Example 11 with KeyEncryptor
use of com.quorum.tessera.config.keys.KeyEncryptor in project tessera by ConsenSys.
the class PicoCliDelegateTest method keygenOutputToCLI.
@Test
public void keygenOutputToCLI() throws Exception {
Path publicKeyPath = Files.createTempFile(UUID.randomUUID().toString(), "");
Path privateKeyPath = Files.createTempFile(UUID.randomUUID().toString(), "");
Files.write(privateKeyPath, Arrays.asList("SOMEDATA"));
Files.write(publicKeyPath, Arrays.asList("SOMEDATA"));
KeyEncryptor keyEncryptor = mock(KeyEncryptor.class);
FilesystemKeyPair keypair = new FilesystemKeyPair(publicKeyPath, privateKeyPath, keyEncryptor);
when(keyGenerator.generate(anyString(), eq(null), eq(null))).thenReturn(keypair);
Path unixSocketPath = Files.createTempFile(UUID.randomUUID().toString(), ".ipc");
Map<String, Object> params = new HashMap<>();
params.put("unixSocketPath", unixSocketPath.toString());
Path configFile = Paths.get(getClass().getResource("/keygen-sample.json").toURI());
Path keyOutputPath = configFile.resolveSibling(UUID.randomUUID().toString());
CliResult result = cliDelegate.execute("-keygen", "-filename", keyOutputPath.toString(), "-configfile", configFile.toString());
assertThat(result).isNotNull();
assertThat(result.getStatus()).isEqualTo(0);
assertThat(result.getConfig()).isNotNull();
assertThat(result.isSuppressStartup()).isTrue();
verify(keyGenerator).generate(anyString(), eq(null), eq(null));
verifyNoMoreInteractions(keyGenerator);
}
Also used :
Path(java.nio.file.Path)
FilesystemKeyPair(com.quorum.tessera.config.keypairs.FilesystemKeyPair)
HashMap(java.util.HashMap)
CliResult(com.quorum.tessera.cli.CliResult)
KeyEncryptor(com.quorum.tessera.config.keys.KeyEncryptor)
ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString)
Test(org.junit.Test)
Example 12 with KeyEncryptor
use of com.quorum.tessera.config.keys.KeyEncryptor in project tessera by ConsenSys.
the class PicoCliDelegateTest method keygenUpdateConfigAndPasswordFile.
@Test
public void keygenUpdateConfigAndPasswordFile() throws Exception {
Path publicKeyPath = Files.createTempFile(UUID.randomUUID().toString(), "");
Path privateKeyPath = Files.createTempFile(UUID.randomUUID().toString(), "");
Files.write(privateKeyPath, Arrays.asList("SOMEDATA"));
Files.write(publicKeyPath, Arrays.asList("SOMEDATA"));
KeyEncryptor keyEncryptor = mock(KeyEncryptor.class);
FilesystemKeyPair keypair = new FilesystemKeyPair(publicKeyPath, privateKeyPath, keyEncryptor);
when(keyGenerator.generate(anyString(), eq(null), eq(null))).thenReturn(keypair);
Path unixSocketPath = Files.createTempFile(UUID.randomUUID().toString(), ".ipc");
Map<String, Object> params = new HashMap<>();
params.put("unixSocketPath", unixSocketPath.toString());
Path configFile = Paths.get(getClass().getResource("/keygen-sample.json").toURI());
Path keyOutputPath = configFile.resolveSibling(UUID.randomUUID().toString());
Path configOutputPath = configFile.resolveSibling(UUID.randomUUID().toString() + ".json");
Path pwdOutputPath = configFile.resolveSibling(UUID.randomUUID().toString() + ".pwds");
assertThat(Files.exists(configOutputPath)).isFalse();
assertThat(Files.exists(pwdOutputPath)).isFalse();
CliResult result = cliDelegate.execute("-keygen", "-filename", keyOutputPath.toString(), "-output", configOutputPath.toString(), "-configfile", configFile.toString(), "--pwdout", pwdOutputPath.toString());
assertThat(result).isNotNull();
assertThat(result.getStatus()).isEqualTo(0);
assertThat(result.getConfig()).isNotNull();
assertThat(result.isSuppressStartup()).isTrue();
assertThat(Files.exists(configOutputPath)).isTrue();
configOutputPath.toFile().deleteOnExit();
assertThat(Files.exists(pwdOutputPath)).isTrue();
pwdOutputPath.toFile().deleteOnExit();
verify(keyGenerator).generate(anyString(), eq(null), eq(null));
verifyNoMoreInteractions(keyGenerator);
try {
cliDelegate.execute("-keygen", "-filename", UUID.randomUUID().toString(), "-output", configOutputPath.toString(), "-configfile", configFile.toString());
failBecauseExceptionWasNotThrown(Exception.class);
} catch (Exception ex) {
assertThat(ex).isInstanceOf(UncheckedIOException.class);
assertThat(ex.getCause()).isExactlyInstanceOf(FileAlreadyExistsException.class);
}
}
Also used :
Path(java.nio.file.Path)
FileAlreadyExistsException(java.nio.file.FileAlreadyExistsException)
FilesystemKeyPair(com.quorum.tessera.config.keypairs.FilesystemKeyPair)
HashMap(java.util.HashMap)
CliResult(com.quorum.tessera.cli.CliResult)
KeyEncryptor(com.quorum.tessera.config.keys.KeyEncryptor)
UncheckedIOException(java.io.UncheckedIOException)
ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString)
CliException(com.quorum.tessera.cli.CliException)
ConstraintViolationException(jakarta.validation.ConstraintViolationException)
FileAlreadyExistsException(java.nio.file.FileAlreadyExistsException)
UncheckedIOException(java.io.UncheckedIOException)
Test(org.junit.Test)
Example 13 with KeyEncryptor
use of com.quorum.tessera.config.keys.KeyEncryptor in project tessera by ConsenSys.
the class CliKeyPasswordResolver method resolveKeyPasswords.
@Override
public void resolveKeyPasswords(final Config config) {
final KeyConfiguration keyConfiguration = config.getKeys();
if (keyConfiguration == null) {
// invalid config, but gets picked up by validation later
return;
}
final List<char[]> allPasswords = new ArrayList<>();
if (keyConfiguration.getPasswords() != null) {
allPasswords.addAll(keyConfiguration.getPasswords().stream().map(String::toCharArray).collect(Collectors.toList()));
} else if (keyConfiguration.getPasswordFile() != null) {
try {
allPasswords.addAll(Files.readAllLines(keyConfiguration.getPasswordFile(), StandardCharsets.UTF_8).stream().map(String::toCharArray).collect(Collectors.toList()));
} catch (final IOException ex) {
// don't do anything, if any keys are locked validation will complain that
// locked keys were provided without passwords
System.err.println("Could not read the password file");
}
}
List<KeyData> keyPairs = keyConfiguration.getKeyData();
IntStream.range(0, keyConfiguration.getKeyData().size()).forEachOrdered(i -> {
if (i < allPasswords.size()) {
keyPairs.get(i).setPassword(allPasswords.get(i));
}
});
// decrypt the keys, either using provided passwords or read from CLI
EncryptorConfig encryptorConfig = Optional.ofNullable(config.getEncryptor()).orElse(new EncryptorConfig() {
{
setType(EncryptorType.NACL);
}
});
final KeyEncryptor keyEncryptor = KeyEncryptorFactory.newFactory().create(encryptorConfig);
IntStream.range(0, keyConfiguration.getKeyData().size()).forEachOrdered(keyNumber -> getSingleKeyPassword(keyNumber, keyConfiguration.getKeyData().get(keyNumber), keyEncryptor));
}
Also used :
KeyEncryptor(com.quorum.tessera.config.keys.KeyEncryptor)
ArrayList(java.util.ArrayList)
IOException(java.io.IOException)
Example 14 with KeyEncryptor
use of com.quorum.tessera.config.keys.KeyEncryptor in project tessera by ConsenSys.
the class FileKeyGeneratorTest method init.
@Before
public void init() {
this.keyPair = new KeyPair(PublicKey.from(PUBLIC_KEY.getBytes(UTF_8)), PrivateKey.from(PRIVATE_KEY.getBytes(UTF_8)));
this.encryptor = mock(Encryptor.class);
this.keyEncryptor = mock(KeyEncryptor.class);
this.passwordReader = mock(PasswordReader.class);
when(passwordReader.requestUserPassword()).thenReturn(new char[0]);
this.generator = new FileKeyGenerator(encryptor, keyEncryptor, passwordReader);
}
Also used :
KeyPair(com.quorum.tessera.encryption.KeyPair)
FilesystemKeyPair(com.quorum.tessera.config.keypairs.FilesystemKeyPair)
PasswordReader(com.quorum.tessera.passwords.PasswordReader)
KeyEncryptor(com.quorum.tessera.config.keys.KeyEncryptor)
Encryptor(com.quorum.tessera.encryption.Encryptor)
KeyEncryptor(com.quorum.tessera.config.keys.KeyEncryptor)
Before(org.junit.Before)
Example 15 with KeyEncryptor
use of com.quorum.tessera.config.keys.KeyEncryptor in project tessera by ConsenSys.
the class KeyDataUtilTest method unmarshalAzureVaultKeyPair.
@Test
public void unmarshalAzureVaultKeyPair() {
KeyEncryptor keyEncryptor = mock(KeyEncryptor.class);
KeyData keyData = new KeyData();
keyData.setAzureVaultPrivateKeyId("AzureVaultPrivateKeyId");
keyData.setAzureVaultPublicKeyId("AzureVaultPublicKeyId");
KeyDataConfig config = mock(KeyDataConfig.class);
keyData.setConfig(config);
AzureVaultKeyPair result = (AzureVaultKeyPair) KeyDataUtil.unmarshal(keyData, keyEncryptor);
assertThat(result).isNotNull();
assertThat(result.getPrivateKeyId()).isEqualTo("AzureVaultPrivateKeyId");
assertThat(result.getPublicKeyId()).isEqualTo("AzureVaultPublicKeyId");
verifyZeroInteractions(keyEncryptor);
}
Also used :
KeyDataConfig(com.quorum.tessera.config.KeyDataConfig)
KeyEncryptor(com.quorum.tessera.config.keys.KeyEncryptor)
KeyData(com.quorum.tessera.config.KeyData)
PrivateKeyData(com.quorum.tessera.config.PrivateKeyData)
Test(org.junit.Test)
Aggregations
KeyEncryptor (com.quorum.tessera.config.keys.KeyEncryptor)20
Test (org.junit.Test)15
KeyData (com.quorum.tessera.config.KeyData)10
PrivateKeyData (com.quorum.tessera.config.PrivateKeyData)10
Path (java.nio.file.Path)5
FilesystemKeyPair (com.quorum.tessera.config.keypairs.FilesystemKeyPair)4
KeyEncryptorFactory (com.quorum.tessera.config.keys.KeyEncryptorFactory)4
CliResult (com.quorum.tessera.cli.CliResult)3
KeyDataConfig (com.quorum.tessera.config.KeyDataConfig)3
ConstraintViolationException (jakarta.validation.ConstraintViolationException)3
HashMap (java.util.HashMap)3
ArgumentMatchers.anyString (org.mockito.ArgumentMatchers.anyString)3
CliException (com.quorum.tessera.cli.CliException)2
EncryptorConfig (com.quorum.tessera.config.EncryptorConfig)2
ConfigKeyPair (com.quorum.tessera.config.keypairs.ConfigKeyPair)2
EnvironmentVariableProvider (com.quorum.tessera.config.util.EnvironmentVariableProvider)2
KeyDataUtil (com.quorum.tessera.config.util.KeyDataUtil)2
Encryptor (com.quorum.tessera.encryption.Encryptor)2
PublicKey (com.quorum.tessera.encryption.PublicKey)2
Client (jakarta.ws.rs.client.Client)2
