Examples with SignedIdentityDocument com.yahoo.vespa.hosted.athenz.instanceproviderservice.identitydocument.SignedIdentityDocument used on opensource projects

Search in sources :

Example 1 with SignedIdentityDocument

use of com.yahoo.vespa.hosted.athenz.instanceproviderservice.identitydocument.SignedIdentityDocument in project vespa by vespa-engine.

the class InstanceValidator method isInstanceSignatureValid.

boolean isInstanceSignatureValid(InstanceConfirmation instanceConfirmation) {
    SignedIdentityDocument signedIdentityDocument = instanceConfirmation.signedIdentityDocument;
    PublicKey publicKey = keyProvider.getPublicKey(signedIdentityDocument.signingKeyVersion);
    return isSignatureValid(publicKey, signedIdentityDocument.rawIdentityDocument, signedIdentityDocument.signature);
}
Also used : PublicKey(java.security.PublicKey) SignedIdentityDocument(com.yahoo.vespa.hosted.athenz.instanceproviderservice.identitydocument.SignedIdentityDocument)

Example 2 with SignedIdentityDocument

use of com.yahoo.vespa.hosted.athenz.instanceproviderservice.identitydocument.SignedIdentityDocument in project vespa by vespa-engine.

the class InstanceValidatorTest method createInstanceConfirmation.

private static InstanceConfirmation createInstanceConfirmation(PrivateKey privateKey, ApplicationId applicationId, String domain, String service) {
    IdentityDocument identityDocument = new IdentityDocument(new ProviderUniqueId(applicationId.tenant().value(), applicationId.application().value(), "environment", "region", applicationId.instance().value(), "cluster-id", 0), "hostname", "instance-hostname", Instant.now());
    try {
        ObjectMapper mapper = Utils.getMapper();
        String encodedIdentityDocument = Base64.getEncoder().encodeToString(mapper.writeValueAsString(identityDocument).getBytes());
        Signature sigGenerator = Signature.getInstance("SHA512withRSA");
        sigGenerator.initSign(privateKey);
        sigGenerator.update(encodedIdentityDocument.getBytes());
        return new InstanceConfirmation("provider", domain, service, new SignedIdentityDocument(encodedIdentityDocument, Base64.getEncoder().encodeToString(sigGenerator.sign()), 0, identityDocument.providerUniqueId.asString(), "dnssuffix", "service", "localhost/zts", 1));
    } catch (Exception e) {
        throw new RuntimeException(e);
    }
}
Also used : ProviderUniqueId(com.yahoo.vespa.hosted.athenz.instanceproviderservice.identitydocument.ProviderUniqueId) SignedIdentityDocument(com.yahoo.vespa.hosted.athenz.instanceproviderservice.identitydocument.SignedIdentityDocument) IdentityDocument(com.yahoo.vespa.hosted.athenz.instanceproviderservice.identitydocument.IdentityDocument) Signature(java.security.Signature) SignedIdentityDocument(com.yahoo.vespa.hosted.athenz.instanceproviderservice.identitydocument.SignedIdentityDocument) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper)

Example 3 with SignedIdentityDocument

use of com.yahoo.vespa.hosted.athenz.instanceproviderservice.identitydocument.SignedIdentityDocument in project vespa by vespa-engine.

the class InstanceValidator method isValidInstance.

public boolean isValidInstance(InstanceConfirmation instanceConfirmation) {
    SignedIdentityDocument signedIdentityDocument = instanceConfirmation.signedIdentityDocument;
    ProviderUniqueId providerUniqueId = signedIdentityDocument.identityDocument.providerUniqueId;
    ApplicationId applicationId = ApplicationId.from(providerUniqueId.tenant, providerUniqueId.application, providerUniqueId.instance);
    if (!isSameIdentityAsInServicesXml(applicationId, instanceConfirmation.domain, instanceConfirmation.service)) {
        return false;
    }
    log.log(LogLevel.INFO, () -> String.format("Validating instance %s.", providerUniqueId));
    if (isInstanceSignatureValid(instanceConfirmation)) {
        log.log(LogLevel.INFO, () -> String.format("Instance %s is valid.", providerUniqueId));
        return true;
    }
    log.log(LogLevel.ERROR, () -> String.format("Instance %s has invalid signature.", providerUniqueId));
    return false;
}
Also used : ProviderUniqueId(com.yahoo.vespa.hosted.athenz.instanceproviderservice.identitydocument.ProviderUniqueId) SignedIdentityDocument(com.yahoo.vespa.hosted.athenz.instanceproviderservice.identitydocument.SignedIdentityDocument) ApplicationId(com.yahoo.config.provision.ApplicationId)

Aggregations

SignedIdentityDocument (com.yahoo.vespa.hosted.athenz.instanceproviderservice.identitydocument.SignedIdentityDocument)3 ProviderUniqueId (com.yahoo.vespa.hosted.athenz.instanceproviderservice.identitydocument.ProviderUniqueId)2 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)1 ApplicationId (com.yahoo.config.provision.ApplicationId)1 IdentityDocument (com.yahoo.vespa.hosted.athenz.instanceproviderservice.identitydocument.IdentityDocument)1 PublicKey (java.security.PublicKey)1 Signature (java.security.Signature)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial