1 /* 2 * Licensed to the Apache Software Foundation (ASF) under one or more 3 * contributor license agreements. See the NOTICE file distributed with 4 * this work for additional information regarding copyright ownership. 5 * The ASF licenses this file to You under the Apache license, Version 2.0 6 * (the "License"); you may not use this file except in compliance with 7 * the License. You may obtain a copy of the License at 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the license for the specific language governing permissions and 15 * limitations under the license. 16 */ 17 package org.apache.logging.log4j.core.net.ssl; 18 19 import java.io.IOException; 20 import java.nio.ByteBuffer; 21 import java.nio.CharBuffer; 22 import java.nio.charset.Charset; 23 import java.nio.file.Files; 24 import java.nio.file.NoSuchFileException; 25 import java.nio.file.Path; 26 import java.nio.file.Paths; 27 import java.util.Arrays; 28 29 /** 30 * PasswordProvider that reads password from a file. 31 * <p> 32 * This is a relatively secure way to handle passwords: 33 * <ul> 34 * <li>Managing file access privileges can be delegated to the operating system.</li> 35 * <li>The password file can be in a separate location from the logging configuration. 36 * This gives flexibility to have different passwords in different environments while 37 * using the same logging configuration. It also allows for separation of responsibilities: 38 * developers don't need to know the password that is used in the production environment.</li> 39 * <li>There is only a small window of opportunity for attackers to obtain the password from a memory 40 * dump: the password data is only resident in memory from the moment the caller calls the 41 * {@link #getPassword()} method and the password file is read until the moment that the caller 42 * completes authentication and overwrites the password char[] array.</li> 43 * </ul> 44 * </p><p> 45 * Less secure implementations are {@link MemoryPasswordProvider} and {@link EnvironmentPasswordProvider}. 46 * </p> 47 */ 48 class FilePasswordProvider implements PasswordProvider { 49 private final Path passwordPath; 50 51 /** 52 * Constructs a new FilePasswordProvider with the specified path. 53 * @param passwordFile the path to the password file 54 * @throws NoSuchFileException if the password file does not exist when this FilePasswordProvider is constructed 55 */ 56 public FilePasswordProvider(final String passwordFile) throws NoSuchFileException { 57 this.passwordPath = Paths.get(passwordFile); 58 if (!Files.exists(passwordPath)) { 59 throw new NoSuchFileException("PasswordFile '" + passwordFile + "' does not exist"); 60 } 61 } 62 63 @Override 64 public char[] getPassword() { 65 byte[] bytes = null; 66 try { 67 bytes = Files.readAllBytes(passwordPath); 68 final ByteBuffer bb = ByteBuffer.wrap(bytes); 69 final CharBuffer decoded = Charset.defaultCharset().decode(bb); 70 final char[] result = new char[decoded.limit()]; 71 decoded.get(result, 0, result.length); 72 decoded.rewind(); 73 decoded.put(new char[result.length]); // erase decoded CharBuffer 74 return result; 75 } catch (final IOException e) { 76 throw new IllegalStateException("Could not read password from " + passwordPath + ": " + e, e); 77 } finally { 78 if (bytes != null) { 79 Arrays.fill(bytes, (byte) 0x0); 80 } 81 } 82 } 83 }