tripleo-common/tripleo_common/tests/utils/test_passwords.py
Ade Lee 577c90582a Added ability to generate kek for barbican simple crypto backend
The KEK is used in a fernet.Fernet encryptor so it needs to be a
32 byte base64 encoded string - just like the keystone Fernet
credentials.

Depends-On: I07e52897897f453382f74aa4fdaa98c37e6eca30
Change-Id: I192e9bc30d808d9d9b664f8d0d33966f98f5768b
2017-12-07 22:58:10 +00:00

82 lines
3.1 KiB
Python

# Copyright 2016 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
import mock
from oslo_utils import uuidutils
from tripleo_common.tests import base
from tripleo_common.utils import passwords as password_utils
class TestPasswords(base.TestCase):
def test_create_cephx_key(self):
key = password_utils.create_cephx_key()
self.assertEqual(len(key), 40)
def test_get_snmpd_readonly_user_password(self):
mock_mistral = mock.Mock()
mock_mistral.environments.get.return_value = mock.Mock(variables={
"undercloud_ceilometer_snmpd_password": "78cbc32b858718267c355d4"
})
value = password_utils.get_snmpd_readonly_user_password(mock_mistral)
self.assertEqual(value, "78cbc32b858718267c355d4")
@mock.patch('tripleo_common.utils.passwords.create_keystone_credential')
def test_fernet_keys_and_credentials(self, mock_create_creds):
keys = [uuidutils.generate_uuid(dashed=False),
uuidutils.generate_uuid(dashed=False),
uuidutils.generate_uuid(dashed=False),
uuidutils.generate_uuid(dashed=False),
uuidutils.generate_uuid(dashed=False),
uuidutils.generate_uuid(dashed=False),
uuidutils.generate_uuid(dashed=False)]
snmpd_password = uuidutils.generate_uuid(dashed=False)
mock_mistral = mock.Mock()
mock_mistral.environments.get.return_value = mock.Mock(variables={
"undercloud_ceilometer_snmpd_password": snmpd_password
})
# generate_passwords will be called multiple times
# but the order is based on how the strings are hashed, and thus
# not really predictable. So, make sure it is a unique one of the
# generated values
mock_create_creds.side_effect = keys
value = password_utils.generate_passwords(mock_mistral)
self.assertIn(value['KeystoneCredential0'], keys)
self.assertIn(value['KeystoneCredential1'], keys)
self.assertIn(value['KeystoneFernetKey0'], keys)
self.assertIn(value['KeystoneFernetKey1'], keys)
self.assertIn(value['BarbicanSimpleCryptoKek'], keys)
self.assertNotEqual(value['KeystoneFernetKey0'],
value['KeystoneFernetKey1'])
self.assertNotEqual(value['KeystoneCredential0'],
value['KeystoneCredential1'])
def test_create_ssh_keypair(self):
value = password_utils.create_ssh_keypair(comment="Foo")
self.assertEqual('ssh-rsa', value['public_key'][:7])
self.assertEqual('Foo', value['public_key'][-3:])