def test_cloud_master_key_store():
driver = DummyStorageDriver('', '')
container = driver.create_container('geofront-test')
s = CloudMasterKeyStore(driver, container, 'test_id_rsa')
with raises(EmptyStoreError):
s.load()
key = RSAKey.generate(1024)
s.save(key)
driver.get_object(container.name, 'test_id_rsa') # assert object exists
# Mocking implementation
with io.StringIO() as mock:
key.write_private_key(mock)
mock.seek(0)
dummy.DummyFileObject = lambda *a, **k: mock
stored_key = s.load()
assert isinstance(stored_key, RSAKey)
assert stored_key.get_base64() == stored_key.get_base64()
def test_cloud_master_key_store():
driver = DummyStorageDriver('', '')
container = driver.create_container('geofront-test')
s = CloudMasterKeyStore(driver, container, 'test_id_rsa')
with raises(EmptyStoreError):
s.load()
key = RSAKey.generate(1024)
s.save(key)
driver.get_object(container.name, 'test_id_rsa') # assert object exists
# Mocking implementation
with io.StringIO() as mock:
key.write_private_key(mock)
mock.seek(0)
dummy.DummyFileObject = lambda *a, **k: mock
stored_key = s.load()
assert isinstance(stored_key, RSAKey)
assert stored_key.get_base64() == stored_key.get_base64()
def test_cloud_master_key_store_s3(request, tmpdir):
try:
access_key = request.config.getoption('--aws-access-key')
secret_key = request.config.getoption('--aws-secret-key')
bucket_name = request.config.getoption('--aws-s3-bucket')
except ValueError:
access_key = secret_key = bucket_name = None
if access_key is None or secret_key is None or bucket_name is None:
skip(
'--aws-access-key/--aws-secret-key/--aws-s3-bucket are not '
'provided; skipped'
)
driver_cls = get_driver(Provider.S3)
driver = driver_cls(access_key, secret_key)
container = driver.get_container(container_name=bucket_name)
tmpname = ''.join(map('{:02x}'.format, os.urandom(16)))
s = CloudMasterKeyStore(driver, container, tmpname)
key = RSAKey.generate(1024)
# load() -- when not exists
with raises(EmptyStoreError):
s.load()
try:
# save()
s.save(key)
obj = driver.get_object(container.name, tmpname)
dest = tmpdir / tmpname
obj.download(str(dest))
saved = read_private_key_file(dest.open())
assert isinstance(saved, RSAKey)
assert saved.get_base64() == key.get_base64()
# load() -- when exists
loaded = s.load()
assert isinstance(loaded, RSAKey)
assert loaded.get_base64() == key.get_base64()
finally:
try:
o = driver.get_object(container.name, tmpname)
except ObjectDoesNotExistError:
pass
else:
o.delete()
def test_cloud_master_key_store_s3(request, tmpdir):
try:
access_key = request.config.getoption('--aws-access-key')
secret_key = request.config.getoption('--aws-secret-key')
bucket_name = request.config.getoption('--aws-s3-bucket')
except ValueError:
access_key = secret_key = bucket_name = None
if access_key is None or secret_key is None or bucket_name is None:
skip('--aws-access-key/--aws-secret-key/--aws-s3-bucket are not '
'provided; skipped')
driver_cls = get_driver(Provider.S3)
driver = driver_cls(access_key, secret_key)
container = driver.get_container(container_name=bucket_name)
tmpname = ''.join(map('{:02x}'.format, os.urandom(16)))
s = CloudMasterKeyStore(driver, container, tmpname)
key = RSAKey.generate(1024)
# load() -- when not exists
with raises(EmptyStoreError):
s.load()
try:
# save()
s.save(key)
obj = driver.get_object(container.name, tmpname)
dest = tmpdir / tmpname
obj.download(str(dest))
saved = read_private_key_file(dest.open())
assert isinstance(saved, RSAKey)
assert saved.get_base64() == key.get_base64()
# load() -- when exists
loaded = s.load()
assert isinstance(loaded, RSAKey)
assert loaded.get_base64() == key.get_base64()
finally:
try:
o = driver.get_object(container.name, tmpname)
except ObjectDoesNotExistError:
pass
else:
o.delete()
