Example 6 with PrivateKeyData
use of com.quorum.tessera.config.PrivateKeyData in project tessera by ConsenSys.
the class FileKeyGeneratorTest method generateFromKeyDataLockedPrivateKey.
@Test
public void generateFromKeyDataLockedPrivateKey() throws IOException {
when(passwordReader.requestUserPassword()).thenReturn("PASSWORD".toCharArray());
final Path tempFolder = Files.createTempDirectory(UUID.randomUUID().toString());
final String keyFilesName = tempFolder.resolve(UUID.randomUUID().toString()).toString();
doReturn(keyPair).when(encryptor).generateNewKeys();
final ArgonOptions argonOptions = new ArgonOptions("id", 1, 1, 1);
final PrivateKeyData encryptedPrivateKey = new PrivateKeyData(null, null, null, null, argonOptions);
doReturn(encryptedPrivateKey).when(keyEncryptor).encryptPrivateKey(any(PrivateKey.class), any(), eq(null));
final PrivateKeyData encryptedKey = new PrivateKeyData(null, "snonce", "salt", "sbox", argonOptions);
doReturn(encryptedKey).when(keyEncryptor).encryptPrivateKey(any(PrivateKey.class), any(), eq(null));
final FilesystemKeyPair generated = generator.generate(keyFilesName, null, null);
final KeyDataConfig pkd = generated.getInlineKeypair().getPrivateKeyConfig();
assertThat(generated.getPublicKey()).isEqualTo("cHVibGljS2V5");
assertThat(pkd.getSbox()).isEqualTo("sbox");
assertThat(pkd.getSnonce()).isEqualTo("snonce");
assertThat(pkd.getAsalt()).isEqualTo("salt");
assertThat(pkd.getType()).isEqualTo(PrivateKeyType.LOCKED);
verify(keyEncryptor).encryptPrivateKey(any(PrivateKey.class), any(), eq(null));
verify(encryptor).generateNewKeys();
}
Also used :
Path(java.nio.file.Path)
KeyDataConfig(com.quorum.tessera.config.KeyDataConfig)
ArgonOptions(com.quorum.tessera.config.ArgonOptions)
PrivateKey(com.quorum.tessera.encryption.PrivateKey)
PrivateKeyData(com.quorum.tessera.config.PrivateKeyData)
FilesystemKeyPair(com.quorum.tessera.config.keypairs.FilesystemKeyPair)
Test(org.junit.Test)
Example 7 with PrivateKeyData
use of com.quorum.tessera.config.PrivateKeyData in project tessera by ConsenSys.
the class FileKeyGenerator method generate.
@Override
public FilesystemKeyPair generate(final String filename, final ArgonOptions encryptionOptions, final KeyVaultOptions keyVaultOptions) {
final char[] password = this.passwordReader.requestUserPassword();
final KeyPair generated = this.encryptor.generateNewKeys();
final String publicKeyBase64 = Base64.getEncoder().encodeToString(generated.getPublicKey().getKeyBytes());
final KeyData finalKeys = new KeyData();
final KeyDataConfig keyDataConfig;
if (password.length > 0) {
final PrivateKeyData encryptedPrivateKey = this.keyEncryptor.encryptPrivateKey(generated.getPrivateKey(), password, encryptionOptions);
keyDataConfig = new KeyDataConfig(new PrivateKeyData(null, encryptedPrivateKey.getSnonce(), encryptedPrivateKey.getAsalt(), encryptedPrivateKey.getSbox(), encryptedPrivateKey.getArgonOptions()), LOCKED);
LOGGER.info("Newly generated private key has been encrypted");
} else {
String keyData = Base64.getEncoder().encodeToString(generated.getPrivateKey().getKeyBytes());
keyDataConfig = new KeyDataConfig(new PrivateKeyData(keyData, null, null, null, null), UNLOCKED);
}
finalKeys.setConfig(keyDataConfig);
finalKeys.setPrivateKey(generated.getPrivateKey().encodeToBase64());
finalKeys.setPublicKey(publicKeyBase64);
final String privateKeyJson = JaxbUtil.marshalToString(finalKeys.getConfig());
final Path resolvedPath = Paths.get(filename).toAbsolutePath();
final Path parentPath;
if (EMPTY_FILENAME.equals(filename)) {
parentPath = resolvedPath;
} else {
parentPath = resolvedPath.getParent();
}
final Path publicKeyPath = parentPath.resolve(filename + ".pub");
final Path privateKeyPath = parentPath.resolve(filename + ".key");
IOCallback.execute(() -> Files.write(publicKeyPath, publicKeyBase64.getBytes(UTF_8), CREATE_NEW));
IOCallback.execute(() -> Files.write(privateKeyPath, privateKeyJson.getBytes(UTF_8), CREATE_NEW));
LOGGER.info("Saved public key to {}", publicKeyPath.toAbsolutePath().toString());
LOGGER.info("Saved private key to {}", privateKeyPath.toAbsolutePath().toString());
final FilesystemKeyPair keyPair = new FilesystemKeyPair(publicKeyPath, privateKeyPath, keyEncryptor);
keyPair.withPassword(password);
return keyPair;
}
Also used :
Path(java.nio.file.Path)
KeyDataConfig(com.quorum.tessera.config.KeyDataConfig)
KeyPair(com.quorum.tessera.encryption.KeyPair)
FilesystemKeyPair(com.quorum.tessera.config.keypairs.FilesystemKeyPair)
PrivateKeyData(com.quorum.tessera.config.PrivateKeyData)
FilesystemKeyPair(com.quorum.tessera.config.keypairs.FilesystemKeyPair)
KeyData(com.quorum.tessera.config.KeyData)
PrivateKeyData(com.quorum.tessera.config.PrivateKeyData)
Example 8 with PrivateKeyData
use of com.quorum.tessera.config.PrivateKeyData in project tessera by ConsenSys.
the class InlineKeypair method getPrivateKey.
@Override
@NotNull
@Size(min = 1)
@ValidBase64(message = "Invalid Base64 key provided")
@Pattern(regexp = "^((?!NACL_FAILURE).)*$", message = "Could not decrypt the private key with the provided password, please double check the passwords provided")
public String getPrivateKey() {
final PrivateKeyData pkd = privateKeyConfig.getPrivateKeyData();
if (privateKeyConfig.getType() == UNLOCKED) {
return privateKeyConfig.getValue();
}
if (this.cachedValue == null || !Objects.equals(this.cachedPassword, this.password)) {
if (password != null) {
try {
this.cachedValue = keyEncryptor.decryptPrivateKey(pkd, password).encodeToBase64();
} catch (final EncryptorException ex) {
this.cachedValue = "NACL_FAILURE";
}
}
}
this.cachedPassword = this.password;
return this.cachedValue;
}
Also used :
PrivateKeyData(com.quorum.tessera.config.PrivateKeyData)
EncryptorException(com.quorum.tessera.encryption.EncryptorException)
Pattern(jakarta.validation.constraints.Pattern)
Size(jakarta.validation.constraints.Size)
ValidBase64(com.quorum.tessera.config.constraints.ValidBase64)
NotNull(jakarta.validation.constraints.NotNull)
Example 9 with PrivateKeyData
use of com.quorum.tessera.config.PrivateKeyData in project tessera by ConsenSys.
the class FileKeyGeneratorTest method providingPathThatExistsThrowsError.
@Test
public void providingPathThatExistsThrowsError() throws IOException {
final Path tempFolder = Files.createTempDirectory(UUID.randomUUID().toString());
final String keyFilesName = tempFolder.resolve("key").toString();
tempFolder.toFile().setWritable(false);
doReturn(keyPair).when(encryptor).generateNewKeys();
doReturn(new PrivateKeyData("", "", "", "", new ArgonOptions("", 1, 1, 1))).when(keyEncryptor).encryptPrivateKey(any(PrivateKey.class), any(), eq(null));
final Throwable throwable = catchThrowable(() -> generator.generate(keyFilesName, null, null));
assertThat(throwable).isInstanceOf(UncheckedIOException.class);
assertThat(Files.exists(tempFolder.resolve("key.pub"))).isFalse();
assertThat(Files.exists(tempFolder.resolve("key.key"))).isFalse();
verify(encryptor).generateNewKeys();
}
Also used :
Path(java.nio.file.Path)
ArgonOptions(com.quorum.tessera.config.ArgonOptions)
PrivateKey(com.quorum.tessera.encryption.PrivateKey)
PrivateKeyData(com.quorum.tessera.config.PrivateKeyData)
Assertions.catchThrowable(org.assertj.core.api.Assertions.catchThrowable)
Test(org.junit.Test)
Example 10 with PrivateKeyData
use of com.quorum.tessera.config.PrivateKeyData in project tessera by ConsenSys.
the class InlineKeypairTest method unlockedKeyGetsValue.
@Test
public void unlockedKeyGetsValue() {
PrivateKeyData privateKeyData = mock(PrivateKeyData.class);
final KeyDataConfig privKeyDataConfig = mock(KeyDataConfig.class);
when(privKeyDataConfig.getPrivateKeyData()).thenReturn(privateKeyData);
when(privKeyDataConfig.getType()).thenReturn(PrivateKeyType.UNLOCKED);
String value = "I love sparrows";
when(privKeyDataConfig.getValue()).thenReturn(value);
final InlineKeypair result = new InlineKeypair("public", privKeyDataConfig, keyEncryptor);
assertThat(result.getPrivateKey()).isEqualTo(value);
verifyZeroInteractions(keyEncryptor);
}
Also used :
KeyDataConfig(com.quorum.tessera.config.KeyDataConfig)
PrivateKeyData(com.quorum.tessera.config.PrivateKeyData)
Test(org.junit.Test)
Aggregations
PrivateKeyData (com.quorum.tessera.config.PrivateKeyData)15
Test (org.junit.Test)12
KeyDataConfig (com.quorum.tessera.config.KeyDataConfig)8
PrivateKey (com.quorum.tessera.encryption.PrivateKey)8
ArgonOptions (com.quorum.tessera.config.ArgonOptions)7
ArgonResult (com.quorum.tessera.argon2.ArgonResult)4
Nonce (com.quorum.tessera.encryption.Nonce)4
Path (java.nio.file.Path)4
EncryptorException (com.quorum.tessera.encryption.EncryptorException)3
SharedKey (com.quorum.tessera.encryption.SharedKey)3
FilesystemKeyPair (com.quorum.tessera.config.keypairs.FilesystemKeyPair)2
KeyData (com.quorum.tessera.config.KeyData)1
ValidBase64 (com.quorum.tessera.config.constraints.ValidBase64)1
KeyPair (com.quorum.tessera.encryption.KeyPair)1
NotNull (jakarta.validation.constraints.NotNull)1
Pattern (jakarta.validation.constraints.Pattern)1
Size (jakarta.validation.constraints.Size)1
Assertions.catchThrowable (org.assertj.core.api.Assertions.catchThrowable)1
