Example 11 with KeyDataConfig
use of com.quorum.tessera.config.KeyDataConfig in project tessera by ConsenSys.
the class PicoCliDelegateTest method updatingPasswordsDoesntProcessOtherOptions.
@Test
public void updatingPasswordsDoesntProcessOtherOptions() throws Exception {
final InputStream oldIn = System.in;
final InputStream inputStream = new ByteArrayInputStream((System.lineSeparator() + System.lineSeparator()).getBytes());
System.setIn(inputStream);
final KeyDataConfig startingKey = JaxbUtil.unmarshal(getClass().getResourceAsStream("/lockedprivatekey.json"), KeyDataConfig.class);
final Path key = Files.createTempFile("key", ".key");
Files.write(key, JaxbUtil.marshalToString(startingKey).getBytes());
final CliResult result = cliDelegate.execute("-updatepassword", "--keys.keyData.privateKeyPath", key.toString(), "--keys.passwords", "testpassword");
assertThat(result).isNotNull();
System.setIn(oldIn);
}
Also used :
Path(java.nio.file.Path)
KeyDataConfig(com.quorum.tessera.config.KeyDataConfig)
ByteArrayInputStream(java.io.ByteArrayInputStream)
CliResult(com.quorum.tessera.cli.CliResult)
ByteArrayInputStream(java.io.ByteArrayInputStream)
InputStream(java.io.InputStream)
Test(org.junit.Test)
Example 12 with KeyDataConfig
use of com.quorum.tessera.config.KeyDataConfig in project tessera by ConsenSys.
the class FileKeyGenerator method generate.
@Override
public FilesystemKeyPair generate(final String filename, final ArgonOptions encryptionOptions, final KeyVaultOptions keyVaultOptions) {
final char[] password = this.passwordReader.requestUserPassword();
final KeyPair generated = this.encryptor.generateNewKeys();
final String publicKeyBase64 = Base64.getEncoder().encodeToString(generated.getPublicKey().getKeyBytes());
final KeyData finalKeys = new KeyData();
final KeyDataConfig keyDataConfig;
if (password.length > 0) {
final PrivateKeyData encryptedPrivateKey = this.keyEncryptor.encryptPrivateKey(generated.getPrivateKey(), password, encryptionOptions);
keyDataConfig = new KeyDataConfig(new PrivateKeyData(null, encryptedPrivateKey.getSnonce(), encryptedPrivateKey.getAsalt(), encryptedPrivateKey.getSbox(), encryptedPrivateKey.getArgonOptions()), LOCKED);
LOGGER.info("Newly generated private key has been encrypted");
} else {
String keyData = Base64.getEncoder().encodeToString(generated.getPrivateKey().getKeyBytes());
keyDataConfig = new KeyDataConfig(new PrivateKeyData(keyData, null, null, null, null), UNLOCKED);
}
finalKeys.setConfig(keyDataConfig);
finalKeys.setPrivateKey(generated.getPrivateKey().encodeToBase64());
finalKeys.setPublicKey(publicKeyBase64);
final String privateKeyJson = JaxbUtil.marshalToString(finalKeys.getConfig());
final Path resolvedPath = Paths.get(filename).toAbsolutePath();
final Path parentPath;
if (EMPTY_FILENAME.equals(filename)) {
parentPath = resolvedPath;
} else {
parentPath = resolvedPath.getParent();
}
final Path publicKeyPath = parentPath.resolve(filename + ".pub");
final Path privateKeyPath = parentPath.resolve(filename + ".key");
IOCallback.execute(() -> Files.write(publicKeyPath, publicKeyBase64.getBytes(UTF_8), CREATE_NEW));
IOCallback.execute(() -> Files.write(privateKeyPath, privateKeyJson.getBytes(UTF_8), CREATE_NEW));
LOGGER.info("Saved public key to {}", publicKeyPath.toAbsolutePath().toString());
LOGGER.info("Saved private key to {}", privateKeyPath.toAbsolutePath().toString());
final FilesystemKeyPair keyPair = new FilesystemKeyPair(publicKeyPath, privateKeyPath, keyEncryptor);
keyPair.withPassword(password);
return keyPair;
}
Also used :
Path(java.nio.file.Path)
KeyDataConfig(com.quorum.tessera.config.KeyDataConfig)
KeyPair(com.quorum.tessera.encryption.KeyPair)
FilesystemKeyPair(com.quorum.tessera.config.keypairs.FilesystemKeyPair)
PrivateKeyData(com.quorum.tessera.config.PrivateKeyData)
FilesystemKeyPair(com.quorum.tessera.config.keypairs.FilesystemKeyPair)
KeyData(com.quorum.tessera.config.KeyData)
PrivateKeyData(com.quorum.tessera.config.PrivateKeyData)
Example 13 with KeyDataConfig
use of com.quorum.tessera.config.KeyDataConfig in project tessera by ConsenSys.
the class UnsupportedKeyPairValidatorTest method directViolationIsDefaultIfNoDirectPrivateEvenIfMultipleIncompleteKeyPairTypesProvided.
@Test
public void directViolationIsDefaultIfNoDirectPrivateEvenIfMultipleIncompleteKeyPairTypesProvided() {
KeyDataConfig keyDataConfig = mock(KeyDataConfig.class);
Path path = mock(Path.class);
keyPair.setConfig(keyDataConfig);
keyPair.setPublicKey("public");
keyPair.setPublicKeyPath(path);
keyPair.setAzureVaultPublicKeyId("pubAzure");
keyPair.setHashicorpVaultPublicKeyId("pubHashicorp");
keyPair.setAwsSecretsManagerPublicKeyId("pubAWS");
validator.isValid(keyPair, context);
verify(context).buildConstraintViolationWithTemplate("{UnsupportedKeyPair.bothDirectKeysRequired.message}");
}
Also used :
Path(java.nio.file.Path)
KeyDataConfig(com.quorum.tessera.config.KeyDataConfig)
Test(org.junit.Test)
Example 14 with KeyDataConfig
use of com.quorum.tessera.config.KeyDataConfig in project tessera by ConsenSys.
the class InlineKeypairTest method unlockedKeyGetsValue.
@Test
public void unlockedKeyGetsValue() {
PrivateKeyData privateKeyData = mock(PrivateKeyData.class);
final KeyDataConfig privKeyDataConfig = mock(KeyDataConfig.class);
when(privKeyDataConfig.getPrivateKeyData()).thenReturn(privateKeyData);
when(privKeyDataConfig.getType()).thenReturn(PrivateKeyType.UNLOCKED);
String value = "I love sparrows";
when(privKeyDataConfig.getValue()).thenReturn(value);
final InlineKeypair result = new InlineKeypair("public", privKeyDataConfig, keyEncryptor);
assertThat(result.getPrivateKey()).isEqualTo(value);
verifyZeroInteractions(keyEncryptor);
}
Also used :
KeyDataConfig(com.quorum.tessera.config.KeyDataConfig)
PrivateKeyData(com.quorum.tessera.config.PrivateKeyData)
Test(org.junit.Test)
Example 15 with KeyDataConfig
use of com.quorum.tessera.config.KeyDataConfig in project tessera by ConsenSys.
the class InlineKeypairTest method updatingPasswordsAttemptsToDecryptAgain.
@Test
public void updatingPasswordsAttemptsToDecryptAgain() {
PrivateKeyData privateKeyData = mock(PrivateKeyData.class);
final KeyDataConfig privKeyDataConfig = mock(KeyDataConfig.class);
when(privKeyDataConfig.getPrivateKeyData()).thenReturn(privateKeyData);
when(privKeyDataConfig.getType()).thenReturn(PrivateKeyType.LOCKED);
when(keyEncryptor.decryptPrivateKey(privateKeyData, "wrong-password".toCharArray())).thenThrow(new EncryptorException("WHAT YOU TALKING ABOUT WILLIS"));
final InlineKeypair inlineKeypair = new InlineKeypair("public", privKeyDataConfig, keyEncryptor);
inlineKeypair.withPassword("wrong-password".toCharArray());
String result = inlineKeypair.getPrivateKey();
assertThat(result).isEqualTo("NACL_FAILURE");
// change password and attempt again
inlineKeypair.withPassword("testpassword".toCharArray());
PrivateKey privateKey = mock(PrivateKey.class);
when(privateKey.encodeToBase64()).thenReturn("SUCCESS");
when(keyEncryptor.decryptPrivateKey(privateKeyData, "testpassword".toCharArray())).thenReturn(privateKey);
assertThat(inlineKeypair.getPrivateKey()).isEqualTo("SUCCESS");
verify(keyEncryptor).decryptPrivateKey(privateKeyData, "wrong-password".toCharArray());
verify(keyEncryptor).decryptPrivateKey(privateKeyData, "testpassword".toCharArray());
}
Also used :
KeyDataConfig(com.quorum.tessera.config.KeyDataConfig)
PrivateKey(com.quorum.tessera.encryption.PrivateKey)
PrivateKeyData(com.quorum.tessera.config.PrivateKeyData)
EncryptorException(com.quorum.tessera.encryption.EncryptorException)
Test(org.junit.Test)
Aggregations
KeyDataConfig (com.quorum.tessera.config.KeyDataConfig)18
Test (org.junit.Test)17
PrivateKeyData (com.quorum.tessera.config.PrivateKeyData)13
Path (java.nio.file.Path)7
KeyData (com.quorum.tessera.config.KeyData)6
KeyEncryptor (com.quorum.tessera.config.keys.KeyEncryptor)3
PrivateKey (com.quorum.tessera.encryption.PrivateKey)3
FilesystemKeyPair (com.quorum.tessera.config.keypairs.FilesystemKeyPair)2
EncryptorException (com.quorum.tessera.encryption.EncryptorException)2
CliResult (com.quorum.tessera.cli.CliResult)1
ArgonOptions (com.quorum.tessera.config.ArgonOptions)1
KeyPair (com.quorum.tessera.encryption.KeyPair)1
ByteArrayInputStream (java.io.ByteArrayInputStream)1
InputStream (java.io.InputStream)1
