git.ipfire.org Git - thirdparty/bind9.git/commit

author	Matthijs Mekking <matthijs@isc.org>
	Fri, 14 Mar 2025 09:51:36 +0000 (10:51 +0100)
committer	Matthijs Mekking <matthijs@isc.org>
	Thu, 10 Apr 2025 20:44:31 +0000 (15:44 -0500)
commit	44ff63a50d660fd5e836b9bb0365d1ae6bdbf60a
tree	0f8f1111f6b63dc8fbabed58903c7f4717514d74	tree \| snapshot
parent	97f6b7ad11c3c1d6c1ceeaada5776759649afa49	commit \| diff

Introduce pytest verify_keys and check_keytimes

This commit introduces replacements for the 'check_keys' and
'check_keytimes' from the shell test library. 'check_keys' is renamed
to 'verify_keys' because it does not assert.

For that, we introduce more functions for the class Key. The
'match_properties' function is used in 'verify_keys' to see if a set of
KeyProperties match the Key. This speficially ignores timing metadata.
The function resembles what is in 'kasp.sh:check_key()'.

The 'match_timingmetadata' function is used in 'check_keytimes' to see
if the timing metadata of a set of KeyProperties match the Key. The
values are checked in all three key files (except if the private key is
not available (set with properties["private"]), or if it is a legacy key
(set with properties["legacy"]).

An additional check function is added, to check if the key relationships
are set correctly. It follows a similar pattern as 'check_keytimes'. If
"Predecessor" and/or "Successor" are expected to be set in the state
file, this function checks so, and also verifies that they are not set
if they should not be.