def test_store_asymmetric_key_secret_assert_called(self, barbican_type, barbican_key, kmip_type, kmip_key, pkcs1_only): key_spec = secret_store.KeySpec(secret_store.KeyAlgorithm.RSA, 2048) secret_value = base64.b64encode(barbican_key) secret_dto = secret_store.SecretDTO(barbican_type, secret_value, key_spec, 'content_type') self.secret_store.pkcs1_only = pkcs1_only self.secret_store.store_secret(secret_dto) secret_value = base64.b64decode(secret_value) if not pkcs1_only: secret_value = translations.convert_pem_to_der( secret_value, barbican_type) if kmip_type == enums.ObjectType.PUBLIC_KEY: if pkcs1_only: secret_value = kss.get_public_key_der_pkcs1(secret_value) secret = objects.PublicKey(enums.CryptographicAlgorithm.RSA, 2048, secret_value, enums.KeyFormatType.X_509) else: if pkcs1_only: secret_value = kss.get_private_key_der_pkcs1(secret_value) secret = objects.PrivateKey(enums.CryptographicAlgorithm.RSA, 2048, secret_value, enums.KeyFormatType.PKCS_8) self.secret_store.client.register.assert_called_once_with(secret)
def test_passes_certificate_conversion(self): pem = keys.get_certificate_pem() der = translations.convert_pem_to_der( pem, s.SecretType.CERTIFICATE) converted_pem = translations.convert_der_to_pem( der, s.SecretType.CERTIFICATE) self.assertEqual(pem, converted_pem)
def _normalize_secret(self, secret, secret_type): """Normalizes secret for use by KMIP plugin""" data = base64.b64decode(secret) if secret_type in [ss.SecretType.PUBLIC, ss.SecretType.PRIVATE, ss.SecretType.CERTIFICATE]: data = translations.convert_pem_to_der(data, secret_type) return data
def _normalize_secret(self, secret, secret_type): """Normalizes secret for use by KMIP plugin""" data = base64.b64decode(secret) if self.pkcs1_only and secret_type in [ss.SecretType.PUBLIC, ss.SecretType.PRIVATE]: if secret_type == ss.SecretType.PUBLIC: data = get_public_key_der_pkcs1(data) elif secret_type == ss.SecretType.PRIVATE: data = get_private_key_der_pkcs1(data) elif secret_type in [ss.SecretType.PUBLIC, ss.SecretType.PRIVATE, ss.SecretType.CERTIFICATE]: data = translations.convert_pem_to_der(data, secret_type) return data
def test_store_certificate_secret_assert_called(self, algorithm, bit_length): key_spec = secret_store.KeySpec(algorithm, bit_length) certificate_value = base64.b64encode(keys.get_certificate_pem()) secret_dto = secret_store.SecretDTO( secret_store.SecretType.CERTIFICATE, certificate_value, key_spec, 'content_type') self.secret_store.store_secret(secret_dto) self.secret_store.client.register.assert_called_once_with( objects.X509Certificate( translations.convert_pem_to_der( base64.b64decode(certificate_value), secret_store.SecretType.CERTIFICATE)))
def _normalize_secret(self, secret, secret_type): """Normalizes secret for use by KMIP plugin""" data = base64.b64decode(secret) if (self.pkcs1_only and secret_type in [ss.SecretType.PUBLIC, ss.SecretType.PRIVATE]): if secret_type == ss.SecretType.PUBLIC: data = get_public_key_der_pkcs1(data) elif secret_type == ss.SecretType.PRIVATE: data = get_private_key_der_pkcs1(data) elif secret_type in [ss.SecretType.PUBLIC, ss.SecretType.PRIVATE, ss.SecretType.CERTIFICATE]: data = translations.convert_pem_to_der(data, secret_type) return data
def test_passes_convert_public_pem_to_der(self): pem = keys.get_public_key_pem() expected_der = keys.get_public_key_der() der = translations.convert_pem_to_der( pem, s.SecretType.PUBLIC) self.assertEqual(expected_der, der)
def test_passes_convert_certificate_pem_to_der(self): pem = keys.get_certificate_pem() expected_der = keys.get_certificate_der() der = translations.convert_pem_to_der( pem, s.SecretType.CERTIFICATE) self.assertEqual(expected_der, der)
def test_passes_convert_private_pem_to_der(self): pem = keys.get_private_key_pem() expected_der = keys.get_private_key_der() der = translations.convert_pem_to_der( pem, s.SecretType.PRIVATE) self.assertEqual(expected_der, der)
def test_passes_certificate_conversion(self): pem = keys.get_certificate_pem() der = translations.convert_pem_to_der(pem, s.SecretType.CERTIFICATE) converted_pem = translations.convert_der_to_pem( der, s.SecretType.CERTIFICATE) self.assertEqual(pem, converted_pem)
def test_passes_convert_certificate_pem_to_der(self): pem = keys.get_certificate_pem() expected_der = keys.get_certificate_der() der = translations.convert_pem_to_der(pem, s.SecretType.CERTIFICATE) self.assertEqual(expected_der, der)
def test_passes_convert_public_pem_to_der(self): pem = keys.get_public_key_pem() expected_der = keys.get_public_key_der() der = translations.convert_pem_to_der(pem, s.SecretType.PUBLIC) self.assertEqual(expected_der, der)
def test_passes_convert_private_pem_to_der(self): pem = keys.get_private_key_pem() expected_der = keys.get_private_key_der() der = translations.convert_pem_to_der(pem, s.SecretType.PRIVATE) self.assertEqual(expected_der, der)