Example 6 with EncryptorException
use of com.quorum.tessera.encryption.EncryptorException in project tessera by ConsenSys.
the class EllipticalCurveEncryptor method openAfterPrecomputation.
@Override
public byte[] openAfterPrecomputation(byte[] cipherText, Nonce nonce, SharedKey sharedKey) {
try {
Cipher cipher = Cipher.getInstance(symmetricCipher);
cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(sharedKey.getKeyBytes(), "AES"), new GCMParameterSpec(128, nonce.getNonceBytes()));
return cipher.doFinal(cipherText);
} catch (GeneralSecurityException e) {
LOGGER.error("unable to perform symmetric decryption", e);
throw new EncryptorException("unable to perform symmetric decryption");
}
}
Also used :
EncryptorException(com.quorum.tessera.encryption.EncryptorException)
SecretKeySpec(javax.crypto.spec.SecretKeySpec)
GCMParameterSpec(javax.crypto.spec.GCMParameterSpec)
Example 7 with EncryptorException
use of com.quorum.tessera.encryption.EncryptorException in project tessera by ConsenSys.
the class InlineKeypair method getPrivateKey.
@Override
@NotNull
@Size(min = 1)
@ValidBase64(message = "Invalid Base64 key provided")
@Pattern(regexp = "^((?!NACL_FAILURE).)*$", message = "Could not decrypt the private key with the provided password, please double check the passwords provided")
public String getPrivateKey() {
final PrivateKeyData pkd = privateKeyConfig.getPrivateKeyData();
if (privateKeyConfig.getType() == UNLOCKED) {
return privateKeyConfig.getValue();
}
if (this.cachedValue == null || !Objects.equals(this.cachedPassword, this.password)) {
if (password != null) {
try {
this.cachedValue = keyEncryptor.decryptPrivateKey(pkd, password).encodeToBase64();
} catch (final EncryptorException ex) {
this.cachedValue = "NACL_FAILURE";
}
}
}
this.cachedPassword = this.password;
return this.cachedValue;
}
Also used :
PrivateKeyData(com.quorum.tessera.config.PrivateKeyData)
EncryptorException(com.quorum.tessera.encryption.EncryptorException)
Pattern(jakarta.validation.constraints.Pattern)
Size(jakarta.validation.constraints.Size)
ValidBase64(com.quorum.tessera.config.constraints.ValidBase64)
NotNull(jakarta.validation.constraints.NotNull)
Example 8 with EncryptorException
use of com.quorum.tessera.encryption.EncryptorException in project tessera by ConsenSys.
the class InlineKeypairTest method updatingPasswordsAttemptsToDecryptAgain.
@Test
public void updatingPasswordsAttemptsToDecryptAgain() {
PrivateKeyData privateKeyData = mock(PrivateKeyData.class);
final KeyDataConfig privKeyDataConfig = mock(KeyDataConfig.class);
when(privKeyDataConfig.getPrivateKeyData()).thenReturn(privateKeyData);
when(privKeyDataConfig.getType()).thenReturn(PrivateKeyType.LOCKED);
when(keyEncryptor.decryptPrivateKey(privateKeyData, "wrong-password".toCharArray())).thenThrow(new EncryptorException("WHAT YOU TALKING ABOUT WILLIS"));
final InlineKeypair inlineKeypair = new InlineKeypair("public", privKeyDataConfig, keyEncryptor);
inlineKeypair.withPassword("wrong-password".toCharArray());
String result = inlineKeypair.getPrivateKey();
assertThat(result).isEqualTo("NACL_FAILURE");
// change password and attempt again
inlineKeypair.withPassword("testpassword".toCharArray());
PrivateKey privateKey = mock(PrivateKey.class);
when(privateKey.encodeToBase64()).thenReturn("SUCCESS");
when(keyEncryptor.decryptPrivateKey(privateKeyData, "testpassword".toCharArray())).thenReturn(privateKey);
assertThat(inlineKeypair.getPrivateKey()).isEqualTo("SUCCESS");
verify(keyEncryptor).decryptPrivateKey(privateKeyData, "wrong-password".toCharArray());
verify(keyEncryptor).decryptPrivateKey(privateKeyData, "testpassword".toCharArray());
}
Also used :
KeyDataConfig(com.quorum.tessera.config.KeyDataConfig)
PrivateKey(com.quorum.tessera.encryption.PrivateKey)
PrivateKeyData(com.quorum.tessera.config.PrivateKeyData)
EncryptorException(com.quorum.tessera.encryption.EncryptorException)
Test(org.junit.Test)
Example 9 with EncryptorException
use of com.quorum.tessera.encryption.EncryptorException in project tessera by ConsenSys.
the class InlineKeypairTest method incorrectPasswordGetsCorrectFailureToken.
@Test
public void incorrectPasswordGetsCorrectFailureToken() {
PrivateKeyData privateKeyData = mock(PrivateKeyData.class);
final KeyDataConfig privKeyDataConfig = mock(KeyDataConfig.class);
when(privKeyDataConfig.getPrivateKeyData()).thenReturn(privateKeyData);
when(privKeyDataConfig.getType()).thenReturn(PrivateKeyType.LOCKED);
when(keyEncryptor.decryptPrivateKey(privateKeyData, "wrong-password".toCharArray())).thenThrow(new EncryptorException("WHAT YOU TALKING ABOUT WILLIS"));
final InlineKeypair inlineKeypair = new InlineKeypair("public", privKeyDataConfig, keyEncryptor);
inlineKeypair.withPassword("wrong-password".toCharArray());
String result = inlineKeypair.getPrivateKey();
assertThat(String.valueOf(inlineKeypair.getPassword())).isEqualTo("wrong-password");
assertThat(result).isEqualTo("NACL_FAILURE");
}
Also used :
KeyDataConfig(com.quorum.tessera.config.KeyDataConfig)
PrivateKeyData(com.quorum.tessera.config.PrivateKeyData)
EncryptorException(com.quorum.tessera.encryption.EncryptorException)
Test(org.junit.Test)
Aggregations
EncryptorException (com.quorum.tessera.encryption.EncryptorException)9
Test (org.junit.Test)4
PrivateKeyData (com.quorum.tessera.config.PrivateKeyData)3
KeyDataConfig (com.quorum.tessera.config.KeyDataConfig)2
PrivateKey (com.quorum.tessera.encryption.PrivateKey)2
GCMParameterSpec (javax.crypto.spec.GCMParameterSpec)2
SecretKeySpec (javax.crypto.spec.SecretKeySpec)2
ValidBase64 (com.quorum.tessera.config.constraints.ValidBase64)1
KeyEncryptor (com.quorum.tessera.config.keys.KeyEncryptor)1
MessageHash (com.quorum.tessera.data.MessageHash)1
PublicKey (com.quorum.tessera.encryption.PublicKey)1
NotNull (jakarta.validation.constraints.NotNull)1
Pattern (jakarta.validation.constraints.Pattern)1
Size (jakarta.validation.constraints.Size)1
java.security (java.security)1
InvalidKeySpecException (java.security.spec.InvalidKeySpecException)1
PKCS8EncodedKeySpec (java.security.spec.PKCS8EncodedKeySpec)1
X509EncodedKeySpec (java.security.spec.X509EncodedKeySpec)1
