def test_delete_key_material(self):
key_id = self.external_key_id
key_meta = openapi.describe_key(self.client, key_id).get_key_metadata()
if key_meta.get_key_state() == 'PendingImport':
pub_key_spec = 'RSA_2048'
algorithm = 'RSAES_OAEP_SHA_256'
key_material = binascii.a2b_hex(
'c03c02695ab6fe914ab6ab209ab3561cab42186eedbfa0d70103ac8d30a88392'
)
public_key, import_token = openapi.get_parameters_for_import(
self.client, key_id, pub_key_spec, algorithm)
der_pub = base64.b64decode(public_key)
rsa_pub = RSA.importKey(der_pub)
cipher = PKCS1_OAEP.new(key=rsa_pub, hashAlgo=SHA256)
cipher_blob = cipher.encrypt(key_material)
encrypted_key_material = base64.b64encode(cipher_blob)
openapi.import_key_material(self.client, key_id, import_token,
encrypted_key_material)
openapi.delete_key_material(self.client, key_id)
key_meta = openapi.describe_key(self.client, key_id).get_key_metadata()
self.assertEqual('PendingImport', key_meta.get_key_state(),
'key state should be PendingImport')
def test_cancel_key_deletion(self):
key_id = self.symmetric_key_id
key_meta = openapi.describe_key(self.client, key_id).get_key_metadata()
if key_meta.get_key_state() == 'Enabled':
openapi.schedule_key_deletion(self.client, key_id, '30')
openapi.cancel_key_deletion(self.client, key_id)
key_meta = openapi.describe_key(self.client, key_id).get_key_metadata()
self.assertEqual('Enabled', key_meta.get_key_state(),
'key state should be Enabled')
def test_update_key_description(self):
key_id = self.symmetric_key_id
new_description = 'update description test'
key_meta = openapi.describe_key(self.client, key_id).get_key_metadata()
old_description = key_meta.get_description()
if len(old_description) <= 0:
old_description = ' '
openapi.update_key_description(self.client, key_id, new_description)
key_meta = openapi.describe_key(self.client, key_id).get_key_metadata()
self.assertEqual(new_description, key_meta.get_description())
openapi.update_key_description(self.client, key_id, old_description)
def test_enable_key(self):
key_id = self.symmetric_key_id
openapi.disable_key(self.client, key_id)
openapi.enable_key(self.client, key_id)
key_meta = openapi.describe_key(self.client, key_id).get_key_metadata()
self.assertEqual('Enabled', key_meta.get_key_state(),
'key state should be Enabled')
def test_describe_key(self):
key_id = self.external_key_id
key_meta = openapi.describe_key(self.client, key_id).get_key_metadata()
self.assertEqual('EXTERNAL', key_meta.get_origin(),
'key state should be EXTERNAL')
self.assertEqual('Aliyun_AES_256', key_meta.get_key_spec(),
'key spec should be Aliyun_AES_256')
def test_schedule_key_deletion(self):
key_id = self.symmetric_key_id
pending_window_in_days = 7
openapi.schedule_key_deletion(self.client, key_id,
pending_window_in_days)
key_meta = openapi.describe_key(self.client, key_id).get_key_metadata()
self.assertEqual('PendingDeletion', key_meta.get_key_state(),
'key state should be PendingDeletion')
openapi.cancel_key_deletion(self.client, key_id)
def test_update_rotation_policy(self):
key_id = self.symmetric_key_id
key_meta = openapi.describe_key(self.client, key_id).get_key_metadata()
old_rotation_interval = key_meta.get_rotation_interval()
enable_automatic_rotation = True
if key_meta.get_automatic_rotation() == 'Enabled':
enable_automatic_rotation = False
openapi.update_rotation_policy(self.client, key_id,
enable_automatic_rotation, '604800s')
key_meta = openapi.describe_key(self.client, key_id).get_key_metadata()
if enable_automatic_rotation:
self.assertEqual('Enabled', key_meta.get_automatic_rotation())
self.assertEqual('604800s', key_meta.get_rotation_interval())
else:
self.assertEqual('Disabled', key_meta.get_automatic_rotation())
openapi.update_rotation_policy(self.client, key_id,
not enable_automatic_rotation,
old_rotation_interval)