def setup(self): self._plaintext_payload = 'plaintext credentials' self._encrypted_payload = encrypt_with_kms(self._plaintext_payload, REGION, KMS_ALIAS) self._credentials = Credentials(self._encrypted_payload, is_encrypted=True, region=REGION)
def test_kms_decrypt(self): """OutputDispatcher - KMS Decrypt""" test_data = 'data to encrypt' encrypted = encrypt_with_kms(test_data, REGION, KMS_ALIAS) decrypted = self._dispatcher._kms_decrypt(encrypted) assert_equal(decrypted, test_data)
def test_save_and_load_credentials(self): """SpooledTempfileDriver - Save and Load Credentials""" raw_credentials = 'aaaa' descriptor = 'descriptor' encrypted_raw_credentials = encrypt_with_kms(raw_credentials, REGION, KMS_ALIAS) credentials = Credentials(encrypted_raw_credentials, True, REGION) assert_true(self._sp_driver.save_credentials(descriptor, credentials)) loaded_credentials = self._sp_driver.load_credentials(descriptor) assert_is_not_none(loaded_credentials) assert_true(loaded_credentials.is_encrypted()) assert_equal(loaded_credentials.get_data_kms_decrypted(), raw_credentials)
def test_save_and_load_credentials_persists_statically(self): """LocalFileDriver - Save and Load Credentials""" raw_credentials = 'aaaa' descriptor = 'descriptor' encrypted_raw_credentials = encrypt_with_kms(raw_credentials, REGION, KMS_ALIAS) credentials = Credentials(encrypted_raw_credentials, True, REGION) assert_true(self._fs_driver.save_credentials(descriptor, credentials)) driver2 = LocalFileDriver(REGION, 'service') # Create a separate, identical driver loaded_credentials = driver2.load_credentials(descriptor) assert_is_not_none(loaded_credentials) assert_true(loaded_credentials.is_encrypted()) assert_equal(loaded_credentials.get_data_kms_decrypted(), raw_credentials)
def test_save_automatically_decrypts(self): """EphemeralUnencryptedDriver - Save Automatically Decrypts""" raw_credentials_dict = { 'python': 'is very difficult', 'someone': 'save meeeee', } descriptor = 'descriptor5' raw_credentials = json.dumps(raw_credentials_dict) encrypted_raw_credentials = encrypt_with_kms(raw_credentials, REGION, KMS_ALIAS) credentials = Credentials(encrypted_raw_credentials, True, REGION) assert_true(self._ep_driver.save_credentials(descriptor, credentials)) loaded_credentials = self._ep_driver.load_credentials(descriptor) assert_is_not_none(loaded_credentials) assert_false(loaded_credentials.is_encrypted()) assert_equal(json.loads(loaded_credentials.data()), raw_credentials_dict)
def test_save_and_load_credentials_persists_statically(self): """SpooledTempfileDriver - Save and Load Credentials""" raw_credentials_dict = { 'python': 'is very difficult', 'someone': 'save meeeee', } descriptor = 'descriptor' raw_credentials = json.dumps(raw_credentials_dict) encrypted_raw_credentials = encrypt_with_kms(raw_credentials, REGION, KMS_ALIAS) credentials = Credentials(encrypted_raw_credentials, True) assert_true(self._sp_driver.save_credentials(descriptor, credentials)) driver2 = SpooledTempfileDriver('service', REGION) # Create a separate, identical driver loaded_credentials = driver2.load_credentials(descriptor) assert_is_not_none(loaded_credentials) assert_true(loaded_credentials.is_encrypted()) assert_equal(loaded_credentials.get_data_kms_decrypted(), raw_credentials)