chore(xtest): Add test of key mgmt create WIP #319
Conversation
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Summary of Changes
Hello @dmihalcik-virtru, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!
This pull request primarily focuses on expanding the xtest suite to incorporate and validate key management capabilities. My changes introduce refined data models for KAS keys, enable programmatic key creation via the command-line tool, and establish a clear mechanism for associating these managed keys with attributes. The core outcome is a new end-to-end test that confirms the proper functioning of encryption and decryption when attributes are tied to KAS-managed keys, thereby bolstering the robustness of the key management system's testing.
Highlights
- Key Management Models: I've introduced new Pydantic models (
SimpleKasPublicKey,SimpleKasKey,PrivateKeyCtx,KeyProviderConfig) and refactored existing ones (PublicKeyCtx,AsymmetricKey) inxtest/abac.py. These changes provide a more comprehensive representation of KAS key structures, including private key contexts and key provider configurations. - KAS Key Creation Functionality: I've added a
kas_registry_key_createmethod toxtest/abac.py'sOpentdfCommandLineTool. This new method allows for programmatic creation of KAS keys using theotdfctlCLI, supporting local mode, RSA 2048 algorithm, and specified wrapping keys. - Attribute-Key Association: The
AttributeValuemodel inxtest/abac.pyhas been enhanced to include an optionalkas_keysfield. This enables the direct association ofSimpleKasKeyinstances with attributes, linking policy attributes to specific KAS-managed keys. - New Test Fixture for Managed Keys: I've created a new pytest fixture,
attribute_with_managed_keys, inxtest/conftest.py. This fixture sets up a test scenario by creating a KAS-managed key and associating it with a test attribute, ensuring tests can easily leverage this new functionality. It also includes a skip condition if key management is not enabled. - End-to-End Test for Managed Keys: I've implemented
test_key_mapping_from_mgmtinxtest/test_abac.py. This new test validates the complete encryption and decryption flow when data is protected with attributes linked to KAS-managed keys, including verification of the manifest's key access information. - Build Instructions Update: A minor update was made to
xtest/README.mdto include thego mod tidycommand in the build instructions, ensuring module dependencies are correctly managed during the setup process.
Using Gemini Code Assist
The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.
Invoking Gemini
You can request assistance from Gemini at any point in your pull request via creating an issue comment (i.e. comment on the pull request page) using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands.
| Feature | Command | Description |
|---|---|---|
| Code Review | /gemini review |
Performs a code review for the current pull request in its current state. |
| Pull Request Summary | /gemini summary |
Provides a summary of the current pull request in its current state. |
| Comment | @gemini-code-assist | Responds in comments when explicitly tagged, both in issue comments and review comments. |
| Help | /gemini help |
Displays a list of available commands. |
Customization
To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.
Limitations & Feedback
Gemini Code Assist is currently in preview and may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments to provide feedback.
You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.
Footnotes
-
Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩
There was a problem hiding this comment.
Code Review
This pull request introduces tests for key management creation. I've identified a critical issue in abac.py with a duplicated command-line argument, and high-severity issues in subprocess error handling and environment variable access. A test bug in test_abac.py could lead to incorrect test results. Please address these comments.
|
|
||
| logger.info(f"kr-keys-create [{' '.join(cmd)}]") | ||
|
|
||
| cmd += [f"--wrapping-key={os.environ['OT_ROOT_KEY']}"] |
There was a problem hiding this comment.
The --wrapping-key argument is added twice to the command list. Remove the duplicate on this line to avoid unexpected behavior.
| "--mode=local", | ||
| "--algorithm=rsa:2048", | ||
| "--wrapping-key-id=wrapping-key-1", | ||
| f"--wrapping-key={os.environ['OT_ROOT_KEY']}", |
There was a problem hiding this comment.
Direct access to os.environ['OT_ROOT_KEY'] can raise a KeyError if the environment variable is not set. Use os.getenv() with a default value or explicit error handling to prevent this 1.
Style Guide References
Footnotes
| process = subprocess.Popen(cmd, stdout=subprocess.PIPE) | ||
| out, err = process.communicate() | ||
| if err: | ||
| print(err, file=sys.stderr) | ||
| raise RuntimeError(f"Error creating KAS key: {err.decode()}") | ||
| if out: | ||
| print(out) | ||
| assert process.returncode == 0 | ||
| return KasKey.model_validate_json(out) |
There was a problem hiding this comment.
The subprocess execution lacks proper error handling. Capture stderr, check process.returncode, decode the error output, and remove the redundant assert 1.
Style Guide References
| process = subprocess.Popen(cmd, stdout=subprocess.PIPE) | |
| out, err = process.communicate() | |
| if err: | |
| print(err, file=sys.stderr) | |
| raise RuntimeError(f"Error creating KAS key: {err.decode()}") | |
| if out: | |
| print(out) | |
| assert process.returncode == 0 | |
| return KasKey.model_validate_json(out) | |
| process = subprocess.Popen(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE) | |
| out, err = process.communicate() | |
| if process.returncode != 0: | |
| error_output = err.decode() if err else "Unknown error" | |
| print(error_output, file=sys.stderr) | |
| raise RuntimeError(f"Error creating KAS key: {error_output}") | |
| if out: | |
| print(out) | |
| return KasKey.model_validate_json(out) |
Footnotes
xtest/test_abac.py
Outdated
| tdfs.skip_connectrpc_skew(encrypt_sdk, decrypt_sdk, pfs) | ||
| tdfs.skip_hexless_skew(encrypt_sdk, decrypt_sdk) | ||
|
|
||
| sample_name = f"multimechanism-{encrypt_sdk}" |
There was a problem hiding this comment.
The sample_name is not unique, potentially causing the test to reuse ciphertext files from test_key_mapping_multiple_mechanisms. Use a unique name to avoid collisions and ensure correct test behavior.
| sample_name = f"multimechanism-{encrypt_sdk}" | |
| sample_name = f"keymgmt-from-mgmt-{encrypt_sdk}" |
dmihalcik-virtru
force-pushed
the
DSPX-1111-rotate
branch
from
cbd5dc3 to
9b06528
Compare
|
dmihalcik-virtru
force-pushed
the
DSPX-1111-rotate
branch
from
9b06528 to
f7e30b6
Compare
|
1 participant
No description provided.