first pass at get_public_key requests and mocks

geemus · geemus · commit 76999f90e9ec · 2024-12-10T18:04:17.000Z
diff --git a/lib/fog/aws/kms.rb b/lib/fog/aws/kms.rb
@@ -20,6 +20,7 @@ class KMS < Fog::Service
       request :list_keys
       request :create_key
       request :describe_key
+      request :get_public_key
       request :schedule_key_deletion
 
       model_path 'fog/aws/models/kms'
@@ -31,7 +32,8 @@ def self.data
           @data ||= Hash.new do |hash, region|
             hash[region] = Hash.new do |region_hash, access_key|
               region_hash[access_key] = {
-                :keys => {},
+                keys: {},
+                pkeys: {}
               }
             end
           end
diff --git a/lib/fog/aws/parsers/kms/get_public_key.rb b/lib/fog/aws/parsers/kms/get_public_key.rb
@@ -0,0 +1,30 @@
+module Fog
+  module Parsers
+    module AWS
+      module KMS
+        class GetPublicKey < Fog::Parsers::Base
+          def reset
+            @response = {}
+          end
+
+          def start_element(name, attrs = [])
+            super
+            case name
+            when 'EncryptionAlgorithms', 'KeyAgreementAlgorithms', 'SigningAlgorithms'
+              @response[name] = []
+            end
+          end
+
+          def end_element(name)
+            case name
+            when 'KeyId', 'KeySpec', 'KeyUsage', 'PublicKey'
+              @response[name] = value
+            when 'EncryptionAlgorithms', 'KeyAgreementAlgorithms', 'SigningAlgorithms'
+              @response[name] << value
+            end
+          end
+        end
+      end
+    end
+  end
+end
diff --git a/lib/fog/aws/requests/kms/create_key.rb b/lib/fog/aws/requests/kms/create_key.rb
@@ -19,10 +19,10 @@ class Real
         # https://docs.aws.amazon.com/kms/latest/APIReference/API_CreateKey.html
         def create_key(*args)
           options = Fog::AWS::KMS.parse_create_key_args(args)
-          request(
+          request({
             'Action' => 'CreateKey',
             :parser => Fog::Parsers::AWS::KMS::DescribeKey.new
-          ).merge!(options)
+          }.merge!(options))
         end
       end
 
@@ -52,6 +52,14 @@ def create_key(*args)
 
           self.data[:keys][key_id] = key
 
+          spec = key['KeySpec']
+          size = spec.split('_').last
+          spec = spec.split("_#{size}").first
+          case spec
+          when 'RSA'
+            self.data[:pkeys][key_id] = OpenSSL::PKey::RSA.generate(size)
+          end
+
           response.body = { 'KeyMetadata' => key }
           response
         end
diff --git a/lib/fog/aws/requests/kms/get_public_key.rb b/lib/fog/aws/requests/kms/get_public_key.rb
@@ -0,0 +1,35 @@
+module Fog
+  module AWS
+    class KMS
+      class Real
+        require 'fog/aws/parsers/kms/get_public_key'
+
+        def get_public_key(identifier, grant_tokens = nil)
+          request(
+            'Action' => 'GetPublicKey',
+            'GrantTokens' => grant_tokens,
+            'KeyId' => identifier,
+            :parser => Fog::Parsers::AWS::KMS::GetPublicKey.new
+          )
+        end
+      end
+
+      class Mock
+        def get_public_key(identifier, grant_tokens = [])
+          response = Excon::Response.new
+          key = self.data[:keys][identifier]
+          pkey = self.data[:pkeys][identifier]
+
+          response.body = {
+            'KeyId' => key['KeyId'],
+            'KeyUsage' => key['KeyUsage'],
+            'KeySpec' => key['KeySpec'],
+            'PublicKey' => Base64.strict_encode64(pkey.public_to_der),
+            'SigningAlgorithms' => key['SigningAlgorithms']
+          }
+          response
+        end
+      end
+    end
+  end
+end
diff --git a/lib/fog/aws/requests/kms/list_keys.rb b/lib/fog/aws/requests/kms/list_keys.rb
@@ -2,7 +2,6 @@ module Fog
   module AWS
     class KMS
       class Real
-
         require 'fog/aws/parsers/kms/list_keys'
 
         def list_keys(options={})
diff --git a/tests/requests/kms/helper.rb b/tests/requests/kms/helper.rb
@@ -20,6 +20,16 @@ module Formats
         }
       }.freeze
 
+      GET_PUBLIC_KEY = {
+        'EncryptionAlgorithms' => Fog::Nullable::Array,
+        'KeyAgreementAlgorithms' => Fog::Nullable::Array,
+        'KeyId' => String,
+        'KeySpec' => String,
+        'KeyUsage' => String,
+        'PublicKey' => String,
+        'SigningAlgorithms' => Fog::Nullable::Array
+      }.freeze
+
       LIST_KEYS = {
         'Keys' => [{ 'KeyArn' => String, 'KeyId' => String }],
         'Marker' => Fog::Nullable::String,
diff --git a/tests/requests/kms/key_tests.rb b/tests/requests/kms/key_tests.rb
@@ -16,6 +16,12 @@
     result
   end
 
+  tests('#get_public_key').data_matches_schema(AWS::KMS::Formats::GET_PUBLIC_KEY) do
+    result = Fog::AWS[:kms].get_public_key(key_id).body
+    returns(key_id) { result['KeyId'] }
+    result
+  end
+
   tests('#list_keys').data_matches_schema(AWS::KMS::Formats::LIST_KEYS) do
     Fog::AWS[:kms].list_keys.body
   end
