from sdkms.v1.models.object_type import ObjectType from sdkms.v1.models.digest_algorithm import DigestAlgorithm from sdkms.v1.models.signature_mode import SignatureMode from sdkms.v1.models.mgf import Mgf from sdkms.v1.models.mgf_mgf1 import MgfMgf1 from sdkms.v1.models.rsa_signature_padding_pss import RsaSignaturePaddingPSS
DEFAULT_API_ENDPOINT = "https://apps.smartkey.io"
ca_certificate = None
# Global API instance dict. api_instances = {}
# Unique ID to append to key names to make sure they're unique. my_unique_id = base64.b64encode(bytearray(os.urandom(16))).decode('ascii')
# Global set of keys created by the test, will be cleaned up automatically. keys = []
iv = bytearray(os.urandom(16)) plain = bytearray("Fortanix".encode('utf-8'))
def print_debug(*args, **kwargs): if cl_args.debug: print(*args, **kwargs)
def parse_arguments(): parser = argparse.ArgumentParser(description='SDKMS API perf/stress test')
# This construction allows us to use the API endpoint if it's specified # on the command-line, then use the environment variable if it's set, # then use the program-default endpoint if neither is set. parser.add_argument('--api-endpoint', default=os.getenv('FORTANIX_API_ENDPOINT', DEFAULT_API_ENDPOINT))
parser.add_argument('--api-key', default=os.getenv('FORTANIX_API_KEY', None)) parser.add_argument('--debug', default=False, action='store_true', help='enable debug logging') parser.add_argument('--no-verify-ssl', default=True, action='store_false', dest='verify_ssl', help='Disables SSL verification. Useful for ' 'locally running SDKMS') parser.add_argument('--ca-certificate', help='Set the CA certificate to be' 'used for the TLS root of trust')
global cl_args cl_args = parser.parse_args()
if cl_args.api_key is None: print('No API key specified.') print('Please specify an API key via the --api-key option or ' 'FORTANIX_API_KEY') print('environment variable') exit(1)
global ca_certificate if cl_args.ca_certificate: ca_certificate = cl_args.ca_certificate
def initialize_api_clients(): # TODO: We should have a separate auth endpoint for API keys, so we # don't need to do this parsing in the client code. api_key = base64.b64decode(cl_args.api_key).decode('ascii') print_debug('Using API key {}'.format(api_key)) parts = api_key.split(':') if len(parts) != 2: print('Invalid API key provided') exit(1)
# The swagger interface calls this type of authorization an 'apiKey'. # This is not related to the SDKMS notion of an API key. The swagger # apiKey is our auth token. config.api_key['Authorization'] = auth.access_token config.api_key_prefix['Authorization'] = 'Bearer'
def create_key(key_type, size, elliptic_curve=None): keynum = len(keys) request = sdkms.v1.SobjectRequest( name='basic-test-key-{}-{}-{}-{}'.format(my_unique_id, key_type.value, size, keynum), description='Generated by automatic test instance {}-{}'.format( my_unique_id, keynum), key_size=size, obj_type=key_type, elliptic_curve=elliptic_curve) kid = get_api_instance('sobjects').generate_security_object(request).kid # In addition to returning the kid, we put the key on the list of test # keys, so we can clean up the keys later. keys.append(kid) return kid
Comments
Please sign in to leave a comment.