OXIESEC PANEL
- Current Dir:
/
/
var
/
www
/
firebase
/
vendor
/
google
/
cloud-storage
/
tests
/
System
Server IP: 139.59.38.164
Upload:
Create Dir:
Name
Size
Modified
Perms
📁
..
-
08/12/2024 10:33:53 AM
rwxr-xr-x
📄
BucketLockRetentionPolicyTest.php
1.72 KB
08/12/2024 10:33:52 AM
rw-r--r--
📄
BucketRpoTest.php
2.44 KB
08/12/2024 10:33:52 AM
rw-r--r--
📄
HmacKeyTest.php
4.84 KB
08/12/2024 10:33:52 AM
rw-r--r--
📄
HoldObjectsTest.php
1.7 KB
08/12/2024 10:33:52 AM
rw-r--r--
📄
IamConfigurationTest.php
7.52 KB
08/12/2024 10:33:52 AM
rw-r--r--
📄
IamTest.php
3.71 KB
08/12/2024 10:33:52 AM
rw-r--r--
📄
KmsTest.php
5.45 KB
08/12/2024 10:33:52 AM
rw-r--r--
📄
ManageAclTest.php
2.25 KB
08/12/2024 10:33:52 AM
rw-r--r--
📄
ManageBucketsTest.php
16.3 KB
08/12/2024 10:33:52 AM
rw-r--r--
📄
ManageNotificationsTest.php
1.9 KB
08/12/2024 10:33:53 AM
rw-r--r--
📄
ManageObjectsTest.php
16.28 KB
08/12/2024 10:33:53 AM
rw-r--r--
📄
PostPolicyTest.php
4.49 KB
08/12/2024 10:33:53 AM
rw-r--r--
📄
README.md
835 bytes
08/12/2024 10:33:53 AM
rw-r--r--
📄
RequesterPaysTest.php
15.14 KB
08/12/2024 10:33:53 AM
rw-r--r--
📄
SignedUrlTest.php
7.93 KB
08/12/2024 10:33:53 AM
rw-r--r--
📄
StorageTestCase.php
2.5 KB
08/12/2024 10:33:53 AM
rw-r--r--
📁
StreamWrapper
-
08/12/2024 10:35:02 AM
rwxr-xr-x
📄
UploadObjectsTest.php
4.7 KB
08/12/2024 10:33:53 AM
rw-r--r--
📄
bootstrap.php
180 bytes
08/12/2024 10:33:52 AM
rw-r--r--
📁
data
-
08/12/2024 10:35:01 AM
rwxr-xr-x
Editing: KmsTest.php
Close
<?php /** * Copyright 2018 Google Inc. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ namespace Google\Cloud\Storage\Tests\System; use Google\Cloud\Core\Testing\System\KeyManager; use Google\Cloud\Storage\StorageObject; /** * @group storage * @group storage-kms */ class KmsTest extends StorageTestCase { const DATA = 'data'; const KEY_RING_ID = 'kms-kr'; const CRYPTO_KEY_ID_1 = 'key1'; const CRYPTO_KEY_ID_2 = 'key2'; private static $keyName1; private static $keyName2; public static function setUpBeforeClass(): void { parent::setUpBeforeClass(); $keyFilePath = getenv('GOOGLE_CLOUD_PHP_TESTS_KEY_PATH'); $encryption = new KeyManager( json_decode(file_get_contents($keyFilePath), true), self::$client->getServiceAccount(), self::getProjectId($keyFilePath) ); list(self::$keyName1, self::$keyName2) = $encryption->getKeyNames( self::KEY_RING_ID, [self::CRYPTO_KEY_ID_1, self::CRYPTO_KEY_ID_2] ); } public function testUpload() { $object = $this->upload(); $this->assertStringContainsString(self::$keyName1, $object->info()['kmsKeyName']); $this->assertEquals(self::DATA, $object->downloadAsString()); } public function testUploadWithDefaultKmsKeyNameOnBucket() { self::$bucket->update([ 'encryption' => [ 'defaultKmsKeyName' => self::$keyName1 ] ]); $object = $this->upload(['metadata' => null]); $this->assertStringContainsString(self::$keyName1, $object->info()['kmsKeyName']); $this->assertEquals(self::DATA, $object->downloadAsString()); // Reset default to none self::$bucket->update([ 'encryption' => null ]); $this->assertArrayNotHasKey('encryption', self::$bucket->info()); } public function testUploadExplicitKmsKeyOverridesDefaultOnBucket() { self::$bucket->update([ 'encryption' => [ 'defaultKmsKeyName' => self::$keyName1 ] ]); $object = $this->upload([ 'metadata' => [ 'kmsKeyName' => self::$keyName2 ] ]); $this->assertStringContainsString(self::$keyName2, $object->info()['kmsKeyName']); $this->assertEquals(self::DATA, $object->downloadAsString()); // Reset default to none self::$bucket->update([ 'encryption' => null ]); $this->assertArrayNotHasKey('encryption', self::$bucket->info()); } public function testRotatesKmsKeys() { $object = $this->upload(); $rewriteOptions = [ 'name' => uniqid(self::TESTING_PREFIX), 'destinationKmsKeyName' => self::$keyName2 ]; $rewrittenObject = $object->rewrite(self::$bucket, $rewriteOptions); $this->assertStringContainsString(self::$keyName2, $rewrittenObject->info()['kmsKeyName']); $this->assertEquals(self::DATA, $rewrittenObject->downloadAsString()); } public function testRotatesCustomerSuppliedEncrpytionToKms() { $key = base64_encode(openssl_random_pseudo_bytes(32)); $object = $this->upload(['encryptionKey' => $key, 'metadata' => null]); $rewriteOptions = [ 'name' => uniqid(self::TESTING_PREFIX), 'encryptionKey' => $key, 'destinationKmsKeyName' => self::$keyName1 ]; $rewrittenObject = $object->rewrite(self::$bucket, $rewriteOptions); $this->assertStringContainsString(self::$keyName1, $rewrittenObject->info()['kmsKeyName']); $this->assertEquals(self::DATA, $rewrittenObject->downloadAsString()); } public function testRotatesKmsToCustomerSuppliedEncrpytion() { $key = base64_encode(openssl_random_pseudo_bytes(32)); $sha = base64_encode(hash('SHA256', base64_decode($key), true)); $object = $this->upload([ 'metadata' => [ 'kmsKeyName' => self::$keyName1 ] ]); $rewriteOptions = [ 'name' => uniqid(self::TESTING_PREFIX), 'destinationEncryptionKey' => $key ]; $rewrittenObject = $object->rewrite(self::$bucket, $rewriteOptions); $this->assertEquals($sha, $rewrittenObject->info()['customerEncryption']['keySha256']); $this->assertEquals(self::DATA, $rewrittenObject->downloadAsString()); } /** * @param array $options * @return StorageObject */ private function upload(array $options = []) { return self::$bucket->upload(self::DATA, $options + [ 'name' => uniqid(self::TESTING_PREFIX), 'metadata' => [ 'kmsKeyName' => self::$keyName1 ] ]); } }