Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add error message if using password list in config #941

Merged
merged 6 commits into from
Dec 6, 2019
Merged

Add error message if using password list in config #941

merged 6 commits into from
Dec 6, 2019

Conversation

chris-j-h
Copy link
Collaborator

@chris-j-h chris-j-h commented Dec 6, 2019
edited
Loading

Resolves #935.

The "password" field and --keys.passwords CLI override for tessera and tessera -keygen commands have already been disabled. This change provides feedback to users providing details of the alternative methods of providing passwords.

An empty password list (i.e. "passwords": []) is still allowed as no private password data is being provided in this case. This ensures existing configs such as those used in quorum examples are still supported.

Config validation is now carried out before the keyPasswordResolver checks passwords and attempts to decrypt keys. This is so that invalid configs using "passwords": [...] are caught early and do not result in the decryption of key data.

@chris-j-h chris-j-h added the 0.10.2 0.10.2 label Dec 6, 2019
@codecov-io
Copy link

codecov-io commented Dec 6, 2019
edited
Loading

Codecov Report

Merging #941 into master will increase coverage by 0.01%.
The diff coverage is 91.66%.

Impacted file tree graph

@@             Coverage Diff              @@
##             master     #941      +/-   ##
============================================
+ Coverage      99.3%   99.32%   +0.01%     
- Complexity     2075     2078       +3     
============================================
  Files           311      311              
  Lines          5781     5778       -3     
  Branches        326      326              
============================================
- Hits           5741     5739       -2     
  Misses            5        5              
+ Partials         35       34       -1
Impacted Files Coverage Δ Complexity Δ
...va/com/quorum/tessera/config/KeyConfiguration.java 100% <ø> (ø) 12 <0> (ø) ⬇️
...m/quorum/tessera/config/cli/DefaultCliAdapter.java 99.4% <100%> (ø) 24 <0> (ø) ⬇️
...main/java/com/quorum/tessera/io/FilesDelegate.java 100% <100%> (ø) 12 <1> (+1) ⬆️
...uorum/tessera/cli/parsers/ConfigurationParser.java 98.07% <90%> (+1.64%) 22 <2> (+2) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update bb4bafa...2087cc0. Read the comment docs.

@melowe melowe merged commit 8fdd19e into master Dec 6, 2019
@Krish1979 Krish1979 deleted the add-error-message-if-using-pwd-list branch December 6, 2019 17:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nicolae-leonte-go nicolae-leonte-go nicolae-leonte-go approved these changes

@melowe melowe Awaiting requested review from melowe

@namtruong namtruong Awaiting requested review from namtruong namtruong is a code owner

@prd-fox prd-fox Awaiting requested review from prd-fox

@SatpalSandhu61 SatpalSandhu61 Awaiting requested review from SatpalSandhu61

Assignees
No one assigned
Labels
0.10.2 0.10.2 cleanup
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Remove ability to provide key passwords directly in config to improve security
6 participants
@chris-j-h @codecov-io @nicolae-leonte-go @melowe @Krish1979 @namtruong