Search in sources :

Example 1 with PrivateKey

use of com.quorum.tessera.encryption.PrivateKey in project tessera by ConsenSys.

the class KeyEncryptorImpl method decryptPrivateKey.

@Override
public PrivateKey decryptPrivateKey(final PrivateKeyData privateKey, final char[] password) {
    LOGGER.info("Decrypting private key");
    LOGGER.debug("Decrypting private key {} using password {}", privateKey.getValue(), password);
    final byte[] salt = this.decoder.decode(privateKey.getAsalt());
    final ArgonResult argonResult = this.argon2.hash(new com.quorum.tessera.argon2.ArgonOptions(privateKey.getArgonOptions().getAlgorithm(), privateKey.getArgonOptions().getIterations(), privateKey.getArgonOptions().getMemory(), privateKey.getArgonOptions().getParallelism()), password, salt);
    final byte[] originalKey = this.encryptor.openAfterPrecomputation(this.decoder.decode(privateKey.getSbox()), new Nonce(this.decoder.decode(privateKey.getSnonce())), SharedKey.from(argonResult.getHash()));
    PrivateKey outcome = PrivateKey.from(originalKey);
    LOGGER.info("Decrypted private key");
    LOGGER.debug("Decrypted private key {}", outcome.encodeToBase64());
    return outcome;
}
Also used : Nonce(com.quorum.tessera.encryption.Nonce) ArgonResult(com.quorum.tessera.argon2.ArgonResult) PrivateKey(com.quorum.tessera.encryption.PrivateKey)

Example 2 with PrivateKey

use of com.quorum.tessera.encryption.PrivateKey in project tessera by ConsenSys.

the class InlineKeypairTest method correctPasswordGetsCorrectKey.

@Test
public void correctPasswordGetsCorrectKey() {
    PrivateKeyData privateKeyData = mock(PrivateKeyData.class);
    final KeyDataConfig privKeyDataConfig = mock(KeyDataConfig.class);
    when(privKeyDataConfig.getPrivateKeyData()).thenReturn(privateKeyData);
    when(privKeyDataConfig.getType()).thenReturn(PrivateKeyType.LOCKED);
    char[] validPassword = "testpassword".toCharArray();
    PrivateKey privateKey = mock(PrivateKey.class);
    when(privateKey.encodeToBase64()).thenReturn("SUCCESS");
    when(keyEncryptor.decryptPrivateKey(privateKeyData, validPassword)).thenReturn(privateKey);
    final InlineKeypair result = new InlineKeypair("public", privKeyDataConfig, keyEncryptor);
    result.withPassword(validPassword);
    assertThat(result.getPrivateKey()).isEqualTo("SUCCESS");
}
Also used : KeyDataConfig(com.quorum.tessera.config.KeyDataConfig) PrivateKey(com.quorum.tessera.encryption.PrivateKey) PrivateKeyData(com.quorum.tessera.config.PrivateKeyData) Test(org.junit.Test)

Example 3 with PrivateKey

use of com.quorum.tessera.encryption.PrivateKey in project tessera by ConsenSys.

the class KeyEncryptorTest method providingArgonOptionsEncryptsKey.

@Test
public void providingArgonOptionsEncryptsKey() {
    final PrivateKey key = PrivateKey.from(new byte[] { 1, 2, 3, 4, 5 });
    final char[] password = "pass".toCharArray();
    final ArgonResult result = new ArgonResult(new com.quorum.tessera.argon2.ArgonOptions("i", 5, 6, 7), new byte[] {}, new byte[] {});
    doReturn(result).when(argon2).hash(any(com.quorum.tessera.argon2.ArgonOptions.class), eq(password), any(byte[].class));
    doReturn(new Nonce(new byte[] {})).when(encryptor).randomNonce();
    doReturn(new byte[] {}).when(encryptor).sealAfterPrecomputation(any(byte[].class), any(Nonce.class), any(SharedKey.class));
    final PrivateKeyData privateKey = this.keyEncryptor.encryptPrivateKey(key, password, new ArgonOptions("i", 5, 6, 7));
    final ArgonOptions aopts = privateKey.getArgonOptions();
    assertThat(privateKey.getSbox()).isNotNull();
    assertThat(privateKey.getAsalt()).isNotNull();
    assertThat(privateKey.getSnonce()).isNotNull();
    assertThat(aopts).isNotNull();
    assertThat(aopts.getIterations()).isNotNull().isEqualTo(5);
    assertThat(aopts.getMemory()).isNotNull().isEqualTo(6);
    assertThat(aopts.getParallelism()).isNotNull().isEqualTo(7);
    assertThat(aopts.getAlgorithm()).isNotNull();
    verify(argon2).hash(any(com.quorum.tessera.argon2.ArgonOptions.class), eq(password), any(byte[].class));
    verify(encryptor).randomNonce();
    verify(encryptor).sealAfterPrecomputation(any(byte[].class), any(Nonce.class), any(SharedKey.class));
}
Also used : Nonce(com.quorum.tessera.encryption.Nonce) ArgonOptions(com.quorum.tessera.config.ArgonOptions) PrivateKey(com.quorum.tessera.encryption.PrivateKey) ArgonResult(com.quorum.tessera.argon2.ArgonResult) PrivateKeyData(com.quorum.tessera.config.PrivateKeyData) SharedKey(com.quorum.tessera.encryption.SharedKey) Test(org.junit.Test)

Example 4 with PrivateKey

use of com.quorum.tessera.encryption.PrivateKey in project tessera by ConsenSys.

the class KeyUpdateCommandTest method keyGetsUpdatedUsingEncryptorOptions.

@Test
public void keyGetsUpdatedUsingEncryptorOptions() throws Exception {
    final KeyDataConfig startingKey = JaxbUtil.unmarshal(getClass().getResourceAsStream("/lockedprivatekey.json"), KeyDataConfig.class);
    final Path key = Files.createTempFile("key", ".key");
    Files.write(key, JaxbUtil.marshalToString(startingKey).getBytes());
    command.privateKeyPath = key;
    command.password = "testpassword";
    addDefaultArgonConfigToCommand();
    addEncryptorOptionsToCommand();
    PrivateKey privatekey = mock(PrivateKey.class);
    when(keyEncryptor.decryptPrivateKey(any(PrivateKeyData.class), any())).thenReturn(privatekey);
    PrivateKeyData privateKeyData = mock(PrivateKeyData.class);
    when(keyEncryptor.encryptPrivateKey(any(PrivateKey.class), any(), any(ArgonOptions.class))).thenReturn(privateKeyData);
    command.call();
    final KeyDataConfig endingKey = JaxbUtil.unmarshal(Files.newInputStream(key), KeyDataConfig.class);
    assertThat(endingKey.getSbox()).isNotEqualTo(startingKey.getSbox());
    assertThat(endingKey.getSnonce()).isNotEqualTo(startingKey.getSnonce());
    assertThat(endingKey.getAsalt()).isNotEqualTo(startingKey.getAsalt());
    verify(keyEncryptorFactory).create(any());
    verify(keyEncryptor).decryptPrivateKey(any(PrivateKeyData.class), any());
    verify(keyEncryptor).encryptPrivateKey(any(PrivateKey.class), any(), any(ArgonOptions.class));
    verify(passwordReader).requestUserPassword();
}
Also used : Path(java.nio.file.Path) PrivateKey(com.quorum.tessera.encryption.PrivateKey) Test(org.junit.Test)

Example 5 with PrivateKey

use of com.quorum.tessera.encryption.PrivateKey in project tessera by ConsenSys.

the class KeyUpdateCommandTest method keyGetsUpdatedToNoPassword.

@Test
public void keyGetsUpdatedToNoPassword() throws Exception {
    final KeyDataConfig startingKey = JaxbUtil.unmarshal(getClass().getResourceAsStream("/lockedprivatekey.json"), KeyDataConfig.class);
    when(passwordReader.requestUserPassword()).thenReturn("".toCharArray());
    final Path key = Files.createTempFile("key", ".key");
    Files.write(key, JaxbUtil.marshalToString(startingKey).getBytes());
    command.privateKeyPath = key;
    command.password = "testpassword";
    addDefaultArgonConfigToCommand();
    addEmptyEncryptorConfigToCommand();
    byte[] privateKeyData = "SOME PRIVATE DATA".getBytes();
    PrivateKey privateKey = PrivateKey.from(privateKeyData);
    when(keyEncryptor.decryptPrivateKey(any(PrivateKeyData.class), any())).thenReturn(privateKey);
    command.call();
    final KeyDataConfig endingKey = JaxbUtil.unmarshal(Files.newInputStream(key), KeyDataConfig.class);
    assertThat(endingKey.getSbox()).isNotEqualTo(startingKey.getSbox());
    assertThat(endingKey.getSnonce()).isNotEqualTo(startingKey.getSnonce());
    assertThat(endingKey.getAsalt()).isNotEqualTo(startingKey.getAsalt());
    assertThat(endingKey.getPrivateKeyData().getValue()).isEqualTo(Base64.getEncoder().encodeToString(privateKeyData));
    verify(keyEncryptorFactory).create(any());
    verify(keyEncryptor).decryptPrivateKey(any(PrivateKeyData.class), any());
    verify(keyEncryptor, never()).encryptPrivateKey(any(PrivateKey.class), any(), any(ArgonOptions.class));
    verify(passwordReader).requestUserPassword();
}
Also used : Path(java.nio.file.Path) PrivateKey(com.quorum.tessera.encryption.PrivateKey) Test(org.junit.Test)

Aggregations

PrivateKey (com.quorum.tessera.encryption.PrivateKey)14 Test (org.junit.Test)12 PrivateKeyData (com.quorum.tessera.config.PrivateKeyData)6 ArgonResult (com.quorum.tessera.argon2.ArgonResult)4 ArgonOptions (com.quorum.tessera.config.ArgonOptions)4 Nonce (com.quorum.tessera.encryption.Nonce)4 Path (java.nio.file.Path)4 SharedKey (com.quorum.tessera.encryption.SharedKey)3 KeyDataConfig (com.quorum.tessera.config.KeyDataConfig)2 EncryptorException (com.quorum.tessera.encryption.EncryptorException)2 CliResult (com.quorum.tessera.cli.CliResult)1 KeyEncryptor (com.quorum.tessera.config.keys.KeyEncryptor)1