Examples with AWSKeyPair com.quorum.tessera.config.keypairs.AWSKeyPair used on opensource projects

Search in sources :

Example 1 with AWSKeyPair

use of com.quorum.tessera.config.keypairs.AWSKeyPair in project tessera by ConsenSys.

the class KeyPairConverter method convert.

private KeyPair convert(ConfigKeyPair configKeyPair) {
    final String base64PublicKey;
    final String base64PrivateKey;
    if (configKeyPair instanceof AzureVaultKeyPair) {
        KeyVaultServiceFactory keyVaultServiceFactory = KeyVaultServiceFactory.getInstance(KeyVaultType.AZURE);
        KeyVaultService keyVaultService = keyVaultServiceFactory.create(config, envProvider);
        AzureVaultKeyPair akp = (AzureVaultKeyPair) configKeyPair;
        Map<String, String> getPublicKeyData = new HashMap<>(Map.of("secretName", akp.getPublicKeyId()));
        getPublicKeyData.put("secretVersion", akp.getPublicKeyVersion());
        Map<String, String> getPrivateKeyData = new HashMap<>(Map.of("secretName", akp.getPrivateKeyId()));
        getPrivateKeyData.put("secretVersion", akp.getPrivateKeyVersion());
        base64PublicKey = keyVaultService.getSecret(getPublicKeyData);
        base64PrivateKey = keyVaultService.getSecret(getPrivateKeyData);
    } else if (configKeyPair instanceof HashicorpVaultKeyPair) {
        KeyVaultServiceFactory keyVaultServiceFactory = KeyVaultServiceFactory.getInstance(KeyVaultType.HASHICORP);
        KeyVaultService keyVaultService = keyVaultServiceFactory.create(config, envProvider);
        HashicorpVaultKeyPair hkp = (HashicorpVaultKeyPair) configKeyPair;
        Map<String, String> getPublicKeyData = Map.of("secretEngineName", hkp.getSecretEngineName(), "secretName", hkp.getSecretName(), "secretId", hkp.getPublicKeyId(), "secretVersion", Objects.toString(hkp.getSecretVersion()));
        Map<String, String> getPrivateKeyData = Map.of("secretEngineName", hkp.getSecretEngineName(), "secretName", hkp.getSecretName(), "secretId", hkp.getPrivateKeyId(), "secretVersion", Objects.toString(hkp.getSecretVersion()));
        base64PublicKey = keyVaultService.getSecret(getPublicKeyData);
        base64PrivateKey = keyVaultService.getSecret(getPrivateKeyData);
    } else if (configKeyPair instanceof AWSKeyPair) {
        KeyVaultServiceFactory keyVaultServiceFactory = KeyVaultServiceFactory.getInstance(KeyVaultType.AWS);
        KeyVaultService keyVaultService = keyVaultServiceFactory.create(config, envProvider);
        AWSKeyPair akp = (AWSKeyPair) configKeyPair;
        Map<String, String> getPublicKeyData = Map.of("secretName", akp.getPublicKeyId());
        Map<String, String> getPrivateKeyData = Map.of("secretName", akp.getPrivateKeyId());
        base64PublicKey = keyVaultService.getSecret(getPublicKeyData);
        base64PrivateKey = keyVaultService.getSecret(getPrivateKeyData);
    } else {
        base64PublicKey = configKeyPair.getPublicKey();
        base64PrivateKey = configKeyPair.getPrivateKey();
    }
    return new KeyPair(PublicKey.from(Base64.getDecoder().decode(base64PublicKey.trim())), PrivateKey.from(Base64.getDecoder().decode(base64PrivateKey.trim())));
}
Also used : HashicorpVaultKeyPair(com.quorum.tessera.config.keypairs.HashicorpVaultKeyPair) KeyVaultService(com.quorum.tessera.key.vault.KeyVaultService) ConfigKeyPair(com.quorum.tessera.config.keypairs.ConfigKeyPair) KeyPair(com.quorum.tessera.encryption.KeyPair) AWSKeyPair(com.quorum.tessera.config.keypairs.AWSKeyPair) AzureVaultKeyPair(com.quorum.tessera.config.keypairs.AzureVaultKeyPair) HashicorpVaultKeyPair(com.quorum.tessera.config.keypairs.HashicorpVaultKeyPair) AWSKeyPair(com.quorum.tessera.config.keypairs.AWSKeyPair) KeyVaultServiceFactory(com.quorum.tessera.key.vault.KeyVaultServiceFactory) AzureVaultKeyPair(com.quorum.tessera.config.keypairs.AzureVaultKeyPair)

Example 2 with AWSKeyPair

use of com.quorum.tessera.config.keypairs.AWSKeyPair in project tessera by ConsenSys.

the class AWSSecretManagerKeyGenerator method generate.

@Override
public AWSKeyPair generate(String filename, ArgonOptions encryptionOptions, KeyVaultOptions keyVaultOptions) {
    final KeyPair keys = this.encryptor.generateNewKeys();
    final StringBuilder publicId = new StringBuilder();
    final StringBuilder privateId = new StringBuilder();
    if (filename != null) {
        final Path path = Paths.get(filename);
        final String secretId = path.getFileName().toString();
        if (!secretId.matches("^[0-9a-zA-Z\\-/_+=.@]*$")) {
            throw new UnsupportedCharsetException("Generated key ID for AWS Secret Manager can contain only 0-9, a-z, A-Z and /_+=.@- characters");
        }
        publicId.append(secretId);
        privateId.append(secretId);
    }
    publicId.append("Pub");
    privateId.append("Key");
    saveKeyInSecretManager(publicId.toString(), keys.getPublicKey());
    saveKeyInSecretManager(privateId.toString(), keys.getPrivateKey());
    return new AWSKeyPair(publicId.toString(), privateId.toString());
}
Also used : Path(java.nio.file.Path) KeyPair(com.quorum.tessera.encryption.KeyPair) AWSKeyPair(com.quorum.tessera.config.keypairs.AWSKeyPair) UnsupportedCharsetException(java.nio.charset.UnsupportedCharsetException) AWSKeyPair(com.quorum.tessera.config.keypairs.AWSKeyPair)

Example 3 with AWSKeyPair

use of com.quorum.tessera.config.keypairs.AWSKeyPair in project tessera by ConsenSys.

the class AWSSecretManagerKeyGeneratorTest method keysSavedInVaultWithProvidedVaultIdAndCorrectSuffix.

@Test
public void keysSavedInVaultWithProvidedVaultIdAndCorrectSuffix() {
    final String vaultId = "vaultId";
    final String pubVaultId = vaultId + "Pub";
    final String privVaultId = vaultId + "Key";
    final AWSKeyPair result = awsSecretManagerKeyGenerator.generate(vaultId, null, null);
    final ArgumentCaptor<Map> captor = ArgumentCaptor.forClass(Map.class);
    verify(keyVaultService, times(2)).setSecret(captor.capture());
    List<Map> capturedArgs = captor.getAllValues();
    assertThat(capturedArgs).hasSize(2);
    Map<String, String> expectedDataPub = Map.of("secretName", pubVaultId, "secret", pub.encodeToBase64());
    Map<String, String> expectedDataPriv = Map.of("secretName", privVaultId, "secret", priv.encodeToBase64());
    assertThat(capturedArgs).usingRecursiveFieldByFieldElementComparator().containsExactlyInAnyOrder(expectedDataPub, expectedDataPriv);
    verifyNoMoreInteractions(keyVaultService);
    final AWSKeyPair expected = new AWSKeyPair(pubVaultId, privVaultId);
    assertThat(result).isExactlyInstanceOf(AWSKeyPair.class);
    assertThat(result).isEqualToComparingFieldByField(expected);
}
Also used : AWSKeyPair(com.quorum.tessera.config.keypairs.AWSKeyPair) Map(java.util.Map) Test(org.junit.Test)

Aggregations

AWSKeyPair (com.quorum.tessera.config.keypairs.AWSKeyPair)3 KeyPair (com.quorum.tessera.encryption.KeyPair)2 AzureVaultKeyPair (com.quorum.tessera.config.keypairs.AzureVaultKeyPair)1 ConfigKeyPair (com.quorum.tessera.config.keypairs.ConfigKeyPair)1 HashicorpVaultKeyPair (com.quorum.tessera.config.keypairs.HashicorpVaultKeyPair)1 KeyVaultService (com.quorum.tessera.key.vault.KeyVaultService)1 KeyVaultServiceFactory (com.quorum.tessera.key.vault.KeyVaultServiceFactory)1 UnsupportedCharsetException (java.nio.charset.UnsupportedCharsetException)1 Path (java.nio.file.Path)1 Map (java.util.Map)1 Test (org.junit.Test)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial