Search in sources :

Example 1 with KeyVaultOptions

use of com.quorum.tessera.key.generation.KeyVaultOptions in project tessera by ConsenSys.

the class KeyGenCommand method call.

@Override
public CliResult call() throws IOException {
    if (Objects.nonNull(fileUpdateOptions) && Objects.isNull(fileUpdateOptions.getConfig())) {
        throw new CliException("Missing required argument(s): --configfile=<config>");
    }
    final EncryptorConfig encryptorConfig = Optional.ofNullable(fileUpdateOptions).map(KeyGenFileUpdateOptions::getConfig).map(Config::getEncryptor).orElseGet(() -> Optional.ofNullable(encryptorOptions).map(EncryptorOptions::parseEncryptorConfig).orElse(EncryptorConfig.getDefault()));
    final KeyVaultOptions keyVaultOptions = Optional.ofNullable(keyVaultConfigOptions).map(KeyVaultConfigOptions::getHashicorpSecretEnginePath).map(KeyVaultOptions::new).orElse(null);
    final KeyVaultConfig keyVaultConfig;
    if (keyVaultConfigOptions == null) {
        keyVaultConfig = null;
    } else if (keyVaultConfigOptions.getVaultType() == null) {
        throw new CliException("Key vault type either not provided or not recognised");
    } else if (fileUpdateOptions != null) {
        keyVaultConfig = Optional.of(fileUpdateOptions).map(KeyGenFileUpdateOptions::getConfig).map(Config::getKeys).flatMap(c -> c.getKeyVaultConfig(keyVaultConfigOptions.getVaultType())).orElse(null);
    } else {
        final KeyVaultHandler keyVaultHandler = new DispatchingKeyVaultHandler();
        keyVaultConfig = keyVaultHandler.handle(keyVaultConfigOptions);
        if (keyVaultConfig.getKeyVaultType() == KeyVaultType.HASHICORP) {
            if (Objects.isNull(keyOut)) {
                throw new CliException("At least one -filename must be provided when saving generated keys in a Hashicorp Vault");
            }
        }
        final Set<ConstraintViolation<KeyVaultConfig>> violations = validator.validate(keyVaultConfig);
        if (!violations.isEmpty()) {
            throw new ConstraintViolationException(violations);
        }
    }
    final KeyGenerator keyGenerator = keyGeneratorFactory.create(keyVaultConfig, encryptorConfig);
    final List<String> newKeyNames = Optional.ofNullable(keyOut).filter(Predicate.not(List::isEmpty)).map(List::copyOf).orElseGet(() -> List.of(""));
    final List<ConfigKeyPair> newConfigKeyPairs = newKeyNames.stream().map(name -> keyGenerator.generate(name, argonOptions, keyVaultOptions)).collect(Collectors.toList());
    final List<char[]> newPasswords = newConfigKeyPairs.stream().filter(Objects::nonNull).map(ConfigKeyPair::getPassword).collect(Collectors.toList());
    final List<KeyData> newKeyData = newConfigKeyPairs.stream().map(keyDataMarshaller::marshal).collect(Collectors.toList());
    if (Objects.isNull(fileUpdateOptions)) {
        return new CliResult(0, true, null);
    }
    // prepare config for addition of new keys if required
    prepareConfigForNewKeys(fileUpdateOptions.getConfig());
    if (Objects.nonNull(fileUpdateOptions.getConfigOut())) {
        if (Objects.nonNull(fileUpdateOptions.getPwdOut())) {
            passwordFileUpdaterWriter.updateAndWrite(newPasswords, fileUpdateOptions.getConfig(), fileUpdateOptions.getPwdOut());
            fileUpdateOptions.getConfig().getKeys().setPasswordFile(fileUpdateOptions.getPwdOut());
        }
        configFileUpdaterWriter.updateAndWrite(newKeyData, keyVaultConfig, fileUpdateOptions.getConfig(), fileUpdateOptions.getConfigOut());
    } else {
        configFileUpdaterWriter.updateAndWriteToCLI(newKeyData, keyVaultConfig, fileUpdateOptions.getConfig());
    }
    return new CliResult(0, true, fileUpdateOptions.getConfig());
}
Also used : ConstraintViolation(jakarta.validation.ConstraintViolation) ConfigKeyPair(com.quorum.tessera.config.keypairs.ConfigKeyPair) Validation(jakarta.validation.Validation) java.util(java.util) Predicate(java.util.function.Predicate) Validator(jakarta.validation.Validator) IOException(java.io.IOException) Callable(java.util.concurrent.Callable) ConstraintViolationException(jakarta.validation.ConstraintViolationException) KeyVaultOptions(com.quorum.tessera.key.generation.KeyVaultOptions) Collectors(java.util.stream.Collectors) KeyGeneratorFactory(com.quorum.tessera.key.generation.KeyGeneratorFactory) PasswordFileUpdaterWriter(com.quorum.tessera.config.util.PasswordFileUpdaterWriter) com.quorum.tessera.config(com.quorum.tessera.config) KeyGenerator(com.quorum.tessera.key.generation.KeyGenerator) CliException(com.quorum.tessera.cli.CliException) CliResult(com.quorum.tessera.cli.CliResult) ConfigFileUpdaterWriter(com.quorum.tessera.config.util.ConfigFileUpdaterWriter) CommandLine(picocli.CommandLine) KeyVaultOptions(com.quorum.tessera.key.generation.KeyVaultOptions) ConfigKeyPair(com.quorum.tessera.config.keypairs.ConfigKeyPair) CliException(com.quorum.tessera.cli.CliException) CliResult(com.quorum.tessera.cli.CliResult) ConstraintViolation(jakarta.validation.ConstraintViolation) ConstraintViolationException(jakarta.validation.ConstraintViolationException) KeyGenerator(com.quorum.tessera.key.generation.KeyGenerator)

Aggregations

CliException (com.quorum.tessera.cli.CliException)1 CliResult (com.quorum.tessera.cli.CliResult)1 com.quorum.tessera.config (com.quorum.tessera.config)1 ConfigKeyPair (com.quorum.tessera.config.keypairs.ConfigKeyPair)1 ConfigFileUpdaterWriter (com.quorum.tessera.config.util.ConfigFileUpdaterWriter)1 PasswordFileUpdaterWriter (com.quorum.tessera.config.util.PasswordFileUpdaterWriter)1 KeyGenerator (com.quorum.tessera.key.generation.KeyGenerator)1 KeyGeneratorFactory (com.quorum.tessera.key.generation.KeyGeneratorFactory)1 KeyVaultOptions (com.quorum.tessera.key.generation.KeyVaultOptions)1 ConstraintViolation (jakarta.validation.ConstraintViolation)1 ConstraintViolationException (jakarta.validation.ConstraintViolationException)1 Validation (jakarta.validation.Validation)1 Validator (jakarta.validation.Validator)1 IOException (java.io.IOException)1 java.util (java.util)1 Callable (java.util.concurrent.Callable)1 Predicate (java.util.function.Predicate)1 Collectors (java.util.stream.Collectors)1 CommandLine (picocli.CommandLine)1