fix: vulns

bancolombia · Dec 28, 2023 · 74d4ff1 · 74d4ff1
1 parent 26906ae
commit 74d4ff1
Show file tree

Hide file tree

Showing 3 changed files with 38 additions and 57 deletions.
diff --git a/.../java/co/com/bancolombia/secretsmanager/connector/VaultSecretManagerConfiguratorTest.java b/.../java/co/com/bancolombia/secretsmanager/connector/VaultSecretManagerConfiguratorTest.java
@@ -125,31 +125,4 @@ public void testClientGenerationWithTrustPem() {
         Assert.assertNotNull(client);
     }
 
-    @SneakyThrows
-    @Test
-    public void testClientGenerationWithKeyPem() {
-        URI keyUri = getClass().getClassLoader().getResource("client_key.pem").toURI();
-        URI certUri = getClass().getClassLoader().getResource("client_cert.pem").toURI();
-        File keyFile = new File(keyUri);
-        File certFile = new File(certUri);
-
-        VaultSecretsManagerProperties properties = VaultSecretsManagerProperties.builder()
-                .host("localhost")
-                .port(8200)
-                .roleId("x")
-                .secretId("y")
-                .keyStoreProperties(VaultKeyStoreProperties.builder()
-                        .clientKeyPem(keyFile)
-                        .clientPem(certFile)
-                        .build()
-                )
-                .build();
-
-        HttpClient client = VaultSecretManagerConfigurator.builder()
-                .withProperties(properties)
-                .build()
-                .getHttpClient();
-
-        Assert.assertNotNull(client);
-    }
 }
diff --git a/async/vault-async/src/test/java/co/com/bancolombia/secretsmanager/ssl/SslConfigTest.java b/async/vault-async/src/test/java/co/com/bancolombia/secretsmanager/ssl/SslConfigTest.java
@@ -6,8 +6,14 @@
 import org.junit.Assert;
 import org.junit.Test;
 
+import java.io.DataOutputStream;
 import java.io.File;
+import java.io.FileOutputStream;
 import java.net.URI;
+import java.security.KeyPair;
+import java.security.KeyPairGenerator;
+import java.security.PrivateKey;
+import java.util.Base64;
 
 import static org.junit.Assert.assertNotNull;
 
@@ -64,10 +70,11 @@ public void testHandleFailureToLoadKeyStore() {
     @SneakyThrows
     @Test
     public void testLoadKeyPem() {
-        URI keyUri = getClass().getClassLoader().getResource("client_key.pem").toURI();
         URI certUri = getClass().getClassLoader().getResource("client_cert.pem").toURI();
-        File keyFile = new File(keyUri);
         File certFile = new File(certUri);
+
+        File keyFile = generateTestKey(certFile.getParentFile().toString());
+
         SslConfig config = new SslConfig().clientKeyPemFile(keyFile)
                 .clientPemFile(certFile).build();
         assertNotNull(config);
@@ -80,4 +87,33 @@ public void testHandleFailureToLoadKeyPem() {
         Assert.assertThrows(SecretException.class, () -> new SslConfig().clientKeyPemFile(f));
     }
 
+    @SneakyThrows
+    private File generateTestKey(String dir) {
+        //Creating KeyPair generator object
+        KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance("RSA");
+
+        //Initializing the KeyPairGenerator
+        keyPairGen.initialize(2048);
+
+        //Generating the pair of keys
+        KeyPair pair = keyPairGen.generateKeyPair();
+
+        //Getting the private key from the key pair
+        PrivateKey privKey = pair.getPrivate();
+
+        String keypem  = "-----BEGIN PRIVATE KEY-----\n" +
+                Base64.getEncoder().encodeToString(privKey.getEncoded()) +
+                "\n-----END PRIVATE KEY-----\n";
+
+        File dest = new File(dir + File.separator + "rsaPrivateKey.pem");
+        try (DataOutputStream dos = new DataOutputStream(new FileOutputStream(dest))) {
+            dos.write(keypem.getBytes());
+            dos.flush();
+        } catch (Exception e) {
+            throw new RuntimeException(e);
+        }
+
+        return dest;
+    }
+
 }
diff --git a/async/vault-async/src/test/resources/client_key.pem b/async/vault-async/src/test/resources/client_key.pem