From e9c2090832abe0c07f7a9ac68d972aab29518af3 Mon Sep 17 00:00:00 2001 From: Michal Kit Date: Wed, 3 Jan 2018 11:26:45 +0000 Subject: [PATCH] Fixing the HSM service config overriding issue (#274) * Fixing the HSM service config overriding issue * Addressing review comments --- .../doorman/DoormanParameters.kt | 2 +- .../hsm/configuration/Configuration.kt | 25 ++----------------- .../doorman/DoormanParametersTest.kt | 2 +- .../hsm/configuration/ConfigurationTest.kt | 25 ++++++++++--------- .../src/test/resources/hsm.conf | 2 +- 5 files changed, 18 insertions(+), 38 deletions(-) diff --git a/network-management/src/main/kotlin/com/r3/corda/networkmanage/doorman/DoormanParameters.kt b/network-management/src/main/kotlin/com/r3/corda/networkmanage/doorman/DoormanParameters.kt index 9f786756ee..86efb279c8 100644 --- a/network-management/src/main/kotlin/com/r3/corda/networkmanage/doorman/DoormanParameters.kt +++ b/network-management/src/main/kotlin/com/r3/corda/networkmanage/doorman/DoormanParameters.kt @@ -89,7 +89,7 @@ fun parseParameters(vararg args: String): NetworkManagementServerParameters { } else { Paths.get(".") / "network-management.conf" } - check(configFile.isRegularFile()) { "Config file $configFile does not exist" } + require(configFile.isRegularFile()) { "Config file $configFile does not exist" } return argConfig.withFallback(ConfigFactory.parseFile(configFile.toFile(), ConfigParseOptions.defaults().setAllowMissing(true))) .resolve() diff --git a/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/configuration/Configuration.kt b/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/configuration/Configuration.kt index ddc34ff44c..b13ac5ba27 100644 --- a/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/configuration/Configuration.kt +++ b/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/configuration/Configuration.kt @@ -2,17 +2,10 @@ package com.r3.corda.networkmanage.hsm.configuration import com.r3.corda.networkmanage.common.utils.toConfigWithOptions import com.r3.corda.networkmanage.hsm.authentication.AuthMode -import com.r3.corda.networkmanage.hsm.configuration.Parameters.Companion.DEFAULT_AUTH_MODE -import com.r3.corda.networkmanage.hsm.configuration.Parameters.Companion.DEFAULT_CSR_CERTIFICATE_NAME -import com.r3.corda.networkmanage.hsm.configuration.Parameters.Companion.DEFAULT_DEVICE -import com.r3.corda.networkmanage.hsm.configuration.Parameters.Companion.DEFAULT_KEY_GEN_AUTH_THRESHOLD -import com.r3.corda.networkmanage.hsm.configuration.Parameters.Companion.DEFAULT_KEY_SPECIFIER -import com.r3.corda.networkmanage.hsm.configuration.Parameters.Companion.DEFAULT_ROOT_CERTIFICATE_NAME -import com.r3.corda.networkmanage.hsm.configuration.Parameters.Companion.DEFAULT_SIGN_AUTH_THRESHOLD -import com.r3.corda.networkmanage.hsm.configuration.Parameters.Companion.DEFAULT_SIGN_INTERVAL import com.typesafe.config.ConfigFactory import com.typesafe.config.ConfigParseOptions import net.corda.core.internal.div +import net.corda.core.internal.isRegularFile import net.corda.nodeapi.internal.config.parseAs import net.corda.nodeapi.internal.crypto.X509Utilities import net.corda.nodeapi.internal.persistence.DatabaseConfig @@ -69,21 +62,6 @@ fun parseParameters(vararg args: String): Parameters { val argConfig = args.toConfigWithOptions { accepts("basedir", "Overriding configuration filepath, default to current directory.").withRequiredArg().defaultsTo(".").describedAs("filepath") accepts("configFile", "Overriding configuration file.").withRequiredArg().defaultsTo("node.conf").describedAs("filepath") - accepts("device", "CryptoServer device address").withRequiredArg().defaultsTo(DEFAULT_DEVICE) - accepts("keyGroup", "CryptoServer key group").withRequiredArg() - accepts("keySpecifier", "CryptoServer key specifier").withRequiredArg().ofType(Int::class.java).defaultsTo(DEFAULT_KEY_SPECIFIER) - accepts("rootPrivateKeyPassword", "Password for the root certificate private key").withRequiredArg().describedAs("password") - accepts("csrPrivateKeyPassword", "Password for the CSR signing certificate private key").withRequiredArg().describedAs("password") - accepts("keyGenAuthThreshold", "Authentication strength threshold for the HSM key generation").withRequiredArg().ofType(Int::class.java).defaultsTo(DEFAULT_KEY_GEN_AUTH_THRESHOLD) - accepts("signAuthThreshold", "Authentication strength threshold for the HSM CSR signing").withRequiredArg().ofType(Int::class.java).defaultsTo(DEFAULT_SIGN_AUTH_THRESHOLD) - accepts("authMode", "Authentication mode. Allowed values: ${AuthMode.values().map(AuthMode::name)})").withRequiredArg().defaultsTo(DEFAULT_AUTH_MODE.name) - accepts("authKeyFilePath", "Key file path when authentication is based on a key file (i.e. authMode=${AuthMode.KEY_FILE.name})").withRequiredArg().describedAs("filepath") - accepts("authKeyFilePassword", "Key file password when authentication is based on a key file (i.e. authMode=${AuthMode.KEY_FILE.name})").withRequiredArg() - accepts("autoUsername", "Username to be used for certificate signing (if not specified it will be prompted for input)").withRequiredArg() - accepts("csrCertificateName", "Name of the certificate to be used by this CA to sign CSR").withRequiredArg().defaultsTo(DEFAULT_CSR_CERTIFICATE_NAME) - accepts("rootCertificateName", "Name of the root certificate to be used by this CA").withRequiredArg().defaultsTo(DEFAULT_ROOT_CERTIFICATE_NAME) - accepts("validDays", "Validity duration in days").withRequiredArg().ofType(Int::class.java) - accepts("signInterval", "Time interval (in seconds) in which network map is signed").withRequiredArg().ofType(Long::class.java).defaultsTo(DEFAULT_SIGN_INTERVAL) } val configFile = if (argConfig.hasPath("configFile")) { @@ -91,6 +69,7 @@ fun parseParameters(vararg args: String): Parameters { } else { Paths.get(argConfig.getString("basedir")) / "signing_service.conf" } + require(configFile.isRegularFile()) { "Config file $configFile does not exist" } val config = argConfig.withFallback(ConfigFactory.parseFile(configFile.toFile(), ConfigParseOptions.defaults().setAllowMissing(true))).resolve() return config.parseAs() diff --git a/network-management/src/test/kotlin/com/r3/corda/networkmanage/doorman/DoormanParametersTest.kt b/network-management/src/test/kotlin/com/r3/corda/networkmanage/doorman/DoormanParametersTest.kt index dbc55f67ea..d2b92b752a 100644 --- a/network-management/src/test/kotlin/com/r3/corda/networkmanage/doorman/DoormanParametersTest.kt +++ b/network-management/src/test/kotlin/com/r3/corda/networkmanage/doorman/DoormanParametersTest.kt @@ -25,7 +25,7 @@ class DoormanParametersTest { @Test fun `should fail when config file is missing`() { - val message = assertFailsWith { + val message = assertFailsWith { parseParameters("--config-file", "not-existing-file") }.message assertThat(message).contains("Config file ") diff --git a/network-management/src/test/kotlin/com/r3/corda/networkmanage/hsm/configuration/ConfigurationTest.kt b/network-management/src/test/kotlin/com/r3/corda/networkmanage/hsm/configuration/ConfigurationTest.kt index 78733b4b64..4d0701286a 100644 --- a/network-management/src/test/kotlin/com/r3/corda/networkmanage/hsm/configuration/ConfigurationTest.kt +++ b/network-management/src/test/kotlin/com/r3/corda/networkmanage/hsm/configuration/ConfigurationTest.kt @@ -3,6 +3,7 @@ package com.r3.corda.networkmanage.hsm.configuration import com.r3.corda.networkmanage.TestBase import com.r3.corda.networkmanage.hsm.authentication.AuthMode import com.typesafe.config.ConfigException +import org.assertj.core.api.Assertions import org.junit.Test import java.io.File import kotlin.test.assertEquals @@ -13,18 +14,10 @@ class ConfigurationTest : TestBase() { private val invalidConfigPath = File(javaClass.getResource("/hsm_fail.conf").toURI()).absolutePath @Test - fun `authMode is parsed correctly`() { - val paramsWithPassword = parseParameters("--configFile", validConfigPath, "--authMode", AuthMode.CARD_READER.name) - assertEquals(AuthMode.CARD_READER, paramsWithPassword.authMode) - val paramsWithCardReader = parseParameters("--configFile", validConfigPath, "--authMode", AuthMode.PASSWORD.name) - assertEquals(AuthMode.PASSWORD, paramsWithCardReader.authMode) - } - - @Test - fun `validDays duration is parsed correctly`() { - val expectedDuration = 360 - val paramsWithPassword = parseParameters("--configFile", validConfigPath, "--validDays", expectedDuration.toString()) - assertEquals(expectedDuration, paramsWithPassword.validDays) + fun `config file is parsed correctly`() { + val paramsWithPassword = parseParameters("--configFile", validConfigPath) + assertEquals(AuthMode.PASSWORD, paramsWithPassword.authMode) + assertEquals("3001@192.168.0.1", paramsWithPassword.device) } @Test @@ -34,4 +27,12 @@ class ConfigurationTest : TestBase() { parseParameters("--configFile", invalidConfigPath) } } + + @Test + fun `should fail when config file is missing`() { + val message = assertFailsWith { + com.r3.corda.networkmanage.doorman.parseParameters("--config-file", "not-existing-file") + }.message + Assertions.assertThat(message).contains("Config file ") + } } \ No newline at end of file diff --git a/network-management/src/test/resources/hsm.conf b/network-management/src/test/resources/hsm.conf index ad122311c8..774043c4bc 100644 --- a/network-management/src/test/resources/hsm.conf +++ b/network-management/src/test/resources/hsm.conf @@ -1,4 +1,4 @@ -device = "3001@127.0.0.1" +device = "3001@192.168.0.1" keyGroup = "DEV.DOORMAN" keySpecifier = -1 authMode = PASSWORD