Two more kasp test cases converted to pytest

The zone 'pregenerated.kasp' is a case where there already exist more keys than required. For this we set the 'pregenerated' setting. This will change the 'keydir_to_keylist' function behavior: Only keys in use are considered. A key is in use if all of the states are either undefined, or set to 'hidden'. The 'some-keys.kasp' zone is similar to 'pregenerated.kasp', except only some keys have been pregenerated.
2025-08-31 14:35:26 +00:00 · 2025-03-14 17:28:28 +01:00
parent 41481af144
commit 43ded45ae9
2 changed files with 23 additions and 36 deletions
--- a/bin/tests/system/kasp/tests_kasp.py
+++ b/bin/tests/system/kasp/tests_kasp.py
@@ -174,6 +174,9 @@ def test_kasp_cases(servers):
        zone = test["zone"]
        policy = test["policy"]
        ttl = int(test["config"]["dnskey-ttl"].total_seconds())
+        pregenerated = False
+        if test.get("pregenerated"):
+            pregenerated = test["pregenerated"]

        isctest.log.info(f"check test case zone {zone} policy {policy}")

@@ -182,7 +185,9 @@ def test_kasp_cases(servers):
            ttl=ttl, keys=test["key-properties"]
        )
        # Key files.
-        keys = isctest.kasp.keydir_to_keylist(zone, test["config"]["key-directory"])
+        keys = isctest.kasp.keydir_to_keylist(
+            zone, test["config"]["key-directory"], in_use=pregenerated
+        )
        ksks = [k for k in keys if k.is_ksk()]
        zsks = [k for k in keys if not k.is_ksk()]

@@ -192,7 +197,9 @@ def test_kasp_cases(servers):
        offset = test["offset"] if "offset" in test else None

        for kp in expected:
-            kp.set_expected_keytimes(test["config"], offset=offset)
+            kp.set_expected_keytimes(
+                test["config"], offset=offset, pregenerated=pregenerated
+            )

        isctest.kasp.check_keytimes(keys, expected)

@@ -248,6 +255,13 @@ def test_kasp_cases(servers):
            "config": kasp_config,
            "key-properties": fips_properties(8),
        },
+        {
+            "zone": "pregenerated.kasp",
+            "policy": "rsasha256",
+            "config": kasp_config,
+            "pregenerated": True,
+            "key-properties": fips_properties(8),
+        },
        {
            "zone": "rsasha256.kasp",
            "policy": "rsasha256",
@@ -260,6 +274,13 @@ def test_kasp_cases(servers):
            "config": kasp_config,
            "key-properties": fips_properties(10),
        },
+        {
+            "zone": "some-keys.kasp",
+            "policy": "rsasha256",
+            "config": kasp_config,
+            "pregenerated": True,
+            "key-properties": fips_properties(8),
+        },
        {
            "zone": "unlimited.kasp",
            "policy": "unlimited",