def _generate_public_and_private_key(self, length, name):
crypto_private_key = rsa.generate_private_key(
public_exponent=65537,
key_size=length,
backend=backends.default_backend())
private_der = crypto_private_key.private_bytes(
encoding=serialization.Encoding.DER,
format=serialization.PrivateFormat.PKCS8,
encryption_algorithm=serialization.NoEncryption())
crypto_public_key = crypto_private_key.public_key()
public_der = crypto_public_key.public_bytes(
encoding=serialization.Encoding.DER,
format=serialization.PublicFormat.SubjectPublicKeyInfo)
private_key = pri_key.PrivateKey(algorithm='RSA',
bit_length=length,
key=bytearray(private_der),
name=name)
public_key = pub_key.PublicKey(algorithm='RSA',
bit_length=length,
key=bytearray(public_der),
name=name)
return private_key, public_key
def test___ne___encoded(self):
different_encoded = bytes(utils.get_public_key_der()) + b'\x00'
other_key = public_key.PublicKey(self.algorithm,
self.length,
different_encoded,
self.name)
self.assertTrue(self.key != other_key)
def test___eq__(self):
self.assertTrue(self.key == self.key)
self.assertTrue(self.key is self.key)
self.assertFalse(self.key is None)
self.assertFalse(None == self.key)
other_key = public_key.PublicKey(self.algorithm, self.bit_length,
self.encoded)
self.assertTrue(self.key == other_key)
self.assertFalse(self.key is other_key)
def create_key_pair(self, context, algorithm, length,
expiration=None, name=None):
"""Creates an asymmetric key pair."""
if algorithm.lower() != 'rsa':
raise NotImplementedError(
"VaultKeyManager only implements rsa keys"
)
priv_key = rsa.generate_private_key(
public_exponent=65537,
key_size=length,
backend=default_backend()
)
private_key = pri_key.PrivateKey(
'RSA',
length,
priv_key.private_bytes(
Encoding.PEM, PrivateFormat.PKCS8, NoEncryption()
)
)
private_key_id = uuid.uuid4().hex
private_id = self._store_key_value(
private_key_id,
private_key
)
# pub_key = priv_key.public_key()
public_key = pub_key.PublicKey(
'RSA',
length,
priv_key.public_key().public_bytes(
Encoding.PEM, PublicFormat.SubjectPublicKeyInfo
)
)
public_key_id = uuid.uuid4().hex
public_id = self._store_key_value(
public_key_id,
public_key
)
return private_id, public_id
def _get_test_public_key():
key_bytes = bytes(utils.get_public_key_der())
bit_length = 2048
key = public_key.PublicKey('RSA', bit_length, key_bytes)
return key
def test___ne__name(self):
other_key = public_key.PublicKey(self.algorithm,
self.length,
self.encoded,
'other key')
self.assertTrue(self.key != other_key)
def test___ne___length(self):
other_key = public_key.PublicKey(self.algorithm,
4096,
self.encoded,
self.name)
self.assertTrue(self.key != other_key)
def test___ne___algorithm(self):
other_key = public_key.PublicKey('DSA',
self.length,
self.encoded,
self.name)
self.assertTrue(self.key != other_key)
def _create_key(self):
return public_key.PublicKey(self.algorithm,
self.length,
self.encoded,
self.name)
def test_get_created_none(self):
created = None
key = public_key.PublicKey(self.algorithm, self.bit_length,
self.encoded, self.name, created)
self.assertEqual(created, key.created)
def test_is_only_metadata(self):
k = public_key.PublicKey(self.algorithm, self.bit_length, None,
self.name, self.created)
self.assertTrue(k.is_metadata_only())
