test: use tempfile and auto remove it

change tools.decrpt func to use tempfile instead create a never removed file

test: use tempfile and auto remove it
change tools.decrpt func to use tempfile instead create a never removed file
37401c55 · zhifan huang · c07f4775 · 37401c55
Commit 37401c55 authored Jun 01, 2022 by zhifan huang
Hide whitespace changes
Inline Side-by-side

Showing with 17 additions and 10 deletions

re6st/tests/tools.py re6st/tests/tools.py +17 -10

No files found.
--- a/re6st/tests/tools.py
+++ b/re6st/tests/tools.py
@@ -2,7 +2,9 @@ import sys
 import os
 import time
 import subprocess
-
+import tempfile
+import logging
+logger = logging.getLogger(__name__)

 with open(os.devnull, "wb") as null:
    tmp = sys.stderr
@@ -16,7 +18,7 @@ with open(os.devnull, "wb") as null:
 def generate_csr():
    """generate a certificate request

-    return: 
+    return:
        crypto.Pekey and crypto.X509Req  both in pem format
    """
    key = crypto.PKey()
@@ -33,7 +35,7 @@ def generate_csr():
 def generate_cert(ca, ca_key, csr, prefix, serial, not_after=None):
    """generate a certificate

-    return 
+    return
        crypto.X509Cert in pem format
    """
    if type(ca) is str:
@@ -97,7 +99,7 @@ def create_ca_file(pkey_file, cert_file, serial=0x120010db80042):
        pkey_file.write(crypto.dump_privatekey(crypto.FILETYPE_PEM, key))
    with open(cert_file, 'w') as cert_file:
        cert_file.write(crypto.dump_certificate(crypto.FILETYPE_PEM, cert))
-    
+
    return key, cert


@@ -105,14 +107,19 @@ def prefix2cn(prefix):
    return "%u/%u" % (int(prefix, 2), len(prefix))

 def serial2prefix(serial):
-    return bin(serial)[2:].rjust(16, '0') 
+    return bin(serial)[2:].rjust(16, '0')

 # pkey: private key
 def decrypt(pkey, incontent):
-    with open("node.key", 'w') as f:
-        f.write(pkey)
-    args = "openssl rsautl -decrypt -inkey node.key".split()
-    p = subprocess.Popen(
-        args, stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+    fd, key_path = tempfile.mkstemp()
+    os.write(fd, pkey)
+    os.close(fd)
+    args = ['openssl', 'rsautl', '-decrypt', '-inkey', key_path]
+    p = subprocess.Popen(args, stdin=subprocess.PIPE, stdout=subprocess.PIPE,
+                         stderr=subprocess.PIPE)
    outcontent, err = p.communicate(incontent)
+    try:
+        os.unlink(key_path)
+    except:
+        logger.error("leaked file %s", key_path)
    return outcontent