zydronium/google-nomulus
1
0
Fork 0
mirror of https://github.com/google/nomulus.git synced 2025-07-22 02:36:03 +02:00
Code Issues Projects Releases Packages Wiki Activity

Remove the ability to download service account credentials

Browse source 
-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=224034254
This commit is contained in:
jianglai 2018-12-04 13:19:27 -08:00
parent 879c48b079
commit aeedc427ad
12 changed files with 32 additions and 278 deletions
Download patch file Download diff file Expand all files Collapse all files

27
javatests/google/registry/keyring/kms/KmsKeyringTest.java
View file

@ -16,10 +16,8 @@ package google.registry.keyring.kms;
import static com.google.common.truth.Truth.assertThat;
import static google.registry.testing.DatastoreHelper.persistResources;
import static java.nio.charset.StandardCharsets.UTF_8;
import com.google.common.collect.ImmutableList;
import com.google.common.io.BaseEncoding;
import google.registry.keyring.api.KeySerializer;
import google.registry.model.server.KmsSecret;
import google.registry.model.server.KmsSecretRevision;
@ -29,7 +27,6 @@ import google.registry.testing.BouncyCastleProviderRule;
import org.bouncycastle.openpgp.PGPKeyPair;
import org.bouncycastle.openpgp.PGPPrivateKey;
import org.bouncycastle.openpgp.PGPPublicKey;
import org.bouncycastle.util.Arrays;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
@ -177,30 +174,6 @@ public class KmsKeyringTest {
assertThat(jsonCredential).isEqualTo("json-credential-stringmoo");
}
@Test
public void test_getEncryptedJsonCredential() {
saveCleartextSecret("json-credential-string");
String encryptedJsonCredential = keyring.getEncryptedData("json-credential-string");
assertThat(
new String(
Arrays.reverse(BaseEncoding.base64().decode(encryptedJsonCredential)), UTF_8))
.isEqualTo("json-credential-stringmoo");
}
@Test
public void test_decryptJsonCredential() {
saveCleartextSecret("json-credential-string");
String encryptedJsonCredential = keyring.getEncryptedData("json-credential-string");
assertThat(
new String(
keyring.getDecryptedData("json-credential-string", encryptedJsonCredential), UTF_8))
.isEqualTo("json-credential-stringmoo");
}
private static void persistSecret(String secretName, byte[] secretValue) {
KmsConnection kmsConnection = new FakeKmsConnection();