def Create(loc, name, purpose, asymmetric=None):
if mock is None and loc is None: # not testing
raise errors.KeyczarError("Location missing")
kmd = None
if purpose == keyinfo.SIGN_AND_VERIFY:
if asymmetric is None:
kmd = keydata.KeyMetadata(name, purpose, keyinfo.HMAC_SHA1)
elif asymmetric.lower() == "rsa":
kmd = keydata.KeyMetadata(name, purpose, keyinfo.RSA_PRIV)
else: # default to DSA
kmd = keydata.KeyMetadata(name, purpose, keyinfo.DSA_PRIV)
elif purpose == keyinfo.DECRYPT_AND_ENCRYPT:
if asymmetric is None:
kmd = keydata.KeyMetadata(name, purpose, keyinfo.AES)
else: # default to RSA
kmd = keydata.KeyMetadata(name, purpose, keyinfo.RSA_PRIV)
else:
raise errors.KeyczarError("Missing or unsupported purpose")
if mock is not None: # just testing, update mock object
mock.kmd = kmd
else:
writer = writers.CreateWriter(loc)
try:
writer.WriteMetadata(kmd, overwrite=False)
finally:
writer.Close()
def UpdateGenericKeyczar(czar, loc, encrypter=None):
if mock is not None: # update key data
mock.kmd = czar.metadata
for v in czar.versions:
mock.SetKey(v.version_number, czar.GetKey(v))
else:
writer = writers.CreateWriter(loc)
try:
czar.Write(writer, encrypter)
finally:
writer.Close()
def Revoke(loc, num):
czar = CreateGenericKeyczar(loc)
if num < 0:
raise errors.KeyczarError("Missing version")
czar.Revoke(num)
UpdateGenericKeyczar(czar, loc)
if mock is not None: # testing, update mock
mock.RemoveKey(num)
else:
writer = writers.CreateWriter(loc)
try:
writer.Remove(num)
finally:
writer.Close()
def Write(self, writer, encrypter=None):
"""
Write this key set to the specified location.
@param writer: where to write the key set
@type writer: Writer or file path (deprecated)
@param encrypter: which encryption to use for this key set. Use None to
write an unencrypted key set.
@type encrypter: Encrypter
"""
if isinstance(writer, basestring):
writer = writers.CreateWriter(writer)
warnings.warn(
'Using a string as the writer is deprecated. Use writers.CreateWriter',
DeprecationWarning)
self.metadata.encrypted = (encrypter is not None)
writer.WriteMetadata(self.metadata)
for v in self.versions:
writer.WriteKey(self.GetKey(v), v.version_number, encrypter)
def testNewLocationTypeSupported(self):
class BarWriter(writers.Writer):
def WriteMetadata(self, metadata, overwrite=True):
return
def WriteKey(self, key, version_number, encrypter=None):
return
def Remove(self, version_number):
return
def Close(self):
return
@classmethod
def CreateWriter(cls, location):
if location.startswith('bar:'):
return BarWriter()
wrtr = writers.CreateWriter('bar://this.should.be.created')
self.assertTrue(isinstance(wrtr, BarWriter))
def testFileWriterOpensExistingLocation(self):
location = os.path.join(TEST_DATA, 'aes')
self.assertTrue(os.path.isdir(location))
wrtr = writers.CreateWriter(location)
self.assertTrue(wrtr is not None)
self.assertTrue(isinstance(wrtr, writers.FileWriter))