From 431199c17c1884d2d6f4e9f6b3d287c3aa44cef1 Mon Sep 17 00:00:00 2001
From: Binara-Sachin <binara.sachin@gmail.com>
Date: Wed, 4 Sep 2024 02:24:12 +0530
Subject: [PATCH] Enable support for cipher tool

---
 .../org/wso2/carbon/core/util/KeyStoreUtil.java    | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/core/org.wso2.carbon.core/src/main/java/org/wso2/carbon/core/util/KeyStoreUtil.java b/core/org.wso2.carbon.core/src/main/java/org/wso2/carbon/core/util/KeyStoreUtil.java
index 70d9ee52038..96407b2b309 100644
--- a/core/org.wso2.carbon.core/src/main/java/org/wso2/carbon/core/util/KeyStoreUtil.java
+++ b/core/org.wso2.carbon.core/src/main/java/org/wso2/carbon/core/util/KeyStoreUtil.java
@@ -25,6 +25,9 @@
 import org.wso2.carbon.core.RegistryResources;
 import org.wso2.carbon.core.internal.CarbonCoreDataHolder;
 import org.wso2.carbon.utils.ServerConstants;
+import org.wso2.securevault.SecretResolver;
+import org.wso2.securevault.SecretResolverFactory;
+import org.wso2.securevault.commons.MiscellaneousUtil;
 
 import java.io.File;
 import java.security.KeyStore;
@@ -202,7 +205,7 @@ public static String getCustomKeyStoreConfig(OMElement config, String propertyNa
         String configValue = config.getFirstChildWithName(getQNameWithCarbonNS(propertyName)).getText();
 
         if (RegistryResources.SecurityManagement.CustomKeyStore.PROP_LOCATION.equals(propertyName)) {
-            // Replace "{$carbon.home}" placeholder with proper location path
+            // Replace "{$carbon.home}" placeholder with proper location path.
             if (configValue.startsWith(RegistryResources.SecurityManagement.CARBON_HOME_PLACEHOLDER)) {
                 configValue = configValue.replace(RegistryResources.SecurityManagement.CARBON_HOME_PLACEHOLDER, "");
                 configValue = new File(".").getAbsolutePath() + configValue;
@@ -210,6 +213,15 @@ public static String getCustomKeyStoreConfig(OMElement config, String propertyNa
                 throw new CarbonException("Invalid key store location: " + configValue);
             }
         }
+        if (RegistryResources.SecurityManagement.CustomKeyStore.PROP_PASSWORD.equals(propertyName) ||
+                RegistryResources.SecurityManagement.CustomKeyStore.PROP_KEY_PASSWORD.equals(propertyName)) {
+            // Enable support for cipher tool.
+            SecretResolver secretResolver = SecretResolverFactory.create(config, true);
+            String resolvedValue = MiscellaneousUtil.resolve(configValue, secretResolver);
+            if (resolvedValue != null && !resolvedValue.isEmpty()) {
+                configValue = resolvedValue;
+            }
+        }
 
         return configValue;
     }