Search in sources :

Example 6 with PrivateKey

use of com.quorum.tessera.encryption.PrivateKey in project tessera by ConsenSys.

the class KeyUpdateCommandTest method keyGetsUpdated.

@Test
public void keyGetsUpdated() throws Exception {
    final KeyDataConfig startingKey = JaxbUtil.unmarshal(getClass().getResourceAsStream("/lockedprivatekey.json"), KeyDataConfig.class);
    final Path key = Files.createTempFile("key", ".key");
    Files.write(key, JaxbUtil.marshalToString(startingKey).getBytes());
    command.privateKeyPath = key;
    command.password = "testpassword";
    addDefaultArgonConfigToCommand();
    addEmptyEncryptorConfigToCommand();
    PrivateKey privatekey = mock(PrivateKey.class);
    when(keyEncryptor.decryptPrivateKey(any(PrivateKeyData.class), any())).thenReturn(privatekey);
    PrivateKeyData privateKeyData = mock(PrivateKeyData.class);
    when(keyEncryptor.encryptPrivateKey(any(PrivateKey.class), any(), any(ArgonOptions.class))).thenReturn(privateKeyData);
    command.call();
    final KeyDataConfig endingKey = JaxbUtil.unmarshal(Files.newInputStream(key), KeyDataConfig.class);
    assertThat(endingKey.getSbox()).isNotEqualTo(startingKey.getSbox());
    assertThat(endingKey.getSnonce()).isNotEqualTo(startingKey.getSnonce());
    assertThat(endingKey.getAsalt()).isNotEqualTo(startingKey.getAsalt());
    verify(keyEncryptorFactory).create(any());
    verify(keyEncryptor).decryptPrivateKey(any(PrivateKeyData.class), any());
    verify(keyEncryptor).encryptPrivateKey(any(PrivateKey.class), any(), any(ArgonOptions.class));
    verify(passwordReader).requestUserPassword();
}
Also used : Path(java.nio.file.Path) PrivateKey(com.quorum.tessera.encryption.PrivateKey) Test(org.junit.Test)

Example 7 with PrivateKey

use of com.quorum.tessera.encryption.PrivateKey in project tessera by ConsenSys.

the class KeyUpdateCommand method execute.

public CliResult execute() throws IOException {
    final ArgonOptions argonOptions = argonOptions();
    final List<char[]> passwords = passwords();
    final Path keypath = privateKeyPath();
    final KeyDataConfig keyDataConfig = JaxbUtil.unmarshal(Files.newInputStream(keypath), KeyDataConfig.class);
    final PrivateKey privateKey = this.getExistingKey(keyDataConfig, passwords);
    final char[] newPassword = passwordReader.requestUserPassword();
    final KeyDataConfig updatedKey;
    if (newPassword.length == 0) {
        final PrivateKeyData privateKeyData = new PrivateKeyData(privateKey.encodeToBase64(), null, null, null, null);
        updatedKey = new KeyDataConfig(privateKeyData, PrivateKeyType.UNLOCKED);
    } else {
        final PrivateKeyData privateKeyData = keyEncryptor.encryptPrivateKey(privateKey, newPassword, argonOptions);
        updatedKey = new KeyDataConfig(privateKeyData, PrivateKeyType.LOCKED);
    }
    // write the key to file
    Files.write(keypath, JaxbUtil.marshalToString(updatedKey).getBytes(UTF_8));
    System.out.println("Private key at " + keypath.toString() + " updated.");
    return new CliResult(0, true, null);
}
Also used : Path(java.nio.file.Path) PrivateKey(com.quorum.tessera.encryption.PrivateKey) CliResult(com.quorum.tessera.cli.CliResult)

Example 8 with PrivateKey

use of com.quorum.tessera.encryption.PrivateKey in project tessera by ConsenSys.

the class CliKeyPasswordResolverTest method lockedKeyWithInvalidPasswordRequestsPassword.

@Test
public void lockedKeyWithInvalidPasswordRequestsPassword() {
    when(passwordReader.readPasswordFromConsole()).thenReturn("a".toCharArray());
    final char[] validPassword = "a".toCharArray();
    final char[] invalidPassword = "invalidPassword".toCharArray();
    byte[] privateKeyBytes = Base64.getDecoder().decode("w+itzh2vfuGjiGYEVJtqpiJVUmI5vGUK4CzMErxa+GY=");
    final PrivateKey unlockedKey = PrivateKey.from(privateKeyBytes);
    final KeyDataConfig privKeyDataConfig = new KeyDataConfig(new PrivateKeyData("Wl+xSyXVuuqzpvznOS7dOobhcn4C5auxkFRi7yLtgtA=", "yb7M8aRJzgxoJM2NecAPcmSVWDW1tRjv", "MIqkFlgR2BWEpx2U0rObGg==", "Gtvp1t6XZEiFVyaE/LHiP1+yvOIBBoiOL+bKeqcKgpiNt4j1oDDoqCC47UJpmQRC", new ArgonOptions("i", 10, 1048576, 4)), PrivateKeyType.LOCKED);
    KeyEncryptor keyEncryptor = mock(KeyEncryptor.class);
    when(keyEncryptor.decryptPrivateKey(any(PrivateKeyData.class), eq(invalidPassword))).thenThrow(new EncryptorException("decrypt failed"));
    when(keyEncryptor.decryptPrivateKey(any(PrivateKeyData.class), eq(validPassword))).thenReturn(unlockedKey);
    KeyData keyPair = new KeyData();
    keyPair.setPublicKey("public");
    keyPair.setConfig(privKeyDataConfig);
    this.cliKeyPasswordResolver.getSingleKeyPassword(0, keyPair, keyEncryptor);
    assertThat(systemOutRule.getLog()).containsOnlyOnce("Password for key[0] missing or invalid.\nAttempt 1 of 2. Enter a password for the key");
}
Also used : PrivateKey(com.quorum.tessera.encryption.PrivateKey) EncryptorException(com.quorum.tessera.encryption.EncryptorException) KeyEncryptor(com.quorum.tessera.config.keys.KeyEncryptor) Test(org.junit.Test)

Example 9 with PrivateKey

use of com.quorum.tessera.encryption.PrivateKey in project tessera by ConsenSys.

the class KeyUpdateCommandTest method lockedKeySucceedsWithPasswordsMatching.

@Test
public void lockedKeySucceedsWithPasswordsMatching() {
    PrivateKeyData privateKeyData = new PrivateKeyData(null, "dwixVoY+pOI2FMuu4k0jLqN/naQiTzWe", "JoPVq9G6NdOb+Ugv+HnUeA==", "6Jd/MXn29fk6jcrFYGPb75l7sDJae06I3Y1Op+bZSZqlYXsMpa/8lLE29H0sX3yw", new ArgonOptions("id", 1, 1024, 1));
    final KeyDataConfig kdc = new KeyDataConfig(new PrivateKeyData(null, "dwixVoY+pOI2FMuu4k0jLqN/naQiTzWe", "JoPVq9G6NdOb+Ugv+HnUeA==", "6Jd/MXn29fk6jcrFYGPb75l7sDJae06I3Y1Op+bZSZqlYXsMpa/8lLE29H0sX3yw", new ArgonOptions("id", 1, 1024, 1)), PrivateKeyType.LOCKED);
    PrivateKey privateKey = mock(PrivateKey.class);
    when(privateKey.getKeyBytes()).thenReturn("SUCCESS".getBytes());
    when(keyEncryptor.decryptPrivateKey(privateKeyData, "testpassword".toCharArray())).thenReturn(privateKey);
    final PrivateKey result = command.getExistingKey(kdc, singletonList("testpassword".toCharArray()));
    assertThat(result.getKeyBytes()).isEqualTo("SUCCESS".getBytes());
    verify(keyEncryptor).decryptPrivateKey(privateKeyData, "testpassword".toCharArray());
}
Also used : PrivateKey(com.quorum.tessera.encryption.PrivateKey) Test(org.junit.Test)

Example 10 with PrivateKey

use of com.quorum.tessera.encryption.PrivateKey in project tessera by ConsenSys.

the class KeyUpdateCommandTest method unlockedKeyReturnedProperly.

// key fetching tests
@Test
public void unlockedKeyReturnedProperly() {
    final KeyDataConfig kdc = new KeyDataConfig(new PrivateKeyData("/+UuD63zItL1EbjxkKUljMgG8Z1w0AJ8pNOR4iq2yQc=", null, null, null, null), PrivateKeyType.UNLOCKED);
    final PrivateKey key = command.getExistingKey(kdc, emptyList());
    String encodedKeyValue = Base64.getEncoder().encodeToString(key.getKeyBytes());
    assertThat(encodedKeyValue).isEqualTo("/+UuD63zItL1EbjxkKUljMgG8Z1w0AJ8pNOR4iq2yQc=");
}
Also used : PrivateKey(com.quorum.tessera.encryption.PrivateKey) Test(org.junit.Test)

Aggregations

PrivateKey (com.quorum.tessera.encryption.PrivateKey)14 Test (org.junit.Test)12 PrivateKeyData (com.quorum.tessera.config.PrivateKeyData)6 ArgonResult (com.quorum.tessera.argon2.ArgonResult)4 ArgonOptions (com.quorum.tessera.config.ArgonOptions)4 Nonce (com.quorum.tessera.encryption.Nonce)4 Path (java.nio.file.Path)4 SharedKey (com.quorum.tessera.encryption.SharedKey)3 KeyDataConfig (com.quorum.tessera.config.KeyDataConfig)2 EncryptorException (com.quorum.tessera.encryption.EncryptorException)2 CliResult (com.quorum.tessera.cli.CliResult)1 KeyEncryptor (com.quorum.tessera.config.keys.KeyEncryptor)1