Commit b2a5f221 authored by Aliaksei Darafeyeu's avatar Aliaksei Darafeyeu
Browse files

moved cryptographyClient to corelib-azure

parent 0c05bc66
......@@ -30,7 +30,7 @@
<version>1.0.0-SNAPSHOT</version>
<properties>
<osdu.register-core.version>1.0.0</osdu.register-core.version>
<osdu.corelibazure.version>0.0.51</osdu.corelibazure.version>
<osdu.corelibazure.version>0.0.52.SNAPSHOT</osdu.corelibazure.version>
<azure.version>1.21.0</azure.version>
<azure-security-keyvault-keys.version>4.1.4</azure-security-keyvault-keys.version>
<azure-mgmt-eventgrid.version>1.0.0-beta-3</azure-mgmt-eventgrid.version>
......@@ -78,11 +78,6 @@
<artifactId>azure-mgmt-eventgrid</artifactId>
<version>${azure-mgmt-eventgrid.version}</version>
</dependency>
<dependency>
<groupId>com.azure</groupId>
<artifactId>azure-security-keyvault-keys</artifactId>
<version>${azure-security-keyvault-keys.version}</version>
</dependency>
<dependency>
<groupId>com.microsoft.azure</groupId>
<artifactId>azure</artifactId>
......
......@@ -58,8 +58,6 @@ public class AzureBootstrapConfig {
@Value("${azure.appResourceId}")
private String azureAppResourceId;
private String keyIdentifier;
private String azureSubscriptionId;
@Bean
......@@ -78,22 +76,6 @@ public class AzureBootstrapConfig {
azureSubscriptionId = getKeyVaultSecret(kv, "subscription-id");
}
private void setKeyIdentifier(SecretClient kv) {
keyIdentifier = getKeyVaultSecret(kv, "opendes-encryption-key-identifier");
}
@Bean
public CryptographyClient getCryptographyClient(SecretClient kv) {
setKeyIdentifier(kv);
setAzureSubscriptionId(kv);
TokenCredential credential = new DefaultAzureCredentialBuilder().build();
return new CryptographyClientBuilder()
.keyIdentifier(keyIdentifier)
.credential(credential)
.buildClient();
}
@Bean
public EventGridManager eventGridManager(SecretClient kv) {
setAzureSubscriptionId(kv);
......
package org.opengroup.osdu.register.provider.azure.util;
import java.nio.charset.StandardCharsets;
import java.util.Base64;
import org.opengroup.osdu.azure.cryptography.CryptographyClientFactory;
import org.opengroup.osdu.core.common.model.http.DpsHeaders;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import com.azure.security.keyvault.keys.cryptography.CryptographyClient;
import com.azure.security.keyvault.keys.cryptography.models.DecryptResult;
import com.azure.security.keyvault.keys.cryptography.models.EncryptResult;
import com.azure.security.keyvault.keys.cryptography.models.EncryptionAlgorithm;
import org.opengroup.osdu.register.provider.azure.di.AzureBootstrapConfig;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import java.nio.charset.StandardCharsets;
import java.util.Base64;
@Component
public class CryptographyUtil {
@Autowired
private CryptographyClient cryptographyClient;
@Autowired
private AzureBootstrapConfig azureBootstrapConfig;
public String encryptData(String plainText) {
EncryptResult encryptResult = cryptographyClient.encrypt(EncryptionAlgorithm.RSA_OAEP, plainText.getBytes());
byte[] val = encryptResult.getCipherText();
return Base64.getEncoder().encodeToString(val);
}
public String decryptData(String cipherText) {
DecryptResult decryptResult = cryptographyClient.decrypt(EncryptionAlgorithm.RSA_OAEP, Base64.getDecoder().decode(cipherText));
return new String(decryptResult.getPlainText(), StandardCharsets.UTF_8);
}
public String getKeyName() {
String keyIdentifier = azureBootstrapConfig.getKeyIdentifier();
String[] stringArray = keyIdentifier.split("/");
return stringArray[stringArray.length-2];
}
public String getKeyVersion() {
String keyIdentifier = azureBootstrapConfig.getKeyIdentifier();
String[] stringArray = keyIdentifier.split("/");
return stringArray[stringArray.length-1];
}
@Autowired
private CryptographyClientFactory factory;
@Autowired
private PartitionHelper partitionHelper;
@Autowired
private DpsHeaders headers;
public String encryptData(String plainText) {
CryptographyClient client = factory.getClient(headers.getPartitionId());
EncryptResult encryptResult = client.encrypt(EncryptionAlgorithm.RSA_OAEP, plainText.getBytes());
byte[] val = encryptResult.getCipherText();
return Base64.getEncoder().encodeToString(val);
}
public String decryptData(String cipherText) {
CryptographyClient client = factory.getClient(headers.getPartitionId());
DecryptResult decryptResult = client.decrypt(EncryptionAlgorithm.RSA_OAEP, Base64.getDecoder().decode(cipherText));
return new String(decryptResult.getPlainText(), StandardCharsets.UTF_8);
}
public String getKeyName() {
String keyIdentifier = partitionHelper.retrieveKeyIdentifier();
String[] stringArray = keyIdentifier.split("/");
return stringArray[stringArray.length - 2];
}
public String getKeyVersion() {
String keyIdentifier = partitionHelper.retrieveKeyIdentifier();
String[] stringArray = keyIdentifier.split("/");
return stringArray[stringArray.length - 1];
}
}
......@@ -23,4 +23,9 @@ public class PartitionHelper {
PartitionInfoAzure partition = partitionService.getPartition(headers.getPartitionId());
return partition.getEventGridRecordsTopicEndpoint().split("\\.")[0].replace("https://", "");
}
public String retrieveKeyIdentifier() {
PartitionInfoAzure partition = partitionService.getPartition(headers.getPartitionId());
return partition.getCryptographyEncryptionKeyIdentifier();
}
}
......@@ -22,8 +22,10 @@ import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
import org.mockito.InjectMocks;
import org.mockito.Mock;
import org.mockito.Mockito;
import org.mockito.junit.jupiter.MockitoExtension;
import org.opengroup.osdu.register.provider.azure.di.AzureBootstrapConfig;
import org.opengroup.osdu.azure.cryptography.CryptographyClientFactory;
import org.opengroup.osdu.core.common.model.http.DpsHeaders;
import static org.junit.jupiter.api.Assertions.assertEquals;
import static org.mockito.Mockito.doReturn;
......@@ -38,25 +40,27 @@ public class CryptographyUtilTest {
private static final byte[] bytesArray = new byte[] {1,2,3,4};
private static final String encodedData = "AQIDBA==";
private static final String keyIdentifier = "https://haaggarw-test-vault.vault.azure.net/keys/test-key/key-version";
@InjectMocks
private CryptographyUtil cryptographyUtil;
@Mock
private CryptographyClient cryptographyClient;
public static final String PARTITION_ID = "partitionId";
@Mock
private EncryptResult encryptResult;
@Mock
private DecryptResult decryptResult;
@Mock
private AzureBootstrapConfig azureBootstrapConfig;
private DpsHeaders headers;
@Mock
private CryptographyClientFactory factory;
@Mock
private PartitionHelper partitionHelper;
@InjectMocks
private CryptographyUtil cryptographyUtil;
@Test
public void shouldSuccessfullyReturnEncryptedData() {
when(encryptResult.getCipherText()).thenReturn(bytesArray);
when(headers.getPartitionId()).thenReturn(PARTITION_ID);
CryptographyClient cryptographyClient = Mockito.mock(CryptographyClient.class);
when(factory.getClient(PARTITION_ID)).thenReturn(cryptographyClient);
doReturn(encryptResult).when(cryptographyClient).encrypt(EncryptionAlgorithm.RSA_OAEP, plainText.getBytes());
String result = cryptographyUtil.encryptData(plainText);
......@@ -69,6 +73,9 @@ public class CryptographyUtilTest {
@Test
public void shouldSuccessfullyReturnDecryptedData() {
when(decryptResult.getPlainText()).thenReturn(plainText.getBytes());
when(headers.getPartitionId()).thenReturn(PARTITION_ID);
CryptographyClient cryptographyClient = Mockito.mock(CryptographyClient.class);
when(factory.getClient(PARTITION_ID)).thenReturn(cryptographyClient);
doReturn(decryptResult).when(cryptographyClient).decrypt(EncryptionAlgorithm.RSA_OAEP, bytesArray);
String result = cryptographyUtil.decryptData(encodedData);
......@@ -80,20 +87,20 @@ public class CryptographyUtilTest {
@Test
public void shouldReturnKeyName() {
when(azureBootstrapConfig.getKeyIdentifier()).thenReturn(keyIdentifier);
when(partitionHelper.retrieveKeyIdentifier()).thenReturn(keyIdentifier);
String result = cryptographyUtil.getKeyName();
assertEquals("test-key", result);
verify(azureBootstrapConfig, times(1)).getKeyIdentifier();
verify(partitionHelper, times(1)).retrieveKeyIdentifier();
}
@Test
public void shouldReturnKeyVersion() {
when(azureBootstrapConfig.getKeyIdentifier()).thenReturn(keyIdentifier);
when(partitionHelper.retrieveKeyIdentifier()).thenReturn(keyIdentifier);
String result = cryptographyUtil.getKeyVersion();
assertEquals("key-version", result);
verify(azureBootstrapConfig, times(1)).getKeyIdentifier();
verify(partitionHelper, times(1)).retrieveKeyIdentifier();
}
}
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment