Example 6 with PrivateKey
use of com.quorum.tessera.encryption.PrivateKey in project tessera by ConsenSys.
the class KeyUpdateCommandTest method keyGetsUpdated.
@Test
public void keyGetsUpdated() throws Exception {
final KeyDataConfig startingKey = JaxbUtil.unmarshal(getClass().getResourceAsStream("/lockedprivatekey.json"), KeyDataConfig.class);
final Path key = Files.createTempFile("key", ".key");
Files.write(key, JaxbUtil.marshalToString(startingKey).getBytes());
command.privateKeyPath = key;
command.password = "testpassword";
addDefaultArgonConfigToCommand();
addEmptyEncryptorConfigToCommand();
PrivateKey privatekey = mock(PrivateKey.class);
when(keyEncryptor.decryptPrivateKey(any(PrivateKeyData.class), any())).thenReturn(privatekey);
PrivateKeyData privateKeyData = mock(PrivateKeyData.class);
when(keyEncryptor.encryptPrivateKey(any(PrivateKey.class), any(), any(ArgonOptions.class))).thenReturn(privateKeyData);
command.call();
final KeyDataConfig endingKey = JaxbUtil.unmarshal(Files.newInputStream(key), KeyDataConfig.class);
assertThat(endingKey.getSbox()).isNotEqualTo(startingKey.getSbox());
assertThat(endingKey.getSnonce()).isNotEqualTo(startingKey.getSnonce());
assertThat(endingKey.getAsalt()).isNotEqualTo(startingKey.getAsalt());
verify(keyEncryptorFactory).create(any());
verify(keyEncryptor).decryptPrivateKey(any(PrivateKeyData.class), any());
verify(keyEncryptor).encryptPrivateKey(any(PrivateKey.class), any(), any(ArgonOptions.class));
verify(passwordReader).requestUserPassword();
}
Also used :
Path(java.nio.file.Path)
PrivateKey(com.quorum.tessera.encryption.PrivateKey)
Test(org.junit.Test)
Example 7 with PrivateKey
use of com.quorum.tessera.encryption.PrivateKey in project tessera by ConsenSys.
the class KeyUpdateCommand method execute.
public CliResult execute() throws IOException {
final ArgonOptions argonOptions = argonOptions();
final List<char[]> passwords = passwords();
final Path keypath = privateKeyPath();
final KeyDataConfig keyDataConfig = JaxbUtil.unmarshal(Files.newInputStream(keypath), KeyDataConfig.class);
final PrivateKey privateKey = this.getExistingKey(keyDataConfig, passwords);
final char[] newPassword = passwordReader.requestUserPassword();
final KeyDataConfig updatedKey;
if (newPassword.length == 0) {
final PrivateKeyData privateKeyData = new PrivateKeyData(privateKey.encodeToBase64(), null, null, null, null);
updatedKey = new KeyDataConfig(privateKeyData, PrivateKeyType.UNLOCKED);
} else {
final PrivateKeyData privateKeyData = keyEncryptor.encryptPrivateKey(privateKey, newPassword, argonOptions);
updatedKey = new KeyDataConfig(privateKeyData, PrivateKeyType.LOCKED);
}
// write the key to file
Files.write(keypath, JaxbUtil.marshalToString(updatedKey).getBytes(UTF_8));
System.out.println("Private key at " + keypath.toString() + " updated.");
return new CliResult(0, true, null);
}
Also used :
Path(java.nio.file.Path)
PrivateKey(com.quorum.tessera.encryption.PrivateKey)
CliResult(com.quorum.tessera.cli.CliResult)
Example 8 with PrivateKey
use of com.quorum.tessera.encryption.PrivateKey in project tessera by ConsenSys.
the class CliKeyPasswordResolverTest method lockedKeyWithInvalidPasswordRequestsPassword.
@Test
public void lockedKeyWithInvalidPasswordRequestsPassword() {
when(passwordReader.readPasswordFromConsole()).thenReturn("a".toCharArray());
final char[] validPassword = "a".toCharArray();
final char[] invalidPassword = "invalidPassword".toCharArray();
byte[] privateKeyBytes = Base64.getDecoder().decode("w+itzh2vfuGjiGYEVJtqpiJVUmI5vGUK4CzMErxa+GY=");
final PrivateKey unlockedKey = PrivateKey.from(privateKeyBytes);
final KeyDataConfig privKeyDataConfig = new KeyDataConfig(new PrivateKeyData("Wl+xSyXVuuqzpvznOS7dOobhcn4C5auxkFRi7yLtgtA=", "yb7M8aRJzgxoJM2NecAPcmSVWDW1tRjv", "MIqkFlgR2BWEpx2U0rObGg==", "Gtvp1t6XZEiFVyaE/LHiP1+yvOIBBoiOL+bKeqcKgpiNt4j1oDDoqCC47UJpmQRC", new ArgonOptions("i", 10, 1048576, 4)), PrivateKeyType.LOCKED);
KeyEncryptor keyEncryptor = mock(KeyEncryptor.class);
when(keyEncryptor.decryptPrivateKey(any(PrivateKeyData.class), eq(invalidPassword))).thenThrow(new EncryptorException("decrypt failed"));
when(keyEncryptor.decryptPrivateKey(any(PrivateKeyData.class), eq(validPassword))).thenReturn(unlockedKey);
KeyData keyPair = new KeyData();
keyPair.setPublicKey("public");
keyPair.setConfig(privKeyDataConfig);
this.cliKeyPasswordResolver.getSingleKeyPassword(0, keyPair, keyEncryptor);
assertThat(systemOutRule.getLog()).containsOnlyOnce("Password for key[0] missing or invalid.\nAttempt 1 of 2. Enter a password for the key");
}
Also used :
PrivateKey(com.quorum.tessera.encryption.PrivateKey)
EncryptorException(com.quorum.tessera.encryption.EncryptorException)
KeyEncryptor(com.quorum.tessera.config.keys.KeyEncryptor)
Test(org.junit.Test)
Example 9 with PrivateKey
use of com.quorum.tessera.encryption.PrivateKey in project tessera by ConsenSys.
the class KeyUpdateCommandTest method lockedKeySucceedsWithPasswordsMatching.
@Test
public void lockedKeySucceedsWithPasswordsMatching() {
PrivateKeyData privateKeyData = new PrivateKeyData(null, "dwixVoY+pOI2FMuu4k0jLqN/naQiTzWe", "JoPVq9G6NdOb+Ugv+HnUeA==", "6Jd/MXn29fk6jcrFYGPb75l7sDJae06I3Y1Op+bZSZqlYXsMpa/8lLE29H0sX3yw", new ArgonOptions("id", 1, 1024, 1));
final KeyDataConfig kdc = new KeyDataConfig(new PrivateKeyData(null, "dwixVoY+pOI2FMuu4k0jLqN/naQiTzWe", "JoPVq9G6NdOb+Ugv+HnUeA==", "6Jd/MXn29fk6jcrFYGPb75l7sDJae06I3Y1Op+bZSZqlYXsMpa/8lLE29H0sX3yw", new ArgonOptions("id", 1, 1024, 1)), PrivateKeyType.LOCKED);
PrivateKey privateKey = mock(PrivateKey.class);
when(privateKey.getKeyBytes()).thenReturn("SUCCESS".getBytes());
when(keyEncryptor.decryptPrivateKey(privateKeyData, "testpassword".toCharArray())).thenReturn(privateKey);
final PrivateKey result = command.getExistingKey(kdc, singletonList("testpassword".toCharArray()));
assertThat(result.getKeyBytes()).isEqualTo("SUCCESS".getBytes());
verify(keyEncryptor).decryptPrivateKey(privateKeyData, "testpassword".toCharArray());
}
Also used :
PrivateKey(com.quorum.tessera.encryption.PrivateKey)
Test(org.junit.Test)
Example 10 with PrivateKey
use of com.quorum.tessera.encryption.PrivateKey in project tessera by ConsenSys.
the class KeyUpdateCommandTest method unlockedKeyReturnedProperly.
// key fetching tests
@Test
public void unlockedKeyReturnedProperly() {
final KeyDataConfig kdc = new KeyDataConfig(new PrivateKeyData("/+UuD63zItL1EbjxkKUljMgG8Z1w0AJ8pNOR4iq2yQc=", null, null, null, null), PrivateKeyType.UNLOCKED);
final PrivateKey key = command.getExistingKey(kdc, emptyList());
String encodedKeyValue = Base64.getEncoder().encodeToString(key.getKeyBytes());
assertThat(encodedKeyValue).isEqualTo("/+UuD63zItL1EbjxkKUljMgG8Z1w0AJ8pNOR4iq2yQc=");
}
Also used :
PrivateKey(com.quorum.tessera.encryption.PrivateKey)
Test(org.junit.Test)
Aggregations
PrivateKey (com.quorum.tessera.encryption.PrivateKey)14
Test (org.junit.Test)12
PrivateKeyData (com.quorum.tessera.config.PrivateKeyData)6
ArgonResult (com.quorum.tessera.argon2.ArgonResult)4
ArgonOptions (com.quorum.tessera.config.ArgonOptions)4
Nonce (com.quorum.tessera.encryption.Nonce)4
Path (java.nio.file.Path)4
SharedKey (com.quorum.tessera.encryption.SharedKey)3
KeyDataConfig (com.quorum.tessera.config.KeyDataConfig)2
EncryptorException (com.quorum.tessera.encryption.EncryptorException)2
CliResult (com.quorum.tessera.cli.CliResult)1
KeyEncryptor (com.quorum.tessera.config.keys.KeyEncryptor)1
