Commit 55026461d27c72f8a30c5dba9667db78efe21147 - python-castellan

Add code to generate private keys Change-Id: I05d0cb71406769ebf8ccbd63644ae27a4da6d405 Ade Lee 5 years ago

2 changed file(s) with 62 addition(s) and 7 deletion(s). Raw diff Collapse all Expand all

+54

-2

castellan/key_manager/vault_key_manager.py less more

14	14	"""
15	15
16	16	import binascii
	17	from cryptography.hazmat.backends import default_backend
	18	from cryptography.hazmat.primitives.asymmetric import rsa
	19	from cryptography.hazmat.primitives.serialization import Encoding
	20	from cryptography.hazmat.primitives.serialization import NoEncryption
	21	from cryptography.hazmat.primitives.serialization import PrivateFormat
	22	from cryptography.hazmat.primitives.serialization import PublicFormat
	23
17	24	import os
18	25	import time
19	26	import uuid

94	101	def create_key_pair(self, context, algorithm, length,
95	102	expiration=None, name=None):
96	103	"""Creates an asymmetric key pair."""
97		raise NotImplementedError(
98		"VaultKeyManager does not support asymmetric keys")
	104
	105	# Confirm context is provided, if not raise forbidden
	106	if not context:
	107	msg = _("User is not authorized to use key manager.")
	108	raise exception.Forbidden(msg)
	109
	110	if algorithm.lower() != 'rsa':
	111	raise NotImplementedError(
	112	"VaultKeyManager only implements rsa keys"
	113	)
	114
	115	priv_key = rsa.generate_private_key(
	116	public_exponent=65537,
	117	key_size=length,
	118	backend=default_backend()
	119	)
	120
	121	private_key = pri_key.PrivateKey(
	122	'RSA',
	123	length,
	124	priv_key.private_bytes(
	125	Encoding.PEM, PrivateFormat.PKCS8, NoEncryption()
	126	)
	127	)
	128
	129	private_key_id = uuid.uuid4().hex
	130	private_id = self._store_key_value(
	131	private_key_id,
	132	private_key
	133	)
	134
	135	# pub_key = priv_key.public_key()
	136	public_key = pub_key.PublicKey(
	137	'RSA',
	138	length,
	139	priv_key.public_key().public_bytes(
	140	Encoding.PEM, PublicFormat.SubjectPublicKeyInfo
	141	)
	142	)
	143
	144	public_key_id = uuid.uuid4().hex
	145	public_id = self._store_key_value(
	146	public_key_id,
	147	public_key
	148	)
	149
	150	return private_id, public_id
99	151
100	152	def _store_key_value(self, key_id, value):
101	153

-5

castellan/tests/functional/key_manager/test_vault_key_manager.py less more

55	55	def tearDown(self):
56	56	super(VaultKeyManagerTestCase, self).tearDown()
57	57
58		def test_create_key_pair(self):
59		self.assertRaises(NotImplementedError,
60		self.key_mgr.create_key_pair, None, None, None)
61
62	58	def test_create_null_context(self):
63	59	self.assertRaises(exception.Forbidden,
64	60	self.key_mgr.create_key, None, 'AES', 256)
65	61
66	62	def test_create_key_pair_null_context(self):
67		self.assertRaises(NotImplementedError,
	63	self.assertRaises(exception.Forbidden,
68	64	self.key_mgr.create_key_pair, None, 'RSA', 2048)
	65
	66	def test_create_key_pair_bad_algorithm(self):
	67	self.assertRaises(
	68	NotImplementedError,
	69	self.key_mgr.create_key_pair,
	70	self.ctxt, 'DSA', 2048
	71	)
69	72
70	73	def test_delete_null_context(self):
71	74	key_uuid = self._get_valid_object_uuid(