Example 11 with KeyPair
use of com.quorum.tessera.encryption.KeyPair in project tessera by ConsenSys.
the class HashicorpVaultKeyGenerator method generate.
@Override
public HashicorpVaultKeyPair generate(String filename, ArgonOptions encryptionOptions, KeyVaultOptions keyVaultOptions) {
Objects.requireNonNull(filename);
Objects.requireNonNull(keyVaultOptions, "-keygenvaultsecretengine must be provided if using the Hashicorp vault type");
Objects.requireNonNull(keyVaultOptions.getSecretEngineName(), "-keygenvaultsecretengine must be provided if using the Hashicorp vault type");
final KeyPair keys = this.encryptor.generateNewKeys();
String pubId = "publicKey";
String privId = "privateKey";
Map<String, String> setSecretData = new HashMap<>();
setSecretData.put(pubId, keys.getPublicKey().encodeToBase64());
setSecretData.put(privId, keys.getPrivateKey().encodeToBase64());
setSecretData.put("secretName", filename);
setSecretData.put("secretEngineName", keyVaultOptions.getSecretEngineName());
keyVaultService.setSecret(setSecretData);
LOGGER.info("Key saved to vault secret engine {} with name {} and id {}", keyVaultOptions.getSecretEngineName(), filename, pubId);
LOGGER.info("Key saved to vault secret engine {} with name {} and id {}", keyVaultOptions.getSecretEngineName(), filename, privId);
return new HashicorpVaultKeyPair(pubId, privId, keyVaultOptions.getSecretEngineName(), filename, null);
}
Also used :
HashicorpVaultKeyPair(com.quorum.tessera.config.keypairs.HashicorpVaultKeyPair)
KeyPair(com.quorum.tessera.encryption.KeyPair)
HashicorpVaultKeyPair(com.quorum.tessera.config.keypairs.HashicorpVaultKeyPair)
HashMap(java.util.HashMap)
Example 12 with KeyPair
use of com.quorum.tessera.encryption.KeyPair in project tessera by ConsenSys.
the class KaliumTest method generateNewKeysSodiumSuccess.
@Test
public void generateNewKeysSodiumSuccess() {
when(sodium.crypto_box_curve25519xsalsa20poly1305_keypair(any(byte[].class), any(byte[].class))).thenReturn(1);
final KeyPair result = kalium.generateNewKeys();
assertThat(result).isNotNull();
assertThat(result.getPrivateKey()).isNotNull();
assertThat(result.getPublicKey()).isNotNull();
verify(sodium).crypto_box_curve25519xsalsa20poly1305_keypair(any(byte[].class), any(byte[].class));
}Example 13 with KeyPair
use of com.quorum.tessera.encryption.KeyPair in project tessera by ConsenSys.
the class FileKeyGenerator method generate.
@Override
public FilesystemKeyPair generate(final String filename, final ArgonOptions encryptionOptions, final KeyVaultOptions keyVaultOptions) {
final char[] password = this.passwordReader.requestUserPassword();
final KeyPair generated = this.encryptor.generateNewKeys();
final String publicKeyBase64 = Base64.getEncoder().encodeToString(generated.getPublicKey().getKeyBytes());
final KeyData finalKeys = new KeyData();
final KeyDataConfig keyDataConfig;
if (password.length > 0) {
final PrivateKeyData encryptedPrivateKey = this.keyEncryptor.encryptPrivateKey(generated.getPrivateKey(), password, encryptionOptions);
keyDataConfig = new KeyDataConfig(new PrivateKeyData(null, encryptedPrivateKey.getSnonce(), encryptedPrivateKey.getAsalt(), encryptedPrivateKey.getSbox(), encryptedPrivateKey.getArgonOptions()), LOCKED);
LOGGER.info("Newly generated private key has been encrypted");
} else {
String keyData = Base64.getEncoder().encodeToString(generated.getPrivateKey().getKeyBytes());
keyDataConfig = new KeyDataConfig(new PrivateKeyData(keyData, null, null, null, null), UNLOCKED);
}
finalKeys.setConfig(keyDataConfig);
finalKeys.setPrivateKey(generated.getPrivateKey().encodeToBase64());
finalKeys.setPublicKey(publicKeyBase64);
final String privateKeyJson = JaxbUtil.marshalToString(finalKeys.getConfig());
final Path resolvedPath = Paths.get(filename).toAbsolutePath();
final Path parentPath;
if (EMPTY_FILENAME.equals(filename)) {
parentPath = resolvedPath;
} else {
parentPath = resolvedPath.getParent();
}
final Path publicKeyPath = parentPath.resolve(filename + ".pub");
final Path privateKeyPath = parentPath.resolve(filename + ".key");
IOCallback.execute(() -> Files.write(publicKeyPath, publicKeyBase64.getBytes(UTF_8), CREATE_NEW));
IOCallback.execute(() -> Files.write(privateKeyPath, privateKeyJson.getBytes(UTF_8), CREATE_NEW));
LOGGER.info("Saved public key to {}", publicKeyPath.toAbsolutePath().toString());
LOGGER.info("Saved private key to {}", privateKeyPath.toAbsolutePath().toString());
final FilesystemKeyPair keyPair = new FilesystemKeyPair(publicKeyPath, privateKeyPath, keyEncryptor);
keyPair.withPassword(password);
return keyPair;
}
Also used :
Path(java.nio.file.Path)
KeyDataConfig(com.quorum.tessera.config.KeyDataConfig)
KeyPair(com.quorum.tessera.encryption.KeyPair)
FilesystemKeyPair(com.quorum.tessera.config.keypairs.FilesystemKeyPair)
PrivateKeyData(com.quorum.tessera.config.PrivateKeyData)
FilesystemKeyPair(com.quorum.tessera.config.keypairs.FilesystemKeyPair)
KeyData(com.quorum.tessera.config.KeyData)
PrivateKeyData(com.quorum.tessera.config.PrivateKeyData)
Example 14 with KeyPair
use of com.quorum.tessera.encryption.KeyPair in project tessera by ConsenSys.
the class AWSSecretManagerKeyGeneratorTest method setUp.
@Before
public void setUp() {
final Encryptor encryptor = mock(Encryptor.class);
this.keyVaultService = mock(KeyVaultService.class);
final KeyPair keyPair = new KeyPair(pub, priv);
when(encryptor.generateNewKeys()).thenReturn(keyPair);
awsSecretManagerKeyGenerator = new AWSSecretManagerKeyGenerator(encryptor, keyVaultService);
}
Also used :
KeyVaultService(com.quorum.tessera.key.vault.KeyVaultService)
KeyPair(com.quorum.tessera.encryption.KeyPair)
AWSKeyPair(com.quorum.tessera.config.keypairs.AWSKeyPair)
Encryptor(com.quorum.tessera.encryption.Encryptor)
Before(org.junit.Before)
Example 15 with KeyPair
use of com.quorum.tessera.encryption.KeyPair in project tessera by ConsenSys.
the class FileKeyGeneratorTest method init.
@Before
public void init() {
this.keyPair = new KeyPair(PublicKey.from(PUBLIC_KEY.getBytes(UTF_8)), PrivateKey.from(PRIVATE_KEY.getBytes(UTF_8)));
this.encryptor = mock(Encryptor.class);
this.keyEncryptor = mock(KeyEncryptor.class);
this.passwordReader = mock(PasswordReader.class);
when(passwordReader.requestUserPassword()).thenReturn(new char[0]);
this.generator = new FileKeyGenerator(encryptor, keyEncryptor, passwordReader);
}
Also used :
KeyPair(com.quorum.tessera.encryption.KeyPair)
FilesystemKeyPair(com.quorum.tessera.config.keypairs.FilesystemKeyPair)
PasswordReader(com.quorum.tessera.passwords.PasswordReader)
KeyEncryptor(com.quorum.tessera.config.keys.KeyEncryptor)
Encryptor(com.quorum.tessera.encryption.Encryptor)
KeyEncryptor(com.quorum.tessera.config.keys.KeyEncryptor)
Before(org.junit.Before)
Aggregations
KeyPair (com.quorum.tessera.encryption.KeyPair)21
Test (org.junit.Test)11
KeyVaultService (com.quorum.tessera.key.vault.KeyVaultService)7
Encryptor (com.quorum.tessera.encryption.Encryptor)5
KeyVaultServiceFactory (com.quorum.tessera.key.vault.KeyVaultServiceFactory)4
Before (org.junit.Before)4
Config (com.quorum.tessera.config.Config)3
AWSKeyPair (com.quorum.tessera.config.keypairs.AWSKeyPair)3
AzureVaultKeyPair (com.quorum.tessera.config.keypairs.AzureVaultKeyPair)3
HashicorpVaultKeyPair (com.quorum.tessera.config.keypairs.HashicorpVaultKeyPair)3
EnvironmentVariableProvider (com.quorum.tessera.config.util.EnvironmentVariableProvider)3
Path (java.nio.file.Path)3
FilesystemKeyPair (com.quorum.tessera.config.keypairs.FilesystemKeyPair)2
UnsupportedCharsetException (java.nio.charset.UnsupportedCharsetException)2
KeyData (com.quorum.tessera.config.KeyData)1
KeyDataConfig (com.quorum.tessera.config.KeyDataConfig)1
PrivateKeyData (com.quorum.tessera.config.PrivateKeyData)1
ConfigKeyPair (com.quorum.tessera.config.keypairs.ConfigKeyPair)1
KeyEncryptor (com.quorum.tessera.config.keys.KeyEncryptor)1
SharedKey (com.quorum.tessera.encryption.SharedKey)1
