| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | |
|
| |
|
|
|
|
| |
Signed-off-by: Christian Heimes <cheimes@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
Closes #7
|
| |
|
|
|
|
|
|
|
|
|
| |
The .travis.yml configures Travis CI. We only need Python 2.7 as the
rest is handled by different tox environments. In order to enable Travis
CI, please read http://docs.travis-ci.com/user/getting-started/ and
do step 1) and step 2).
Signed-off-by: Christian Heimes <cheimes@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
Closes #6
|
| |
|
|
|
|
|
|
|
|
| |
The test suite leaves child processes behind. The teardown class method
now call Popen.kill() and Popen.wait() to kill and wait for its child
process.
Signed-off-by: Christian Heimes <cheimes@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
Closes #5
|
| |
|
|
|
|
|
|
|
| |
Uses the same method as the server, the request and response are quite
symmetrical here.
also fix a bug with the subject name missing in the replies.
Adapt tests.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
| |
The Secrets class now logs any GET/SET/DEL of a key in a audit log file.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
|
| |
This avoids issues where spaces get turned to %20 and then name
matching comparisons (like for KEMHandler) fail.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
The patch provides test automation with tox. Just run 'tox' in the
source root to create virtual envs, install custodia from the sources
and run the tests on Python 2.7 and 3.4.
Signed-off-by: Christian Heimes <cheimes@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
Closes: #4
|
| |
|
|
|
|
|
|
|
| |
The patch fixes to typos in the tear down function of two test suites.
The tests now cleanup and remove temporary files like Unix socket and
test databases.
Reviewed-by: Simo Sorce <simo@redhat.com>
Closes: #3
|
| |
|
|
|
|
|
|
|
|
|
| |
setup.py now correctly references LICENSE instead of COPYING. README.md
has been renamed to README and a symbolic link README -> README.md has
been added. distutils is unable to handle a symbolic link as README.
The six package is listed in requirements.txt, too.
Reviewed-by: Simo Sorce <simo@redhat.com>
Closes: #2
|
| |
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
|
| |
If 'signing_algorithms' is not explicitly set in the configuration
file use a reasonable default based on the server key type.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
|
| |
Also fix errors in handling encrypted requests, as well errors in
the test suite.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
|
| |
If debug is set to True, then custodia's own Exception handlers will
print a stack trace to standard output to aid debugging.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
|
|
| |
This way clients that already have JWK key objects do not have to
export/import them. Other clients can simply call JWK upfront like
in the modified test.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
| |
This makes it easier to build clients.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
|
| |
The name ('sub') and the time ('exp') must be checked before letting
the reuqest proceed.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
using the same key for signing and encryption is generally a frown
upon approach in the scirty community as it may lead to some attacks.
Change the code to use key pairs, where the first key is the signing
key and the second one is the encryption key.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
|
| |
These messages are returned as is by the HTTP server as the status
code reason, str() returns a more human readable format.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
|
| |
parse_qs will always return lists even for single-valued parameters,
check for it in the Validator and properly handle the case.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
|
| |
This way checks and hives are created from the same list and will not
get out of sync (they are before this commit).
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
|
| |
This allows admins to configure where the socket needs to be created
ithout forcing to change the cwd of the daemon to the same place.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Newer pylint version completely removed the star-args warning, including
recognizing the exception in the source code.
Remove it from all source code to avoid annoyinf pylint errors about
unrecognized exceptions, and add a general exception in the pylint makefile
invocation, as apparently it is ok there. This will avoid warnings if older
versions of pylint are used.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
|
| |
A missing query would not lead to the default 'simple' type being selected.
Add tests for PUT/GET/DELETE of a simple key.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
The new 'kem' type allows the backend to authorize access to keys based on
a signed request where the key mus be whitelisted in advance in a kemkeys
database.
The reply is encrypted with the client public key.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
| |
Create a message module to deal with message types and validation.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
This uses JWCrypto to encrypt any key stored in the sqlite database
with a master key.
The master key is stored in a file and must be provided by the
configuration.
A sample key and configuration is provided too.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
This will precreate the default tale if it doesn't exist and fail
early if there are general database issues.
Also change all CSStoreError events to report a 500 error and not
silently transform them into innocuous 'no such data' errors.
|
| |
|
|
|
| |
Add a Namespace authorization class to use in the pipeline instead
of performing authorization within the Secrets class
|
| |
|
|
|
| |
Doesn't really make sense to have it on the server class,
just snatch the config from it.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
Authenticators will not signal anymore validity by adding a request
attributes.
Instead they can return on of three values:
- True, indicates positive authentication
- False, indicate explicit failure
- None, inicates neither success nor failure, not applicable
|
| | |
|
| | |
|
| |
|
|
| |
Very much a work in progress, but it is a start
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
