use of com.quorum.tessera.config.keys.KeyEncryptor in project tessera by ConsenSys.
the class PicoCliDelegateTest method keygenOutputToCLI.
@Test
public void keygenOutputToCLI() throws Exception {
Path publicKeyPath = Files.createTempFile(UUID.randomUUID().toString(), "");
Path privateKeyPath = Files.createTempFile(UUID.randomUUID().toString(), "");
Files.write(privateKeyPath, Arrays.asList("SOMEDATA"));
Files.write(publicKeyPath, Arrays.asList("SOMEDATA"));
KeyEncryptor keyEncryptor = mock(KeyEncryptor.class);
FilesystemKeyPair keypair = new FilesystemKeyPair(publicKeyPath, privateKeyPath, keyEncryptor);
when(keyGenerator.generate(anyString(), eq(null), eq(null))).thenReturn(keypair);
Path unixSocketPath = Files.createTempFile(UUID.randomUUID().toString(), ".ipc");
Map<String, Object> params = new HashMap<>();
params.put("unixSocketPath", unixSocketPath.toString());
Path configFile = Paths.get(getClass().getResource("/keygen-sample.json").toURI());
Path keyOutputPath = configFile.resolveSibling(UUID.randomUUID().toString());
CliResult result = cliDelegate.execute("-keygen", "-filename", keyOutputPath.toString(), "-configfile", configFile.toString());
assertThat(result).isNotNull();
assertThat(result.getStatus()).isEqualTo(0);
assertThat(result.getConfig()).isNotNull();
assertThat(result.isSuppressStartup()).isTrue();
verify(keyGenerator).generate(anyString(), eq(null), eq(null));
verifyNoMoreInteractions(keyGenerator);
}
use of com.quorum.tessera.config.keys.KeyEncryptor in project tessera by ConsenSys.
the class PicoCliDelegateTest method keygenUpdateConfigAndPasswordFile.
@Test
public void keygenUpdateConfigAndPasswordFile() throws Exception {
Path publicKeyPath = Files.createTempFile(UUID.randomUUID().toString(), "");
Path privateKeyPath = Files.createTempFile(UUID.randomUUID().toString(), "");
Files.write(privateKeyPath, Arrays.asList("SOMEDATA"));
Files.write(publicKeyPath, Arrays.asList("SOMEDATA"));
KeyEncryptor keyEncryptor = mock(KeyEncryptor.class);
FilesystemKeyPair keypair = new FilesystemKeyPair(publicKeyPath, privateKeyPath, keyEncryptor);
when(keyGenerator.generate(anyString(), eq(null), eq(null))).thenReturn(keypair);
Path unixSocketPath = Files.createTempFile(UUID.randomUUID().toString(), ".ipc");
Map<String, Object> params = new HashMap<>();
params.put("unixSocketPath", unixSocketPath.toString());
Path configFile = Paths.get(getClass().getResource("/keygen-sample.json").toURI());
Path keyOutputPath = configFile.resolveSibling(UUID.randomUUID().toString());
Path configOutputPath = configFile.resolveSibling(UUID.randomUUID().toString() + ".json");
Path pwdOutputPath = configFile.resolveSibling(UUID.randomUUID().toString() + ".pwds");
assertThat(Files.exists(configOutputPath)).isFalse();
assertThat(Files.exists(pwdOutputPath)).isFalse();
CliResult result = cliDelegate.execute("-keygen", "-filename", keyOutputPath.toString(), "-output", configOutputPath.toString(), "-configfile", configFile.toString(), "--pwdout", pwdOutputPath.toString());
assertThat(result).isNotNull();
assertThat(result.getStatus()).isEqualTo(0);
assertThat(result.getConfig()).isNotNull();
assertThat(result.isSuppressStartup()).isTrue();
assertThat(Files.exists(configOutputPath)).isTrue();
configOutputPath.toFile().deleteOnExit();
assertThat(Files.exists(pwdOutputPath)).isTrue();
pwdOutputPath.toFile().deleteOnExit();
verify(keyGenerator).generate(anyString(), eq(null), eq(null));
verifyNoMoreInteractions(keyGenerator);
try {
cliDelegate.execute("-keygen", "-filename", UUID.randomUUID().toString(), "-output", configOutputPath.toString(), "-configfile", configFile.toString());
failBecauseExceptionWasNotThrown(Exception.class);
} catch (Exception ex) {
assertThat(ex).isInstanceOf(UncheckedIOException.class);
assertThat(ex.getCause()).isExactlyInstanceOf(FileAlreadyExistsException.class);
}
}
use of com.quorum.tessera.config.keys.KeyEncryptor in project tessera by ConsenSys.
the class CliKeyPasswordResolver method resolveKeyPasswords.
@Override
public void resolveKeyPasswords(final Config config) {
final KeyConfiguration keyConfiguration = config.getKeys();
if (keyConfiguration == null) {
// invalid config, but gets picked up by validation later
return;
}
final List<char[]> allPasswords = new ArrayList<>();
if (keyConfiguration.getPasswords() != null) {
allPasswords.addAll(keyConfiguration.getPasswords().stream().map(String::toCharArray).collect(Collectors.toList()));
} else if (keyConfiguration.getPasswordFile() != null) {
try {
allPasswords.addAll(Files.readAllLines(keyConfiguration.getPasswordFile(), StandardCharsets.UTF_8).stream().map(String::toCharArray).collect(Collectors.toList()));
} catch (final IOException ex) {
// don't do anything, if any keys are locked validation will complain that
// locked keys were provided without passwords
System.err.println("Could not read the password file");
}
}
List<KeyData> keyPairs = keyConfiguration.getKeyData();
IntStream.range(0, keyConfiguration.getKeyData().size()).forEachOrdered(i -> {
if (i < allPasswords.size()) {
keyPairs.get(i).setPassword(allPasswords.get(i));
}
});
// decrypt the keys, either using provided passwords or read from CLI
EncryptorConfig encryptorConfig = Optional.ofNullable(config.getEncryptor()).orElse(new EncryptorConfig() {
{
setType(EncryptorType.NACL);
}
});
final KeyEncryptor keyEncryptor = KeyEncryptorFactory.newFactory().create(encryptorConfig);
IntStream.range(0, keyConfiguration.getKeyData().size()).forEachOrdered(keyNumber -> getSingleKeyPassword(keyNumber, keyConfiguration.getKeyData().get(keyNumber), keyEncryptor));
}
use of com.quorum.tessera.config.keys.KeyEncryptor in project tessera by ConsenSys.
the class FileKeyGeneratorTest method init.
@Before
public void init() {
this.keyPair = new KeyPair(PublicKey.from(PUBLIC_KEY.getBytes(UTF_8)), PrivateKey.from(PRIVATE_KEY.getBytes(UTF_8)));
this.encryptor = mock(Encryptor.class);
this.keyEncryptor = mock(KeyEncryptor.class);
this.passwordReader = mock(PasswordReader.class);
when(passwordReader.requestUserPassword()).thenReturn(new char[0]);
this.generator = new FileKeyGenerator(encryptor, keyEncryptor, passwordReader);
}
use of com.quorum.tessera.config.keys.KeyEncryptor in project tessera by ConsenSys.
the class KeyDataUtilTest method unmarshalAzureVaultKeyPair.
@Test
public void unmarshalAzureVaultKeyPair() {
KeyEncryptor keyEncryptor = mock(KeyEncryptor.class);
KeyData keyData = new KeyData();
keyData.setAzureVaultPrivateKeyId("AzureVaultPrivateKeyId");
keyData.setAzureVaultPublicKeyId("AzureVaultPublicKeyId");
KeyDataConfig config = mock(KeyDataConfig.class);
keyData.setConfig(config);
AzureVaultKeyPair result = (AzureVaultKeyPair) KeyDataUtil.unmarshal(keyData, keyEncryptor);
assertThat(result).isNotNull();
assertThat(result.getPrivateKeyId()).isEqualTo("AzureVaultPrivateKeyId");
assertThat(result.getPublicKeyId()).isEqualTo("AzureVaultPublicKeyId");
verifyZeroInteractions(keyEncryptor);
}
Aggregations