use of com.quorum.tessera.key.vault.KeyVaultService in project tessera by ConsenSys.
the class KeyPairConverterTest method convertSingleAwsVaultKeyPair.
@Test
public void convertSingleAwsVaultKeyPair() {
try (var staticKeyVaultServiceFactory = mockStatic(KeyVaultServiceFactory.class)) {
KeyVaultServiceFactory keyVaultServiceFactory = mock(KeyVaultServiceFactory.class);
KeyVaultService keyVaultService = mock(KeyVaultService.class);
when(keyVaultService.getSecret(any(Map.class))).thenReturn("publicSecret").thenReturn("privSecret");
when(keyVaultServiceFactory.create(any(Config.class), any(EnvironmentVariableProvider.class))).thenReturn(keyVaultService);
staticKeyVaultServiceFactory.when(() -> KeyVaultServiceFactory.getInstance(KeyVaultType.AWS)).thenReturn(keyVaultServiceFactory);
final AWSKeyPair keyPair = new AWSKeyPair("pub", "priv");
Collection<KeyPair> result = converter.convert(Collections.singletonList(keyPair));
assertThat(result).hasSize(1);
KeyPair resultKeyPair = result.iterator().next();
KeyPair expected = new KeyPair(PublicKey.from(decodeBase64("publicSecret")), PrivateKey.from(decodeBase64("privSecret")));
assertThat(resultKeyPair).isEqualToComparingFieldByField(expected);
verify(keyVaultService, times(2)).getSecret(any(Map.class));
verify(keyVaultServiceFactory).create(any(Config.class), any(EnvironmentVariableProvider.class));
staticKeyVaultServiceFactory.verify(() -> KeyVaultServiceFactory.getInstance(KeyVaultType.AWS));
staticKeyVaultServiceFactory.verifyNoMoreInteractions();
verifyNoMoreInteractions(keyVaultService);
verifyNoMoreInteractions(keyVaultServiceFactory);
}
}
use of com.quorum.tessera.key.vault.KeyVaultService in project tessera by ConsenSys.
the class KeyPairConverterTest method convertSingleHashicorpVaultKeyPair.
@Test
public void convertSingleHashicorpVaultKeyPair() {
try (var staticKeyVaultServiceFactory = mockStatic(KeyVaultServiceFactory.class)) {
KeyVaultServiceFactory keyVaultServiceFactory = mock(KeyVaultServiceFactory.class);
KeyVaultService keyVaultService = mock(KeyVaultService.class);
when(keyVaultService.getSecret(any(Map.class))).thenReturn("publicSecret").thenReturn("privSecret");
when(keyVaultServiceFactory.create(any(Config.class), any(EnvironmentVariableProvider.class))).thenReturn(keyVaultService);
staticKeyVaultServiceFactory.when(() -> KeyVaultServiceFactory.getInstance(KeyVaultType.HASHICORP)).thenReturn(keyVaultServiceFactory);
final HashicorpVaultKeyPair keyPair = new HashicorpVaultKeyPair("pub", "priv", "engine", "secretName", 10);
Collection<KeyPair> result = converter.convert(Collections.singletonList(keyPair));
assertThat(result).hasSize(1);
KeyPair resultKeyPair = result.iterator().next();
KeyPair expected = new KeyPair(PublicKey.from(decodeBase64("publicSecret")), PrivateKey.from(decodeBase64("privSecret")));
assertThat(resultKeyPair).isEqualToComparingFieldByField(expected);
verify(keyVaultService, times(2)).getSecret(any(Map.class));
verify(keyVaultServiceFactory).create(any(Config.class), any(EnvironmentVariableProvider.class));
staticKeyVaultServiceFactory.verify(() -> KeyVaultServiceFactory.getInstance(KeyVaultType.HASHICORP));
staticKeyVaultServiceFactory.verifyNoMoreInteractions();
verifyNoMoreInteractions(keyVaultService);
verifyNoMoreInteractions(keyVaultServiceFactory);
}
}
use of com.quorum.tessera.key.vault.KeyVaultService in project tessera by ConsenSys.
the class KeyPairConverter method convert.
private KeyPair convert(ConfigKeyPair configKeyPair) {
final String base64PublicKey;
final String base64PrivateKey;
if (configKeyPair instanceof AzureVaultKeyPair) {
KeyVaultServiceFactory keyVaultServiceFactory = KeyVaultServiceFactory.getInstance(KeyVaultType.AZURE);
KeyVaultService keyVaultService = keyVaultServiceFactory.create(config, envProvider);
AzureVaultKeyPair akp = (AzureVaultKeyPair) configKeyPair;
Map<String, String> getPublicKeyData = new HashMap<>(Map.of("secretName", akp.getPublicKeyId()));
getPublicKeyData.put("secretVersion", akp.getPublicKeyVersion());
Map<String, String> getPrivateKeyData = new HashMap<>(Map.of("secretName", akp.getPrivateKeyId()));
getPrivateKeyData.put("secretVersion", akp.getPrivateKeyVersion());
base64PublicKey = keyVaultService.getSecret(getPublicKeyData);
base64PrivateKey = keyVaultService.getSecret(getPrivateKeyData);
} else if (configKeyPair instanceof HashicorpVaultKeyPair) {
KeyVaultServiceFactory keyVaultServiceFactory = KeyVaultServiceFactory.getInstance(KeyVaultType.HASHICORP);
KeyVaultService keyVaultService = keyVaultServiceFactory.create(config, envProvider);
HashicorpVaultKeyPair hkp = (HashicorpVaultKeyPair) configKeyPair;
Map<String, String> getPublicKeyData = Map.of("secretEngineName", hkp.getSecretEngineName(), "secretName", hkp.getSecretName(), "secretId", hkp.getPublicKeyId(), "secretVersion", Objects.toString(hkp.getSecretVersion()));
Map<String, String> getPrivateKeyData = Map.of("secretEngineName", hkp.getSecretEngineName(), "secretName", hkp.getSecretName(), "secretId", hkp.getPrivateKeyId(), "secretVersion", Objects.toString(hkp.getSecretVersion()));
base64PublicKey = keyVaultService.getSecret(getPublicKeyData);
base64PrivateKey = keyVaultService.getSecret(getPrivateKeyData);
} else if (configKeyPair instanceof AWSKeyPair) {
KeyVaultServiceFactory keyVaultServiceFactory = KeyVaultServiceFactory.getInstance(KeyVaultType.AWS);
KeyVaultService keyVaultService = keyVaultServiceFactory.create(config, envProvider);
AWSKeyPair akp = (AWSKeyPair) configKeyPair;
Map<String, String> getPublicKeyData = Map.of("secretName", akp.getPublicKeyId());
Map<String, String> getPrivateKeyData = Map.of("secretName", akp.getPrivateKeyId());
base64PublicKey = keyVaultService.getSecret(getPublicKeyData);
base64PrivateKey = keyVaultService.getSecret(getPrivateKeyData);
} else {
base64PublicKey = configKeyPair.getPublicKey();
base64PrivateKey = configKeyPair.getPrivateKey();
}
return new KeyPair(PublicKey.from(Base64.getDecoder().decode(base64PublicKey.trim())), PrivateKey.from(Base64.getDecoder().decode(base64PrivateKey.trim())));
}
use of com.quorum.tessera.key.vault.KeyVaultService in project tessera by ConsenSys.
the class AzureVaultKeyGeneratorTest method setUp.
@Before
public void setUp() {
this.encryptor = mock(Encryptor.class);
this.keyVaultService = mock(KeyVaultService.class);
final KeyPair keyPair = new KeyPair(pub, priv);
when(encryptor.generateNewKeys()).thenReturn(keyPair);
azureVaultKeyGenerator = new AzureVaultKeyGenerator(encryptor, keyVaultService);
}
use of com.quorum.tessera.key.vault.KeyVaultService in project tessera by ConsenSys.
the class HashicorpVaultKeyGeneratorTest method setUp.
@Before
public void setUp() {
this.encryptor = mock(Encryptor.class);
this.keyVaultService = mock(KeyVaultService.class);
final KeyPair keyPair = new KeyPair(pub, priv);
when(encryptor.generateNewKeys()).thenReturn(keyPair);
this.hashicorpVaultKeyGenerator = new HashicorpVaultKeyGenerator(encryptor, keyVaultService);
}
Aggregations