1package alicloudkms 2 3import ( 4 "context" 5 "os" 6 "reflect" 7 "testing" 8 9 log "github.com/hashicorp/go-hclog" 10 "github.com/hashicorp/vault/sdk/helper/logging" 11) 12 13// This test executes real calls. The calls themselves should be free, 14// but the KMS key used is generally not free. Alibaba doesn't publish 15// the price but it can be assumed to be around $1/month because that's 16// what AWS charges for the same. 17// 18// To run this test, the following env variables need to be set: 19// - VAULT_ALICLOUDKMS_SEAL_KEY_ID 20// - ALICLOUD_REGION 21// - ALICLOUD_ACCESS_KEY 22// - ALICLOUD_SECRET_KEY 23func TestAccAliCloudKMSSeal_Lifecycle(t *testing.T) { 24 if os.Getenv("VAULT_ACC") == "" { 25 t.SkipNow() 26 } 27 28 s := NewSeal(logging.NewVaultLogger(log.Trace)) 29 _, err := s.SetConfig(nil) 30 if err != nil { 31 t.Fatalf("err : %s", err) 32 } 33 34 input := []byte("foo") 35 swi, err := s.Encrypt(context.Background(), input) 36 if err != nil { 37 t.Fatalf("err: %s", err.Error()) 38 } 39 40 pt, err := s.Decrypt(context.Background(), swi) 41 if err != nil { 42 t.Fatalf("err: %s", err.Error()) 43 } 44 45 if !reflect.DeepEqual(input, pt) { 46 t.Fatalf("expected %s, got %s", input, pt) 47 } 48} 49