Patched /tmp/tmpibsnat3l/src/com/ibm/security/appscan/altoromutual/util/DBUtil.java

patched.codes[bot] · patched.codes[bot] · commit 326dba32c3ef · 2024-08-02T10:01:07.000Z
diff --git a/src/com/ibm/security/appscan/altoromutual/util/DBUtil.java b/src/com/ibm/security/appscan/altoromutual/util/DBUtil.java
@@ -96,46 +96,65 @@ private DBUtil(){
 		}
 	}
 
-	private static Connection getConnection() throws SQLException{
-
-		if (instance == null)
-			instance = new DBUtil();
-		
-		if (instance.connection == null || instance.connection.isClosed()){
+	import com.google.cloud.kms.v1.KeyManagementServiceClient;
+	import com.google.cloud.kms.v1.CryptoKeyPathName;
+	import com.google.cloud.kms.v1.DecryptResponse;
+	import com.google.protobuf.ByteString;
+	
+		private static Connection getConnection() throws SQLException {
+	
+			if (instance == null)
+				instance = new DBUtil();
 			
-			//If there is a custom data source configured use it to initialize
-			if (instance.dataSource != null){
-				instance.connection = instance.dataSource.getConnection();	
+			if (instance.connection == null || instance.connection.isClosed()) {
 				
-				if (ServletUtil.isAppPropertyTrue("database.reinitializeOnStart")){
-					instance.initDB();
+				// If there is a custom data source configured use it to initialize
+				if (instance.dataSource != null) {
+					instance.connection = instance.dataSource.getConnection();	
+					
+					if (ServletUtil.isAppPropertyTrue("database.reinitializeOnStart")) {
+						instance.initDB();
+					}
+					return instance.connection;
 				}
-				return instance.connection;
-			}
-			
-			// otherwise initialize connection to the built-in Derby database
-			try {
-				//attempt to connect to the database
-				instance.connection = DriverManager.getConnection(PROTOCOL+"altoro");
 				
-				if (ServletUtil.isAppPropertyTrue("database.reinitializeOnStart")){
-					instance.initDB();
-				}
-			} catch (SQLException e){
-				//if database does not exist, create it an initialize it
-				if (e.getErrorCode() == 40000){
-					instance.connection = DriverManager.getConnection(PROTOCOL+"altoro;create=true");
-					instance.initDB();
-				//otherwise pass along the exception
-				} else {
-					throw e;
+				// Otherwise initialize connection to the built-in Derby database
+				try {
+					// Retrieve the database connection string from KMS
+					String projectId = "your-project-id";
+					String locationId = "your-location-id";
+					String keyRingId = "your-key-ring-id";
+					String cryptoKeyId = "your-crypto-key-id";
+	
+					KeyManagementServiceClient client = KeyManagementServiceClient.create();
+					CryptoKeyPathName keyName = CryptoKeyPathName.of(projectId, locationId, keyRingId, cryptoKeyId);
+	
+					byte[] ciphertext = Base64.getDecoder().decode("your-base64-encoded-ciphertext");
+					DecryptResponse response = client.decrypt(keyName, ByteString.copyFrom(ciphertext));
+					String connectionString = response.getPlaintext().toStringUtf8();
+	
+					// Attempt to connect to the database
+					instance.connection = DriverManager.getConnection(connectionString);
+					
+					if (ServletUtil.isAppPropertyTrue("database.reinitializeOnStart")) {
+						instance.initDB();
+					}
+				} catch (SQLException e) {
+					// If database does not exist, create it and initialize it
+					if (e.getErrorCode() == 40000) {
+						// Similar retrieval for creation connection string if needed.
+						instance.connection = DriverManager.getConnection(PROTOCOL + "altoro;create=true");
+						instance.initDB();
+					} else {
+						throw e;
+					}
+				} catch (IOException e) {
+					throw new SQLException("Failed to retrieve database connection string from KMS", e);
 				}
 			}
-
+			
+			return instance.connection;	
 		}
-		
-		return instance.connection;	
-	}
 	
 	/*
 	 * Create and initialize the database
