Search in sources :

Example 1 with TlsOptions

use of tech.pegasys.signers.hashicorp.config.TlsOptions in project signers by ConsenSys.

the class HashicorpConnectionFactoryTest method missingAndUncreatableWhiteListThrowsHashicorpException.

@Test
void missingAndUncreatableWhiteListThrowsHashicorpException() {
    final Path invalidFile = Path.of("/missingUnCreatable.whitelist");
    final TlsOptions tlsOptions = new TlsOptions(Optional.of(TrustStoreType.WHITELIST), invalidFile, null);
    final ConnectionParameters params = new ConnectionParameters(CONFIGURED_HOST, Optional.empty(), Optional.of(tlsOptions), Optional.of(10L));
    assertThatThrownBy(() -> connectionFactory.create(params)).isInstanceOf(HashicorpException.class).hasMessage("Unable to initialise connection to hashicorp vault.");
}
Also used : Path(java.nio.file.Path) ConnectionParameters(tech.pegasys.signers.hashicorp.config.ConnectionParameters) TlsOptions(tech.pegasys.signers.hashicorp.config.TlsOptions) Test(org.junit.jupiter.api.Test)

Example 2 with TlsOptions

use of tech.pegasys.signers.hashicorp.config.TlsOptions in project signers by ConsenSys.

the class MockedVertxHashicorpConnectionFactoryTest method httpClientIsInitialisedWithTlsIfTlsIsInConfiguration.

@Test
void httpClientIsInitialisedWithTlsIfTlsIsInConfiguration() {
    final TlsOptions tlsOptions = new TlsOptions(Optional.empty(), null, null);
    final ConnectionParameters params = new ConnectionParameters(CONFIGURED_HOST, Optional.empty(), Optional.of(tlsOptions), Optional.of(10L));
    connectionFactory.create(params);
    verify(mockedVertx).createHttpClient(clientOptionsArgCaptor.capture());
    assertThat(clientOptionsArgCaptor.getValue().isSsl()).isTrue();
    // TrustOptions are null, implying fallback to system CA
    assertThat(clientOptionsArgCaptor.getValue().getTrustOptions()).isNull();
}
Also used : ConnectionParameters(tech.pegasys.signers.hashicorp.config.ConnectionParameters) TlsOptions(tech.pegasys.signers.hashicorp.config.TlsOptions) Test(org.junit.jupiter.api.Test) ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)

Example 3 with TlsOptions

use of tech.pegasys.signers.hashicorp.config.TlsOptions in project signers by ConsenSys.

the class MockedVertxHashicorpConnectionFactoryTest method allCustomTlsTrustOptionsRequireANonNullPathElseThrowsHashicorpException.

@ParameterizedTest
@ValueSource(strings = { "JKS", "PKCS12", "PEM", "WHITELIST" })
void allCustomTlsTrustOptionsRequireANonNullPathElseThrowsHashicorpException(String trustType) {
    final TlsOptions tlsOptions = new TlsOptions(Optional.of(TrustStoreType.fromString(trustType).get()), null, null);
    final ConnectionParameters params = new ConnectionParameters(CONFIGURED_HOST, Optional.empty(), Optional.of(tlsOptions), Optional.of(10L));
    assertThatThrownBy(() -> connectionFactory.create(params)).isInstanceOf(HashicorpException.class);
}
Also used : ConnectionParameters(tech.pegasys.signers.hashicorp.config.ConnectionParameters) TlsOptions(tech.pegasys.signers.hashicorp.config.TlsOptions) ValueSource(org.junit.jupiter.params.provider.ValueSource) ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)

Example 4 with TlsOptions

use of tech.pegasys.signers.hashicorp.config.TlsOptions in project signers by ConsenSys.

the class TomlConfigLoaderTest method tlsValuesAreExtracted.

@Test
void tlsValuesAreExtracted() throws IOException {
    final Path configFile = HashicorpConfigUtil.createConfigFile(HOST, PORT, TOKEN, KEY_PATH, KEY_NAME, TIMEOUT, true, TRUST_STORE_TYPE, TRUST_STORE_PATH_STRING, TRUST_STORE_PASSWORD);
    final HashicorpKeyConfig config = TomlConfigLoader.fromToml(configFile, null);
    assertThat(config.getConnectionParams().getTlsOptions()).isNotEmpty();
    final TlsOptions tlsOptions = config.getConnectionParams().getTlsOptions().get();
    assertThat(tlsOptions.getTrustStoreType().get()).isEqualTo(TrustStoreType.fromString(TRUST_STORE_TYPE).get());
    assertThat(tlsOptions.getTrustStorePath()).isEqualTo(Path.of(TRUST_STORE_PATH_STRING));
    assertThat(tlsOptions.getTrustStorePassword()).isEqualTo(TRUST_STORE_PASSWORD);
}
Also used : Path(java.nio.file.Path) HashicorpKeyConfig(tech.pegasys.signers.hashicorp.config.HashicorpKeyConfig) TlsOptions(tech.pegasys.signers.hashicorp.config.TlsOptions) Test(org.junit.jupiter.api.Test) ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)

Example 5 with TlsOptions

use of tech.pegasys.signers.hashicorp.config.TlsOptions in project web3signer by ConsenSys.

the class AbstractArtifactSignerFactory method extractBytesFromVault.

protected Bytes extractBytesFromVault(final HashicorpSigningMetadata metadata) {
    final Optional<TlsOptions> tlsOptions = buildTlsOptions(metadata);
    try {
        final HashicorpConnection connection = hashicorpConnectionFactory.create(new ConnectionParameters(metadata.getServerHost(), Optional.ofNullable(metadata.getServerPort()), tlsOptions, Optional.ofNullable(metadata.getTimeout())));
        final String secret = connection.fetchKey(new KeyDefinition(metadata.getKeyPath(), Optional.ofNullable(metadata.getKeyName()), metadata.getToken()));
        return Bytes.fromHexString(secret);
    } catch (final Exception e) {
        throw new SigningMetadataException("Failed to fetch secret from hashicorp vault", e);
    }
}
Also used : HashicorpConnection(tech.pegasys.signers.hashicorp.HashicorpConnection) ConnectionParameters(tech.pegasys.signers.hashicorp.config.ConnectionParameters) TlsOptions(tech.pegasys.signers.hashicorp.config.TlsOptions) KeyDefinition(tech.pegasys.signers.hashicorp.config.KeyDefinition) IOException(java.io.IOException) FileNotFoundException(java.io.FileNotFoundException)

Aggregations

TlsOptions (tech.pegasys.signers.hashicorp.config.TlsOptions)12 ConnectionParameters (tech.pegasys.signers.hashicorp.config.ConnectionParameters)10 Test (org.junit.jupiter.api.Test)7 ParameterizedTest (org.junit.jupiter.params.ParameterizedTest)5 File (java.io.File)4 Path (java.nio.file.Path)3 FileNotFoundException (java.io.FileNotFoundException)2 IOException (java.io.IOException)2 ValueSource (org.junit.jupiter.params.provider.ValueSource)2 HashicorpConnection (tech.pegasys.signers.hashicorp.HashicorpConnection)2 KeyDefinition (tech.pegasys.signers.hashicorp.config.KeyDefinition)2 URL (java.net.URL)1 HashicorpException (tech.pegasys.signers.hashicorp.HashicorpException)1 TrustStoreType (tech.pegasys.signers.hashicorp.TrustStoreType)1 HashicorpKeyConfig (tech.pegasys.signers.hashicorp.config.HashicorpKeyConfig)1