def test_create_key_id(self): expected = self._get_expected('keys', 'myvault', 'mykey') res = KeyVaultId.create_key_id('https://myvault.vault.azure.net', ' mykey', None) self.assertEqual(res.__dict__, expected) expected = self._get_expected('keys', 'myvault', 'mykey', 'abc123') res = KeyVaultId.create_key_id('https://myvault.vault.azure.net', ' mykey ', ' abc123 ') self.assertEqual(res.__dict__, expected)
def test_key_sign_and_verify(self, vault, **kwargs): self.assertIsNotNone(vault) vault_uri = vault.properties.vault_uri key_name = self.get_resource_name('keysign') key_id = KeyVaultId.create_key_id(vault_uri, key_name) plain_text = self.plain_text md = hashlib.sha256() md.update(plain_text); digest = md.digest(); # import key imported_key = self._import_test_key(vault, key_id) key_id = KeyVaultId.parse_key_id(imported_key.key.kid) # sign without version signature = self.client.sign(key_id.vault, key_id.name, '', 'RS256', digest).result # verify without version result = self.client.verify(key_id.vault, key_id.name, '', 'RS256', digest, signature) self.assertTrue(result.value) # sign with version signature = self.client.sign(key_id.vault, key_id.name, '', 'RS256', digest).result # verify with version result = self.client.verify(key_id.vault, key_id.name, key_id.version, 'RS256', digest, signature) self.assertTrue(result.value)
def test_key_wrap_and_unwrap(self, vault, **kwargs): self.assertIsNotNone(vault) vault_uri = vault.properties.vault_uri key_name = self.get_resource_name('keywrap') key_id = KeyVaultId.create_key_id(vault_uri, key_name) plain_text = self.plain_text # import key imported_key = self._import_test_key(vault, key_id) key_id = KeyVaultId.parse_key_id(imported_key.key.kid) # wrap without version result = self.client.wrap_key(key_id.vault, key_id.name, '', 'RSA-OAEP', plain_text) cipher_text = result.result # unwrap without version result = self.client.unwrap_key(key_id.vault, key_id.name, '', 'RSA-OAEP', cipher_text) self.assertEqual(plain_text, result.result) # wrap with version result = self.client.wrap_key(key_id.vault, key_id.name, key_id.version, 'RSA-OAEP', plain_text) cipher_text = result.result # unwrap with version result = self.client.unwrap_key(key_id.vault, key_id.name, key_id.version, 'RSA-OAEP', cipher_text) self.assertEqual(plain_text, result.result)
def test_key_sign_and_verify(self, vault, **kwargs): self.assertIsNotNone(vault) vault_uri = vault.properties.vault_uri key_name = self.get_resource_name('keysign') key_id = KeyVaultId.create_key_id(vault_uri, key_name) plain_text = self.plain_text md = hashlib.sha256() md.update(plain_text) digest = md.digest() # import key imported_key = self._import_test_key(vault, key_id) key_id = KeyVaultId.parse_key_id(imported_key.key.kid) # sign without version signature = self.client.sign(key_id.vault, key_id.name, '', 'RS256', digest).result # verify without version result = self.client.verify(key_id.vault, key_id.name, '', 'RS256', digest, signature) self.assertTrue(result.value) # sign with version signature = self.client.sign(key_id.vault, key_id.name, '', 'RS256', digest).result # verify with version result = self.client.verify(key_id.vault, key_id.name, key_id.version, 'RS256', digest, signature) self.assertTrue(result.value)
def test_key_import(self, vault, **kwargs): self.assertIsNotNone(vault) vault_uri = vault.properties.vault_uri key_name = self.get_resource_name('keyimp') key_id = KeyVaultId.create_key_id(vault_uri, key_name) # import to software self._import_test_key(vault, key_id, False) # import to hardware self._import_test_key(vault, key_id, True)