diff --git a/barbican/tests/common/test_validators.py b/barbican/tests/common/test_validators.py index f3a47b93d..ab62a47e9 100644 --- a/barbican/tests/common/test_validators.py +++ b/barbican/tests/common/test_validators.py @@ -22,6 +22,7 @@ import testtools from barbican.common import exception as excep from barbican.common import validators from barbican.tests import certificate_utils as certs +from barbican.tests import keys from barbican.tests import utils VALID_EXTENSIONS = "valid extensions" @@ -43,9 +44,9 @@ def get_private_key_req(): 'payload_content_type': 'application/pkcs8', 'payload_content_encoding': 'base64', 'algorithm': 'rsa', - 'bit_length': 1024, + 'bit_length': 2048, 'secret_type': 'private', - 'payload': base64.b64encode(utils.get_private_key())} + 'payload': base64.b64encode(keys.get_private_key_pem())} def get_public_key_req(): @@ -53,9 +54,9 @@ def get_public_key_req(): 'payload_content_type': 'application/octet-stream', 'payload_content_encoding': 'base64', 'algorithm': 'rsa', - 'bit_length': 1024, + 'bit_length': 2048, 'secret_type': 'public', - 'payload': base64.b64encode(utils.get_public_key())} + 'payload': base64.b64encode(keys.get_public_key_pem())} def get_certificate_req(): @@ -63,9 +64,9 @@ def get_certificate_req(): 'payload_content_type': 'application/pkix-cert', 'payload_content_encoding': 'base64', 'algorithm': 'rsa', - 'bit_length': 1024, + 'bit_length': 2048, 'secret_type': 'certificate', - 'payload': base64.b64encode(utils.get_certificate())} + 'payload': base64.b64encode(keys.get_certificate_pem())} def get_passphrase_req(): diff --git a/barbican/tests/plugin/test_kmip.py b/barbican/tests/plugin/test_kmip.py index 1223978a9..f3b18b045 100644 --- a/barbican/tests/plugin/test_kmip.py +++ b/barbican/tests/plugin/test_kmip.py @@ -193,14 +193,14 @@ class WhenTestingKMIPSecretStore(utils.BaseTestCase): def test_generate_supports_rsa(self): key_spec = secret_store.KeySpec(secret_store.KeyAlgorithm.RSA, None, 'mode') - for x in [1024, 2048, 3072, 4096]: + for x in [2048, 3072, 4096]: key_spec.bit_length = x self.assertTrue(self.secret_store.generate_supports(key_spec)) def test_generate_supports_dsa(self): key_spec = secret_store.KeySpec(secret_store.KeyAlgorithm.DSA, None, 'mode') - for x in [1024, 2048, 3072]: + for x in [2048, 3072]: key_spec.bit_length = x self.assertTrue(self.secret_store.generate_supports(key_spec)) diff --git a/barbican/tests/plugin/test_store_crypto.py b/barbican/tests/plugin/test_store_crypto.py index a94c8296e..a5ba26118 100644 --- a/barbican/tests/plugin/test_store_crypto.py +++ b/barbican/tests/plugin/test_store_crypto.py @@ -22,32 +22,33 @@ from barbican.model import models from barbican.plugin.crypto import crypto from barbican.plugin.interface import secret_store from barbican.plugin import store_crypto +from barbican.tests import keys from barbican.tests import utils as test_utils def get_private_dto(): - spec = secret_store.KeySpec(secret_store.KeyAlgorithm.RSA, 1024) + spec = secret_store.KeySpec(secret_store.KeyAlgorithm.RSA, 2048) return secret_store.SecretDTO(secret_store.SecretType.PRIVATE, base64.b64encode( - test_utils.get_private_key()), + keys.get_private_key_pem()), spec, 'application/pkcs8') def get_public_dto(): - spec = secret_store.KeySpec(secret_store.KeyAlgorithm.RSA, 1024) + spec = secret_store.KeySpec(secret_store.KeyAlgorithm.RSA, 2048) return secret_store.SecretDTO(secret_store.SecretType.PUBLIC, base64.b64encode( - test_utils.get_public_key()), + keys.get_public_key_pem()), spec, 'application/octet-stream') def get_certificate_dto(): - spec = secret_store.KeySpec(secret_store.KeyAlgorithm.RSA, 1024) + spec = secret_store.KeySpec(secret_store.KeyAlgorithm.RSA, 2048) return secret_store.SecretDTO(secret_store.SecretType.CERTIFICATE, base64.b64encode( - test_utils.get_certificate()), + keys.get_certificate_pem()), spec, 'application/pkix-cert') diff --git a/barbican/tests/utils.py b/barbican/tests/utils.py index 2a713c5ae..d6766832d 100644 --- a/barbican/tests/utils.py +++ b/barbican/tests/utils.py @@ -462,60 +462,6 @@ def get_symmetric_key(): return s -def get_private_key(): - s = ("-----BEGIN PRIVATE KEY-----\n" - "MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAMxOUcg4eiBTZnIy\n" - "4XhEV+IoBbye/ZkXnxWQPnz9Cm+2C3rIYBev6WLqztSfi1EHnn3jM9p36KJuVgvA\n" - "Jr4wfn19hM9pw5Cq5hcnkVlBCAKoCM7p/jf7G2qv0yxlhXK3eZVzR/8Km3wImKN5\n" - "mJRqCv89I1LXyiuHYlVrznx8hjTZAgMBAAECgYAYyVu0rd1rNJMWQcQHAkujPXXM\n" - "t4FO5IXBaPmb0ltEyFJGOC8oUIhBHvmu5BhT4VfCMCFnXOrVYguAa3SH2HxP54Wb\n" - "xfycCNow5ikujEfdvsAZi1tnKedFRnJhdANCAM+6+fTNUzNElUW6kjuvwWWnRq7C\n" - "iCHqhd5ssVa8vMjPjQJBAPpMz0rXo2DDtYqQLOnWwAbV+djM1+ldmBdh/Q4zETDO\n" - "xgPfUvLBhU40LJt8NQeia6Ce4oYH+W4WRyNYvvmcGz8CQQDQ9V/8IuMJN6vyAKrc\n" - "WMPyLfYFu3wJ74/DX0EZ7lf+UhTlCEwEQaVQ78El1oFJDl7cjnH3Ay5GNsFfHOfd\n" - "uaHnAkAa21MCvNCS+WzpST8IeDpygVMlqBUivSAsoh78/w3BJu6oS7YixhD/qyl+\n" - "JX2rLApQWbwElaZ14X4QlN0o+08RAkEAi79vIDtcx69Z6ZGUs6UR9wfR/+dxf1ue\n" - "NDWiXmtOoiHXI422+SnGHCkcbefVszxPKQaDJYYVDpRUIv47+8fIhQJAIPlfqUpN\n" - "0c23beUUWItd+fSVLH+bxTUv+FUqLQIC2VlXVecg7+eAOMNzF2CqcpWstIcrYkV7\n" - "lECxnorexnYA8g==\n" - "-----END PRIVATE KEY-----") - return s - - -def get_public_key(): - s = ("-----BEGIN PUBLIC KEY-----\n" - "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMTlHIOHogU2ZyMuF4RFfiKAW8\n" - "nv2ZF58VkD58/Qpvtgt6yGAXr+li6s7Un4tRB5594zPad+iiblYLwCa+MH59fYTP\n" - "acOQquYXJ5FZQQgCqAjO6f43+xtqr9MsZYVyt3mVc0f/Cpt8CJijeZiUagr/PSNS\n" - "18orh2JVa858fIY02QIDAQAB\n" - "-----END PUBLIC KEY-----") - return s - - -def get_certificate(): - s = ("-----BEGIN CERTIFICATE-----\n" - "MIIDTzCCArigAwIBAgIJANwgT2i4cVRAMA0GCSqGSIb3DQEBBQUAMHkxCzAJBgNV\n" - "BAYTAlVTMQswCQYDVQQIEwJUWDEPMA0GA1UEBxMGQXVzdGluMRYwFAYDVQQKEw1t\n" - "eWNvbXBhbnkuY29tMQ8wDQYDVQQDEwZjb21tb24xIzAhBgkqhkiG9w0BCQEWFGNv\n" - "bW1vbkBteWNvbXBhbnkuY29tMB4XDTE1MDIxNzIxMDA1N1oXDTE4MDIxNjIxMDA1\n" - "N1oweTELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlRYMQ8wDQYDVQQHEwZBdXN0aW4x\n" - "FjAUBgNVBAoTDW15Y29tcGFueS5jb20xDzANBgNVBAMTBmNvbW1vbjEjMCEGCSqG\n" - "SIb3DQEJARYUY29tbW9uQG15Y29tcGFueS5jb20wgZ8wDQYJKoZIhvcNAQEBBQAD\n" - "gY0AMIGJAoGBAMxOUcg4eiBTZnIy4XhEV+IoBbye/ZkXnxWQPnz9Cm+2C3rIYBev\n" - "6WLqztSfi1EHnn3jM9p36KJuVgvAJr4wfn19hM9pw5Cq5hcnkVlBCAKoCM7p/jf7\n" - "G2qv0yxlhXK3eZVzR/8Km3wImKN5mJRqCv89I1LXyiuHYlVrznx8hjTZAgMBAAGj\n" - "gd4wgdswHQYDVR0OBBYEFBxIlJZjp3+TkIwy8G3dqfCgL6GfMIGrBgNVHSMEgaMw\n" - "gaCAFBxIlJZjp3+TkIwy8G3dqfCgL6GfoX2kezB5MQswCQYDVQQGEwJVUzELMAkG\n" - "A1UECBMCVFgxDzANBgNVBAcTBkF1c3RpbjEWMBQGA1UEChMNbXljb21wYW55LmNv\n" - "bTEPMA0GA1UEAxMGY29tbW9uMSMwIQYJKoZIhvcNAQkBFhRjb21tb25AbXljb21w\n" - "YW55LmNvbYIJANwgT2i4cVRAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQAD\n" - "gYEANTlbvNaoADYMzGOoLgaAVt7tjQ6EZVXjswax1jnj8dEoQpUNCAzkkwFJDFqt\n" - "mOTTZxpWNbDm9AcbCubrLXwN22eBqYz02cBGoBnN/h2qINSL2caM08OMmMDm1g1Q\n" - "+iH+eUsCmvkTnylw8FJwN7TYV0No6V9/+aWvf6h1NqDiiLc=\n" - "-----END CERTIFICATE-----") - return s - - def is_cert_valid(expected, observed): c1 = crypto.load_certificate(crypto.FILETYPE_PEM, expected) c2 = crypto.load_certificate(crypto.FILETYPE_PEM, observed) diff --git a/functionaltests/api/v1/functional/test_certificate_orders.py b/functionaltests/api/v1/functional/test_certificate_orders.py index 40ac847bf..dd33a7e9c 100644 --- a/functionaltests/api/v1/functional/test_certificate_orders.py +++ b/functionaltests/api/v1/functional/test_certificate_orders.py @@ -23,7 +23,7 @@ import testtools from barbican.plugin.interface import secret_store as s from barbican.tasks import certificate_resources as cert_res from barbican.tests import certificate_utils as certutil -from barbican.tests import utils +from barbican.tests import keys from functionaltests.api import base from functionaltests.api.v1.behaviors import ca_behaviors from functionaltests.api.v1.behaviors import container_behaviors @@ -106,9 +106,9 @@ def get_private_key_req(): 'payload_content_type': 'application/octet-stream', 'payload_content_encoding': 'base64', 'algorithm': 'rsa', - 'bit_length': 1024, + 'bit_length': 2048, 'secret_type': s.SecretType.PRIVATE, - 'payload': base64.b64encode(utils.get_private_key())} + 'payload': base64.b64encode(keys.get_private_key_pem())} def get_public_key_req(): @@ -116,9 +116,9 @@ def get_public_key_req(): 'payload_content_type': 'application/octet-stream', 'payload_content_encoding': 'base64', 'algorithm': 'rsa', - 'bit_length': 1024, + 'bit_length': 2048, 'secret_type': s.SecretType.PUBLIC, - 'payload': base64.b64encode(utils.get_public_key())} + 'payload': base64.b64encode(keys.get_public_key_pem())} create_generic_container_data = { diff --git a/functionaltests/api/v1/functional/test_orders.py b/functionaltests/api/v1/functional/test_orders.py index c94ac9736..6b9d47c75 100644 --- a/functionaltests/api/v1/functional/test_orders.py +++ b/functionaltests/api/v1/functional/test_orders.py @@ -67,7 +67,7 @@ def get_default_order_create_asymmetric_data(): "meta": { "name": "barbican functional test asymmetric secret name", "algorithm": "rsa", - "bit_length": 1024, + "bit_length": 2048, "mode": "cbc", } } diff --git a/functionaltests/api/v1/functional/test_rsa.py b/functionaltests/api/v1/functional/test_rsa.py index 3c69ab04a..21d1fa270 100644 --- a/functionaltests/api/v1/functional/test_rsa.py +++ b/functionaltests/api/v1/functional/test_rsa.py @@ -80,7 +80,7 @@ def get_order_rsa_container(): return {'type': 'asymmetric', "meta": {"name": "ordered rsacontainer", "algorithm": "rsa", - "bit_length": 1024, + "bit_length": 2048, "mode": "cbc"}} @@ -88,7 +88,7 @@ def get_order_rsa_container_with_passphrase(): return {'type': 'asymmetric', "meta": {"name": "ordered rsacontainer", "algorithm": "rsa", - "bit_length": 1024, + "bit_length": 2048, "passphrase": "password", "mode": "cbc"}} diff --git a/functionaltests/api/v1/functional/test_secrets.py b/functionaltests/api/v1/functional/test_secrets.py index 2b7006d65..5c86b1d04 100644 --- a/functionaltests/api/v1/functional/test_secrets.py +++ b/functionaltests/api/v1/functional/test_secrets.py @@ -22,6 +22,7 @@ import time from testtools import testcase from barbican.plugin.util import translations +from barbican.tests import keys from barbican.tests import utils from functionaltests.api import base from functionaltests.api.v1.behaviors import secret_behaviors @@ -38,9 +39,9 @@ def get_private_key_req(): 'payload_content_type': 'application/octet-stream', 'payload_content_encoding': 'base64', 'algorithm': 'rsa', - 'bit_length': 1024, + 'bit_length': 2048, 'secret_type': 'private', - 'payload': base64.b64encode(utils.get_private_key())} + 'payload': base64.b64encode(keys.get_private_key_pem())} def get_public_key_req(): @@ -48,9 +49,9 @@ def get_public_key_req(): 'payload_content_type': 'application/octet-stream', 'payload_content_encoding': 'base64', 'algorithm': 'rsa', - 'bit_length': 1024, + 'bit_length': 2048, 'secret_type': 'public', - 'payload': base64.b64encode(utils.get_public_key())} + 'payload': base64.b64encode(keys.get_public_key_pem())} def get_certificate_req(): @@ -58,9 +59,9 @@ def get_certificate_req(): 'payload_content_type': 'application/octet-stream', 'payload_content_encoding': 'base64', 'algorithm': 'rsa', - 'bit_length': 1024, + 'bit_length': 2048, 'secret_type': 'certificate', - 'payload': base64.b64encode(utils.get_certificate())} + 'payload': base64.b64encode(keys.get_certificate_pem())} def get_passphrase_req(): @@ -921,13 +922,13 @@ class SecretsTestCase(base.TestCase): get_default_payload()), get_default_data()], 'private': ['private', - utils.get_private_key(), + keys.get_private_key_pem(), get_private_key_req()], 'public': ['public', - utils.get_public_key(), + keys.get_public_key_pem(), get_public_key_req()], 'certificate': ['certificate', - utils.get_certificate(), + keys.get_certificate_pem(), get_certificate_req()], 'passphrase': ['passphrase', 'mysecretpassphrase',