diff options
Diffstat (limited to 'ansible_collections/community/crypto/tests/unit')
-rw-r--r-- | ansible_collections/community/crypto/tests/unit/plugins/module_utils/crypto/test_pem.py | 67 | ||||
-rw-r--r-- | ansible_collections/community/crypto/tests/unit/plugins/modules/test_luks_device.py | 30 |
2 files changed, 83 insertions, 14 deletions
diff --git a/ansible_collections/community/crypto/tests/unit/plugins/module_utils/crypto/test_pem.py b/ansible_collections/community/crypto/tests/unit/plugins/module_utils/crypto/test_pem.py new file mode 100644 index 000000000..183d81b92 --- /dev/null +++ b/ansible_collections/community/crypto/tests/unit/plugins/module_utils/crypto/test_pem.py @@ -0,0 +1,67 @@ +# -*- coding: utf-8 -*- + +# Copyright (c) 2023, Felix Fontein <felix@fontein.de> +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + +import pytest + +from ansible_collections.community.crypto.plugins.module_utils.crypto.pem import ( + identify_pem_format, + identify_private_key_format, + split_pem_list, + extract_first_pem, +) + + +PEM_TEST_CASES = [ + (b'', [], False, 'raw'), + (b'random stuff\nblabla', [], False, 'raw'), + (b'-----BEGIN PRIVATE KEY-----', [], False, 'raw'), + ( + b'-----BEGIN PRIVATE KEY-----\n-----END PRIVATE KEY-----', + ['-----BEGIN PRIVATE KEY-----\n-----END PRIVATE KEY-----'], + True, + 'pkcs8', + ), + ( + b'foo=bar\n# random stuff\n-----BEGIN RSA PRIVATE KEY-----\nblabla\n-----END RSA PRIVATE KEY-----\nmore stuff\n', + ['-----BEGIN RSA PRIVATE KEY-----\nblabla\n-----END RSA PRIVATE KEY-----\n'], + True, + 'pkcs1', + ), + ( + b'foo=bar\n# random stuff\n-----BEGIN CERTIFICATE-----\nblabla\n-----END CERTIFICATE-----\nmore stuff\n' + b'\n-----BEGIN CERTIFICATE-----\nfoobar\n-----END CERTIFICATE-----', + [ + '-----BEGIN CERTIFICATE-----\nblabla\n-----END CERTIFICATE-----\n', + '-----BEGIN CERTIFICATE-----\nfoobar\n-----END CERTIFICATE-----', + ], + True, + 'unknown-pem', + ), + ( + b'-----BEGINCERTIFICATE-----\n-----BEGIN CERTIFICATE-----\n-----BEGINCERTIFICATE-----\n-----END CERTIFICATE-----\n-----BEGINCERTIFICATE-----\n', + [ + '-----BEGIN CERTIFICATE-----\n-----BEGINCERTIFICATE-----\n-----END CERTIFICATE-----\n', + ], + True, + 'unknown-pem', + ), +] + + +@pytest.mark.parametrize('data, pems, is_pem, private_key_type', PEM_TEST_CASES) +def test_pem_handling(data, pems, is_pem, private_key_type): + assert identify_pem_format(data) == is_pem + assert identify_private_key_format(data) == private_key_type + try: + text = data.decode('utf-8') + assert split_pem_list(text) == pems + first_pem = pems[0] if pems else None + assert extract_first_pem(text) == first_pem + except UnicodeDecodeError: + pass diff --git a/ansible_collections/community/crypto/tests/unit/plugins/modules/test_luks_device.py b/ansible_collections/community/crypto/tests/unit/plugins/modules/test_luks_device.py index c773640c6..371001827 100644 --- a/ansible_collections/community/crypto/tests/unit/plugins/modules/test_luks_device.py +++ b/ansible_collections/community/crypto/tests/unit/plugins/modules/test_luks_device.py @@ -148,16 +148,16 @@ LUKS_ADD_KEY_DATA = ( # device, remove_key, remove_passphrase, state, label, expected LUKS_REMOVE_KEY_DATA = ( - ("dummy", "key", None, "present", None, True), - (None, "key", None, "present", None, False), - (None, "key", None, "present", "labelName", True), - ("dummy", None, None, "present", None, False), - ("dummy", "key", None, "absent", None, "exception"), - ("dummy", None, "foo", "present", None, True), - (None, None, "foo", "present", None, False), - (None, None, "foo", "present", "labelName", True), - ("dummy", None, None, "present", None, False), - ("dummy", None, "foo", "absent", None, "exception")) + ("dummy", "key", None, None, "present", None, True), + (None, "key", None, None, "present", None, False), + (None, "key", None, None, "present", "labelName", True), + ("dummy", None, None, None, "present", None, False), + ("dummy", "key", None, None, "absent", None, "exception"), + ("dummy", None, "foo", None, "present", None, True), + (None, None, "foo", None, "present", None, False), + (None, None, "foo", None, "present", "labelName", True), + ("dummy", None, None, None, "present", None, False), + ("dummy", None, "foo", None, "absent", None, "exception")) @pytest.mark.parametrize("device, keyfile, passphrase, state, is_luks, " + @@ -275,6 +275,7 @@ def test_luks_add_key(device, keyfile, passphrase, new_keyfile, new_passphrase, module.params["passphrase"] = passphrase module.params["new_keyfile"] = new_keyfile module.params["new_passphrase"] = new_passphrase + module.params["new_keyslot"] = None module.params["state"] = state module.params["label"] = label @@ -291,17 +292,18 @@ def test_luks_add_key(device, keyfile, passphrase, new_keyfile, new_passphrase, assert expected == "exception" -@pytest.mark.parametrize("device, remove_keyfile, remove_passphrase, state, " + - "label, expected", - ((d[0], d[1], d[2], d[3], d[4], d[5]) +@pytest.mark.parametrize("device, remove_keyfile, remove_passphrase, remove_keyslot, " + + "state, label, expected", + ((d[0], d[1], d[2], d[3], d[4], d[5], d[6]) for d in LUKS_REMOVE_KEY_DATA)) -def test_luks_remove_key(device, remove_keyfile, remove_passphrase, state, +def test_luks_remove_key(device, remove_keyfile, remove_passphrase, remove_keyslot, state, label, expected, monkeypatch): module = DummyModule() module.params["device"] = device module.params["remove_keyfile"] = remove_keyfile module.params["remove_passphrase"] = remove_passphrase + module.params["remove_keyslot"] = remove_keyslot module.params["state"] = state module.params["label"] = label |