Search in sources :

Example 1 with KeystoresParameters

use of tech.pegasys.web3signer.signing.config.KeystoresParameters in project web3signer by ConsenSys.

the class KeystoreAcceptanceTest method ensureSecretsFromKeystoresAreLoadedUsingPasswordDirAndReportedViaPublicKeysApi.

@Test
void ensureSecretsFromKeystoresAreLoadedUsingPasswordDirAndReportedViaPublicKeysApi(@TempDir final Path keystoreDir, @TempDir final Path passwordDir) {
    KeystoreUtil.createKeystore(KEY_PAIR_1, keystoreDir, passwordDir, KEYSTORE_PASSWORD_1);
    KeystoreUtil.createKeystore(KEY_PAIR_2, keystoreDir, passwordDir, KEYSTORE_PASSWORD_2);
    final KeystoresParameters keystoresParameters = new DefaultKeystoresParameters(keystoreDir, passwordDir, null);
    final SignerConfigurationBuilder configBuilder = new SignerConfigurationBuilder().withMode("eth2").withKeystoresParameters(keystoresParameters);
    startSigner(configBuilder.build());
    final Response response = signer.callApiPublicKeys(KeyType.BLS);
    response.then().statusCode(200).contentType(ContentType.JSON).body("", containsInAnyOrder(KEY_PAIR_1.getPublicKey().toString(), KEY_PAIR_2.getPublicKey().toString()));
}
Also used : Response(io.restassured.response.Response) SignerConfigurationBuilder(tech.pegasys.web3signer.dsl.signer.SignerConfigurationBuilder) DefaultKeystoresParameters(tech.pegasys.web3signer.dsl.utils.DefaultKeystoresParameters) DefaultKeystoresParameters(tech.pegasys.web3signer.dsl.utils.DefaultKeystoresParameters) KeystoresParameters(tech.pegasys.web3signer.signing.config.KeystoresParameters) Test(org.junit.jupiter.api.Test)

Example 2 with KeystoresParameters

use of tech.pegasys.web3signer.signing.config.KeystoresParameters in project web3signer by ConsenSys.

the class CmdLineParamsConfigFileImpl method createCmdLineParams.

@Override
public List<String> createCmdLineParams() {
    final ArrayList<String> params = new ArrayList<>();
    final StringBuilder yamlConfig = new StringBuilder();
    yamlConfig.append(String.format(YAML_STRING_FMT, "logging", signerConfig.logLevel()));
    yamlConfig.append(String.format(YAML_STRING_FMT, "http-listen-host", signerConfig.hostname()));
    yamlConfig.append(String.format(YAML_NUMERIC_FMT, "http-listen-port", signerConfig.httpPort()));
    if (!signerConfig.getHttpHostAllowList().isEmpty()) {
        yamlConfig.append(String.format(YAML_STRING_FMT, "http-host-allowlist", createCommaSeparatedList(signerConfig.getHttpHostAllowList())));
    }
    yamlConfig.append(String.format(YAML_STRING_FMT, "key-store-path", signerConfig.getKeyStorePath().toString()));
    if (signerConfig.isMetricsEnabled()) {
        yamlConfig.append(String.format(YAML_BOOLEAN_FMT, "metrics-enabled", Boolean.TRUE));
        yamlConfig.append(String.format(YAML_NUMERIC_FMT, "metrics-port", signerConfig.getMetricsPort()));
        if (!signerConfig.getMetricsHostAllowList().isEmpty()) {
            yamlConfig.append(String.format(YAML_STRING_FMT, "metrics-host-allowlist", createCommaSeparatedList(signerConfig.getMetricsHostAllowList())));
        }
        if (!signerConfig.getMetricsCategories().isEmpty()) {
            yamlConfig.append(String.format(YAML_STRING_FMT, // config-file can only use longest options if more than one
            "metrics-categories", // option is specified.
            createCommaSeparatedList(signerConfig.getMetricsCategories())));
        }
    }
    if (signerConfig.isSwaggerUIEnabled()) {
        yamlConfig.append(String.format(YAML_BOOLEAN_FMT, "swagger-ui-enabled", Boolean.TRUE));
    }
    yamlConfig.append(String.format(YAML_BOOLEAN_FMT, "access-logs-enabled", Boolean.TRUE));
    if (signerConfig.isHttpDynamicPortAllocation()) {
        yamlConfig.append(String.format(YAML_STRING_FMT, "data-path", dataPath.toAbsolutePath().toString()));
    }
    yamlConfig.append(createServerTlsArgs());
    // sub-command .. it can't go to config file
    params.add(signerConfig.getMode());
    if (signerConfig.getMode().equals("eth2")) {
        yamlConfig.append(createEth2SlashingProtectionArgs());
        if (signerConfig.getAzureKeyVaultParameters().isPresent()) {
            final AzureKeyVaultParameters azureParams = signerConfig.getAzureKeyVaultParameters().get();
            yamlConfig.append(String.format(YAML_BOOLEAN_FMT, "eth2.azure-vault-enabled", Boolean.TRUE));
            yamlConfig.append(String.format(YAML_STRING_FMT, "eth2.azure-vault-auth-mode", azureParams.getAuthenticationMode().name()));
            yamlConfig.append(String.format(YAML_STRING_FMT, "eth2.azure-vault-name", azureParams.getKeyVaultName()));
            yamlConfig.append(String.format(YAML_STRING_FMT, "eth2.azure-client-id", azureParams.getClientId()));
            yamlConfig.append(String.format(YAML_STRING_FMT, "eth2.azure-client-secret", azureParams.getClientSecret()));
            yamlConfig.append(String.format(YAML_STRING_FMT, "eth2.azure-tenant-id", azureParams.getTenantId()));
        }
        if (signerConfig.getKeystoresParameters().isPresent()) {
            final KeystoresParameters keystoresParameters = signerConfig.getKeystoresParameters().get();
            yamlConfig.append(String.format(YAML_STRING_FMT, "eth2.keystores-path", keystoresParameters.getKeystoresPath().toAbsolutePath()));
            if (keystoresParameters.getKeystoresPasswordsPath() != null) {
                yamlConfig.append(String.format(YAML_STRING_FMT, "eth2.keystores-passwords-path", keystoresParameters.getKeystoresPasswordsPath().toAbsolutePath()));
            }
            if (keystoresParameters.getKeystoresPasswordFile() != null) {
                yamlConfig.append(String.format(YAML_STRING_FMT, "eth2.keystores-password-file", keystoresParameters.getKeystoresPasswordFile().toAbsolutePath()));
            }
        }
        if (signerConfig.getSlashingExportPath().isPresent()) {
            // sub-sub command
            params.add("export");
            yamlConfig.append(String.format(YAML_STRING_FMT, "eth2.export.to", signerConfig.getSlashingExportPath().get().toAbsolutePath().toString()));
        } else if (signerConfig.getSlashingImportPath().isPresent()) {
            // sub-sub command
            params.add("import");
            yamlConfig.append(String.format(YAML_STRING_FMT, "eth2.import.from", signerConfig.getSlashingImportPath().get().toAbsolutePath().toString()));
        }
    }
    // create temporary config file
    try {
        final Path configFile = Files.createTempFile("web3signer_config", ".yaml");
        FileUtils.forceDeleteOnExit(configFile.toFile());
        Files.writeString(configFile, yamlConfig.toString());
        params.add(0, configFile.toAbsolutePath().toString());
        params.add(0, "--config-file");
    } catch (final IOException e) {
        throw new UncheckedIOException(e);
    }
    return params;
}
Also used : Path(java.nio.file.Path) ArrayList(java.util.ArrayList) AzureKeyVaultParameters(tech.pegasys.web3signer.signing.config.AzureKeyVaultParameters) UncheckedIOException(java.io.UncheckedIOException) IOException(java.io.IOException) UncheckedIOException(java.io.UncheckedIOException) KeystoresParameters(tech.pegasys.web3signer.signing.config.KeystoresParameters)

Example 3 with KeystoresParameters

use of tech.pegasys.web3signer.signing.config.KeystoresParameters in project web3signer by ConsenSys.

the class CmdLineParamsDefaultImpl method createCmdLineParams.

@Override
public List<String> createCmdLineParams() {
    final List<String> params = new ArrayList<>();
    params.add("--logging");
    params.add(signerConfig.logLevel());
    params.add("--http-listen-host");
    params.add(signerConfig.hostname());
    params.add("--http-listen-port");
    params.add(String.valueOf(signerConfig.httpPort()));
    if (!signerConfig.getHttpHostAllowList().isEmpty()) {
        params.add("--http-host-allowlist");
        params.add(createCommaSeparatedList(signerConfig.getHttpHostAllowList()));
    }
    params.add("--key-store-path");
    params.add(signerConfig.getKeyStorePath().toString());
    if (signerConfig.isMetricsEnabled()) {
        params.add("--metrics-enabled");
        params.add("--metrics-port");
        params.add(Integer.toString(signerConfig.getMetricsPort()));
        if (!signerConfig.getMetricsHostAllowList().isEmpty()) {
            params.add("--metrics-host-allowlist");
            params.add(createCommaSeparatedList(signerConfig.getMetricsHostAllowList()));
        }
        if (!signerConfig.getMetricsCategories().isEmpty()) {
            params.add("--metrics-category");
            params.add(createCommaSeparatedList(signerConfig.getMetricsCategories()));
        }
    }
    if (signerConfig.isSwaggerUIEnabled()) {
        params.add("--swagger-ui-enabled=true");
    }
    params.add("--access-logs-enabled=true");
    if (signerConfig.isHttpDynamicPortAllocation()) {
        params.add("--data-path");
        params.add(dataPath.toAbsolutePath().toString());
    }
    params.addAll(createServerTlsArgs());
    params.add(signerConfig.getMode());
    if (signerConfig.getMode().equals("eth2")) {
        params.addAll(createEth2Args());
        if (signerConfig.getAzureKeyVaultParameters().isPresent()) {
            final AzureKeyVaultParameters azureParams = signerConfig.getAzureKeyVaultParameters().get();
            params.add("--azure-vault-enabled=true");
            params.add("--azure-vault-auth-mode");
            params.add(azureParams.getAuthenticationMode().name());
            params.add("--azure-vault-name");
            params.add(azureParams.getKeyVaultName());
            params.add("--azure-client-id");
            params.add(azureParams.getClientId());
            params.add("--azure-client-secret");
            params.add(azureParams.getClientSecret());
            params.add("--azure-tenant-id");
            params.add(azureParams.getTenantId());
        }
        if (signerConfig.getKeystoresParameters().isPresent()) {
            final KeystoresParameters keystoresParameters = signerConfig.getKeystoresParameters().get();
            params.add("--keystores-path");
            params.add(keystoresParameters.getKeystoresPath().toAbsolutePath().toString());
            if (keystoresParameters.getKeystoresPasswordsPath() != null) {
                params.add("--keystores-passwords-path");
                params.add(keystoresParameters.getKeystoresPasswordsPath().toAbsolutePath().toString());
            }
            if (keystoresParameters.getKeystoresPasswordFile() != null) {
                params.add("--keystores-password-file");
                params.add(keystoresParameters.getKeystoresPasswordFile().toAbsolutePath().toString());
            }
        }
    }
    return params;
}
Also used : ArrayList(java.util.ArrayList) AzureKeyVaultParameters(tech.pegasys.web3signer.signing.config.AzureKeyVaultParameters) KeystoresParameters(tech.pegasys.web3signer.signing.config.KeystoresParameters)

Example 4 with KeystoresParameters

use of tech.pegasys.web3signer.signing.config.KeystoresParameters in project web3signer by ConsenSys.

the class KeystoreAcceptanceTest method ensureSecretsFromKeystoresAreLoadedUsingPasswordFileAndReportedViaPublicKeysApi.

@Test
void ensureSecretsFromKeystoresAreLoadedUsingPasswordFileAndReportedViaPublicKeysApi(@TempDir final Path tempDir) throws IOException {
    final Path keystoreDir = tempDir.resolve("keystores");
    Files.createDirectory(keystoreDir);
    KeystoreUtil.createKeystoreFile(KEY_PAIR_1, keystoreDir, KEYSTORE_PASSWORD_1);
    KeystoreUtil.createKeystoreFile(KEY_PAIR_2, keystoreDir, KEYSTORE_PASSWORD_1);
    final Path passwordFile = tempDir.resolve("password.txt");
    Files.writeString(passwordFile, KEYSTORE_PASSWORD_1);
    final KeystoresParameters keystoresParameters = new DefaultKeystoresParameters(keystoreDir, null, passwordFile);
    final SignerConfigurationBuilder configBuilder = new SignerConfigurationBuilder().withMode("eth2").withKeystoresParameters(keystoresParameters);
    startSigner(configBuilder.build());
    final Response response = signer.callApiPublicKeys(KeyType.BLS);
    response.then().statusCode(200).contentType(ContentType.JSON).body("", containsInAnyOrder(KEY_PAIR_1.getPublicKey().toString(), KEY_PAIR_2.getPublicKey().toString()));
}
Also used : Path(java.nio.file.Path) Response(io.restassured.response.Response) SignerConfigurationBuilder(tech.pegasys.web3signer.dsl.signer.SignerConfigurationBuilder) DefaultKeystoresParameters(tech.pegasys.web3signer.dsl.utils.DefaultKeystoresParameters) DefaultKeystoresParameters(tech.pegasys.web3signer.dsl.utils.DefaultKeystoresParameters) KeystoresParameters(tech.pegasys.web3signer.signing.config.KeystoresParameters) Test(org.junit.jupiter.api.Test)

Aggregations

KeystoresParameters (tech.pegasys.web3signer.signing.config.KeystoresParameters)4 Response (io.restassured.response.Response)2 Path (java.nio.file.Path)2 ArrayList (java.util.ArrayList)2 Test (org.junit.jupiter.api.Test)2 SignerConfigurationBuilder (tech.pegasys.web3signer.dsl.signer.SignerConfigurationBuilder)2 DefaultKeystoresParameters (tech.pegasys.web3signer.dsl.utils.DefaultKeystoresParameters)2 AzureKeyVaultParameters (tech.pegasys.web3signer.signing.config.AzureKeyVaultParameters)2 IOException (java.io.IOException)1 UncheckedIOException (java.io.UncheckedIOException)1