Beispiel #1
0
    def test_store_key(self):
        _key = key.SymmetricKey('AES',
                        array.array('B', ('0' * 64).decode('hex')).tolist())
        key_id = self.key_mgr.store_key(self.ctxt, _key)

        actual_key = self.key_mgr.get_key(self.ctxt, key_id)
        self.assertEqual(_key, actual_key)
Beispiel #2
0
    def get_key(self,
                ctxt,
                key_id,
                payload_content_type='application/octet-stream'):
        """Retrieves the specified key.

        :param ctxt: contains information of the user and the environment for
                     the request (nova/context.py)
        :param key_id: the UUID of the key to retrieve
        :param payload_content_type: The format/type of the secret data

        :return: SymmetricKey representation of the key
        :raises Exception: if key retrieval fails
        """
        try:
            secret = self._get_secret(ctxt, key_id)
            secret_data = self._get_secret_data(secret, payload_content_type)
            if payload_content_type == 'application/octet-stream':
                # convert decoded string to list of unsigned ints for each byte
                key_data = array.array('B',
                                       base64.b64decode(secret_data)).tolist()
            else:
                key_data = secret_data
            key = keymgr_key.SymmetricKey(secret.algorithm, key_data)
            return key
        except Exception as e:
            with excutils.save_and_reraise_exception():
                LOG.error(_LE("Error getting key: %s"), e)
Beispiel #3
0
    def test_store_key(self):
        secret_key = array.array('B', decode_hex('0' * 64)[0]).tolist()
        _key = keymgr_key.SymmetricKey('AES', secret_key)
        key_id = self.key_mgr.store_key(self.ctxt, _key)

        actual_key = self.key_mgr.get_key(self.ctxt, key_id)
        self.assertEqual(_key, actual_key)
Beispiel #4
0
    def copy_key(self, ctxt, key_id):
        """Copies (i.e., clones) a key stored by barbican.

        :param ctxt: contains information of the user and the environment for
                     the request (nova/context.py)
        :param key_id: the UUID of the key to copy
        :return: the UUID of the key copy
        :raises Exception: if key copying fails
        """

        try:
            secret = self._get_secret(ctxt, key_id)
            con_type = secret.content_types['default']
            secret_data = self._get_secret_data(secret,
                                                payload_content_type=con_type)
            key = keymgr_key.SymmetricKey(secret.algorithm, secret_data)
            copy_uuid = self.store_key(ctxt, key, secret.expiration,
                                       secret.name, con_type,
                                       'base64',
                                       secret.algorithm, secret.bit_length,
                                       secret.mode, True)
            return copy_uuid
        except Exception as e:
            with excutils.save_and_reraise_exception():
                LOG.error(_LE("Error copying key: %s"), e)
Beispiel #5
0
    def test_store_key_plaintext(self):
        # Create the plaintext key
        secret_key_text = "This is a test text key."
        _key = keymgr_key.SymmetricKey('AES', secret_key_text)

        # Store the Key
        self.key_mgr.store_key(self.ctxt,
                               _key,
                               payload_content_type='text/plain',
                               payload_content_encoding=None)
        self.create.assert_called_once_with('Nova Compute Key',
                                            secret_key_text, 'text/plain',
                                            None, 'AES', 256, 'CBC', None)
        self.assertEqual(self.store.call_count, 0)
Beispiel #6
0
    def test_store_key_base64(self):
        # Create Key to store
        secret_key = array.array('B', [0x01, 0x02, 0xA0, 0xB3]).tolist()
        _key = keymgr_key.SymmetricKey('AES', secret_key)

        # Define the return values
        secret = mock.Mock()
        self.create.return_value = secret
        secret.store.return_value = self.secret_ref

        # Store the Key
        returned_uuid = self.key_mgr.store_key(self.ctxt, _key, bit_length=32)

        self.create.assert_called_once_with('Nova Compute Key', 'AQKgsw==',
                                            'application/octet-stream',
                                            'base64', 'AES', 32, 'CBC', None)
        self.assertEqual(returned_uuid, self.key_id)
Beispiel #7
0
    def create_key(self, ctxt, **kwargs):
        """Creates a key.

        This implementation returns a UUID for the created key. A
        NotAuthorized exception is raised if the specified context is None.
        """
        if ctxt is None:
            raise exception.NotAuthorized()

        # generate the key
        key_length = kwargs.get('key_length', 256)
        # hex digit => 4 bits
        hex_string = utils.generate_password(length=key_length / 4,
                                             symbolgroups='0123456789ABCDEF')

        _bytes = array.array('B', hex_string.decode('hex')).tolist()
        _key = key.SymmetricKey('AES', _bytes)

        return self.store_key(ctxt, _key)
Beispiel #8
0
    def setUp(self):
        super(SingleKeyManagerTestCase, self).setUp()

        self.key_id = '00000000-0000-0000-0000-000000000000'
        encoded = array.array('B', ('0' * 64).decode('hex')).tolist()
        self.key = key.SymmetricKey('AES', encoded)
Beispiel #9
0
def fake__get_key(context):
    raw = array.array('B', ('0' * 64).decode('hex')).tolist()

    symmetric_key = key.SymmetricKey('AES', raw)
    return symmetric_key
Beispiel #10
0
 def _create_key(self):
     return key.SymmetricKey(self.algorithm, self.encoded)
Beispiel #11
0
def fake__get_key(context):
    raw = array.array('B', decode_hex('0' * 64)[0]).tolist()

    symmetric_key = key.SymmetricKey('AES', raw)
    return symmetric_key
Beispiel #12
0
 def _generate_key(self, **kwargs):
     _hex = self._generate_hex_key(**kwargs)
     return key.SymmetricKey('AES',
                             array.array('B', _hex.decode('hex')).tolist())
Beispiel #13
0
    def setUp(self):
        super(ConfKeyManagerTestCase, self).setUp()

        encoded_key = array.array('B', decode_hex(self._hex_key)[0]).tolist()
        self.key = key.SymmetricKey('AES', encoded_key)
Beispiel #14
0
 def _generate_key(self, **kwargs):
     _hex = self._generate_hex_key(**kwargs)
     return key.SymmetricKey('AES',
                             array.array('B',
                                         decode_hex(_hex)[0]).tolist())