def test_encrypt_decrypt_x509(self): with utils.tempdir() as tmpdir: self.flags(ca_path=tmpdir) project_id = "fake" crypto.ensure_ca_filesystem() cert = crypto.fetch_ca(project_id) public_key = os.path.join(tmpdir, "public.pem") with open(public_key, "w") as keyfile: keyfile.write(cert) text = "some @#!%^* test text" enc, _err = utils.execute( "openssl", "rsautl", "-certin", "-encrypt", "-inkey", "%s" % public_key, process_input=text ) dec = crypto.decrypt_text(project_id, enc) self.assertEqual(text, dec)
def test_can_generate_x509(self): with utils.tempdir() as tmpdir: self.flags(ca_path=tmpdir) crypto.ensure_ca_filesystem() _key, cert_str = crypto.generate_x509_cert("fake", "fake") project_cert = crypto.fetch_ca(project_id="fake") signed_cert_file = os.path.join(tmpdir, "signed") with open(signed_cert_file, "w") as keyfile: keyfile.write(cert_str) project_cert_file = os.path.join(tmpdir, "project") with open(project_cert_file, "w") as keyfile: keyfile.write(project_cert) enc, err = utils.execute("openssl", "verify", "-CAfile", project_cert_file, "-verbose", signed_cert_file) self.assertFalse(err)
def test_encrypt_decrypt_x509(self): with utils.tempdir() as tmpdir: self.flags(ca_path=tmpdir) project_id = "fake" crypto.ensure_ca_filesystem() cert = crypto.fetch_ca(project_id) public_key = os.path.join(tmpdir, "public.pem") with open(public_key, 'w') as keyfile: keyfile.write(cert) text = "some @#!%^* test text" enc, _err = utils.execute('openssl', 'rsautl', '-certin', '-encrypt', '-inkey', '%s' % public_key, process_input=text) dec = crypto.decrypt_text(project_id, enc) self.assertEqual(text, dec)
def test_can_generate_x509(self): with utils.tempdir() as tmpdir: self.flags(ca_path=tmpdir) crypto.ensure_ca_filesystem() _key, cert_str = crypto.generate_x509_cert('fake', 'fake') project_cert = crypto.fetch_ca(project_id='fake') signed_cert_file = os.path.join(tmpdir, "signed") with open(signed_cert_file, 'w') as keyfile: keyfile.write(cert_str) project_cert_file = os.path.join(tmpdir, "project") with open(project_cert_file, 'w') as keyfile: keyfile.write(project_cert) enc, err = utils.execute('openssl', 'verify', '-CAfile', project_cert_file, '-verbose', signed_cert_file) self.assertFalse(err)
def fetch_ca(self, context, project_id): """Get root ca for a project.""" return crypto.fetch_ca(project_id)