Augment references of pkcs1 with oaep
Rightly the system in use is RSAES-OAEP, part of the PKCS#1 standard.
"PKCS#1" is not enough information to communicate to someone the
encryption scheme in use. Refer to the scheme Zuul uses as "PKCS#1-OAEP"
or "pkcs1-oaep" to clarify.
Change-Id: I74dcde6fa3756354ce65233c64c6189d1b241e90
diff --git a/tests/encrypt_secret.py b/tests/encrypt_secret.py
index ab2c1df..b8524a0 100644
--- a/tests/encrypt_secret.py
+++ b/tests/encrypt_secret.py
@@ -27,7 +27,7 @@
private_key, public_key = \
encryption.deserialize_rsa_keypair(f.read())
- ciphertext = encryption.encrypt_pkcs1(sys.argv[1], public_key)
+ ciphertext = encryption.encrypt_pkcs1_oaep(sys.argv[1], public_key)
print(ciphertext.encode('base64'))
if __name__ == '__main__':
diff --git a/tests/fixtures/config/ansible/git/common-config/zuul.yaml b/tests/fixtures/config/ansible/git/common-config/zuul.yaml
index c21d694..3678f94 100644
--- a/tests/fixtures/config/ansible/git/common-config/zuul.yaml
+++ b/tests/fixtures/config/ansible/git/common-config/zuul.yaml
@@ -38,7 +38,7 @@
name: test_secret
data:
username: test-username
- password: !encrypted/pkcs1 |
+ password: !encrypted/pkcs1-oaep |
BFhtdnm8uXx7kn79RFL/zJywmzLkT1GY78P3bOtp4WghUFWobkifSu7ZpaV4NeO0s71YUsi1wGZZ
L0LveZjUN0t6OU1VZKSG8R5Ly7urjaSo1pPVIq5Rtt/H7W14Lecd+cUeKb4joeusC9drN3AA8a4o
ykcVpt1wVqUnTbMGC9ARMCQP6eopcs1l7tzMseprW4RDNhIuz3CRgd0QBMPl6VDoFgBPB8vxtJw+
diff --git a/tests/unit/test_encryption.py b/tests/unit/test_encryption.py
index 28ed76d..4dda78b 100644
--- a/tests/unit/test_encryption.py
+++ b/tests/unit/test_encryption.py
@@ -39,14 +39,14 @@
self.assertEqual(self.public.public_numbers(),
public2.public_numbers())
- def test_pkcs1(self):
+ def test_pkcs1_oaep(self):
"Verify encryption and decryption"
orig_plaintext = "some text to encrypt"
- ciphertext = encryption.encrypt_pkcs1(orig_plaintext, self.public)
- plaintext = encryption.decrypt_pkcs1(ciphertext, self.private)
+ ciphertext = encryption.encrypt_pkcs1_oaep(orig_plaintext, self.public)
+ plaintext = encryption.decrypt_pkcs1_oaep(ciphertext, self.private)
self.assertEqual(orig_plaintext, plaintext)
- def test_openssl_pkcs1(self):
+ def test_openssl_pkcs1_oaep(self):
"Verify that we can decrypt something encrypted with OpenSSL"
orig_plaintext = "some text to encrypt"
pem_public = encryption.serialize_rsa_public_key(self.public)
@@ -65,5 +65,5 @@
finally:
os.unlink(public_file.name)
- plaintext = encryption.decrypt_pkcs1(ciphertext, self.private)
+ plaintext = encryption.decrypt_pkcs1_oaep(ciphertext, self.private)
self.assertEqual(orig_plaintext, plaintext)
diff --git a/tests/unit/test_model.py b/tests/unit/test_model.py
index 377193f..45176fa 100644
--- a/tests/unit/test_model.py
+++ b/tests/unit/test_model.py
@@ -313,7 +313,7 @@
name: pypi-credentials
data:
username: test-username
- password: !encrypted/pkcs1 |
+ password: !encrypted/pkcs1-oaep |
BFhtdnm8uXx7kn79RFL/zJywmzLkT1GY78P3bOtp4WghUFWobkifSu7ZpaV4NeO0s71YUsi1wGZZ
L0LveZjUN0t6OU1VZKSG8R5Ly7urjaSo1pPVIq5Rtt/H7W14Lecd+cUeKb4joeusC9drN3AA8a4o
ykcVpt1wVqUnTbMGC9ARMCQP6eopcs1l7tzMseprW4RDNhIuz3CRgd0QBMPl6VDoFgBPB8vxtJw+