diff --git a/platform-sdk/swirlds-platform-core/src/main/java/com/swirlds/platform/crypto/CryptoStatic.java b/platform-sdk/swirlds-platform-core/src/main/java/com/swirlds/platform/crypto/CryptoStatic.java index b0730071cb9e..c1757abdeb42 100644 --- a/platform-sdk/swirlds-platform-core/src/main/java/com/swirlds/platform/crypto/CryptoStatic.java +++ b/platform-sdk/swirlds-platform-core/src/main/java/com/swirlds/platform/crypto/CryptoStatic.java @@ -551,7 +551,7 @@ public static Map initNodeSecurity( keysAndCerts = EnhancedKeyStoreLoader.using(addressBook, configuration) .migrate() .scan() - .generateIfNecessary() + .generate() .verify() .injectInAddressBook() .keysAndCerts(); diff --git a/platform-sdk/swirlds-platform-core/src/main/java/com/swirlds/platform/crypto/EnhancedKeyStoreLoader.java b/platform-sdk/swirlds-platform-core/src/main/java/com/swirlds/platform/crypto/EnhancedKeyStoreLoader.java index cec5cab6f185..952ee25e01b1 100644 --- a/platform-sdk/swirlds-platform-core/src/main/java/com/swirlds/platform/crypto/EnhancedKeyStoreLoader.java +++ b/platform-sdk/swirlds-platform-core/src/main/java/com/swirlds/platform/crypto/EnhancedKeyStoreLoader.java @@ -298,16 +298,11 @@ public EnhancedKeyStoreLoader scan() throws KeyLoadingException, KeyStoreExcepti localNodes.add(nodeId); sigPrivateKeys.compute( nodeId, (k, v) -> resolveNodePrivateKey(nodeId, nodeAlias, KeyCertPurpose.SIGNING)); - agrPrivateKeys.compute( - nodeId, (k, v) -> resolveNodePrivateKey(nodeId, nodeAlias, KeyCertPurpose.AGREEMENT)); } sigCertificates.compute( nodeId, (k, v) -> resolveNodeCertificate(nodeId, nodeAlias, KeyCertPurpose.SIGNING, legacyPublicStore)); - agrCertificates.compute( - nodeId, - (k, v) -> resolveNodeCertificate(nodeId, nodeAlias, KeyCertPurpose.AGREEMENT, legacyPublicStore)); }); logger.trace(STARTUP.getMarker(), "Completed key store enumeration"); @@ -315,16 +310,15 @@ public EnhancedKeyStoreLoader scan() throws KeyLoadingException, KeyStoreExcepti } /** - * Iterates over the local nodes and creates the agreement key and certificate for each if they do not exist. This - * method should be called after {@link #scan()} and before {@link #verify()} in order to generate any missing - * agreement keys for local nodes to pass verification. + * Iterates over the local nodes and creates the agreement key and certificate for each. This + * method should be called after {@link #scan()} and before {@link #verify()}. * * @return this {@link EnhancedKeyStoreLoader} instance. * @throws NoSuchAlgorithmException if the algorithm required to generate the key pair is not available. * @throws NoSuchProviderException if the security provider required to generate the key pair is not available. * @throws KeyGeneratingException if an error occurred while generating the agreement key pair. */ - public EnhancedKeyStoreLoader generateIfNecessary() + public EnhancedKeyStoreLoader generate() throws NoSuchAlgorithmException, NoSuchProviderException, KeyGeneratingException { for (final NodeId node : localNodes) { diff --git a/platform-sdk/swirlds-platform-core/src/test/java/com/swirlds/platform/crypto/CryptoArgsProvider.java b/platform-sdk/swirlds-platform-core/src/test/java/com/swirlds/platform/crypto/CryptoArgsProvider.java index f1f1a09a3ef8..a4f9649a73a9 100644 --- a/platform-sdk/swirlds-platform-core/src/test/java/com/swirlds/platform/crypto/CryptoArgsProvider.java +++ b/platform-sdk/swirlds-platform-core/src/test/java/com/swirlds/platform/crypto/CryptoArgsProvider.java @@ -102,7 +102,7 @@ public static AddressBookAndCerts loadAddressBookWithKeys(final int size) final Map loadedC = EnhancedKeyStoreLoader.using( createdAB, configure(ResourceLoader.getFile("preGeneratedPEMKeysAndCerts/"))) .scan() - .generateIfNecessary() + .generate() .verify() .injectInAddressBook() .keysAndCerts(); diff --git a/platform-sdk/swirlds-platform-core/src/test/java/com/swirlds/platform/crypto/EnhancedKeyStoreLoaderTest.java b/platform-sdk/swirlds-platform-core/src/test/java/com/swirlds/platform/crypto/EnhancedKeyStoreLoaderTest.java index 71425965e30a..8dd702bf1b99 100644 --- a/platform-sdk/swirlds-platform-core/src/test/java/com/swirlds/platform/crypto/EnhancedKeyStoreLoaderTest.java +++ b/platform-sdk/swirlds-platform-core/src/test/java/com/swirlds/platform/crypto/EnhancedKeyStoreLoaderTest.java @@ -117,7 +117,7 @@ void keyStoreLoaderPositiveTest(final String directoryName) assertThat(loader).isNotNull(); assertThatCode(loader::migrate).doesNotThrowAnyException(); assertThatCode(loader::scan).doesNotThrowAnyException(); - assertThatCode(loader::generateIfNecessary).doesNotThrowAnyException(); + assertThatCode(loader::generate).doesNotThrowAnyException(); assertThatCode(loader::verify).doesNotThrowAnyException(); assertThatCode(loader::injectInAddressBook).doesNotThrowAnyException(); @@ -189,13 +189,9 @@ void keyStoreLoaderNegativeCase2Test(final String directoryName) throws IOExcept assertThat(loader).isNotNull(); assertThatCode(loader::migrate).doesNotThrowAnyException(); assertThatCode(loader::scan).doesNotThrowAnyException(); - assertThatCode(loader::generateIfNecessary).isInstanceOf(KeyGeneratingException.class); + assertThatCode(loader::generate).isInstanceOf(KeyGeneratingException.class); assertThatCode(loader::verify).isInstanceOf(KeyLoadingException.class); - if (directoryName.equals("hybrid-invalid-case-2") || directoryName.equals("enhanced-invalid-case-2")) { - assertThatCode(loader::injectInAddressBook).isInstanceOf(KeyLoadingException.class); - } else { - assertThatCode(loader::injectInAddressBook).doesNotThrowAnyException(); - } + assertThatCode(loader::injectInAddressBook).isInstanceOf(KeyLoadingException.class); assertThatCode(loader::keysAndCerts).isInstanceOf(KeyLoadingException.class); }