mirror of
https://github.com/google/nomulus.git
synced 2025-07-01 08:43:34 +02:00
Remove the ability to download service account credentials
------------- Created by MOE: https://github.com/google/moe MOE_MIGRATED_REVID=224034254
This commit is contained in:
parent
879c48b079
commit
aeedc427ad
12 changed files with 32 additions and 278 deletions
|
@ -16,10 +16,8 @@ package google.registry.keyring.kms;
|
|||
|
||||
import static com.google.common.truth.Truth.assertThat;
|
||||
import static google.registry.testing.DatastoreHelper.persistResources;
|
||||
import static java.nio.charset.StandardCharsets.UTF_8;
|
||||
|
||||
import com.google.common.collect.ImmutableList;
|
||||
import com.google.common.io.BaseEncoding;
|
||||
import google.registry.keyring.api.KeySerializer;
|
||||
import google.registry.model.server.KmsSecret;
|
||||
import google.registry.model.server.KmsSecretRevision;
|
||||
|
@ -29,7 +27,6 @@ import google.registry.testing.BouncyCastleProviderRule;
|
|||
import org.bouncycastle.openpgp.PGPKeyPair;
|
||||
import org.bouncycastle.openpgp.PGPPrivateKey;
|
||||
import org.bouncycastle.openpgp.PGPPublicKey;
|
||||
import org.bouncycastle.util.Arrays;
|
||||
import org.junit.Before;
|
||||
import org.junit.Rule;
|
||||
import org.junit.Test;
|
||||
|
@ -177,30 +174,6 @@ public class KmsKeyringTest {
|
|||
assertThat(jsonCredential).isEqualTo("json-credential-stringmoo");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void test_getEncryptedJsonCredential() {
|
||||
saveCleartextSecret("json-credential-string");
|
||||
|
||||
String encryptedJsonCredential = keyring.getEncryptedData("json-credential-string");
|
||||
|
||||
assertThat(
|
||||
new String(
|
||||
Arrays.reverse(BaseEncoding.base64().decode(encryptedJsonCredential)), UTF_8))
|
||||
.isEqualTo("json-credential-stringmoo");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void test_decryptJsonCredential() {
|
||||
saveCleartextSecret("json-credential-string");
|
||||
|
||||
String encryptedJsonCredential = keyring.getEncryptedData("json-credential-string");
|
||||
|
||||
assertThat(
|
||||
new String(
|
||||
keyring.getDecryptedData("json-credential-string", encryptedJsonCredential), UTF_8))
|
||||
.isEqualTo("json-credential-stringmoo");
|
||||
}
|
||||
|
||||
private static void persistSecret(String secretName, byte[] secretValue) {
|
||||
KmsConnection kmsConnection = new FakeKmsConnection();
|
||||
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue