def setUp(self):
super(TestSecretStoreBase, self).setUp()
self.patchers = [] # List of patchers utilized in this test class.
self.project_id = '12345'
self.content_type = 'application/octet-stream'
self.content_encoding = 'base64'
self.secret = base64.b64encode(b'secret')
self.decrypted_secret = b'decrypted_secret'
self.cypher_text = b'cypher_text'
self.kek_meta_extended = 'kek-meta-extended'
self.spec_aes = secret_store.KeySpec('AES', 64, 'CBC')
self.spec_rsa = secret_store.KeySpec('RSA',
1024,
passphrase='changeit')
self.project_model = mock.MagicMock()
self.project_model.id = 'project-model-id'
self.project_model.external_id = self.project_id
self.secret_dto = secret_store.SecretDTO(
secret_store.SecretType.OPAQUE, self.secret,
secret_store.KeySpec(), self.content_type)
self.response_dto = base.ResponseDTO(
self.cypher_text, kek_meta_extended=self.kek_meta_extended)
self.private_key_dto = base.ResponseDTO(self.cypher_text)
self.public_key_dto = base.ResponseDTO(self.cypher_text)
self.passphrase_dto = base.ResponseDTO(self.cypher_text)
self.kek_meta_project_model = models.KEKDatum()
self.kek_meta_project_model.plugin_name = 'plugin-name'
self.kek_meta_project_model.kek_label = 'kek-meta-label'
self.kek_meta_project_model.algorithm = 'kek-meta-algo'
self.kek_meta_project_model.bit_length = 1024
self.kek_meta_project_model.mode = 'kek=meta-mode'
self.kek_meta_project_model.plugin_meta = 'kek-meta-plugin-meta'
self.encrypted_datum_model = models.EncryptedDatum()
self.encrypted_datum_model.kek_meta_project = (
self.kek_meta_project_model)
self.encrypted_datum_model.cypher_text = base64.b64encode(
b'cypher_text')
self.encrypted_datum_model.content_type = 'content_type'
self.encrypted_datum_model.kek_meta_extended = 'extended_meta'
self.secret_model = models.Secret({
'algorithm': 'myalg',
'bit_length': 1024,
'mode': 'mymode'
})
self.secret_model.id = 'secret-model-id'
self.secret_model.encrypted_data = [self.encrypted_datum_model]
self.context = store_crypto.StoreCryptoContext(
secret_model=self.secret_model,
project_model=self.project_model,
content_type=self.content_type)
def _store_secret_using_plugin(store_plugin, secret_dto, secret_model,
project_model):
if isinstance(store_plugin, store_crypto.StoreCryptoAdapterPlugin):
context = store_crypto.StoreCryptoContext(project_model,
secret_model=secret_model)
secret_metadata = store_plugin.store_secret(secret_dto, context)
else:
secret_metadata = store_plugin.store_secret(secret_dto)
return secret_metadata
def _get_secret(retrieve_plugin, secret_metadata, secret_model, project_model):
if isinstance(retrieve_plugin, store_crypto.StoreCryptoAdapterPlugin):
context = store_crypto.StoreCryptoContext(project_model,
secret_model=secret_model)
secret_dto = retrieve_plugin.get_secret(secret_model.secret_type,
secret_metadata, context)
else:
secret_dto = retrieve_plugin.get_secret(secret_model.secret_type,
secret_metadata)
return secret_dto
def _generate_symmetric_key(generate_plugin, key_spec, secret_model,
project_model, content_type):
if isinstance(generate_plugin, store_crypto.StoreCryptoAdapterPlugin):
context = store_crypto.StoreCryptoContext(project_model,
secret_model=secret_model,
content_type=content_type)
secret_metadata = generate_plugin.generate_symmetric_key(
key_spec, context)
else:
secret_metadata = generate_plugin.generate_symmetric_key(key_spec)
return secret_metadata
def _generate_asymmetric_key(generate_plugin, key_spec, private_secret_model,
public_secret_model, passphrase_secret_model,
project_model, content_type):
if isinstance(generate_plugin, store_crypto.StoreCryptoAdapterPlugin):
context = store_crypto.StoreCryptoContext(
project_model,
private_secret_model=private_secret_model,
public_secret_model=public_secret_model,
passphrase_secret_model=passphrase_secret_model,
content_type=content_type)
asymmetric_meta_dto = generate_plugin.generate_asymmetric_key(
key_spec, context)
else:
asymmetric_meta_dto = generate_plugin.generate_asymmetric_key(key_spec)
return asymmetric_meta_dto
