diff options
Diffstat (limited to 'tests/custodia.py')
-rw-r--r-- | tests/custodia.py | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/tests/custodia.py b/tests/custodia.py index 0817d81..cce1c40 100644 --- a/tests/custodia.py +++ b/tests/custodia.py @@ -10,6 +10,8 @@ import unittest from string import Template +from jwcrypto import jwk + from requests.exceptions import HTTPError from custodia.client import CustodiaClient @@ -69,6 +71,21 @@ forward_headers = {"CUSTODIA_AUTH_ID": "${TEST_AUTH_ID}", \ handler = custodia.forwarder.Forwarder forward_uri = ${SOCKET_URL}/forwarder_loop forward_headers = {"REMOTE_USER": "test"} + +# Encgen +[store:encgen] +handler = custodia.store.encgen.EncryptedOverlay +backing_store = simple +master_key = test_mkey.conf +master_enctype = A128CBC-HS256 + +[authz:enc] +handler = custodia.httpd.authorizers.SimplePathAuthz +paths = /enc + +[/enc] +handler = custodia.secrets.Secrets +store = encgen """ @@ -83,6 +100,12 @@ def unlink_if_exists(filename): raise +def generate_key(filename): + key = jwk.JWK(generate='oct', size=256) + with (open(filename, 'w+')) as keyfile: + keyfile.write(key.export()) + + class CustodiaTests(unittest.TestCase): @classmethod @@ -92,12 +115,14 @@ class CustodiaTests(unittest.TestCase): pexec = env.get('CUSTODIAPYTHON', 'python') unlink_if_exists('test_socket') unlink_if_exists('test_secrets.db') + unlink_if_exists('test_mkey.conf') unlink_if_exists('test_custodia.conf') unlink_if_exists('test_log.txt') unlink_if_exists('test_audit.log') cls.socket_url = TEST_SOCKET_URL cls.test_auth_id = "test_user" cls.test_auth_key = "cd54b735-e756-4f12-aa18-d85509baef36" + generate_key('test_mkey.conf') with (open('test_custodia.conf', 'w+')) as conffile: t = Template(TEST_CUSTODIA_CONF) conf = t.substitute({'SOCKET_URL': cls.socket_url, @@ -121,6 +146,8 @@ class CustodiaTests(unittest.TestCase): cls.fwd.headers['REMOTE_USER'] = 'test' cls.loop = CustodiaClient(cls.socket_url + '/forwarder_loop') cls.loop.headers['REMOTE_USER'] = 'test' + cls.enc = CustodiaClient(cls.socket_url + '/enc') + cls.enc.headers['REMOTE_USER'] = 'enc' @classmethod def tearDownClass(cls): @@ -179,3 +206,21 @@ class CustodiaTests(unittest.TestCase): self.loop.list_container('test') except HTTPError as e: self.assertEqual(e.response.status_code, 502) + + def test_A_enc_1_create_container(self): + self.enc.create_container('container') + r = self.enc.list_container('container') + self.assertEqual(r.json(), []) + self.enc.delete_container('container') + try: + self.enc.list_container('container') + except HTTPError as e: + self.assertEqual(e.response.status_code, 404) + + def test_A_enc_2_set_simple_key(self): + self.enc.create_container('enc') + self.enc.set_simple_key('enc/key', 'simple') + key = self.admin.get_simple_key('enc/key') + self.assertNotEqual(key, 'simple') + key = self.enc.get_simple_key('enc/key') + self.assertEqual(key, 'simple') |