summaryrefslogtreecommitdiffstats
path: root/ansible_collections/community/crypto/tests/unit
diff options
context:
space:
mode:
Diffstat (limited to 'ansible_collections/community/crypto/tests/unit')
-rw-r--r--ansible_collections/community/crypto/tests/unit/plugins/module_utils/crypto/test_pem.py67
-rw-r--r--ansible_collections/community/crypto/tests/unit/plugins/modules/test_luks_device.py30
2 files changed, 83 insertions, 14 deletions
diff --git a/ansible_collections/community/crypto/tests/unit/plugins/module_utils/crypto/test_pem.py b/ansible_collections/community/crypto/tests/unit/plugins/module_utils/crypto/test_pem.py
new file mode 100644
index 000000000..183d81b92
--- /dev/null
+++ b/ansible_collections/community/crypto/tests/unit/plugins/module_utils/crypto/test_pem.py
@@ -0,0 +1,67 @@
+# -*- coding: utf-8 -*-
+
+# Copyright (c) 2023, Felix Fontein <felix@fontein.de>
+# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+from __future__ import absolute_import, division, print_function
+__metaclass__ = type
+
+import pytest
+
+from ansible_collections.community.crypto.plugins.module_utils.crypto.pem import (
+ identify_pem_format,
+ identify_private_key_format,
+ split_pem_list,
+ extract_first_pem,
+)
+
+
+PEM_TEST_CASES = [
+ (b'', [], False, 'raw'),
+ (b'random stuff\nblabla', [], False, 'raw'),
+ (b'-----BEGIN PRIVATE KEY-----', [], False, 'raw'),
+ (
+ b'-----BEGIN PRIVATE KEY-----\n-----END PRIVATE KEY-----',
+ ['-----BEGIN PRIVATE KEY-----\n-----END PRIVATE KEY-----'],
+ True,
+ 'pkcs8',
+ ),
+ (
+ b'foo=bar\n# random stuff\n-----BEGIN RSA PRIVATE KEY-----\nblabla\n-----END RSA PRIVATE KEY-----\nmore stuff\n',
+ ['-----BEGIN RSA PRIVATE KEY-----\nblabla\n-----END RSA PRIVATE KEY-----\n'],
+ True,
+ 'pkcs1',
+ ),
+ (
+ b'foo=bar\n# random stuff\n-----BEGIN CERTIFICATE-----\nblabla\n-----END CERTIFICATE-----\nmore stuff\n'
+ b'\n-----BEGIN CERTIFICATE-----\nfoobar\n-----END CERTIFICATE-----',
+ [
+ '-----BEGIN CERTIFICATE-----\nblabla\n-----END CERTIFICATE-----\n',
+ '-----BEGIN CERTIFICATE-----\nfoobar\n-----END CERTIFICATE-----',
+ ],
+ True,
+ 'unknown-pem',
+ ),
+ (
+ b'-----BEGINCERTIFICATE-----\n-----BEGIN CERTIFICATE-----\n-----BEGINCERTIFICATE-----\n-----END CERTIFICATE-----\n-----BEGINCERTIFICATE-----\n',
+ [
+ '-----BEGIN CERTIFICATE-----\n-----BEGINCERTIFICATE-----\n-----END CERTIFICATE-----\n',
+ ],
+ True,
+ 'unknown-pem',
+ ),
+]
+
+
+@pytest.mark.parametrize('data, pems, is_pem, private_key_type', PEM_TEST_CASES)
+def test_pem_handling(data, pems, is_pem, private_key_type):
+ assert identify_pem_format(data) == is_pem
+ assert identify_private_key_format(data) == private_key_type
+ try:
+ text = data.decode('utf-8')
+ assert split_pem_list(text) == pems
+ first_pem = pems[0] if pems else None
+ assert extract_first_pem(text) == first_pem
+ except UnicodeDecodeError:
+ pass
diff --git a/ansible_collections/community/crypto/tests/unit/plugins/modules/test_luks_device.py b/ansible_collections/community/crypto/tests/unit/plugins/modules/test_luks_device.py
index c773640c6..371001827 100644
--- a/ansible_collections/community/crypto/tests/unit/plugins/modules/test_luks_device.py
+++ b/ansible_collections/community/crypto/tests/unit/plugins/modules/test_luks_device.py
@@ -148,16 +148,16 @@ LUKS_ADD_KEY_DATA = (
# device, remove_key, remove_passphrase, state, label, expected
LUKS_REMOVE_KEY_DATA = (
- ("dummy", "key", None, "present", None, True),
- (None, "key", None, "present", None, False),
- (None, "key", None, "present", "labelName", True),
- ("dummy", None, None, "present", None, False),
- ("dummy", "key", None, "absent", None, "exception"),
- ("dummy", None, "foo", "present", None, True),
- (None, None, "foo", "present", None, False),
- (None, None, "foo", "present", "labelName", True),
- ("dummy", None, None, "present", None, False),
- ("dummy", None, "foo", "absent", None, "exception"))
+ ("dummy", "key", None, None, "present", None, True),
+ (None, "key", None, None, "present", None, False),
+ (None, "key", None, None, "present", "labelName", True),
+ ("dummy", None, None, None, "present", None, False),
+ ("dummy", "key", None, None, "absent", None, "exception"),
+ ("dummy", None, "foo", None, "present", None, True),
+ (None, None, "foo", None, "present", None, False),
+ (None, None, "foo", None, "present", "labelName", True),
+ ("dummy", None, None, None, "present", None, False),
+ ("dummy", None, "foo", None, "absent", None, "exception"))
@pytest.mark.parametrize("device, keyfile, passphrase, state, is_luks, " +
@@ -275,6 +275,7 @@ def test_luks_add_key(device, keyfile, passphrase, new_keyfile, new_passphrase,
module.params["passphrase"] = passphrase
module.params["new_keyfile"] = new_keyfile
module.params["new_passphrase"] = new_passphrase
+ module.params["new_keyslot"] = None
module.params["state"] = state
module.params["label"] = label
@@ -291,17 +292,18 @@ def test_luks_add_key(device, keyfile, passphrase, new_keyfile, new_passphrase,
assert expected == "exception"
-@pytest.mark.parametrize("device, remove_keyfile, remove_passphrase, state, " +
- "label, expected",
- ((d[0], d[1], d[2], d[3], d[4], d[5])
+@pytest.mark.parametrize("device, remove_keyfile, remove_passphrase, remove_keyslot, " +
+ "state, label, expected",
+ ((d[0], d[1], d[2], d[3], d[4], d[5], d[6])
for d in LUKS_REMOVE_KEY_DATA))
-def test_luks_remove_key(device, remove_keyfile, remove_passphrase, state,
+def test_luks_remove_key(device, remove_keyfile, remove_passphrase, remove_keyslot, state,
label, expected, monkeypatch):
module = DummyModule()
module.params["device"] = device
module.params["remove_keyfile"] = remove_keyfile
module.params["remove_passphrase"] = remove_passphrase
+ module.params["remove_keyslot"] = remove_keyslot
module.params["state"] = state
module.params["label"] = label