merging from master
This commit is contained in:
Bryan Alexander
commit
445f474534
125 changed files with 7406 additions and 3847 deletions
|
|
@ -7,25 +7,42 @@ from datetime import datetime, timedelta
|
|||
from boto3 import Session
|
||||
|
||||
from moto.core import BaseBackend, BaseModel
|
||||
<<<<<<< HEAD
|
||||
from moto.core.exceptions import JsonRESTError
|
||||
from moto.core.utils import iso_8601_datetime_without_milliseconds
|
||||
from moto.utilities.tagging_service import TaggingService
|
||||
=======
|
||||
from moto.core.utils import unix_time
|
||||
|
||||
from moto.iam.models import ACCOUNT_ID
|
||||
|
||||
>>>>>>> 100dbd529f174f18d579a1dcc066d55409f2e38f
|
||||
from .utils import decrypt, encrypt, generate_key_id, generate_master_key
|
||||
|
||||
|
||||
class Key(BaseModel):
|
||||
<<<<<<< HEAD
|
||||
def __init__(self, policy, key_usage, description, region):
|
||||
=======
|
||||
def __init__(
|
||||
self, policy, key_usage, customer_master_key_spec, description, tags, region
|
||||
):
|
||||
>>>>>>> 100dbd529f174f18d579a1dcc066d55409f2e38f
|
||||
self.id = generate_key_id()
|
||||
self.creation_date = unix_time()
|
||||
self.policy = policy
|
||||
self.key_usage = key_usage
|
||||
self.key_state = "Enabled"
|
||||
self.description = description
|
||||
self.enabled = True
|
||||
self.region = region
|
||||
self.account_id = "012345678912"
|
||||
self.account_id = ACCOUNT_ID
|
||||
self.key_rotation_status = False
|
||||
self.deletion_date = None
|
||||
self.key_material = generate_master_key()
|
||||
self.origin = "AWS_KMS"
|
||||
self.key_manager = "CUSTOMER"
|
||||
self.customer_master_key_spec = customer_master_key_spec or "SYMMETRIC_DEFAULT"
|
||||
|
||||
@property
|
||||
def physical_resource_id(self):
|
||||
|
|
@ -37,23 +54,55 @@ class Key(BaseModel):
|
|||
self.region, self.account_id, self.id
|
||||
)
|
||||
|
||||
@property
|
||||
def encryption_algorithms(self):
|
||||
if self.key_usage == "SIGN_VERIFY":
|
||||
return None
|
||||
elif self.customer_master_key_spec == "SYMMETRIC_DEFAULT":
|
||||
return ["SYMMETRIC_DEFAULT"]
|
||||
else:
|
||||
return ["RSAES_OAEP_SHA_1", "RSAES_OAEP_SHA_256"]
|
||||
|
||||
@property
|
||||
def signing_algorithms(self):
|
||||
if self.key_usage == "ENCRYPT_DECRYPT":
|
||||
return None
|
||||
elif self.customer_master_key_spec in ["ECC_NIST_P256", "ECC_SECG_P256K1"]:
|
||||
return ["ECDSA_SHA_256"]
|
||||
elif self.customer_master_key_spec == "ECC_NIST_P384":
|
||||
return ["ECDSA_SHA_384"]
|
||||
elif self.customer_master_key_spec == "ECC_NIST_P521":
|
||||
return ["ECDSA_SHA_512"]
|
||||
else:
|
||||
return [
|
||||
"RSASSA_PKCS1_V1_5_SHA_256",
|
||||
"RSASSA_PKCS1_V1_5_SHA_384",
|
||||
"RSASSA_PKCS1_V1_5_SHA_512",
|
||||
"RSASSA_PSS_SHA_256",
|
||||
"RSASSA_PSS_SHA_384",
|
||||
"RSASSA_PSS_SHA_512",
|
||||
]
|
||||
|
||||
def to_dict(self):
|
||||
key_dict = {
|
||||
"KeyMetadata": {
|
||||
"AWSAccountId": self.account_id,
|
||||
"Arn": self.arn,
|
||||
"CreationDate": iso_8601_datetime_without_milliseconds(datetime.now()),
|
||||
"CreationDate": self.creation_date,
|
||||
"CustomerMasterKeySpec": self.customer_master_key_spec,
|
||||
"Description": self.description,
|
||||
"Enabled": self.enabled,
|
||||
"EncryptionAlgorithms": self.encryption_algorithms,
|
||||
"KeyId": self.id,
|
||||
"KeyManager": self.key_manager,
|
||||
"KeyUsage": self.key_usage,
|
||||
"KeyState": self.key_state,
|
||||
"Origin": self.origin,
|
||||
"SigningAlgorithms": self.signing_algorithms,
|
||||
}
|
||||
}
|
||||
if self.key_state == "PendingDeletion":
|
||||
key_dict["KeyMetadata"][
|
||||
"DeletionDate"
|
||||
] = iso_8601_datetime_without_milliseconds(self.deletion_date)
|
||||
key_dict["KeyMetadata"]["DeletionDate"] = unix_time(self.deletion_date)
|
||||
return key_dict
|
||||
|
||||
def delete(self, region_name):
|
||||
|
|
@ -69,6 +118,7 @@ class Key(BaseModel):
|
|||
key = kms_backend.create_key(
|
||||
policy=properties["KeyPolicy"],
|
||||
key_usage="ENCRYPT_DECRYPT",
|
||||
customer_master_key_spec="SYMMETRIC_DEFAULT",
|
||||
description=properties["Description"],
|
||||
region=region_name,
|
||||
)
|
||||
|
|
@ -92,8 +142,17 @@ class KmsBackend(BaseBackend):
|
|||
self.key_to_aliases = defaultdict(set)
|
||||
self.tagger = TaggingService(keyName='TagKey', valueName='TagValue')
|
||||
|
||||
<<<<<<< HEAD
|
||||
def create_key(self, policy, key_usage, description, tags, region):
|
||||
key = Key(policy, key_usage, description, region)
|
||||
=======
|
||||
def create_key(
|
||||
self, policy, key_usage, customer_master_key_spec, description, tags, region
|
||||
):
|
||||
key = Key(
|
||||
policy, key_usage, customer_master_key_spec, description, tags, region
|
||||
)
|
||||
>>>>>>> 100dbd529f174f18d579a1dcc066d55409f2e38f
|
||||
self.keys[key.id] = key
|
||||
if tags != None and len(tags) > 0:
|
||||
self.tag_resource(key.id, tags)
|
||||
|
|
@ -211,9 +270,7 @@ class KmsBackend(BaseBackend):
|
|||
self.keys[key_id].deletion_date = datetime.now() + timedelta(
|
||||
days=pending_window_in_days
|
||||
)
|
||||
return iso_8601_datetime_without_milliseconds(
|
||||
self.keys[key_id].deletion_date
|
||||
)
|
||||
return unix_time(self.keys[key_id].deletion_date)
|
||||
|
||||
def encrypt(self, key_id, plaintext, encryption_context):
|
||||
key_id = self.any_id_to_key_id(key_id)
|
||||
|
|
|
|||
|
|
@ -118,11 +118,12 @@ class KmsResponse(BaseResponse):
|
|||
"""https://docs.aws.amazon.com/kms/latest/APIReference/API_CreateKey.html"""
|
||||
policy = self.parameters.get("Policy")
|
||||
key_usage = self.parameters.get("KeyUsage")
|
||||
customer_master_key_spec = self.parameters.get("CustomerMasterKeySpec")
|
||||
description = self.parameters.get("Description")
|
||||
tags = self.parameters.get("Tags")
|
||||
|
||||
key = self.kms_backend.create_key(
|
||||
policy, key_usage, description, tags, self.region
|
||||
policy, key_usage, customer_master_key_spec, description, tags, self.region
|
||||
)
|
||||
return json.dumps(key.to_dict())
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue