summaryrefslogtreecommitdiffstats
path: root/controller-server
diff options
context:
space:
mode:
authorTor Brede Vekterli <vekterli@yahooinc.com>2023-02-14 15:43:12 +0100
committerTor Brede Vekterli <vekterli@yahooinc.com>2023-02-14 15:43:12 +0100
commit6a67710bf3fc737b87d6e9a3c435bb7784c48900 (patch)
tree8d39707589d792d1ac681eccff47caf93230fc5b /controller-server
parent251bd6d0b21aa2ddac8ef82338f40d37ffc4990f (diff)
Support dots in key name used for resealing
Diffstat (limited to 'controller-server')
-rw-r--r--controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/controller/DecryptionTokenResealer.java9
-rw-r--r--controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ControllerContainerTest.java2
-rw-r--r--controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/controller/ControllerApiTest.java21
3 files changed, 19 insertions, 13 deletions
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/controller/DecryptionTokenResealer.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/controller/DecryptionTokenResealer.java
index 7addf83c67c..b3d966d20c9 100644
--- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/controller/DecryptionTokenResealer.java
+++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/controller/DecryptionTokenResealer.java
@@ -21,17 +21,18 @@ import static com.yahoo.vespa.hosted.controller.restapi.controller.RequestUtils.
class DecryptionTokenResealer {
private static int checkKeyNameAndExtractVersion(KeyId tokenKeyId, String expectedKeyName) {
- String[] components = tokenKeyId.asString().split("\\.");
- if (components.length != 2) {
+ String keyStr = tokenKeyId.asString();
+ int versionSepIdx = keyStr.lastIndexOf('.');
+ if (versionSepIdx == -1) {
throw new IllegalArgumentException("Key ID is not of the form 'name.version'");
}
- String keyName = components[0];
+ String keyName = keyStr.substring(0, versionSepIdx);
if (!expectedKeyName.equals(keyName)) {
throw new IllegalArgumentException("Token is not generated for the expected key");
}
int keyVersion;
try {
- keyVersion = Integer.parseInt(components[1]);
+ keyVersion = Integer.parseInt(keyStr.substring(versionSepIdx + 1));
} catch (IllegalArgumentException e) {
throw new IllegalArgumentException("Key version is not a valid integer");
}
diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ControllerContainerTest.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ControllerContainerTest.java
index 48f9d46fefb..7522f42f91b 100644
--- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ControllerContainerTest.java
+++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ControllerContainerTest.java
@@ -63,7 +63,7 @@ public class ControllerContainerTest {
</rotations>
</config>
<config name="vespa.hosted.controller.config.core-dump-token-resealing">
- <resealingPrivateKeyName>a-really-cool-key</resealingPrivateKeyName>
+ <resealingPrivateKeyName>a.really.cool.key</resealingPrivateKeyName>
</config>
<accesslog type='disabled'/>
diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/controller/ControllerApiTest.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/controller/ControllerApiTest.java
index a4b18a06fb8..e3a0684771c 100644
--- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/controller/ControllerApiTest.java
+++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/controller/ControllerApiTest.java
@@ -220,11 +220,11 @@ public class ControllerApiTest extends ControllerContainerTest {
@Test
void decryption_token_reseal_request_succeeds_when_matching_versioned_key_found() {
- var reqData = createResealingRequestData("a-really-cool-key.123"); // Must match key name in config
+ var reqData = createResealingRequestData("a.really.cool.key.123"); // Must match key name in config
var secret = hex(reqData.originalSecretSharedKey.secretKey().getEncoded());
var secretStore = (SecretStoreMock)tester.controller().secretStore();
- secretStore.setSecret("a-really-cool-key", KeyUtils.toBase58EncodedX25519PrivateKey((XECPrivateKey)reqData.originalReceiverKeyPair.getPrivate()), 123);
+ secretStore.setSecret("a.really.cool.key", KeyUtils.toBase58EncodedX25519PrivateKey((XECPrivateKey)reqData.originalReceiverKeyPair.getPrivate()), 123);
tester.assertResponse(
() -> operatorRequest("http://localhost:8080/controller/v1/access/cores/reseal", requestJsonOf(reqData), Request.Method.POST),
@@ -238,7 +238,7 @@ public class ControllerApiTest extends ControllerContainerTest {
@Test
void decryption_token_reseal_request_fails_when_unexpected_key_name_is_supplied() {
- var reqData = createResealingRequestData("a-really-cool-but-non-existing-key.123");
+ var reqData = createResealingRequestData("a.really.cool.but.non.existing.key.123");
tester.assertResponse(
() -> operatorRequest("http://localhost:8080/controller/v1/access/cores/reseal", requestJsonOf(reqData), Request.Method.POST),
"{\"error-code\":\"BAD_REQUEST\",\"message\":\"Token is not generated for the expected key\"}",
@@ -247,10 +247,10 @@ public class ControllerApiTest extends ControllerContainerTest {
@Test
void secret_key_lookup_does_not_use_key_id_provided_in_user_supplied_token() {
- var reqData = createResealingRequestData("a-sneaky-key.123");
+ var reqData = createResealingRequestData("a.sneaky.key.123");
var secretStore = (SecretStoreMock)tester.controller().secretStore();
// Token key ID is technically valid, but should not be used. Only config should be obeyed.
- secretStore.setSecret("a-sneaky-key", KeyUtils.toBase58EncodedX25519PrivateKey((XECPrivateKey)reqData.originalReceiverKeyPair.getPrivate()), 123);
+ secretStore.setSecret("a.sneaky.key", KeyUtils.toBase58EncodedX25519PrivateKey((XECPrivateKey)reqData.originalReceiverKeyPair.getPrivate()), 123);
tester.assertResponse(
() -> operatorRequest("http://localhost:8080/controller/v1/access/cores/reseal", requestJsonOf(reqData), Request.Method.POST),
@@ -281,17 +281,22 @@ public class ControllerApiTest extends ControllerContainerTest {
400);
tester.assertResponse(
() -> operatorRequest("http://localhost:8080/controller/v1/access/cores/reseal",
- requestJsonOf(createResealingRequestData("a-really-cool-key.123asdf")), Request.Method.POST),
+ requestJsonOf(createResealingRequestData("a.really.cool.key.123asdf")), Request.Method.POST),
"{\"error-code\":\"BAD_REQUEST\",\"message\":\"Key version is not a valid integer\"}",
400);
tester.assertResponse(
() -> operatorRequest("http://localhost:8080/controller/v1/access/cores/reseal",
- requestJsonOf(createResealingRequestData("a-really-cool-key.-123")), Request.Method.POST),
+ requestJsonOf(createResealingRequestData("a.really.cool.key.")), Request.Method.POST),
+ "{\"error-code\":\"BAD_REQUEST\",\"message\":\"Key version is not a valid integer\"}",
+ 400);
+ tester.assertResponse(
+ () -> operatorRequest("http://localhost:8080/controller/v1/access/cores/reseal",
+ requestJsonOf(createResealingRequestData("a.really.cool.key.-123")), Request.Method.POST),
"{\"error-code\":\"BAD_REQUEST\",\"message\":\"Key version is out of range\"}",
400);
tester.assertResponse(
() -> operatorRequest("http://localhost:8080/controller/v1/access/cores/reseal",
- requestJsonOf(createResealingRequestData("a-really-cool-key.%d".formatted((long)Integer.MAX_VALUE + 1))), Request.Method.POST),
+ requestJsonOf(createResealingRequestData("a.really.cool.key.%d".formatted((long)Integer.MAX_VALUE + 1))), Request.Method.POST),
"{\"error-code\":\"BAD_REQUEST\",\"message\":\"Key version is not a valid integer\"}",
400);
}