def test_create(self): """ Test that a symmetric key can be created with proper inputs and that its UID is returned properly. """ # Create the template to test the create call algorithm = enums.CryptographicAlgorithm.AES length = 256 algorithm_attribute = self.attribute_factory.create_attribute( enums.AttributeType.CRYPTOGRAPHIC_ALGORITHM, algorithm) length_attribute = self.attribute_factory.create_attribute( enums.AttributeType.CRYPTOGRAPHIC_LENGTH, length) mask_attribute = self.attribute_factory.create_attribute( enums.AttributeType.CRYPTOGRAPHIC_USAGE_MASK, [ enums.CryptographicUsageMask.ENCRYPT, enums.CryptographicUsageMask.DECRYPT ]) attributes = [algorithm_attribute, length_attribute, mask_attribute] template = obj.TemplateAttribute(attributes=attributes) key_id = 'aaaaaaaa-1111-2222-3333-ffffffffffff' status = enums.ResultStatus.SUCCESS result = results.CreateResult(contents.ResultStatus(status), uuid=attr.UniqueIdentifier(key_id)) with ProxyKmipClient() as client: client.proxy.create.return_value = result uid = client.create(algorithm, length) client.proxy.create.assert_called_with( enums.ObjectType.SYMMETRIC_KEY, template) self.assertIsInstance(uid, six.string_types) self.assertEqual(uid, key_id)
def test_generate_symmetric_key_server_error_occurs(self): self.secret_store.client.create = mock.MagicMock( proxy.KMIPProxy().create, return_value=results.CreateResult( contents.ResultStatus(enums.ResultStatus.OPERATION_FAILED))) key_spec = secret_store.KeySpec(secret_store.KeyAlgorithm.AES, 128, 'mode') self.assertRaises(secret_store.SecretGeneralException, self.secret_store.generate_symmetric_key, key_spec)
def setUp(self): super(WhenTestingKMIPSecretStore, self).setUp() self.kmipclient_mock = mock.MagicMock(name="KMIP client mock") CONF = cfg.CONF CONF.kmip_plugin.keyfile = None self.credential = None self.secret_store = kss.KMIPSecretStore(CONF) self.secret_store.client = self.kmipclient_mock self.secret_store.credential = self.credential self.sample_secret_features = { 'key_format_type': enums.KeyFormatType.RAW, 'key_value': { 'bytes': bytearray(b'\x00\x00\x00') }, 'cryptographic_algorithm': enums.CryptographicAlgorithm.AES, 'cryptographic_length': 128 } self.sample_secret = secrets.SecretFactory().create_secret( enums.ObjectType.SYMMETRIC_KEY, self.sample_secret_features) self.secret_store.client.create = mock.create_autospec( proxy.KMIPProxy.create, return_value=results.CreateResult( contents.ResultStatus(enums.ResultStatus.SUCCESS), uuid=attr.UniqueIdentifier('uuid'))) self.secret_store.client.register = mock.create_autospec( proxy.KMIPProxy.register, return_value=results.RegisterResult( contents.ResultStatus(enums.ResultStatus.SUCCESS), uuid=attr.UniqueIdentifier('uuid'))) self.secret_store.client.destroy = mock.create_autospec( proxy.KMIPProxy.destroy, return_value=results.DestroyResult( contents.ResultStatus(enums.ResultStatus.SUCCESS))) self.secret_store.client.get = mock.create_autospec( proxy.KMIPProxy.get, return_value=results.GetResult( contents.ResultStatus(enums.ResultStatus.SUCCESS), object_type=attr.ObjectType(enums.ObjectType.SYMMETRIC_KEY), secret=self.sample_secret)) self.attribute_factory = attributes.AttributeFactory()
def test_create_with_name(self): """ Test that a symmetric key can be created with proper inputs, specifically testing that the name is correctly sent with the request. """ # Create the template to test the create call algorithm = enums.CryptographicAlgorithm.AES length = 256 algorithm_attribute = self.attribute_factory.create_attribute( enums.AttributeType.CRYPTOGRAPHIC_ALGORITHM, algorithm) length_attribute = self.attribute_factory.create_attribute( enums.AttributeType.CRYPTOGRAPHIC_LENGTH, length) mask_attribute = self.attribute_factory.create_attribute( enums.AttributeType.CRYPTOGRAPHIC_USAGE_MASK, [ enums.CryptographicUsageMask.ENCRYPT, enums.CryptographicUsageMask.DECRYPT ]) key_name = "symmetrickey" name_attribute = self.attribute_factory.create_attribute( enums.AttributeType.NAME, key_name) key_attributes = [ algorithm_attribute, length_attribute, mask_attribute, name_attribute ] template = obj.TemplateAttribute(attributes=key_attributes) key_id = 'aaaaaaaa-1111-2222-3333-ffffffffffff' status = enums.ResultStatus.SUCCESS result = results.CreateResult(contents.ResultStatus(status), uuid=attr.UniqueIdentifier(key_id)) with ProxyKmipClient() as client: client.proxy.create.return_value = result client.create(algorithm, length, name=key_name) client.proxy.create.assert_called_with( enums.ObjectType.SYMMETRIC_KEY, template)
def setUp(self): super(WhenTestingKMIPSecretStore, self).setUp() self.expected_username = "******" self.expected_password = "******" CONF = kss.CONF CONF.kmip_plugin.username = self.expected_username CONF.kmip_plugin.password = self.expected_password CONF.kmip_plugin.keyfile = None CONF.kmip_plugin.pkcs1_only = False self.secret_store = kss.KMIPSecretStore(CONF) self.credential = self.secret_store.credential self.symmetric_type = secret_store.SecretType.SYMMETRIC self.sample_secret_features = { 'key_format_type': enums.KeyFormatType.RAW, 'key_value': { 'bytes': bytearray(b'\x00\x00\x00') }, 'cryptographic_algorithm': enums.CryptographicAlgorithm.AES, 'cryptographic_length': 128 } self.symmetric_key_uuid = 'dde870ad-cea3-41a3-9bb9-e8ab579a2f91' self.public_key_uuid = 'cb908abb-d363-4d9f-8ef2-5e84d27dd25c' self.private_key_uuid = '2d4c0544-4ec6-45b7-81cd-b23c75744eac' self.sample_secret = get_sample_symmetric_key() self.secret_store.client.proxy.open = mock.MagicMock( proxy.KMIPProxy().open) self.secret_store.client.proxy.close = mock.MagicMock( proxy.KMIPProxy().close) self.secret_store.client.proxy.create = mock.MagicMock( proxy.KMIPProxy().create, return_value=results.CreateResult( contents.ResultStatus(enums.ResultStatus.SUCCESS), uuid=attr.UniqueIdentifier( self.symmetric_key_uuid))) self.secret_store.client.proxy.create_key_pair = mock.MagicMock( proxy.KMIPProxy().create_key_pair, return_value=results.CreateKeyPairResult( contents.ResultStatus(enums.ResultStatus.SUCCESS), private_key_uuid=attr.UniqueIdentifier(self.private_key_uuid), public_key_uuid=attr.UniqueIdentifier(self.public_key_uuid))) self.secret_store.client.proxy.register = mock.MagicMock( proxy.KMIPProxy().register, return_value=results.RegisterResult( contents.ResultStatus(enums.ResultStatus.SUCCESS), uuid=attr.UniqueIdentifier('uuid'))) self.secret_store.client.proxy.destroy = mock.MagicMock( proxy.KMIPProxy().destroy, return_value=results.DestroyResult( contents.ResultStatus(enums.ResultStatus.SUCCESS))) self.secret_store.client.proxy.get = mock.MagicMock( proxy.KMIPProxy().get, return_value=results.GetResult( contents.ResultStatus(enums.ResultStatus.SUCCESS), object_type=attr.ObjectType(enums.ObjectType.SYMMETRIC_KEY), secret=self.sample_secret)) self.attribute_factory = attributes.AttributeFactory()