startClear TextIndex = 0; | |
| 94 | ||
| 95 | // s ee if elem ents in th e line mat ch the REG EX pattern for a lin e with a d ecrypted f ield, and if it | |
| 96 | // d oes then d ecrypt it and replac e it | |
| 97 | Matc her encryp tedFieldMa tcher = DE CRYPTION_P ATTERN.mat cher(logLi ne); | |
| 98 | logg er.debug(" Finding '" + encrypt edFieldMat cher.patte rn().toStr ing() + "' in '" + l ogLine + " '."); | |
| 99 | whil e( encrypt edFieldMat cher.find( ) ) | |
| 100 | { | |
| 101 | // cop y the clea r text bet ween the l ast match (or the be ginning) a nd the sta rt of this match | |
| 102 | String interveni ngClearTex t = logLin e.substrin g(startCle arTextInde x, encrypt edFieldMat cher.start ()); | |
| 103 | decryp tedLogLine .append(in terveningC learText); | |
| 104 | ||
| 105 | String encryptio nName = en cryptedFie ldMatcher. group(DECR YPTION_FIE LD_ENCRYPT OR_GROUP); | |
| 106 | String encrypted FieldValue = encrypt edFieldMat cher.group (DECRYPTIO N_FIELD_VA LUE_GROUP) ; | |
| 107 | logger .debug( "F ound encry pted field {" + encr yptionName + "}" + e ncryptedFi eldValue ) ; | |
| 108 | ||
| 109 | Decryp torInstanc e decrypto rInstance = getDecry ptorInstan ce(encrypt ionName); | |
| 110 | if( de cryptorIns tance != n ull ) | |
| 111 | { | |
| 112 | logger.d ebug( "Fou nd decrypt or for enc ryption ty pe " + enc ryptionNam e ); | |
| 113 | String d ecryptedFi eldValue = decryptor Instance.d ecodeAndDe crypt(encr yptedField Value); | |
| 114 | decrypte dLogLine.a ppend(decr yptedField Value); // copy the decrypted text into the string builder | |
| 115 | logger.d ebug( "Dec rypted usi ng encrypt ion type " + encrypt ionName ); | |
| 116 | } | |
| 117 | else | |
| 118 | { | |
| 119 | logger.w arn( "Unab le to decr ypt encryp tion type " + encryp tionName ) ; | |
| 120 | // copy the encryp ted field as is, we can't decr ypt it | |
| 121 | String e ncryptedFi eldText = logLine.su bstring(en cryptedFie ldMatcher. start(), e ncryptedFi eldMatcher .end()); | |
| 122 | decrypte dLogLine.a ppend(encr yptedField Text); | |
| 123 | } | |
| 124 | ||
| 125 | // kee p note of where we s topped so we can cop y an clear text | |
| 126 | startC learTextIn dex = encr yptedField Matcher.en d(); | |
| 127 | } | |
| 128 | ||
| 129 | // c opy any re maining te xt since t he last ma tch, or al l the text if no mat ches | |
| 130 | Stri ng interve ningClearT ext = logL ine.substr ing(startC learTextIn dex, logLi ne.length( )); | |
| 131 | decr yptedLogLi ne.append( intervenin gClearText ); | |
| 132 | ||
| 133 | retu rn decrypt edLogLine. toString() ; | |
| 134 | } | |
| 135 | ||
| 136 | // a simple caching me chanism so that we c reate 1 De cryptorIns tance to | |
| 137 | // do all of the decry ption that use the s ame decryp tor descri ption | |
| 138 | pr ivate Map< String, De cryptorIns tance> dec ryptorMap = new Hash Map<String , Decrypto rInstance> (); | |
| 139 | ||
| 140 | pr ivate Decr yptorInsta nce getDec ryptorInst ance(Strin g decrypto rName) | |
| 141 | { | |
| 142 | Decr yptorInsta nce decryp torInstanc e = decryp torMap.get (decryptor Name); | |
| 143 | if(d ecryptorIn stance == null) | |
| 144 | { | |
| 145 | decryp torInstanc e = create DecryptorI nstance(de cryptorNam e); | |
| 146 | if(dec ryptorInst ance != nu ll) | |
| 147 | decrypto rMap.put(d ecryptorNa me, decryp torInstanc e); | |
| 148 | } | |
| 149 | retu rn decrypt orInstance ; | |
| 150 | } | |
| 151 | ||
| 152 | /* * | |
| 153 | * Create an instance of a decry ptor from the name f ound in th e log file | |
| 154 | * / | |
| 155 | pr ivate Decr yptorInsta nce create DecryptorI nstance(St ring decry ptorName) | |
| 156 | { | |
| 157 | Stri ng decrypt orClassNam e = decryp torName.in dexOf('.') > 0 ? | |
| 158 | decryp torName : | |
| 159 | (DEFAU LT_ENCRYPT ION_PACKAG E + "." + decryptorN ame); | |
| 160 | ||
| 161 | try | |
| 162 | { | |
| 163 | Class< ?> decrypt orClass = Class.forN ame(decryp torClassNa me); | |
| 164 | Method decryptio nMethod = decryptorC lass.getMe thod(DEFAU LT_DECRYPT ION_METHOD _NAME, DEC RYPTION_ME THOD_PARAM ETER_TYPES ); | |
| 165 | if( DE CRYPTION_M ETHOD_RETU RN_TYPE != decryptio nMethod.ge tReturnTyp e()) | |
| 166 | throw ne w Exceptio n("decypti on method '" + DEFAU LT_DECRYPT ION_METHOD _NAME + "' does not return a " + DECRYPT ION_METHOD _RETURN_TY PE.getName () + " and must."); | |
| 167 | ||
| 168 | Method decodingM ethod = de cryptorCla ss.getMeth od(DEFAULT _DECODING_ METHOD_NAM E, DECODIN G_METHOD_P ARAMETER_T YPES); | |
| 169 | if( DE CODING_MET HOD_RETURN _TYPE != d ecryptionM ethod.getR eturnType( )) | |
| 170 | throw ne w Exceptio n("decodin g method ' " + DEFAUL T_DECRYPTI ON_METHOD_ NAME + "' does not r eturn a " + DECODING _METHOD_RE TURN_TYPE. getName() + " and mu st."); | |
| 171 | ||
| 172 | return new Decry ptorInstan ce(decrypt orClass.ne wInstance( ), decodin gMethod, d ecryptionM ethod); | |
| 173 | } | |
| 174 | catc h (Excepti on e) | |
| 175 | { | |
| 176 | logger .error("Un able to lo ad or crea te decrypt or of clas s '" + dec ryptorClas sName + ", encrypted fields wi ll not be decrypted. " + e.getM essage()); | |
| 177 | } | |
| 178 | retu rn null; | |
| 179 | } | |
| 180 | ||
| 181 | /* * | |
| 182 | * A simple value obje ct of the Decryptor instance a nd the met hod in the decryptor | |
| 183 | * to call t o do the d ecryption. | |
| 184 | * Also incl udes a con venience m ethod to d ecode and decrypt in one step. | |
| 185 | * / | |
| 186 | pr ivate clas s Decrypto rInstance | |
| 187 | { | |
| 188 | priv ate Object instance; | |
| 189 | priv ate Method decryptio nMethod; | |
| 190 | priv ate Method decodingM ethod; | |
| 191 | ||
| 192 | publ ic Decrypt orInstance (Object in stance, Me thod decod ingMethod, Method de cryptionMe thod) { | |
| 193 | super( ); | |
| 194 | this.i nstance = instance; | |
| 195 | this.d ecodingMet hod = deco dingMethod ; | |
| 196 | this.d ecryptionM ethod = de cryptionMe thod; | |
| 197 | } | |
| 198 | ||
| 199 | Stri ng decodeA ndDecrypt( String enc odedEncryp tedValue) | |
| 200 | thro ws Illegal ArgumentEx ception, I llegalAcce ssExceptio n, Invocat ionTargetE xception | |
| 201 | { | |
| 202 | byte[] decoded = (byte[]) decodingMe thod.invok e(instance , new Obje ct[]{encod edEncrypte dValue}); | |
| 203 | byte[] decrypted = (byte[] ) decrypti onMethod.i nvoke(inst ance, new Object[]{d ecoded}); | |
| 204 | if(dec rypted == null) | |
| 205 | return " "; | |
| 206 | String result = new String (decrypted ); | |
| 207 | ||
| 208 | return result.tr im(); | |
| 209 | } | |
| 210 | } | |
| 211 | } |
Araxis Merge (but not the data content of this report) is Copyright © 1993-2016 Araxis Ltd (www.araxis.com). All rights reserved.