def test_create_key_id(self):
expected = self._get_expected('keys', 'myvault', 'mykey')
res = KeyVaultId.create_key_id('https://myvault.vault.azure.net', ' mykey', None)
self.assertEqual(res.__dict__, expected)
expected = self._get_expected('keys', 'myvault', 'mykey', 'abc123')
res = KeyVaultId.create_key_id('https://myvault.vault.azure.net', ' mykey ', ' abc123 ')
self.assertEqual(res.__dict__, expected)
def test_create_key_id(self):
expected = self._get_expected('keys', 'myvault', 'mykey')
res = KeyVaultId.create_key_id('https://myvault.vault.azure.net',
' mykey', None)
self.assertEqual(res.__dict__, expected)
expected = self._get_expected('keys', 'myvault', 'mykey', 'abc123')
res = KeyVaultId.create_key_id('https://myvault.vault.azure.net',
' mykey ', ' abc123 ')
self.assertEqual(res.__dict__, expected)
def test_key_sign_and_verify(self, vault, **kwargs):
self.assertIsNotNone(vault)
vault_uri = vault.properties.vault_uri
key_name = self.get_resource_name('keysign')
key_id = KeyVaultId.create_key_id(vault_uri, key_name)
plain_text = self.plain_text
md = hashlib.sha256()
md.update(plain_text);
digest = md.digest();
# import key
imported_key = self._import_test_key(vault, key_id)
key_id = KeyVaultId.parse_key_id(imported_key.key.kid)
# sign without version
signature = self.client.sign(key_id.vault, key_id.name, '', 'RS256', digest).result
# verify without version
result = self.client.verify(key_id.vault, key_id.name, '', 'RS256', digest, signature)
self.assertTrue(result.value)
# sign with version
signature = self.client.sign(key_id.vault, key_id.name, '', 'RS256', digest).result
# verify with version
result = self.client.verify(key_id.vault, key_id.name, key_id.version, 'RS256', digest, signature)
self.assertTrue(result.value)
def test_key_wrap_and_unwrap(self, vault, **kwargs):
self.assertIsNotNone(vault)
vault_uri = vault.properties.vault_uri
key_name = self.get_resource_name('keywrap')
key_id = KeyVaultId.create_key_id(vault_uri, key_name)
plain_text = self.plain_text
# import key
imported_key = self._import_test_key(vault, key_id)
key_id = KeyVaultId.parse_key_id(imported_key.key.kid)
# wrap without version
result = self.client.wrap_key(key_id.vault, key_id.name, '', 'RSA-OAEP', plain_text)
cipher_text = result.result
# unwrap without version
result = self.client.unwrap_key(key_id.vault, key_id.name, '', 'RSA-OAEP', cipher_text)
self.assertEqual(plain_text, result.result)
# wrap with version
result = self.client.wrap_key(key_id.vault, key_id.name, key_id.version, 'RSA-OAEP', plain_text)
cipher_text = result.result
# unwrap with version
result = self.client.unwrap_key(key_id.vault, key_id.name, key_id.version, 'RSA-OAEP', cipher_text)
self.assertEqual(plain_text, result.result)
def test_key_sign_and_verify(self, vault, **kwargs):
self.assertIsNotNone(vault)
vault_uri = vault.properties.vault_uri
key_name = self.get_resource_name('keysign')
key_id = KeyVaultId.create_key_id(vault_uri, key_name)
plain_text = self.plain_text
md = hashlib.sha256()
md.update(plain_text)
digest = md.digest()
# import key
imported_key = self._import_test_key(vault, key_id)
key_id = KeyVaultId.parse_key_id(imported_key.key.kid)
# sign without version
signature = self.client.sign(key_id.vault, key_id.name, '', 'RS256',
digest).result
# verify without version
result = self.client.verify(key_id.vault, key_id.name, '', 'RS256',
digest, signature)
self.assertTrue(result.value)
# sign with version
signature = self.client.sign(key_id.vault, key_id.name, '', 'RS256',
digest).result
# verify with version
result = self.client.verify(key_id.vault, key_id.name, key_id.version,
'RS256', digest, signature)
self.assertTrue(result.value)
def test_key_wrap_and_unwrap(self, vault, **kwargs):
self.assertIsNotNone(vault)
vault_uri = vault.properties.vault_uri
key_name = self.get_resource_name('keywrap')
key_id = KeyVaultId.create_key_id(vault_uri, key_name)
plain_text = self.plain_text
# import key
imported_key = self._import_test_key(vault, key_id)
key_id = KeyVaultId.parse_key_id(imported_key.key.kid)
# wrap without version
result = self.client.wrap_key(key_id.vault, key_id.name, '',
'RSA-OAEP', plain_text)
cipher_text = result.result
# unwrap without version
result = self.client.unwrap_key(key_id.vault, key_id.name, '',
'RSA-OAEP', cipher_text)
self.assertEqual(plain_text, result.result)
# wrap with version
result = self.client.wrap_key(key_id.vault, key_id.name,
key_id.version, 'RSA-OAEP', plain_text)
cipher_text = result.result
# unwrap with version
result = self.client.unwrap_key(key_id.vault, key_id.name,
key_id.version, 'RSA-OAEP',
cipher_text)
self.assertEqual(plain_text, result.result)
def test_key_import(self, vault, **kwargs):
self.assertIsNotNone(vault)
vault_uri = vault.properties.vault_uri
key_name = self.get_resource_name('keyimp')
key_id = KeyVaultId.create_key_id(vault_uri, key_name)
# import to software
self._import_test_key(vault, key_id, False)
# import to hardware
self._import_test_key(vault, key_id, True)
def test_key_import(self, vault, **kwargs):
self.assertIsNotNone(vault)
vault_uri = vault.properties.vault_uri
key_name = self.get_resource_name('keyimp')
key_id = KeyVaultId.create_key_id(vault_uri, key_name)
# import to software
self._import_test_key(vault, key_id, False)
# import to hardware
self._import_test_key(vault, key_id, True)
