honeymoose
/
OpenSearch
mirror of https://github.com/honeymoose/OpenSearch.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'dev' into es_integration 

Original commit: elastic/x-pack-elasticsearch@7b3a74f175
This commit is contained in:
Areek Zillur 2014-10-07 12:38:24 -04:00
parent 58c266ce13 1da4b89311
commit a034f96497
10 changed files with 129 additions and 178 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
README.md
View File

@ -13,38 +13,37 @@ Generates a 2048-bit RSA public/private key pair to be used for license generati
**Note:** Errors if provided file paths for public/private already exists
**Output** - public/private key in the location provided with the provided key password
**Output** - public/private key in the location provided
**Options:**
`--publicKeyPath` - path to store the public key
`--privateKeyPath` - path to store the private key
`--keyPass` - password for the key pair
**Example Usage:**
```bash
$ bin/key-pair-generator --publicKeyPath ~/.es_temp_license/pub.key --privateKeyPath ~/.es_temp_license/pri.key --keyPass ab
$ bin/key-pair-generator --publicKeyPath ~/.es_temp_license/pub.key --privateKeyPath ~/.es_temp_license/pri.key
```
Outputs the public key to `~/.es_temp_license/pub.key`, private key to `~/.es_temp_license/pri.key` securing the key pair with the provided `--keyPass` of `ab`
Outputs the public key to `~/.es_temp_license/pub.key`, private key to `~/.es_temp_license/pri.key`
### bin/license-generator
Generates a signed license given a licensing spec and keyPair location
**Note:** a `license spec` (see format below) can be provided in two ways, using `--license` allows for passing the spec as a string using `--licenseFile` allows passing in a file that has the license spec
**Output** - a signed license based on the provided `license spec`, private/public key location and password
**Output** - a signed license based on the provided `license spec`, private/public key location
**Options:**
`--license` - license spec as a string (optional when `--licenseFile` is provided)
`--licenseFile` - path to a license spec file (optional when `--license` is provided)
`--publicKeyPath` - path to retrieve the public key
`--privateKeyPath` - path to retrieve the private key
`--keyPass` - password for the key pair provided
**License Spec format:**
```
{
"licenses": [
{
"uid": STRING (optional, if not provided a random UUID is generated)
"type": STRING (“trial” | “internal” | “subscription”),
"subscription_type": STRING (“none” | “gold” | “silver” | “platinum”),
"issued_to": STRING,
@ -83,7 +82,7 @@ $ cat license_spec.json
# generate a signed license according to license_spec.json using the private/public keypair
$ bin/license-generator --publicKeyPath ~/.es_temp_license/pub.key --privateKeyPath ~/.es_temp_license/pri.key --keyPass ab --licenseFile license_spec.json > gen_license.json
$ bin/license-generator --publicKeyPath ~/.es_temp_license/pub.key --privateKeyPath ~/.es_temp_license/pri.key --licenseFile license_spec.json > gen_license.json
# generated license for license_spec.json
@ -117,14 +116,41 @@ One licenses that only retains effective sub-licenses for all the licenses provi
**Options:**
`--licensesFiles` - a set of **generated** licenses files separated by `:`
`--licenses` - a **generated** licenses as string (multiple licenses could be inputted by repeating the parameter)
`--publicKeyPath` - path to retrieve the public key
`--keyPass` - password for the key pair provided
**Example Usage:**
```
```bash
# the output will be the same as the content of gen_license.json (as all the licenses are valid and not expired)
# in order to merge multiple licenses file use --licensesFiles file1.json:file2.json
$ bin/verify-license --publicKeyPath ~/.es_temp_license/pub.key --keyPass ab --licensesFiles gen_license.json
$ bin/verify-license --publicKeyPath ~/.es_temp_license/pub.key --licensesFiles gen_license.json
# example using verify-license with multiple licenses json as string
$ bin/verify-license --publicKeyPath ~/.es_temp_license/pub.key --licenses `cat generated_license1.json` --licenses `cat generated_license2.json`
```
## Workflow
A public/private key pair has to be generated before license generation
```bash
# store public/private key pair to PUBLIC_KEY_FILE_PATH and PRIVATE_KEY_FILE_PATH respectively
$ bin/key-pair-generator --publicKeyPath PUBLIC_KEY_FILE_PATH --privateKeyPath PRIVATE_KEY_FILE_PATH
```
### License Generation
```bash
# generate a license for a requested feature for a customer with a LICENSE_SPEC (format shown above)
$ bin/license-generator --publicKeyPath PUBLIC_KEY_FILE_PATH --privateKeyPath PRIVATE_KEY_FILE_PATH --license LICENSE_SPEC > GENERATED_LICENSE
# check any existing valid licenses already issued to the customer from the data store; grab the last generated license file for the customer
# as EXISTING_LICENSE
# use verify-license to generate en EFFECTIVE_LICENSE for the customer for distribution
$ bin/verify-license --publicKeyPath PUBLIC_KEY_FILE_PATH --privateKeyPath PRIVATE_KEY_FILE_PATH --licenses GENERATED_LICENSE_STRING --licenses EXISTING_LICENSE_STRING > EFFECTIVE_LICENSE
```

13
sample/gen_license.json
View File

@ -1,13 +0,0 @@
{
"licenses" : [ {
"uid" : "d8bcf9e8-bcb0-4f72-81ca-8a7537a436c5",
"type" : "internal",
"subscription_type" : "none",
"issued_to" : "issuedTo",
"issue_date" : "2014-09-29",
"expiry_date" : "2015-08-29",
"feature" : "shield",
"max_nodes" : 1,
"signature" : "naPgicfKM2+IJ0AoYgAAAG0AAAAAVGdIQ01qZUtCeEZNbS8wcTF4RU5mYUpiY01hdFlQNEVkdFJhYitoZndrSTI5eVZrY3ZRZ3lYU0s1QWdYb0Y5d1dBQmRUK01leE1aR0RUOHhoRVVhVUE9PaztAAVzcgAxbmV0Lm5pY2hvbGFzd2lsbGlhbXMuamF2YS5saWNlbnNpbmcuU2lnbmVkTGljZW5zZYqE/59+smqEAgACWwAObGljZW5zZUNvbnRlbnR0AAJbQlsAEHNpZ25hdHVyZUNvbnRlbnRxAH4AAXhwdXIAAltCrPMX+AYIVOACAAB4cAAAAMCsH5r77/8FtWY+JxKd9MiBTYQLcXgmXMm+Y83VaNwmlr1lASJ2yf7rWojiuHTWemtUNtOZcXeSrLfs/oKwBzXIfvEZV8X/vPCWnpi7VtU4Hp+OZUFO4c0NQ1PnVdDk1uns16Dqe99/ota3FSvdFrmlzkz2E+2bbx0fwWbKnGDXFXy6eE7OISRJdCqa8gljMo9PA1+RI7MFQ8bSzs9up0cEkSuPzgtafFW5zfyn2vpoPZTxDpJslTBk7S3mdchE0eJ1cQB+AAMAAAEAdikZHpJVMxWMxNsksYnNOD7F+15SK3MCtUWJnQdhYCuVHdKQUE3YxWv59QQuDmKuLbnvi0DsuPGlq3hEx0AXmbpaBOhkwTv3DKZH7V6C0YmXj7RLZobaDTtGY2pwV6Qf5+teq5dV493a1k6YGFiwUoERuWQxqmA36naLdVo2diCSh8QmZ4ihKnhqxwswh2TlnCVuaNN3E7HuGeE0wYgFEfgISJOFlEOnLOItRlrQOTzCq+mhASKbANxx/Z42eMGrgs+GJsxYQZfnBh8K3NQFQk2SjWR1sEgqUPXC+0Z7ungzkkwoSBbrdJfRPKbqXFDthWI1DY9SSZnTbwpUC2XA6Q=="
} ]
}

29
src/main/java/org/elasticsearch/license/licensor/ESLicenseSigner.java
View File

@ -28,34 +28,28 @@ import static org.elasticsearch.license.core.ESLicenses.ESLicense;
public class ESLicenseSigner {
public static String DEFAULT_PASS_PHRASE = "elasticsearch-license";
private final static int VERSION_START = 0;
private final static int VERSION = VERSION_START;
private final static int MAGIC_LENGTH = 13;
private final LicenseCreator licenseCreator;
private final SignerOptions options;
public static class SignerOptions {
final String privateKeyPath;
final String publicKeyPath;
final String password;
private final Path publicKeyPath;
public SignerOptions(String privateKeyPath, String publicKeyPath, String password) {
this.privateKeyPath = privateKeyPath;
this.publicKeyPath = publicKeyPath;
this.password = password;
}
public ESLicenseSigner(final String privateKeyPath, final String publicKeyPath) {
this(Paths.get(privateKeyPath), Paths.get(publicKeyPath));
}
public ESLicenseSigner(final SignerOptions options) {
public ESLicenseSigner(final Path privateKeyPath, final Path publicKeyPath) {
LicenseCreatorProperties.setPrivateKeyDataProvider(new PrivateKeyDataProvider() {
@Override
public byte[] getEncryptedPrivateKeyData() throws KeyNotFoundException {
Path privateKeyFile = Paths.get(options.privateKeyPath);
assert privateKeyFile.toFile().exists();
assert privateKeyPath.toFile().exists();
try {
return Files.readAllBytes(privateKeyFile);
return Files.readAllBytes(privateKeyPath);
} catch (IOException e) {
e.printStackTrace();
throw new IllegalStateException(e);
@ -64,13 +58,14 @@ public class ESLicenseSigner {
}
});
LicenseCreatorProperties.setPrivateKeyPasswordProvider(new PasswordProvider() {
@Override
public char[] getPassword() {
return options.password.toCharArray();
return Hasher.hash(DEFAULT_PASS_PHRASE).toCharArray();
}
});
this.licenseCreator = LicenseCreator.getInstance();
this.options = options;
this.publicKeyPath = publicKeyPath;
}
public ESLicenses sign(ESLicenses esLicenses) throws IOException {
@ -108,7 +103,7 @@ public class ESLicenseSigner {
random.nextBytes(magic);
final byte[] licenseSignature = licenseCreator.signAndSerializeLicense(license);
final byte[] hash = Hasher.hash(Base64.encodeBase64String(
Files.readAllBytes(Paths.get(options.publicKeyPath)))
Files.readAllBytes(publicKeyPath))
).getBytes(Charset.forName("UTF-8"));
int headerLength = MAGIC_LENGTH + hash.length + 4 + 4;
byte[] bytes = new byte[headerLength + licenseSignature.length];

22
src/main/java/org/elasticsearch/license/licensor/tools/KeyPairGeneratorTool.java
View File

@ -5,6 +5,7 @@
*/
package org.elasticsearch.license.licensor.tools;
import net.nicholaswilliams.java.licensing.encryption.Hasher;
import net.nicholaswilliams.java.licensing.encryption.RSAKeyPairGenerator;
import net.nicholaswilliams.java.licensing.exception.AlgorithmNotSupportedException;
import net.nicholaswilliams.java.licensing.exception.InappropriateKeyException;
@ -16,22 +17,21 @@ import java.security.KeyPair;
public class KeyPairGeneratorTool {
public static String DEFAULT_PASS_PHRASE = "elasticsearch-license";
static class Options {
private final String publicKeyFilePath;
private final String privateKeyFilePath;
private final String keyPass;
Options(String publicKeyFilePath, String privateKeyFilePath, String keyPass) {
Options(String publicKeyFilePath, String privateKeyFilePath) {
this.publicKeyFilePath = publicKeyFilePath;
this.privateKeyFilePath = privateKeyFilePath;
this.keyPass = keyPass;
}
}
private static Options parse(String[] args) {
String privateKeyPath = null;
String publicKeyPath = null;
String keyPass = null;
for (int i = 0; i < args.length; i++) {
String command = args[i];
@ -42,9 +42,6 @@ public class KeyPairGeneratorTool {
case "--privateKeyPath":
privateKeyPath = args[++i];
break;
case "--keyPass":
keyPass = args[++i];
break;
}
}
@ -54,11 +51,8 @@ public class KeyPairGeneratorTool {
if (privateKeyPath == null) {
throw new IllegalArgumentException("mandatory option '--privateKeyPath' is missing");
}
if (keyPass == null) {
throw new IllegalArgumentException("mandatory option '--keyPass' is missing");
}
return new Options(publicKeyPath, privateKeyPath, keyPass);
return new Options(publicKeyPath, privateKeyPath);
}
public static void main(String[] args) throws IOException {
@ -76,7 +70,7 @@ public class KeyPairGeneratorTool {
throw new IllegalArgumentException("public key already exists in " + options.publicKeyFilePath);
}
KeyPair keyPair = generateKeyPair(options.privateKeyFilePath, options.publicKeyFilePath, options.keyPass);
KeyPair keyPair = generateKeyPair(options.privateKeyFilePath, options.publicKeyFilePath);
if (keyPair != null) {
printStream.println("Successfully generated new keyPair [publicKey: " + options.publicKeyFilePath + ", privateKey: " + options.privateKeyFilePath + "]");
printStream.flush();
@ -88,7 +82,7 @@ public class KeyPairGeneratorTool {
}
private static KeyPair generateKeyPair(String privateKeyFileName, String publicKeyFileName, String password) {
private static KeyPair generateKeyPair(String privateKeyFileName, String publicKeyFileName) {
RSAKeyPairGenerator generator = new RSAKeyPairGenerator();
KeyPair keyPair;
@ -99,7 +93,7 @@ public class KeyPairGeneratorTool {
}
try {
generator.saveKeyPairToFiles(keyPair, privateKeyFileName, publicKeyFileName, password.toCharArray());
generator.saveKeyPairToFiles(keyPair, privateKeyFileName, publicKeyFileName, Hasher.hash(DEFAULT_PASS_PHRASE).toCharArray());
} catch (IOException | AlgorithmNotSupportedException | InappropriateKeyException | InappropriateKeySpecificationException e) {
throw new IllegalStateException(e);
}

15
src/main/java/org/elasticsearch/license/licensor/tools/LicenseGeneratorTool.java
View File

@ -21,13 +21,11 @@ public class LicenseGeneratorTool {
private final String licensesInput;
private final String publicKeyFilePath;
private final String privateKeyFilePath;
private final String keyPass;
Options(String licensesInput, String publicKeyFilePath, String privateKeyFilePath, String keyPass) {
Options(String licensesInput, String publicKeyFilePath, String privateKeyFilePath) {
this.licensesInput = licensesInput;
this.publicKeyFilePath = publicKeyFilePath;
this.privateKeyFilePath = privateKeyFilePath;
this.keyPass = keyPass;
}
}
@ -36,7 +34,6 @@ public class LicenseGeneratorTool {
String licenseFilePath = null;
String privateKeyPath = null;
String publicKeyPath = null;
String keyPass = null;
for (int i = 0; i < args.length; i++) {
String command = args[i].trim();
@ -53,9 +50,6 @@ public class LicenseGeneratorTool {
case "--privateKeyPath":
privateKeyPath = args[++i];
break;
case "--keyPass":
keyPass = args[++i];
break;
}
}
@ -75,11 +69,8 @@ public class LicenseGeneratorTool {
if (privateKeyPath == null) {
throw new IllegalArgumentException("mandatory option '--privateKeyPath' is missing");
}
if (keyPass == null) {
throw new IllegalArgumentException("mandatory option '--keyPass' is missing");
}
return new Options(licenseInput, publicKeyPath, privateKeyPath, keyPass);
return new Options(licenseInput, publicKeyPath, privateKeyPath);
}
public static void main(String[] args) throws IOException {
@ -91,7 +82,7 @@ public class LicenseGeneratorTool {
ESLicenses esLicenses = LicenseUtils.readLicensesFromString(options.licensesInput);
ESLicenseSigner signer = new ESLicenseSigner(new ESLicenseSigner.SignerOptions(options.privateKeyFilePath, options.publicKeyFilePath, options.keyPass));
ESLicenseSigner signer = new ESLicenseSigner(options.privateKeyFilePath, options.publicKeyFilePath);
ESLicenses signedLicences = signer.sign(esLicenses);
LicenseUtils.dumpLicenseAsJson(signedLicences, out);

77
src/main/java/org/elasticsearch/license/licensor/tools/LicenseVerificationTool.java
View File

@ -19,35 +19,42 @@ import java.util.Set;
public class LicenseVerificationTool {
static class Options {
private final Set<File> licensesFiles;
private final Set<ESLicenses> licenses;
private final String publicKeyFilePath;
private final String keyPass;
Options(Set<File> licensesFiles, String publicKeyFilePath, String keyPass) {
this.licensesFiles = licensesFiles;
Options(Set<ESLicenses> licenses, String publicKeyFilePath) {
this.licenses = licenses;
this.publicKeyFilePath = publicKeyFilePath;
this.keyPass = keyPass;
}
static Set<File> asFiles(Set<String> filePaths) {
Set<File> files = new HashSet<>(filePaths.size());
for (String filePath : filePaths) {
final File file = new File(filePath);
if (file.exists()) {
files.add(file);
} else {
throw new IllegalArgumentException(file.getAbsolutePath() + " does not exist!");
}
}
return files;
}
}
private static Options parse(String[] args) {
static Set<ESLicenses> asLicensesFromFiles(Set<String> filePaths) throws IOException {
Set<ESLicenses> licenses = new HashSet<>(filePaths.size());
for (String filePath : filePaths) {
final File file = new File(filePath);
if (file.exists()) {
licenses.add(LicenseUtils.readLicenseFile(file));
} else {
throw new IllegalArgumentException(file.getAbsolutePath() + " does not exist!");
}
}
return licenses;
}
static Set<ESLicenses> asLicensesFromStrings(Set<String> fileContents) throws IOException {
Set<ESLicenses> licenses = new HashSet<>(fileContents.size());
for (String fileContent : fileContents) {
licenses.add(LicenseUtils.readLicensesFromString(fileContent));
}
return licenses;
}
private static Options parse(String[] args) throws IOException {
Set<String> licenseFilePaths = null;
Set<File> licenseFiles = null;
Set<String> licensesContents = new HashSet<>();
Set<ESLicenses> licenses = null;
String publicKeyPath = null;
String keyPass = null;
for (int i = 0; i < args.length; i++) {
String command = args[i];
@ -56,29 +63,28 @@ public class LicenseVerificationTool {
licenseFilePaths = new HashSet<>();
licenseFilePaths.addAll(Arrays.asList(args[++i].split(":")));
break;
case "--licenses":
licensesContents.add(args[++i]);
break;
case "--publicKeyPath":
publicKeyPath = args[++i];
break;
case "--keyPass":
keyPass = args[++i];
break;
}
}
if (licenseFilePaths == null) {
throw new IllegalArgumentException("mandatory option '--licensesFiles' is missing");
if (licenseFilePaths == null && licensesContents.size() == 0) {
throw new IllegalArgumentException("mandatory option '--licensesFiles' or '--licenses' is missing");
} else if (licenseFilePaths != null) {
licenses = asLicensesFromFiles(licenseFilePaths);
} else if (licensesContents.size() > 0) {
licenses = asLicensesFromStrings(licensesContents);
} else {
licenseFiles = Options.asFiles(licenseFilePaths);
if (licenseFiles.size() == 0) {
throw new IllegalArgumentException("no license file found for provided license files");
}
throw new IllegalArgumentException("no licenses could be extracted");
}
if (publicKeyPath == null) {
throw new IllegalArgumentException("mandatory option '--publicKeyPath' is missing");
}
if (keyPass == null) {
throw new IllegalArgumentException("mandatory option '--keyPass' is missing");
}
return new Options(licenseFiles, publicKeyPath, keyPass);
assert licenses != null;
return new Options(licenses, publicKeyPath);
}
public static void main(String[] args) throws IOException {
@ -88,11 +94,8 @@ public class LicenseVerificationTool {
public static void run(String[] args, OutputStream out) throws IOException {
Options options = parse(args);
// read licenses
Set<ESLicenses> esLicensesSet = LicenseUtils.readLicensesFromFiles(options.licensesFiles);
// verify licenses
ESLicenseManager licenseManager = new ESLicenseManager(esLicensesSet, options.publicKeyFilePath, options.keyPass);
ESLicenseManager licenseManager = new ESLicenseManager(options.licenses, options.publicKeyFilePath);
licenseManager.verifyLicenses();
// dump effective licences

21
src/main/java/org/elasticsearch/license/manager/ESLicenseManager.java
View File

@ -41,19 +41,19 @@ public class ESLicenseManager {
private final ESLicenses esLicenses;
private final FilePublicKeyDataProvider publicKeyDataProvider;
public ESLicenseManager(Set<ESLicenses> esLicensesSet, String publicKeyFile, String password) throws IOException {
public ESLicenseManager(Set<ESLicenses> esLicensesSet, String publicKeyFile) throws IOException {
this.publicKeyDataProvider = new FilePublicKeyDataProvider(publicKeyFile);
this.esLicenses = merge(esLicensesSet);
LicenseManagerProperties.setLicenseProvider(new ESLicenseProvider());
LicenseManagerProperties.setPublicKeyDataProvider(publicKeyDataProvider);
LicenseManagerProperties.setLicenseValidator(new DefaultLicenseValidator());
LicenseManagerProperties.setPublicKeyPasswordProvider(new ESPublicKeyPasswordProvider(password));
LicenseManagerProperties.setPublicKeyPasswordProvider(new ESPublicKeyPasswordProvider());
this.licenseManager = LicenseManager.getInstance();
}
public ESLicenseManager(ESLicenses esLicenses, String publicKeyFile, String password) throws IOException {
this(Collections.singleton(esLicenses), publicKeyFile, password);
public ESLicenseManager(ESLicenses esLicenses, String publicKeyFile) throws IOException {
this(Collections.singleton(esLicenses), publicKeyFile);
}
private static ESLicenses merge(Set<ESLicenses> esLicensesSet) {
@ -129,7 +129,7 @@ public class ESLicenseManager {
&& license.getHolder().equals(eslicense.issuedTo())
&& license.getIssueDate() == eslicense.issueDate()
&& license.getGoodBeforeDate() == eslicense.expiryDate();
assert license.getFeatures().size() == 4 : "one license should have only four feature";
assert license.getFeatures().size() == 4 : "one license should have only four features";
String maxNodesPrefix = "maxNodes:";
String typePrefix = "type:";
String subscriptionTypePrefix = "subscription_type:";
@ -137,6 +137,7 @@ public class ESLicenseManager {
boolean featureValid = false;
boolean typeValid = false;
boolean subscriptionTypeValid = false;
for (License.Feature feature : license.getFeatures()) {
String featureName = feature.getName();
if (featureName.startsWith(maxNodesPrefix)) {
@ -151,6 +152,7 @@ public class ESLicenseManager {
}
}
if (!licenseValid || !featureValid || !maxNodesValid || !typeValid || !subscriptionTypeValid) {
//only for debugging
String msg = "licenseValid: " + licenseValid + "\n" +
"featureValid: " + featureValid + "\n" +
"maxNodeValide: " + maxNodesValid + "\n" +
@ -255,16 +257,11 @@ public class ESLicenseManager {
}
private class ESPublicKeyPasswordProvider implements PasswordProvider {
private final String pass;
private ESPublicKeyPasswordProvider(String pass) {
this.pass = pass;
}
private final String DEFAULT_PASS_PHRASE = "elasticsearch-license";
@Override
public char[] getPassword() {
return pass.toCharArray();
return Hasher.hash(DEFAULT_PASS_PHRASE).toCharArray();
}
}
}

31
src/test/java/org/elasticsearch/license/licensor/LicenseGenerationTests.java
View File

@ -26,7 +26,6 @@ public class LicenseGenerationTests {
private static String pubKeyPath = null;
private static String priKeyPath = null;
private static String keyPass = null;
@BeforeClass
public static void setup() throws IOException {
@ -38,17 +37,13 @@ public class LicenseGenerationTests {
LicenseGenerationTests.priKeyPath = privateKeyFile.getAbsolutePath();
assert privateKeyFile.delete();
assert publicKeyFile.delete();
String keyPass = "password";
LicenseGenerationTests.keyPass = keyPass;
// Generate keyPair
String[] args = new String[6];
String[] args = new String[4];
args[0] = "--publicKeyPath";
args[1] = LicenseGenerationTests.pubKeyPath;
args[2] = "--privateKeyPath";
args[3] = LicenseGenerationTests.priKeyPath;
args[4] = "--keyPass";
args[5] = LicenseGenerationTests.keyPass;
KeyPairGeneratorTool.main(args);
}
@ -61,15 +56,13 @@ public class LicenseGenerationTests {
String licenseString = TestUtils.generateESLicenses(map);
String[] args = new String[8];
String[] args = new String[6];
args[0] = "--license";
args[1] = licenseString;
args[2] = "--publicKeyPath";
args[3] = pubKeyPath;
args[4] = "--privateKeyPath";
args[5] = priKeyPath;
args[6] = "--keyPass";
args[7] = keyPass;
String licenseOutput = TestUtils.runLicenseGenerationTool(args);
@ -90,15 +83,13 @@ public class LicenseGenerationTests {
map.put(FeatureType.MARVEL, marvelFeatureAttributes);
String licenseString = TestUtils.generateESLicenses(map);
String[] args = new String[8];
String[] args = new String[6];
args[0] = "--license";
args[1] = licenseString;
args[2] = "--publicKeyPath";
args[3] = pubKeyPath;
args[4] = "--privateKeyPath";
args[5] = priKeyPath;
args[6] = "--keyPass";
args[7] = keyPass;
String licenseOutput = TestUtils.runLicenseGenerationTool(args);
@ -117,15 +108,13 @@ public class LicenseGenerationTests {
String licenseString = TestUtils.generateESLicenses(map);
String[] args = new String[8];
String[] args = new String[6];
args[0] = "--linse";
args[1] = licenseString;
args[2] = "--publicKeyPath";
args[3] = pubKeyPath;
args[4] = "--privateKeyPath";
args[5] = priKeyPath;
args[6] = "--keyPass";
args[7] = keyPass;
try {
String licenseOutput = TestUtils.runLicenseGenerationTool(args);
@ -145,15 +134,13 @@ public class LicenseGenerationTests {
String licenseString = TestUtils.generateESLicenses(map);
String[] args = new String[8];
String[] args = new String[6];
args[0] = "--license";
args[1] = licenseString;
args[2] = "--publicKeyPath";
args[3] = pubKeyPath;
args[4] = "--privateKeyPath";
args[5] = priKeyPath;
args[6] = "--keyPass";
args[7] = keyPass;
try {
String licenseOutput = TestUtils.runLicenseGenerationTool(args);
@ -172,15 +159,13 @@ public class LicenseGenerationTests {
String licenseString = TestUtils.generateESLicenses(map);
String[] args = new String[8];
String[] args = new String[6];
args[0] = "--license";
args[1] = licenseString;
args[2] = "--publicKeyPath";
args[3] = pubKeyPath;
args[4] = "--privateKeyPath";
args[5] = priKeyPath;
args[6] = "--keyPass";
args[7] = keyPass;
try {
String licenseOutput = TestUtils.runLicenseGenerationTool(args);
@ -200,15 +185,13 @@ public class LicenseGenerationTests {
String licenseString = TestUtils.generateESLicenses(map);
String[] args = new String[8];
String[] args = new String[6];
args[0] = "--license";
args[1] = licenseString;
args[2] = "--publicKeyPath";
args[3] = pubKeyPath;
args[4] = "--privateKeyPath";
args[5] = priKeyPath;
args[6] = "--keyPass";
args[7] = keyPass;
try {
String licenseOutput = TestUtils.runLicenseGenerationTool(args);

23
src/test/java/org/elasticsearch/license/licensor/LicenseVerificationToolTests.java
View File

@ -25,7 +25,6 @@ public class LicenseVerificationToolTests {
private static String pubKeyPath = null;
private static String priKeyPath = null;
private static String keyPass = null;
@BeforeClass
public static void setup() throws IOException {
@ -37,16 +36,13 @@ public class LicenseVerificationToolTests {
LicenseVerificationToolTests.priKeyPath = privateKeyFile.getAbsolutePath();
assert privateKeyFile.delete();
assert publicKeyFile.delete();
LicenseVerificationToolTests.keyPass = "password";
// Generate keyPair
String[] args = new String[6];
String[] args = new String[4];
args[0] = "--publicKeyPath";
args[1] = LicenseVerificationToolTests.pubKeyPath;
args[2] = "--privateKeyPath";
args[3] = LicenseVerificationToolTests.priKeyPath;
args[4] = "--keyPass";
args[5] = LicenseVerificationToolTests.keyPass;
KeyPairGeneratorTool.main(args);
}
@ -67,13 +63,11 @@ public class LicenseVerificationToolTests {
signedLicense = runLicenseGenerationTool(TestUtils.generateESLicenses(map));
String secondLicenseFile = getAsFilePath(signedLicense);
String[] args = new String[6];
String[] args = new String[4];
args[0] = "--licensesFiles";
args[1] = firstLicenseFile + ":" + secondLicenseFile;
args[2] = "--publicKeyPath";
args[3] = pubKeyPath;
args[4] = "--keyPass";
args[5] = keyPass;
String effectiveLicenseStr = runLicenseVerificationTool(args);
ESLicenses effectiveLicense = LicenseUtils.readLicensesFromString(effectiveLicenseStr);
@ -101,13 +95,11 @@ public class LicenseVerificationToolTests {
signedLicense = runLicenseGenerationTool(TestUtils.generateESLicenses(map));
String secondLicenseFile = getAsFilePath(signedLicense);
String[] args = new String[6];
String[] args = new String[4];
args[0] = "--licensesFiles";
args[1] = firstLicenseFile + ":" + secondLicenseFile;
args[2] = "--publicKeyPath";
args[3] = pubKeyPath;
args[4] = "--keyPass";
args[5] = keyPass;
String effectiveLicenseStr = runLicenseVerificationTool(args);
ESLicenses effectiveLicense = LicenseUtils.readLicensesFromString(effectiveLicenseStr);
@ -142,13 +134,11 @@ public class LicenseVerificationToolTests {
signedLicense = runLicenseGenerationTool(TestUtils.generateESLicenses(map));
String secondLicenseFile = getAsFilePath(signedLicense);
String[] args = new String[6];
String[] args = new String[4];
args[0] = "--licensesFiles";
args[1] = firstLicenseFile + ":" + secondLicenseFile;
args[2] = "--publicKeyPath";
args[3] = pubKeyPath;
args[4] = "--keyPass";
args[5] = keyPass;
String effectiveLicenseStr = runLicenseVerificationTool(args);
ESLicenses effectiveLicense = LicenseUtils.readLicensesFromString(effectiveLicenseStr);
@ -170,16 +160,13 @@ public class LicenseVerificationToolTests {
}
public static String runLicenseGenerationTool(String licenseInput) throws IOException {
String args[] = new String[8];
String args[] = new String[6];
args[0] = "--license";
args[1] = licenseInput;
args[2] = "--publicKeyPath";
args[3] = pubKeyPath;
args[4] = "--privateKeyPath";
args[5] = priKeyPath;
args[6] = "--keyPass";
args[7] = keyPass;
return TestUtils.runLicenseGenerationTool(args);
}

30
src/test/java/org/elasticsearch/license/manager/LicenseVerificationTests.java
View File

@ -31,7 +31,6 @@ public class LicenseVerificationTests {
private static String pubKeyPath = null;
private static String priKeyPath = null;
private static String keyPass = null;
@BeforeClass
public static void setup() throws IOException {
@ -43,16 +42,13 @@ public class LicenseVerificationTests {
LicenseVerificationTests.priKeyPath = privateKeyFile.getAbsolutePath();
assert privateKeyFile.delete();
assert publicKeyFile.delete();
LicenseVerificationTests.keyPass = "password";
// Generate keyPair
String[] args = new String[6];
String[] args = new String[4];
args[0] = "--publicKeyPath";
args[1] = LicenseVerificationTests.pubKeyPath;
args[2] = "--privateKeyPath";
args[3] = LicenseVerificationTests.priKeyPath;
args[4] = "--keyPass";
args[5] = LicenseVerificationTests.keyPass;
KeyPairGeneratorTool.main(args);
}
@ -68,21 +64,19 @@ public class LicenseVerificationTests {
String licenseString = TestUtils.generateESLicenses(map);
String[] args = new String[8];
String[] args = new String[6];
args[0] = "--license";
args[1] = licenseString;
args[2] = "--publicKeyPath";
args[3] = pubKeyPath;
args[4] = "--privateKeyPath";
args[5] = priKeyPath;
args[6] = "--keyPass";
args[7] = keyPass;
String licenseOutput = TestUtils.runLicenseGenerationTool(args);
ESLicenses esLicensesOutput = readLicensesFromString(licenseOutput);
ESLicenseManager esLicenseManager = new ESLicenseManager(esLicensesOutput, pubKeyPath, keyPass);
ESLicenseManager esLicenseManager = new ESLicenseManager(esLicensesOutput, pubKeyPath);
esLicenseManager.verifyLicenses();
@ -105,21 +99,19 @@ public class LicenseVerificationTests {
String licenseString = TestUtils.generateESLicenses(map);
String[] args = new String[8];
String[] args = new String[6];
args[0] = "--license";
args[1] = licenseString;
args[2] = "--publicKeyPath";
args[3] = pubKeyPath;
args[4] = "--privateKeyPath";
args[5] = priKeyPath;
args[6] = "--keyPass";
args[7] = keyPass;
String licenseOutput = TestUtils.runLicenseGenerationTool(args);
ESLicenses esLicensesOutput = readLicensesFromString(licenseOutput);
ESLicenseManager esLicenseManager = new ESLicenseManager(esLicensesOutput, pubKeyPath, keyPass);
ESLicenseManager esLicenseManager = new ESLicenseManager(esLicensesOutput, pubKeyPath);
esLicenseManager.verifyLicenses();
@ -145,21 +137,19 @@ public class LicenseVerificationTests {
String licenseString = TestUtils.generateESLicenses(map);
String[] args = new String[8];
String[] args = new String[6];
args[0] = "--license";
args[1] = licenseString;
args[2] = "--publicKeyPath";
args[3] = pubKeyPath;
args[4] = "--privateKeyPath";
args[5] = priKeyPath;
args[6] = "--keyPass";
args[7] = keyPass;
String licenseOutput = TestUtils.runLicenseGenerationTool(args);
ESLicenses esLicensesOutput = readLicensesFromString(licenseOutput);
ESLicenseManager esLicenseManager = new ESLicenseManager(esLicensesOutput, pubKeyPath, keyPass);
ESLicenseManager esLicenseManager = new ESLicenseManager(esLicensesOutput, pubKeyPath);
// All validation for shield license should be normal as expected
verifyLicenseManager(esLicenseManager, Collections.singletonMap(FeatureType.SHIELD, shildFeatureAttributes));
@ -180,15 +170,13 @@ public class LicenseVerificationTests {
String licenseString = TestUtils.generateESLicenses(map);
String[] args = new String[8];
String[] args = new String[6];
args[0] = "--license";
args[1] = licenseString;
args[2] = "--publicKeyPath";
args[3] = pubKeyPath;
args[4] = "--privateKeyPath";
args[5] = priKeyPath;
args[6] = "--keyPass";
args[7] = keyPass;
String licenseOutput = TestUtils.runLicenseGenerationTool(args);
@ -208,7 +196,7 @@ public class LicenseVerificationTests {
ESLicenseManager esLicenseManager = null;
try {
esLicenseManager = new ESLicenseManager(tamperedLicenses, pubKeyPath, keyPass);
esLicenseManager = new ESLicenseManager(tamperedLicenses, pubKeyPath);
assertTrue("License manager should always report the original (signed) expiry date", esLicenseManager.getExpiryDateForLicense(FeatureType.SHIELD) == originalExpiryDate);
esLicenseManager.verifyLicenses();
fail();