use of com.quorum.tessera.config.util.EnvironmentVariableProvider in project tessera by ConsenSys.
the class EnclaveFactoryImpl method createServer.
static Enclave createServer(Config config) {
LOGGER.info("Creating enclave server");
EncryptorConfig encryptorConfig = config.getEncryptor();
EncryptorFactory encryptorFactory = EncryptorFactory.newFactory(encryptorConfig.getType().name());
Encryptor encryptor = encryptorFactory.create(encryptorConfig.getProperties());
KeyEncryptor keyEncryptor = KeyEncryptorFactory.newFactory().create(encryptorConfig);
final KeyPairConverter keyPairConverter = new KeyPairConverter(config, new EnvironmentVariableProvider());
final Collection<KeyPair> keys = keyPairConverter.convert(config.getKeys().getKeyData().stream().map(kd -> KeyDataUtil.unmarshal(kd, keyEncryptor)).collect(Collectors.toList()));
final Collection<PublicKey> forwardKeys = keyPairConverter.convert(config.getAlwaysSendTo());
LOGGER.debug("Creating enclave");
Enclave enclave = new EnclaveImpl(encryptor, new KeyManagerImpl(keys, forwardKeys));
LOGGER.debug("Created enclave {}", enclave);
return enclave;
}
use of com.quorum.tessera.config.util.EnvironmentVariableProvider in project tessera by ConsenSys.
the class HashicorpKeyVaultServiceFactoryUtilTest method configureClientAuthenticationIfNoEnvVarSetThenException.
@Test
public void configureClientAuthenticationIfNoEnvVarSetThenException() {
KeyVaultConfig keyVaultConfig = mock(KeyVaultConfig.class);
EnvironmentVariableProvider envProvider = mock(EnvironmentVariableProvider.class);
ClientHttpRequestFactory clientHttpRequestFactory = mock(ClientHttpRequestFactory.class);
VaultEndpoint vaultEndpoint = mock(VaultEndpoint.class);
when(envProvider.getEnv(HASHICORP_ROLE_ID)).thenReturn(null);
when(envProvider.getEnv(HASHICORP_SECRET_ID)).thenReturn(null);
when(envProvider.getEnv(HASHICORP_TOKEN)).thenReturn(null);
Throwable ex = catchThrowable(() -> util.configureClientAuthentication(keyVaultConfig, envProvider, clientHttpRequestFactory, vaultEndpoint));
assertThat(ex).isExactlyInstanceOf(HashicorpCredentialNotSetException.class);
assertThat(ex.getMessage()).isEqualTo("Both " + HASHICORP_ROLE_ID + " and " + HASHICORP_SECRET_ID + " environment variables must be set to use the AppRole authentication method. Alternatively set " + HASHICORP_TOKEN + " to authenticate using the Token method");
}
use of com.quorum.tessera.config.util.EnvironmentVariableProvider in project tessera by ConsenSys.
the class HashicorpKeyVaultServiceFactoryUtilTest method configureSslUsesKeyStoreAndTrustStoreIfBothProvided.
@Test
public void configureSslUsesKeyStoreAndTrustStoreIfBothProvided() throws Exception {
KeyVaultConfig keyVaultConfig = mock(KeyVaultConfig.class);
EnvironmentVariableProvider envProvider = mock(EnvironmentVariableProvider.class);
Path path = Files.createTempFile(UUID.randomUUID().toString(), ".tmp");
path.toFile().deleteOnExit();
when(keyVaultConfig.hasProperty("tlsKeyStorePath", "tlsTrustStorePath")).thenReturn(true);
when(keyVaultConfig.getProperty("tlsKeyStorePath")).thenReturn(Optional.of(path.toString()));
when(keyVaultConfig.getProperty("tlsTrustStorePath")).thenReturn(Optional.of(path.toString()));
SslConfiguration result = util.configureSsl(keyVaultConfig, envProvider);
assertThat(result.getKeyStoreConfiguration().isPresent()).isTrue();
assertThat(result.getTrustStoreConfiguration().isPresent()).isTrue();
}
use of com.quorum.tessera.config.util.EnvironmentVariableProvider in project tessera by ConsenSys.
the class HashicorpKeyVaultServiceFactoryUtilTest method configureSslUsesTrustStoreOnlyIfProvided.
@Test
public void configureSslUsesTrustStoreOnlyIfProvided() throws Exception {
KeyVaultConfig keyVaultConfig = mock(KeyVaultConfig.class);
EnvironmentVariableProvider envProvider = mock(EnvironmentVariableProvider.class);
Path path = Files.createTempFile(UUID.randomUUID().toString(), ".tmp");
path.toFile().deleteOnExit();
when(keyVaultConfig.hasProperty("tlsTrustStorePath")).thenReturn(true);
when(keyVaultConfig.hasProperty("tlsKeyStorePath")).thenReturn(false);
when(keyVaultConfig.getProperty("tlsKeyStorePath")).thenReturn(Optional.empty());
when(keyVaultConfig.getProperty("tlsTrustStorePath")).thenReturn(Optional.of(path.toString()));
SslConfiguration result = util.configureSsl(keyVaultConfig, envProvider);
assertThat(result.getKeyStoreConfiguration().isPresent()).isFalse();
assertThat(result.getTrustStoreConfiguration().isPresent()).isTrue();
}
use of com.quorum.tessera.config.util.EnvironmentVariableProvider in project tessera by ConsenSys.
the class HashicorpKeyVaultServiceFactoryUtilTest method configureClientAuthenticationIfOnlyRoleIdSetThenException.
@Test
public void configureClientAuthenticationIfOnlyRoleIdSetThenException() {
KeyVaultConfig keyVaultConfig = mock(KeyVaultConfig.class);
EnvironmentVariableProvider envProvider = mock(EnvironmentVariableProvider.class);
ClientHttpRequestFactory clientHttpRequestFactory = mock(ClientHttpRequestFactory.class);
VaultEndpoint vaultEndpoint = mock(VaultEndpoint.class);
when(envProvider.getEnv(HASHICORP_ROLE_ID)).thenReturn("role-id");
when(envProvider.getEnv(HASHICORP_SECRET_ID)).thenReturn(null);
when(envProvider.getEnv(HASHICORP_TOKEN)).thenReturn(null);
Throwable ex = catchThrowable(() -> util.configureClientAuthentication(keyVaultConfig, envProvider, clientHttpRequestFactory, vaultEndpoint));
assertThat(ex).isExactlyInstanceOf(HashicorpCredentialNotSetException.class);
assertThat(ex.getMessage()).isEqualTo("Both " + HASHICORP_ROLE_ID + " and " + HASHICORP_SECRET_ID + " environment variables must be set to use the AppRole authentication method");
}
Aggregations