Examples with ConfigKeyPair com.quorum.tessera.config.keypairs.ConfigKeyPair used on opensource projects

Example 1 with ConfigKeyPair

use of com.quorum.tessera.config.keypairs.ConfigKeyPair in project tessera by ConsenSys.

the class KeyPairConverter method convert.

private KeyPair convert(ConfigKeyPair configKeyPair) {
    final String base64PublicKey;
    final String base64PrivateKey;
    if (configKeyPair instanceof AzureVaultKeyPair) {
        KeyVaultServiceFactory keyVaultServiceFactory = KeyVaultServiceFactory.getInstance(KeyVaultType.AZURE);
        KeyVaultService keyVaultService = keyVaultServiceFactory.create(config, envProvider);
        AzureVaultKeyPair akp = (AzureVaultKeyPair) configKeyPair;
        Map<String, String> getPublicKeyData = new HashMap<>(Map.of("secretName", akp.getPublicKeyId()));
        getPublicKeyData.put("secretVersion", akp.getPublicKeyVersion());
        Map<String, String> getPrivateKeyData = new HashMap<>(Map.of("secretName", akp.getPrivateKeyId()));
        getPrivateKeyData.put("secretVersion", akp.getPrivateKeyVersion());
        base64PublicKey = keyVaultService.getSecret(getPublicKeyData);
        base64PrivateKey = keyVaultService.getSecret(getPrivateKeyData);
    } else if (configKeyPair instanceof HashicorpVaultKeyPair) {
        KeyVaultServiceFactory keyVaultServiceFactory = KeyVaultServiceFactory.getInstance(KeyVaultType.HASHICORP);
        KeyVaultService keyVaultService = keyVaultServiceFactory.create(config, envProvider);
        HashicorpVaultKeyPair hkp = (HashicorpVaultKeyPair) configKeyPair;
        Map<String, String> getPublicKeyData = Map.of("secretEngineName", hkp.getSecretEngineName(), "secretName", hkp.getSecretName(), "secretId", hkp.getPublicKeyId(), "secretVersion", Objects.toString(hkp.getSecretVersion()));
        Map<String, String> getPrivateKeyData = Map.of("secretEngineName", hkp.getSecretEngineName(), "secretName", hkp.getSecretName(), "secretId", hkp.getPrivateKeyId(), "secretVersion", Objects.toString(hkp.getSecretVersion()));
        base64PublicKey = keyVaultService.getSecret(getPublicKeyData);
        base64PrivateKey = keyVaultService.getSecret(getPrivateKeyData);
    } else if (configKeyPair instanceof AWSKeyPair) {
        KeyVaultServiceFactory keyVaultServiceFactory = KeyVaultServiceFactory.getInstance(KeyVaultType.AWS);
        KeyVaultService keyVaultService = keyVaultServiceFactory.create(config, envProvider);
        AWSKeyPair akp = (AWSKeyPair) configKeyPair;
        Map<String, String> getPublicKeyData = Map.of("secretName", akp.getPublicKeyId());
        Map<String, String> getPrivateKeyData = Map.of("secretName", akp.getPrivateKeyId());
        base64PublicKey = keyVaultService.getSecret(getPublicKeyData);
        base64PrivateKey = keyVaultService.getSecret(getPrivateKeyData);
    } else {
        base64PublicKey = configKeyPair.getPublicKey();
        base64PrivateKey = configKeyPair.getPrivateKey();
    }
    return new KeyPair(PublicKey.from(Base64.getDecoder().decode(base64PublicKey.trim())), PrivateKey.from(Base64.getDecoder().decode(base64PrivateKey.trim())));
}

Example 2 with ConfigKeyPair

use of com.quorum.tessera.config.keypairs.ConfigKeyPair in project tessera by ConsenSys.

the class ThirdPartyIT method partyInfoKeys.

@Test
public void partyInfoKeys() {
    Response partyinfoResponse = client.target(thirdPartyServerConfig.getServerUri()).path("partyinfo").path("keys").request().get();
    JsonObject partyinfokeysJson = partyinfoResponse.readEntity(JsonObject.class);
    assertThat(partyinfoResponse).isNotNull();
    assertThat(partyinfoResponse.getStatus()).isEqualTo(200);
    List<JsonObject> keys = Stream.of(firstNodeExecManager, secondNodeExecManager).map(NodeExecManager::getConfigDescriptor).map(ConfigDescriptor::getKey).map(ConfigKeyPair::getPublicKey).map(k -> Json.createObjectBuilder().add("key", k).build()).collect(Collectors.toUnmodifiableList());
    assertThat(partyinfokeysJson.getJsonArray("keys")).describedAs("partyInfo response that caused failure %s", partyinfokeysJson.toString()).containsAnyElementsOf(keys);
}

Example 3 with ConfigKeyPair

use of com.quorum.tessera.config.keypairs.ConfigKeyPair in project tessera by ConsenSys.

the class SendIT method sendToMultipleRecipientsOnSameNode.

@Test
public void sendToMultipleRecipientsOnSameNode() throws UnsupportedEncodingException {
    // Node C has 2 keys, use them both
    final String[] recipientPublicKeys = ExecutionContext.currentContext().getConfigs().stream().filter(c -> c.getAlias() == NodeAlias.C).findFirst().map(ConfigDescriptor::getAllKeys).get().stream().map(ConfigKeyPair::getPublicKey).toArray(String[]::new);
    final Party sendingParty = partyHelper.findByAlias(NodeAlias.A);
    final Party recipientParty = partyHelper.findByAlias(NodeAlias.C);
    final byte[] transactionData = utils.createTransactionData();
    final SendRequest sendRequest = new SendRequest();
    sendRequest.setFrom(sendingParty.getPublicKey());
    sendRequest.setTo(recipientPublicKeys);
    sendRequest.setPayload(transactionData);
    final Response response = sendingParty.getRestClient().target(sendingParty.getQ2TUri()).path(SEND_PATH).request().post(Entity.entity(sendRequest, MIME_TYPE_JSON_2_1));
    final SendResponse result = response.readEntity(SendResponse.class);
    assertThat(result.getKey()).isNotNull().isNotBlank();
    assertThat(result.getManagedParties()).containsExactlyInAnyOrder(sendingParty.getPublicKey());
    assertThat(result.getSenderKey()).isEqualTo(sendingParty.getPublicKey());
    assertThat(response).isNotNull();
    assertThat(response.getStatus()).isEqualTo(201);
    URI location = response.getLocation();
    {
        final Response checkPersistedTxnResponse = recipientParty.getRestClient().target(location).request().get();
        assertThat(checkPersistedTxnResponse.getStatus()).isEqualTo(200);
        ReceiveResponse receiveResponse = checkPersistedTxnResponse.readEntity(ReceiveResponse.class);
        assertThat(receiveResponse.getPayload()).isEqualTo(transactionData);
        assertThat(result.getManagedParties()).containsExactlyInAnyOrder(sendingParty.getPublicKey());
        assertThat(result.getSenderKey()).isEqualTo(sendingParty.getPublicKey());
    }
    {
        String encodedId = URLEncoder.encode(result.getKey(), StandardCharsets.UTF_8.toString());
        Stream.of(recipientParty).map(Party::getRestClientWebTarget).map(target -> target.path("transaction")).map(target -> target.path(encodedId)).map(target -> target.request().accept(MIME_TYPE_JSON_2_1).get()).forEach(r -> {
            assertThat(r.getStatus()).isEqualTo(200);
            ReceiveResponse receiveResponse = r.readEntity(ReceiveResponse.class);
            assertThat(receiveResponse.getManagedParties()).containsExactlyInAnyOrder(recipientPublicKeys);
            assertThat(receiveResponse.getSenderKey()).isEqualTo(sendingParty.getPublicKey());
        });
    }
}

Example 4 with ConfigKeyPair

use of com.quorum.tessera.config.keypairs.ConfigKeyPair in project tessera by ConsenSys.

the class KeyGenCommandTest method onlySingleOutputFileProvided.

@Test
public void onlySingleOutputFileProvided() throws Exception {
    List<String> optionVariations = List.of("--keyout", "-filename");
    ConfigKeyPair configKeyPair = mock(ConfigKeyPair.class);
    when(keyGenerator.generate("myfile", null, null)).thenReturn(configKeyPair);
    when(keyGeneratorFactory.create(refEq(null), any(EncryptorConfig.class))).thenReturn(keyGenerator);
    for (String option : optionVariations) {
        String arg = option.concat("=myfile");
        int exitCode = commandLine.execute(arg);
        assertThat(exitCode).isZero();
        CommandLine.ParseResult parseResult = commandLine.getParseResult();
        assertThat(parseResult).isNotNull();
        assertThat(parseResult.matchedArgs()).hasSize(1);
        assertThat(parseResult.hasMatchedOption("--keyout"));
        assertThat(parseResult.unmatched()).isEmpty();
        CliResult result = commandLine.getExecutionResult();
        assertThat(result).isNotNull();
        assertThat(result.isSuppressStartup()).isTrue();
        assertThat(result.getConfig()).isNotPresent();
        assertThat(result.getStatus()).isEqualTo(0);
    }
    verify(keyDataMarshaller, times(optionVariations.size())).marshal(configKeyPair);
    verify(keyGeneratorFactory, times(optionVariations.size())).create(refEq(null), any(EncryptorConfig.class));
    verify(keyGenerator, times(optionVariations.size())).generate("myfile", null, null);
}

Example 5 with ConfigKeyPair

use of com.quorum.tessera.config.keypairs.ConfigKeyPair in project tessera by ConsenSys.

the class KeyGenCommand method call.

@Override
public CliResult call() throws IOException {
    if (Objects.nonNull(fileUpdateOptions) && Objects.isNull(fileUpdateOptions.getConfig())) {
        throw new CliException("Missing required argument(s): --configfile=<config>");
    }
    final EncryptorConfig encryptorConfig = Optional.ofNullable(fileUpdateOptions).map(KeyGenFileUpdateOptions::getConfig).map(Config::getEncryptor).orElseGet(() -> Optional.ofNullable(encryptorOptions).map(EncryptorOptions::parseEncryptorConfig).orElse(EncryptorConfig.getDefault()));
    final KeyVaultOptions keyVaultOptions = Optional.ofNullable(keyVaultConfigOptions).map(KeyVaultConfigOptions::getHashicorpSecretEnginePath).map(KeyVaultOptions::new).orElse(null);
    final KeyVaultConfig keyVaultConfig;
    if (keyVaultConfigOptions == null) {
        keyVaultConfig = null;
    } else if (keyVaultConfigOptions.getVaultType() == null) {
        throw new CliException("Key vault type either not provided or not recognised");
    } else if (fileUpdateOptions != null) {
        keyVaultConfig = Optional.of(fileUpdateOptions).map(KeyGenFileUpdateOptions::getConfig).map(Config::getKeys).flatMap(c -> c.getKeyVaultConfig(keyVaultConfigOptions.getVaultType())).orElse(null);
    } else {
        final KeyVaultHandler keyVaultHandler = new DispatchingKeyVaultHandler();
        keyVaultConfig = keyVaultHandler.handle(keyVaultConfigOptions);
        if (keyVaultConfig.getKeyVaultType() == KeyVaultType.HASHICORP) {
            if (Objects.isNull(keyOut)) {
                throw new CliException("At least one -filename must be provided when saving generated keys in a Hashicorp Vault");
            }
        }
        final Set<ConstraintViolation<KeyVaultConfig>> violations = validator.validate(keyVaultConfig);
        if (!violations.isEmpty()) {
            throw new ConstraintViolationException(violations);
        }
    }
    final KeyGenerator keyGenerator = keyGeneratorFactory.create(keyVaultConfig, encryptorConfig);
    final List<String> newKeyNames = Optional.ofNullable(keyOut).filter(Predicate.not(List::isEmpty)).map(List::copyOf).orElseGet(() -> List.of(""));
    final List<ConfigKeyPair> newConfigKeyPairs = newKeyNames.stream().map(name -> keyGenerator.generate(name, argonOptions, keyVaultOptions)).collect(Collectors.toList());
    final List<char[]> newPasswords = newConfigKeyPairs.stream().filter(Objects::nonNull).map(ConfigKeyPair::getPassword).collect(Collectors.toList());
    final List<KeyData> newKeyData = newConfigKeyPairs.stream().map(keyDataMarshaller::marshal).collect(Collectors.toList());
    if (Objects.isNull(fileUpdateOptions)) {
        return new CliResult(0, true, null);
    }
    // prepare config for addition of new keys if required
    prepareConfigForNewKeys(fileUpdateOptions.getConfig());
    if (Objects.nonNull(fileUpdateOptions.getConfigOut())) {
        if (Objects.nonNull(fileUpdateOptions.getPwdOut())) {
            passwordFileUpdaterWriter.updateAndWrite(newPasswords, fileUpdateOptions.getConfig(), fileUpdateOptions.getPwdOut());
            fileUpdateOptions.getConfig().getKeys().setPasswordFile(fileUpdateOptions.getPwdOut());
        }
        configFileUpdaterWriter.updateAndWrite(newKeyData, keyVaultConfig, fileUpdateOptions.getConfig(), fileUpdateOptions.getConfigOut());
    } else {
        configFileUpdaterWriter.updateAndWriteToCLI(newKeyData, keyVaultConfig, fileUpdateOptions.getConfig());
    }
    return new CliResult(0, true, fileUpdateOptions.getConfig());
}