use of com.quorum.tessera.encryption.KeyPair in project tessera by ConsenSys.
the class HashicorpVaultKeyGenerator method generate.
@Override
public HashicorpVaultKeyPair generate(String filename, ArgonOptions encryptionOptions, KeyVaultOptions keyVaultOptions) {
Objects.requireNonNull(filename);
Objects.requireNonNull(keyVaultOptions, "-keygenvaultsecretengine must be provided if using the Hashicorp vault type");
Objects.requireNonNull(keyVaultOptions.getSecretEngineName(), "-keygenvaultsecretengine must be provided if using the Hashicorp vault type");
final KeyPair keys = this.encryptor.generateNewKeys();
String pubId = "publicKey";
String privId = "privateKey";
Map<String, String> setSecretData = new HashMap<>();
setSecretData.put(pubId, keys.getPublicKey().encodeToBase64());
setSecretData.put(privId, keys.getPrivateKey().encodeToBase64());
setSecretData.put("secretName", filename);
setSecretData.put("secretEngineName", keyVaultOptions.getSecretEngineName());
keyVaultService.setSecret(setSecretData);
LOGGER.info("Key saved to vault secret engine {} with name {} and id {}", keyVaultOptions.getSecretEngineName(), filename, pubId);
LOGGER.info("Key saved to vault secret engine {} with name {} and id {}", keyVaultOptions.getSecretEngineName(), filename, privId);
return new HashicorpVaultKeyPair(pubId, privId, keyVaultOptions.getSecretEngineName(), filename, null);
}
use of com.quorum.tessera.encryption.KeyPair in project tessera by ConsenSys.
the class KaliumTest method generateNewKeysSodiumSuccess.
@Test
public void generateNewKeysSodiumSuccess() {
when(sodium.crypto_box_curve25519xsalsa20poly1305_keypair(any(byte[].class), any(byte[].class))).thenReturn(1);
final KeyPair result = kalium.generateNewKeys();
assertThat(result).isNotNull();
assertThat(result.getPrivateKey()).isNotNull();
assertThat(result.getPublicKey()).isNotNull();
verify(sodium).crypto_box_curve25519xsalsa20poly1305_keypair(any(byte[].class), any(byte[].class));
}
use of com.quorum.tessera.encryption.KeyPair in project tessera by ConsenSys.
the class FileKeyGenerator method generate.
@Override
public FilesystemKeyPair generate(final String filename, final ArgonOptions encryptionOptions, final KeyVaultOptions keyVaultOptions) {
final char[] password = this.passwordReader.requestUserPassword();
final KeyPair generated = this.encryptor.generateNewKeys();
final String publicKeyBase64 = Base64.getEncoder().encodeToString(generated.getPublicKey().getKeyBytes());
final KeyData finalKeys = new KeyData();
final KeyDataConfig keyDataConfig;
if (password.length > 0) {
final PrivateKeyData encryptedPrivateKey = this.keyEncryptor.encryptPrivateKey(generated.getPrivateKey(), password, encryptionOptions);
keyDataConfig = new KeyDataConfig(new PrivateKeyData(null, encryptedPrivateKey.getSnonce(), encryptedPrivateKey.getAsalt(), encryptedPrivateKey.getSbox(), encryptedPrivateKey.getArgonOptions()), LOCKED);
LOGGER.info("Newly generated private key has been encrypted");
} else {
String keyData = Base64.getEncoder().encodeToString(generated.getPrivateKey().getKeyBytes());
keyDataConfig = new KeyDataConfig(new PrivateKeyData(keyData, null, null, null, null), UNLOCKED);
}
finalKeys.setConfig(keyDataConfig);
finalKeys.setPrivateKey(generated.getPrivateKey().encodeToBase64());
finalKeys.setPublicKey(publicKeyBase64);
final String privateKeyJson = JaxbUtil.marshalToString(finalKeys.getConfig());
final Path resolvedPath = Paths.get(filename).toAbsolutePath();
final Path parentPath;
if (EMPTY_FILENAME.equals(filename)) {
parentPath = resolvedPath;
} else {
parentPath = resolvedPath.getParent();
}
final Path publicKeyPath = parentPath.resolve(filename + ".pub");
final Path privateKeyPath = parentPath.resolve(filename + ".key");
IOCallback.execute(() -> Files.write(publicKeyPath, publicKeyBase64.getBytes(UTF_8), CREATE_NEW));
IOCallback.execute(() -> Files.write(privateKeyPath, privateKeyJson.getBytes(UTF_8), CREATE_NEW));
LOGGER.info("Saved public key to {}", publicKeyPath.toAbsolutePath().toString());
LOGGER.info("Saved private key to {}", privateKeyPath.toAbsolutePath().toString());
final FilesystemKeyPair keyPair = new FilesystemKeyPair(publicKeyPath, privateKeyPath, keyEncryptor);
keyPair.withPassword(password);
return keyPair;
}
use of com.quorum.tessera.encryption.KeyPair in project tessera by ConsenSys.
the class AWSSecretManagerKeyGeneratorTest method setUp.
@Before
public void setUp() {
final Encryptor encryptor = mock(Encryptor.class);
this.keyVaultService = mock(KeyVaultService.class);
final KeyPair keyPair = new KeyPair(pub, priv);
when(encryptor.generateNewKeys()).thenReturn(keyPair);
awsSecretManagerKeyGenerator = new AWSSecretManagerKeyGenerator(encryptor, keyVaultService);
}
use of com.quorum.tessera.encryption.KeyPair in project tessera by ConsenSys.
the class FileKeyGeneratorTest method init.
@Before
public void init() {
this.keyPair = new KeyPair(PublicKey.from(PUBLIC_KEY.getBytes(UTF_8)), PrivateKey.from(PRIVATE_KEY.getBytes(UTF_8)));
this.encryptor = mock(Encryptor.class);
this.keyEncryptor = mock(KeyEncryptor.class);
this.passwordReader = mock(PasswordReader.class);
when(passwordReader.requestUserPassword()).thenReturn(new char[0]);
this.generator = new FileKeyGenerator(encryptor, keyEncryptor, passwordReader);
}
Aggregations