def RestorePrivateValueWrapping(json): """Wrap private values in JSON decoded structure. @param json: the json-decoded value to protect. """ result = [] for secrets_dict in json: if secrets_dict is None: data = serializer.PrivateDict() else: data = serializer.PrivateDict(secrets_dict) result.append(data) return result
def _create_instance(self, cfg): """Create and return an instance object""" inst = objects.Instance(name="test.example.com", uuid="test-uuid", disks=[], nics=[], disk_template=constants.DT_DISKLESS, primary_node=cfg.GetMasterNode(), osparams_private=serializer.PrivateDict(), beparams={}) return inst
def testLeak(self): pDict = serializer.PrivateDict() pDict["bar"] = "egg" self.assertTrue("egg" not in str(pDict), "Value leaked in str(PrivateDict)") self.assertTrue("egg" not in repr(pDict), "Value leak in repr(PrivateDict)") self.assertTrue("egg" not in "{0}".format(pDict), "Value leaked in PrivateDict.__format__") self.assertTrue(b"egg" not in serializer.Dump(pDict), "Value leaked in serializer.Dump(PrivateDict)")
def testPrivateDictUnprivate(self): pDict = serializer.PrivateDict() pDict["bar"] = "egg" uDict = pDict.Unprivate() nDict = {"bar": "egg"} self.assertEqual(type(uDict), dict, "PrivateDict.Unprivate() did not return a dict") self.assertEqual(pDict, uDict, "PrivateDict.Unprivate() equality failure") self.assertEqual(nDict, uDict, "PrivateDict.Unprivate() failed to return")
def testProperAccess(self): pDict = serializer.PrivateDict() pDict["bar"] = "egg" self.assertTrue("egg" == pDict["bar"].Get(), "Value not returned by Private.Get()") self.assertTrue("egg" == pDict.GetPrivate("bar"), "Value not returned by Private.GetPrivate()") self.assertTrue("egg" == pDict.Unprivate()["bar"], "Value not returned by PrivateDict.Unprivate()") json = serializer.Dump( pDict, private_encoder=serializer.EncodeWithPrivateFields) self.assertTrue(b"egg" in json)
def testSecretParamsCheckWithError(self): op = opcodes.OpInstanceCreate( instance_name="plain.example.com", pnode="master.example.com", disk_template=constants.DT_PLAIN, mode=constants.INSTANCE_CREATE, nics=[{}], disks=[{ constants.IDISK_SIZE: 1024 }], osparams_secret= serializer.PrivateDict({"foo":"bar", "secret_param":"<redacted>"}), os_type="debian-image") self.assertRaises(errors.OpPrereqError, mcpu._CheckSecretParameters, op)
def testSecretParamsCheckNoError(self): op = opcodes.OpInstanceCreate( instance_name="plain.example.com", pnode="master.example.com", disk_template=constants.DT_PLAIN, mode=constants.INSTANCE_CREATE, nics=[{}], disks=[{ constants.IDISK_SIZE: 1024 }], osparams_secret= serializer.PrivateDict({"foo":"bar", "foo2":"bar2"}), os_type="debian-image") try: mcpu._CheckSecretParameters(op) except errors.OpPrereqError: self.fail("OpPrereqError raised unexpectedly in _CheckSecretParameters")
class TestSerializer(testutils.GanetiTestCase): """Serializer tests""" _TESTDATA = [ "test", 255, [1, 2, 3], (1, 2, 3), { "1": 2, "foo": "bar" }, [ "abc", 1, 2, 3, 999, { "a1": ("Hello", "World"), "a2": "This is only a test", "a3": None, "osparams:": serializer.PrivateDict({ "foo": 5, }) } ] ] def _TestSerializer(self, dump_fn, load_fn): _dump_fn = lambda data: dump_fn( data, private_encoder=serializer.EncodeWithPrivateFields) for data in self._TESTDATA: self.assertTrue(_dump_fn(data).endswith(b"\n")) self.assertEqualValues(load_fn(_dump_fn(data)), data) def testGeneric(self): self._TestSerializer(serializer.Dump, serializer.Load) def testSignedGeneric(self): self._TestSigned(serializer.DumpSigned, serializer.LoadSigned) def testJson(self): self._TestSerializer(serializer.DumpJson, serializer.LoadJson) def testSignedJson(self): self._TestSigned(serializer.DumpSignedJson, serializer.LoadSignedJson) def _TestSigned(self, dump_fn, load_fn): _dump_fn = lambda *args, **kwargs: dump_fn(*args, private_encoder=serializer. EncodeWithPrivateFields, **kwargs) for data in self._TESTDATA: self.assertEqualValues(load_fn(_dump_fn(data, "mykey"), "mykey"), (data, "")) self.assertEqualValues( load_fn(_dump_fn(data, "myprivatekey", salt="mysalt"), "myprivatekey"), (data, "mysalt")) keydict = { "mykey_id": "myprivatekey", } self.assertEqualValues( load_fn( _dump_fn(data, "myprivatekey", salt="mysalt", key_selector="mykey_id"), keydict.get), (data, "mysalt")) self.assertRaises( errors.SignatureError, load_fn, _dump_fn(data, "myprivatekey", salt="mysalt", key_selector="mykey_id"), {}.get) self.assertRaises(errors.SignatureError, load_fn, _dump_fn("test", "myprivatekey"), "myotherkey") self.assertRaises(errors.SignatureError, load_fn, serializer.DumpJson("This is a test"), "mykey") self.assertRaises(errors.SignatureError, load_fn, serializer.DumpJson({}), "mykey") # Message missing salt and HMAC tdata = { "msg": "Foo", } self.assertRaises(errors.SignatureError, load_fn, serializer.DumpJson(tdata), "mykey")
def testDictGet(self): result = serializer.PrivateDict().GetPrivate("bar", "tar") self.assertTrue( "tar" == result, "Private.GetPrivate() did not handle the default case")
def testFillDict(self): pDict = serializer.PrivateDict() pDict["bar"] = "egg" self.assertEqual(pDict, objects.FillDict({}, pDict))
def testEquality(self): pDict = serializer.PrivateDict() pDict["bar"] = "egg" nDict = {"bar": "egg"} self.assertEqual(pDict, nDict, "PrivateDict-dict equality failure")