use of com.quorum.tessera.config.PrivateKeyData in project tessera by ConsenSys.
the class KeyEncryptorImpl method encryptPrivateKey.
@Override
public PrivateKeyData encryptPrivateKey(final PrivateKey privateKey, final char[] password, final ArgonOptions argonOptions) {
LOGGER.info("Encrypting a private key");
LOGGER.debug("Encrypting private key {} using password {}", privateKey, password);
final byte[] salt = new byte[KeyEncryptor.SALTLENGTH];
this.secureRandom.nextBytes(salt);
LOGGER.debug("Generated the random salt {}", Arrays.toString(salt));
final ArgonResult argonResult;
if (argonOptions == null) {
argonResult = this.argon2.hash(password, salt);
} else {
argonResult = this.argon2.hash(new com.quorum.tessera.argon2.ArgonOptions(argonOptions.getAlgorithm(), argonOptions.getIterations(), argonOptions.getMemory(), argonOptions.getParallelism()), password, salt);
}
final Nonce nonce = this.encryptor.randomNonce();
LOGGER.debug("Generated the random nonce {}", nonce);
final byte[] encryptedKey = this.encryptor.sealAfterPrecomputation(privateKey.getKeyBytes(), nonce, SharedKey.from(argonResult.getHash()));
LOGGER.info("Private key encrypted");
final String snonce = this.encoder.encodeToString(nonce.getNonceBytes());
final String asalt = this.encoder.encodeToString(salt);
final String sbox = this.encoder.encodeToString(encryptedKey);
return new PrivateKeyData(null, snonce, asalt, sbox, new ArgonOptions(argonResult.getOptions().getAlgorithm(), argonResult.getOptions().getIterations(), argonResult.getOptions().getMemory(), argonResult.getOptions().getParallelism()));
}
use of com.quorum.tessera.config.PrivateKeyData in project tessera by ConsenSys.
the class FilesystemKeyPairTest method getInlineKeypairReturnsKeysReadFromFile.
@Test
public void getInlineKeypairReturnsKeysReadFromFile() throws Exception {
Path pubFile = Files.createTempFile(UUID.randomUUID().toString(), ".pub");
Path privFile = Paths.get(getClass().getResource("/unlockedprivatekey.json").toURI());
String pub = "public";
Files.write(pubFile, pub.getBytes());
FilesystemKeyPair filesystemKeyPair = new FilesystemKeyPair(pubFile, privFile, keyEncryptor);
KeyDataConfig privKeyDataConfig = new KeyDataConfig(new PrivateKeyData("Wl+xSyXVuuqzpvznOS7dOobhcn4C5auxkFRi7yLtgtA=", null, null, null, null), PrivateKeyType.UNLOCKED);
InlineKeypair expected = new InlineKeypair(pub, privKeyDataConfig, keyEncryptor);
assertThat(filesystemKeyPair.getInlineKeypair()).isEqualToComparingFieldByFieldRecursively(expected);
assertThat(filesystemKeyPair.getPublicKey()).isEqualTo(pub);
assertThat(filesystemKeyPair.getPrivateKey()).isEqualTo("Wl+xSyXVuuqzpvznOS7dOobhcn4C5auxkFRi7yLtgtA=");
}
use of com.quorum.tessera.config.PrivateKeyData in project tessera by ConsenSys.
the class InlineKeypairTest method correctPasswordGetsCorrectKey.
@Test
public void correctPasswordGetsCorrectKey() {
PrivateKeyData privateKeyData = mock(PrivateKeyData.class);
final KeyDataConfig privKeyDataConfig = mock(KeyDataConfig.class);
when(privKeyDataConfig.getPrivateKeyData()).thenReturn(privateKeyData);
when(privKeyDataConfig.getType()).thenReturn(PrivateKeyType.LOCKED);
char[] validPassword = "testpassword".toCharArray();
PrivateKey privateKey = mock(PrivateKey.class);
when(privateKey.encodeToBase64()).thenReturn("SUCCESS");
when(keyEncryptor.decryptPrivateKey(privateKeyData, validPassword)).thenReturn(privateKey);
final InlineKeypair result = new InlineKeypair("public", privKeyDataConfig, keyEncryptor);
result.withPassword(validPassword);
assertThat(result.getPrivateKey()).isEqualTo("SUCCESS");
}
use of com.quorum.tessera.config.PrivateKeyData in project tessera by ConsenSys.
the class InlineKeypairTest method nullPasswordGivesNullKey.
@Test
public void nullPasswordGivesNullKey() {
PrivateKeyData privateKeyData = mock(PrivateKeyData.class);
final KeyDataConfig privKeyDataConfig = mock(KeyDataConfig.class);
when(privKeyDataConfig.getPrivateKeyData()).thenReturn(privateKeyData);
when(privKeyDataConfig.getType()).thenReturn(PrivateKeyType.LOCKED);
final InlineKeypair result = new InlineKeypair("public", privKeyDataConfig, keyEncryptor);
result.withPassword(null);
assertThat(result.getPrivateKey()).isNull();
verifyZeroInteractions(keyEncryptor);
}
use of com.quorum.tessera.config.PrivateKeyData in project tessera by ConsenSys.
the class KeyEncryptorTest method providingArgonOptionsEncryptsKey.
@Test
public void providingArgonOptionsEncryptsKey() {
final PrivateKey key = PrivateKey.from(new byte[] { 1, 2, 3, 4, 5 });
final char[] password = "pass".toCharArray();
final ArgonResult result = new ArgonResult(new com.quorum.tessera.argon2.ArgonOptions("i", 5, 6, 7), new byte[] {}, new byte[] {});
doReturn(result).when(argon2).hash(any(com.quorum.tessera.argon2.ArgonOptions.class), eq(password), any(byte[].class));
doReturn(new Nonce(new byte[] {})).when(encryptor).randomNonce();
doReturn(new byte[] {}).when(encryptor).sealAfterPrecomputation(any(byte[].class), any(Nonce.class), any(SharedKey.class));
final PrivateKeyData privateKey = this.keyEncryptor.encryptPrivateKey(key, password, new ArgonOptions("i", 5, 6, 7));
final ArgonOptions aopts = privateKey.getArgonOptions();
assertThat(privateKey.getSbox()).isNotNull();
assertThat(privateKey.getAsalt()).isNotNull();
assertThat(privateKey.getSnonce()).isNotNull();
assertThat(aopts).isNotNull();
assertThat(aopts.getIterations()).isNotNull().isEqualTo(5);
assertThat(aopts.getMemory()).isNotNull().isEqualTo(6);
assertThat(aopts.getParallelism()).isNotNull().isEqualTo(7);
assertThat(aopts.getAlgorithm()).isNotNull();
verify(argon2).hash(any(com.quorum.tessera.argon2.ArgonOptions.class), eq(password), any(byte[].class));
verify(encryptor).randomNonce();
verify(encryptor).sealAfterPrecomputation(any(byte[].class), any(Nonce.class), any(SharedKey.class));
}
Aggregations