def _scrub_build_plan(self, build_plan): """Remove all the confidential data and return a sanitized version of the build plan. Include an encrypted full version of the weighting entry so we can get back to it later.""" encryptor = crypto.encryptor(FLAGS.build_plan_encryption_key) cooked = [] for entry in build_plan: json_entry = json.dumps(entry) cipher_text = encryptor(json_entry) cooked.append(dict(weight=entry['weight'], blob=cipher_text)) return cooked
def test_encrypt_decrypt(self): key = 'c286696d887c9aa0611bbb3e2025a45a' plain_text = "The quick brown fox jumped over the lazy dog." # No IV supplied (all 0's) encrypt = crypto.encryptor(key) cipher_text = encrypt(plain_text) self.assertNotEquals(plain_text, cipher_text) decrypt = crypto.decryptor(key) plain = decrypt(cipher_text) self.assertEquals(plain_text, plain) # IV supplied ... iv = '562e17996d093d28ddb3ba695a2e6f58' encrypt = crypto.encryptor(key, iv) cipher_text = encrypt(plain_text) self.assertNotEquals(plain_text, cipher_text) decrypt = crypto.decryptor(key, iv) plain = decrypt(cipher_text) self.assertEquals(plain_text, plain)
def test_select(self): serializer = zones.WeightsTemplate() key = 'c286696d887c9aa0611bbb3e2025a45a' encrypt = crypto.encryptor(key) decrypt = crypto.decryptor(key) item = GLOBAL_BUILD_PLAN[0] fixture = { 'weights': { 'blob': encrypt(json.dumps(item)), 'weight': item['weight'] } } output = serializer.serialize(fixture) res_tree = etree.XML(output) self.assertEqual(res_tree.tag, '{%s}weights' % xmlutil.XMLNS_V10) for item in res_tree: self.assertEqual(item.tag, '{%s}weight' % xmlutil.XMLNS_V10) blob = None weight = None for chld in item: if chld.tag.endswith('blob'): blob = chld.text elif chld.tag.endswith('weight'): weight = chld.text secret_item = json.loads(decrypt(blob)) found = False for original_item in GLOBAL_BUILD_PLAN: if original_item['name'] != secret_item['name']: continue found = True for key in ('weight', 'ip', 'zone'): self.assertEqual(secret_item[key], original_item[key]) self.assertTrue(found) self.assertEqual(len(item), 2) self.assertTrue(weight)
def test_select(self): serializer = zones.WeightsTemplate() key = 'c286696d887c9aa0611bbb3e2025a45a' encrypt = crypto.encryptor(key) decrypt = crypto.decryptor(key) item = GLOBAL_BUILD_PLAN[0] fixture = {'weights': {'blob': encrypt(json.dumps(item)), 'weight': item['weight']}} output = serializer.serialize(fixture) res_tree = etree.XML(output) self.assertEqual(res_tree.tag, '{%s}weights' % xmlutil.XMLNS_V10) for item in res_tree: self.assertEqual(item.tag, '{%s}weight' % xmlutil.XMLNS_V10) blob = None weight = None for chld in item: if chld.tag.endswith('blob'): blob = chld.text elif chld.tag.endswith('weight'): weight = chld.text secret_item = json.loads(decrypt(blob)) found = False for original_item in GLOBAL_BUILD_PLAN: if original_item['name'] != secret_item['name']: continue found = True for key in ('weight', 'ip', 'zone'): self.assertEqual(secret_item[key], original_item[key]) self.assertTrue(found) self.assertEqual(len(item), 2) self.assertTrue(weight)