saltstack/salt
1
0
Fork 0
mirror of https://github.com/saltstack/salt.git synced 2025-04-10 14:51:40 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

fix nacl.keygen for not yet existing sk_file or pk_file

Browse source
This commit is contained in:
hurzhurz 2024-08-01 11:48:28 +00:00 committed by Daniel Wozniak
parent 748943cd59
commit 698979fe55
3 changed files with 19 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
changelog/66772.fixed.md Normal file
View file

@ -0,0 +1 @@
Fixed nacl.keygen for not yet existing sk_file or pk_file

8
salt/utils/nacl.py
View file

@ -182,12 +182,12 @@ def keygen(sk_file=None, pk_file=None, **kwargs):
with salt.utils.files.fopen(sk_file, "rb") as keyf:
sk = salt.utils.stringutils.to_unicode(keyf.read()).rstrip("\n")
sk = base64.b64decode(sk)
kp = nacl.public.PublicKey(sk)
kp = nacl.public.PrivateKey(sk)
with salt.utils.files.fopen(pk_file, "wb") as keyf:
keyf.write(base64.b64encode(kp.encode()))
keyf.write(base64.b64encode(kp.public_key.encode()))
return f"saved pk_file: {pk_file}"
kp = nacl.public.PublicKey.generate()
kp = nacl.public.PrivateKey.generate()
with salt.utils.files.fopen(sk_file, "wb") as keyf:
keyf.write(base64.b64encode(kp.encode()))
if salt.utils.platform.is_windows():
@ -200,7 +200,7 @@ def keygen(sk_file=None, pk_file=None, **kwargs):
# chmod 0600 file
os.chmod(sk_file, 1536)
with salt.utils.files.fopen(pk_file, "wb") as keyf:
keyf.write(base64.b64encode(kp.encode()))
keyf.write(base64.b64encode(kp.public_key.encode()))
return f"saved sk_file:{sk_file} pk_file: {pk_file}"

14
tests/pytests/unit/utils/test_nacl.py
View file

@ -73,6 +73,20 @@ def test_keygen_keyfile(test_keygen):
ret = nacl.keygen(keyfile=fpath)
assert f"saved pk_file: {fpath}.pub" == ret
with salt.utils.files.fopen(str(fpath) + ".pub", "rb") as rfh:
assert test_keygen["pk"] == rfh.read()
salt.utils.files.remove(str(fpath) + ".pub")
def test_keygen_nonexistent_sk_file():
"""
test nacl.keygen function
with nonexistent/new sk_file
"""
with pytest.helpers.temp_file("test_keygen_sk_file") as fpath:
salt.utils.files.remove(str(fpath))
ret = nacl.keygen(sk_file=str(fpath))
assert f"saved sk_file:{fpath} pk_file: {fpath}.pub" == ret
salt.utils.files.remove(str(fpath) + ".pub")