Consensys · melowe · Nov 19, 2019 · Oct 24, 2019 · Oct 24, 2019 · Oct 24, 2019
@@ -22,7 +22,6 @@
 import java.net.URI;
 import java.nio.file.Files;
 import java.nio.file.Path;
-import java.util.Collections;
 
 import static javax.ws.rs.core.MediaType.APPLICATION_JSON;
 import static org.assertj.core.api.Assertions.assertThat;
@@ -95,7 +94,7 @@ public void addPeer() throws Exception {
         final Path configFile = ElUtil.createAndPopulatePaths(getClass().getResource("/sample-config.json"));
         final ConfigurationMixin mixin = new ConfigurationMixin();
         try (InputStream in = Files.newInputStream(configFile)) {
-            final Config config = ConfigFactory.create().create(in, Collections.emptyList());
+            final Config config = ConfigFactory.create().create(in);
             mixin.setConfig(config);
         }
 
@@ -119,7 +118,7 @@ public void failToAddPeerReturnsFalse() throws Exception {
         final Path configFile = ElUtil.createAndPopulatePaths(getClass().getResource("/sample-config.json"));
         final ConfigurationMixin mixin = new ConfigurationMixin();
         try (InputStream in = Files.newInputStream(configFile)) {
-            final Config config = ConfigFactory.create().create(in, Collections.emptyList());
+            final Config config = ConfigFactory.create().create(in);
             mixin.setConfig(config);
         }
 

@@ -9,7 +9,6 @@
 import com.quorum.tessera.io.SystemAdapter;
 import com.quorum.tessera.passwords.PasswordReader;
 import com.quorum.tessera.passwords.PasswordReaderFactory;
-import org.apache.commons.lang3.StringUtils;
 
 import java.io.IOException;
 import java.nio.charset.StandardCharsets;
@@ -33,11 +32,12 @@ public CliKeyPasswordResolver(final PasswordReader passwordReader) {
         this.passwordReader = Objects.requireNonNull(passwordReader);
     }
 
+    @Override
     public void resolveKeyPasswords(final Config config) {
 
         final KeyConfiguration input = config.getKeys();
         if (input == null) {
-            //invalid config, but gets picked up by validation later
+            // invalid config, but gets picked up by validation later
             return;
         }
 
@@ -48,41 +48,41 @@ public void resolveKeyPasswords(final Config config) {
             try {
                 allPasswords.addAll(Files.readAllLines(input.getPasswordFile(), StandardCharsets.UTF_8));
             } catch (final IOException ex) {
-                //dont do anything, if any keys are locked validation will complain that
-                //locked keys were provided without passwords
+                // dont do anything, if any keys are locked validation will complain that
+                // locked keys were provided without passwords
                 SystemAdapter.INSTANCE.err().println("Could not read the password file");
             }
         }
 
-        IntStream
-            .range(0, input.getKeyData().size())
-            .forEachOrdered(i -> {
-                if(i < allPasswords.size()) {
-                    input.getKeyData().get(i).withPassword(allPasswords.get(i));
-                }
-            });
-
-        //decrypt the keys, either using provided passwords or read from CLI
-        IntStream
-            .range(0, input.getKeyData().size())
-            .forEachOrdered(keyNumber -> getSingleKeyPassword(keyNumber, input.getKeyData().get(keyNumber)));
+        IntStream.range(0, input.getKeyData().size())
+                .forEachOrdered(
+                        i -> {
+                            if (i < allPasswords.size()) {
+                                input.getKeyData().get(i).withPassword(allPasswords.get(i));
+                            }
+                        });
+
+        // decrypt the keys, either using provided passwords or read from CLI
+        IntStream.range(0, input.getKeyData().size())
+                .forEachOrdered(keyNumber -> getSingleKeyPassword(keyNumber, input.getKeyData().get(keyNumber)));
     }
 
-    //TODO: make private
-    //@VisibleForTesting
+    // TODO: make private
+    // @VisibleForTesting
     public void getSingleKeyPassword(final int keyNumber, final ConfigKeyPair keyPair) {
-        final boolean isInline = keyPair instanceof InlineKeypair;
-        final boolean isFilesystem = keyPair instanceof FilesystemKeyPair;
+        final boolean isInline = InlineKeypair.class.isInstance(keyPair);
+        final boolean isFilesystem = FilesystemKeyPair.class.isInstance(keyPair);
 
         if (!isInline && !isFilesystem) {
-            //some other key type that doesn't use passwords, skip
+            // some other key type that doesn't use passwords, skip
             return;
         }
 
-        final InlineKeypair inlineKey = isInline ? (InlineKeypair)keyPair : ((FilesystemKeyPair)keyPair).getInlineKeypair();
+        final InlineKeypair inlineKey =
+                isInline ? (InlineKeypair) keyPair : ((FilesystemKeyPair) keyPair).getInlineKeypair();
 
-        if(inlineKey == null) {
-            //filesystem key pair that couldn't load the keys, catch in validation later
+        if (inlineKey == null) {
+            // filesystem key pair that couldn't load the keys, catch in validation later
             return;
         }
 
@@ -91,8 +91,16 @@ public void getSingleKeyPassword(final int keyNumber, final ConfigKeyPair keyPai
         if (isLocked) {
             int currentAttemptNumber = MAX_PASSWORD_ATTEMPTS;
             while (currentAttemptNumber > 0) {
-                if (StringUtils.isEmpty(keyPair.getPassword()) || keyPair.getPrivateKey() == null || keyPair.getPrivateKey().contains("NACL_FAILURE")) {
-                    final String attemptOutput = "Attempt " + (MAX_PASSWORD_ATTEMPTS-currentAttemptNumber+1) + " of " + MAX_PASSWORD_ATTEMPTS + ".";
+                if (Objects.nonNull(keyPair.getPassword()) && !keyPair.getPassword().isEmpty()
+                        || keyPair.getPrivateKey() == null
+                        || keyPair.getPrivateKey().contains("NACL_FAILURE")) {
+
+                    final String attemptOutput =
+                            "Attempt "
+                                    + (MAX_PASSWORD_ATTEMPTS - currentAttemptNumber + 1)
+                                    + " of "
+                                    + MAX_PASSWORD_ATTEMPTS
+                                    + ".";
                     System.out.println("Password for key[" + keyNumber + "] missing or invalid.");
                     System.out.println(attemptOutput + " Enter a password for the key");
                     final String pass = passwordReader.readPasswordFromConsole();

@@ -9,7 +9,6 @@
 import java.nio.file.Files;
 import java.nio.file.Path;
 import java.nio.file.Paths;
-import java.util.Collections;
 
 public class ConfigConverter implements CommandLine.ITypeConverter<Config> {
 
@@ -24,7 +23,7 @@ public Config convert(final String value) throws Exception {
         }
 
         try (InputStream in = Files.newInputStream(path)) {
-            return configFactory.create(in, Collections.emptyList());
+            return configFactory.create(in);
         }
     }
 }
@@ -1,10 +1,11 @@
 package com.quorum.tessera.cli.parsers;
 
 import com.quorum.tessera.config.Config;
-import com.quorum.tessera.config.ConfigFactory;
+import com.quorum.tessera.config.KeyConfiguration;
 import com.quorum.tessera.config.keypairs.ConfigKeyPair;
 import com.quorum.tessera.config.util.ConfigFileStore;
 import com.quorum.tessera.config.util.JaxbUtil;
+import com.quorum.tessera.io.FilesDelegate;
 import com.quorum.tessera.io.SystemAdapter;
 import org.apache.commons.cli.CommandLine;
 
@@ -15,29 +16,42 @@
 import java.nio.file.Files;
 import java.nio.file.Path;
 import java.nio.file.Paths;
-import java.util.Collections;
+import static java.nio.file.StandardOpenOption.APPEND;
 import java.util.List;
 import java.util.Objects;
 
 import static java.nio.file.StandardOpenOption.CREATE_NEW;
+import java.nio.file.attribute.PosixFilePermission;
+import java.util.ArrayList;
+import java.util.Set;
+import java.util.stream.Collectors;
+import java.util.stream.Stream;
 
 public class ConfigurationParser implements Parser<Config> {
 
-    private List<ConfigKeyPair> newlyGeneratedKeys = Collections.emptyList();
+    protected static final Set<PosixFilePermission> NEW_PASSWORD_FILE_PERMS =
+            Stream.of(PosixFilePermission.OWNER_READ, PosixFilePermission.OWNER_WRITE).collect(Collectors.toSet());
 
-    public ConfigurationParser withNewKeys(final List<ConfigKeyPair> newKeys) {
-        this.newlyGeneratedKeys = Objects.requireNonNull(newKeys);
-        return this;
+    private final List<ConfigKeyPair> newlyGeneratedKeys;
+
+    private final FilesDelegate filesDelegate;
+
+    public ConfigurationParser(List<ConfigKeyPair> newlyGeneratedKeys) {
+        this(newlyGeneratedKeys, FilesDelegate.create());
+    }
+
+    protected ConfigurationParser(List<ConfigKeyPair> newlyGeneratedKeys, FilesDelegate filesDelegate) {
+        this.newlyGeneratedKeys = Objects.requireNonNull(newlyGeneratedKeys);
+        this.filesDelegate = Objects.requireNonNull(filesDelegate);
     }
 
     @Override
     public Config parse(final CommandLine commandLine) throws IOException {
 
-        final ConfigFactory configFactory = ConfigFactory.create();
-
         Config config = null;
 
-        final boolean isGeneratingWithKeyVault = commandLine.hasOption("keygen") && commandLine.hasOption("keygenvaulturl");
+        final boolean isGeneratingWithKeyVault =
+                commandLine.hasOption("keygen") && commandLine.hasOption("keygenvaulturl");
 
         if (commandLine.hasOption("configfile") && !isGeneratingWithKeyVault) {
             final Path path = Paths.get(commandLine.getOptionValue("configfile"));
@@ -46,17 +60,25 @@ public Config parse(final CommandLine commandLine) throws IOException {
                 throw new FileNotFoundException(String.format("%s not found.", path));
             }
 
-            try (InputStream in = Files.newInputStream(path)) {
-                config = configFactory.create(in, newlyGeneratedKeys);
+            try (InputStream in = filesDelegate.newInputStream(path)) {
+                config = JaxbUtil.unmarshal(in, Config.class);
+
+                if (!newlyGeneratedKeys.isEmpty()) {
+                    if (config.getKeys() == null) {
+                        config.setKeys(new KeyConfiguration());
+                        config.getKeys().setKeyData(new ArrayList<>());
+                    }
+                    doPasswordStuff(config);
+                    config.getKeys().getKeyData().addAll(newlyGeneratedKeys);
+                }
             }
 
             if (!newlyGeneratedKeys.isEmpty()) {
-                //we have generated new keys, so we need to output the new configuration
+                // we have generated new keys, so we need to output the new configuration
                 output(commandLine, config);
             }
 
             ConfigFileStore.create(path);
-
         }
 
         return config;
@@ -73,6 +95,49 @@ private static void output(CommandLine commandLine, Config config) throws IOExce
         } else {
             JaxbUtil.marshal(config, SystemAdapter.INSTANCE.out());
         }
+    }
+
+    // create a file if it doesn't exist and set the permissions to be only
+    // read/write for the creator
+    private void createFile(Path fileToMake) {
+        boolean notExists = filesDelegate.notExists(fileToMake);
+        if (notExists) {
+            filesDelegate.createFile(fileToMake);
+            filesDelegate.setPosixFilePermissions(fileToMake, NEW_PASSWORD_FILE_PERMS);
+        }
+    }
+
+    public Config doPasswordStuff(Config config) {
+
+        final List<String> newPasswords =
+                newlyGeneratedKeys.stream().map(ConfigKeyPair::getPassword).collect(Collectors.toList());
+
+        if (config.getKeys().getPasswords() != null) {
+            config.getKeys().getPasswords().addAll(newPasswords);
+            return config;
+        }
+
+        if (config.getKeys().getPasswordFile() != null) {
+            Path passwordFile = config.getKeys().getPasswordFile();
+            createFile(passwordFile);
+            filesDelegate.write(passwordFile, newPasswords, APPEND);
+            return config;
+        }
+
+        /*
+         * Populate transient list of passwords that is consumed by KeyPasswordResolver
+         */
+        if (newPasswords.stream().anyMatch(Objects::nonNull) && config.getKeys().getKeyData() != null) {
 
+            final List<String> existingPasswords =
+                    config.getKeys().getKeyData().stream().map(k -> "").collect(Collectors.toList());
+
+            existingPasswords.addAll(newPasswords);
+            config.getKeys().setPasswords(existingPasswords);
+
+            return config;
+        }
+
+        return config;
     }
 }
@@ -2,15 +2,13 @@
 
 import com.quorum.tessera.config.Config;
 import com.quorum.tessera.config.ConfigFactory;
-import com.quorum.tessera.config.keypairs.ConfigKeyPair;
 
 import java.io.InputStream;
-import java.util.List;
 
 public class MockConfigFactory implements ConfigFactory {
 
     @Override
-    public Config create(InputStream configData, List<ConfigKeyPair> newkeys) {
+    public Config create(InputStream configData) {
         Config config = new Config();
 
         return config;