use of tech.pegasys.signers.hashicorp.config.TlsOptions in project signers by ConsenSys.
the class HashicorpConnectionFactoryTest method missingAndUncreatableWhiteListThrowsHashicorpException.
@Test
void missingAndUncreatableWhiteListThrowsHashicorpException() {
final Path invalidFile = Path.of("/missingUnCreatable.whitelist");
final TlsOptions tlsOptions = new TlsOptions(Optional.of(TrustStoreType.WHITELIST), invalidFile, null);
final ConnectionParameters params = new ConnectionParameters(CONFIGURED_HOST, Optional.empty(), Optional.of(tlsOptions), Optional.of(10L));
assertThatThrownBy(() -> connectionFactory.create(params)).isInstanceOf(HashicorpException.class).hasMessage("Unable to initialise connection to hashicorp vault.");
}
use of tech.pegasys.signers.hashicorp.config.TlsOptions in project signers by ConsenSys.
the class MockedVertxHashicorpConnectionFactoryTest method httpClientIsInitialisedWithTlsIfTlsIsInConfiguration.
@Test
void httpClientIsInitialisedWithTlsIfTlsIsInConfiguration() {
final TlsOptions tlsOptions = new TlsOptions(Optional.empty(), null, null);
final ConnectionParameters params = new ConnectionParameters(CONFIGURED_HOST, Optional.empty(), Optional.of(tlsOptions), Optional.of(10L));
connectionFactory.create(params);
verify(mockedVertx).createHttpClient(clientOptionsArgCaptor.capture());
assertThat(clientOptionsArgCaptor.getValue().isSsl()).isTrue();
// TrustOptions are null, implying fallback to system CA
assertThat(clientOptionsArgCaptor.getValue().getTrustOptions()).isNull();
}
use of tech.pegasys.signers.hashicorp.config.TlsOptions in project signers by ConsenSys.
the class MockedVertxHashicorpConnectionFactoryTest method allCustomTlsTrustOptionsRequireANonNullPathElseThrowsHashicorpException.
@ParameterizedTest
@ValueSource(strings = { "JKS", "PKCS12", "PEM", "WHITELIST" })
void allCustomTlsTrustOptionsRequireANonNullPathElseThrowsHashicorpException(String trustType) {
final TlsOptions tlsOptions = new TlsOptions(Optional.of(TrustStoreType.fromString(trustType).get()), null, null);
final ConnectionParameters params = new ConnectionParameters(CONFIGURED_HOST, Optional.empty(), Optional.of(tlsOptions), Optional.of(10L));
assertThatThrownBy(() -> connectionFactory.create(params)).isInstanceOf(HashicorpException.class);
}
use of tech.pegasys.signers.hashicorp.config.TlsOptions in project signers by ConsenSys.
the class TomlConfigLoaderTest method tlsValuesAreExtracted.
@Test
void tlsValuesAreExtracted() throws IOException {
final Path configFile = HashicorpConfigUtil.createConfigFile(HOST, PORT, TOKEN, KEY_PATH, KEY_NAME, TIMEOUT, true, TRUST_STORE_TYPE, TRUST_STORE_PATH_STRING, TRUST_STORE_PASSWORD);
final HashicorpKeyConfig config = TomlConfigLoader.fromToml(configFile, null);
assertThat(config.getConnectionParams().getTlsOptions()).isNotEmpty();
final TlsOptions tlsOptions = config.getConnectionParams().getTlsOptions().get();
assertThat(tlsOptions.getTrustStoreType().get()).isEqualTo(TrustStoreType.fromString(TRUST_STORE_TYPE).get());
assertThat(tlsOptions.getTrustStorePath()).isEqualTo(Path.of(TRUST_STORE_PATH_STRING));
assertThat(tlsOptions.getTrustStorePassword()).isEqualTo(TRUST_STORE_PASSWORD);
}
use of tech.pegasys.signers.hashicorp.config.TlsOptions in project web3signer by ConsenSys.
the class AbstractArtifactSignerFactory method extractBytesFromVault.
protected Bytes extractBytesFromVault(final HashicorpSigningMetadata metadata) {
final Optional<TlsOptions> tlsOptions = buildTlsOptions(metadata);
try {
final HashicorpConnection connection = hashicorpConnectionFactory.create(new ConnectionParameters(metadata.getServerHost(), Optional.ofNullable(metadata.getServerPort()), tlsOptions, Optional.ofNullable(metadata.getTimeout())));
final String secret = connection.fetchKey(new KeyDefinition(metadata.getKeyPath(), Optional.ofNullable(metadata.getKeyName()), metadata.getToken()));
return Bytes.fromHexString(secret);
} catch (final Exception e) {
throw new SigningMetadataException("Failed to fetch secret from hashicorp vault", e);
}
}
Aggregations