Migrate all Tinkey tests to use TinkeyTestKmsClient instead of a real client.

This makes the tests hermetic and suffices. PiperOrigin-RevId: 539674470
author: tholenst <tholenst@google.com> 2023-06-12 09:20:30 -0700
committer: Copybara-Service <copybara-worker@google.com> 2023-06-12 09:21:35 -0700
commit: 040be39f998f631212405e6b83b822d09cfd8192 (patch)
tree: d57ac1b9c68c91fcda356264b947cd2beb1bfa4f /tools
parent: 385c2102189e319392049b54ebae6532c4f34667 (diff)
download: tink-040be39f998f631212405e6b83b822d09cfd8192.tar.gz
4 files changed, 99 insertions, 84 deletions
diff --git a/tools/tinkey/src/test/java/com/google/crypto/tink/tinkey/BUILD.bazel b/tools/tinkey/src/test/java/com/google/crypto/tink/tinkey/BUILD.bazel
index d44998d59..63f3be7d3 100644
--- a/tools/tinkey/src/test/java/com/google/crypto/tink/tinkey/BUILD.bazel
+++ b/tools/tinkey/src/test/java/com/google/crypto/tink/tinkey/BUILD.bazel
@@ -5,14 +5,10 @@ java_test(
     size = "small",
     srcs = ["CreatePublicKeysetCommandTest.java"],
     data = ["//testdata/gcp:credentials"],
-    tags = [
-        "manual",
-        "no_rbe",
-        "requires-network",
-    ],
     deps = [
         "//tinkey/src/main/java/com/google/crypto/tink/tinkey",
         "//tinkey/src/main/java/com/google/crypto/tink/tinkey:kms_clients_factory",
+        "//tinkey/src/main/java/com/google/crypto/tink/tinkey:tinkey_test_kms_client",
         "//tinkey/src/main/java/com/google/crypto/tink/tinkey:tinkey_util",
         "@maven//:com_google_truth_truth",
         "@maven//:junit_junit",
@@ -24,10 +20,12 @@ java_test(
         "@tink_java//src/main/java/com/google/crypto/tink:registry_cluster",
         "@tink_java//src/main/java/com/google/crypto/tink:tink_json_proto_keyset_format",
         "@tink_java//src/main/java/com/google/crypto/tink:tink_proto_keyset_format",
+        "@tink_java//src/main/java/com/google/crypto/tink/aead:aead_config",
+        "@tink_java//src/main/java/com/google/crypto/tink/aead:predefined_aead_parameters",
         "@tink_java//src/main/java/com/google/crypto/tink/hybrid:hybrid_config",
+        "@tink_java//src/main/java/com/google/crypto/tink/mac:mac_config",
         "@tink_java//src/main/java/com/google/crypto/tink/signature:ed25519_parameters",
         "@tink_java//src/main/java/com/google/crypto/tink/signature:signature_config",
-        "@tink_java//src/main/java/com/google/crypto/tink/testing:test_util",
     ],
 )
 
@@ -35,15 +33,10 @@ java_test(
     name = "CreateKeysetCommandTest",
     size = "small",
     srcs = ["CreateKeysetCommandTest.java"],
-    data = ["//testdata/gcp:credentials"],
-    tags = [
-        "manual",
-        "no_rbe",
-        "requires-network",
-    ],
     deps = [
         "//tinkey/src/main/java/com/google/crypto/tink/tinkey",
         "//tinkey/src/main/java/com/google/crypto/tink/tinkey:kms_clients_factory",
+        "//tinkey/src/main/java/com/google/crypto/tink/tinkey:tinkey_test_kms_client",
         "@maven//:com_google_truth_truth",
         "@maven//:junit_junit",
         "@tink_java//src/main/java/com/google/crypto/tink:aead",
@@ -51,9 +44,10 @@ java_test(
         "@tink_java//src/main/java/com/google/crypto/tink:registry_cluster",
         "@tink_java//src/main/java/com/google/crypto/tink:tink_json_proto_keyset_format",
         "@tink_java//src/main/java/com/google/crypto/tink:tink_proto_keyset_format",
+        "@tink_java//src/main/java/com/google/crypto/tink/aead:aead_config",
+        "@tink_java//src/main/java/com/google/crypto/tink/aead:predefined_aead_parameters",
         "@tink_java//src/main/java/com/google/crypto/tink/mac:mac_config",
         "@tink_java//src/main/java/com/google/crypto/tink/mac:predefined_mac_parameters",
-        "@tink_java//src/main/java/com/google/crypto/tink/testing:test_util",
     ],
 )
 
@@ -61,9 +55,6 @@ java_test(
     name = "AddKeyCommandTest",
     size = "small",
     srcs = ["AddKeyCommandTest.java"],
-    runtime_deps = [
-        "//tinkey/src/main/java/com/google/crypto/tink/tinkey:tinkey_test_kms_client",
-    ],
     deps = [
         "//tinkey/src/main/java/com/google/crypto/tink/tinkey",
         "//tinkey/src/main/java/com/google/crypto/tink/tinkey:kms_clients_factory",
@@ -86,15 +77,10 @@ java_test(
     name = "RotateKeysetCommandTest",
     size = "small",
     srcs = ["RotateKeysetCommandTest.java"],
-    data = ["//testdata/gcp:credentials"],
-    tags = [
-        "manual",
-        "no_rbe",
-        "requires-network",
-    ],
     deps = [
         "//tinkey/src/main/java/com/google/crypto/tink/tinkey",
         "//tinkey/src/main/java/com/google/crypto/tink/tinkey:kms_clients_factory",
+        "//tinkey/src/main/java/com/google/crypto/tink/tinkey:tinkey_test_kms_client",
         "@maven//:com_google_truth_truth",
         "@maven//:junit_junit",
         "@tink_java//src/main/java/com/google/crypto/tink:aead",
@@ -102,9 +88,10 @@ java_test(
         "@tink_java//src/main/java/com/google/crypto/tink:registry_cluster",
         "@tink_java//src/main/java/com/google/crypto/tink:tink_json_proto_keyset_format",
         "@tink_java//src/main/java/com/google/crypto/tink:tink_proto_keyset_format",
+        "@tink_java//src/main/java/com/google/crypto/tink/aead:aead_config",
+        "@tink_java//src/main/java/com/google/crypto/tink/aead:predefined_aead_parameters",
         "@tink_java//src/main/java/com/google/crypto/tink/mac:mac_config",
         "@tink_java//src/main/java/com/google/crypto/tink/mac:predefined_mac_parameters",
-        "@tink_java//src/main/java/com/google/crypto/tink/testing:test_util",
     ],
 )
 
@@ -112,9 +99,6 @@ java_test(
     name = "TinkeyTestKmsClientTest",
     size = "small",
     srcs = ["TinkeyTestKmsClientTest.java"],
-    runtime_deps = [
-        "//tinkey/src/main/java/com/google/crypto/tink/tinkey:tinkey_test_kms_client",
-    ],
     deps = [
         "//tinkey/src/main/java/com/google/crypto/tink/tinkey:kms_clients_factory",
         "//tinkey/src/main/java/com/google/crypto/tink/tinkey:tinkey_test_kms_client",
@@ -133,9 +117,9 @@ java_test(
     size = "small",
     srcs = ["KmsClientsFactoryTest.java"],
     deps = [
-        "@maven//:com_google_truth_truth",
-        "@maven//:junit_junit",
         "//tinkey/src/main/java/com/google/crypto/tink/tinkey:kms_clients_factory",
         "//tinkey/src/main/java/com/google/crypto/tink/tinkey:tinkey_test_kms_client",
+        "@maven//:com_google_truth_truth",
+        "@maven//:junit_junit",
     ],
 )
diff --git a/tools/tinkey/src/test/java/com/google/crypto/tink/tinkey/CreateKeysetCommandTest.java b/tools/tinkey/src/test/java/com/google/crypto/tink/tinkey/CreateKeysetCommandTest.java
index 9b83b8f5d..af9afb482 100644
--- a/tools/tinkey/src/test/java/com/google/crypto/tink/tinkey/CreateKeysetCommandTest.java
+++ b/tools/tinkey/src/test/java/com/google/crypto/tink/tinkey/CreateKeysetCommandTest.java
@@ -24,11 +24,14 @@ import com.google.crypto.tink.InsecureSecretKeyAccess;
 import com.google.crypto.tink.KeysetHandle;
 import com.google.crypto.tink.TinkJsonProtoKeysetFormat;
 import com.google.crypto.tink.TinkProtoKeysetFormat;
+import com.google.crypto.tink.aead.AeadConfig;
+import com.google.crypto.tink.aead.PredefinedAeadParameters;
+import com.google.crypto.tink.mac.MacConfig;
 import com.google.crypto.tink.mac.PredefinedMacParameters;
-import com.google.crypto.tink.testing.TestUtil;
 import java.nio.file.Files;
 import java.nio.file.Path;
 import java.nio.file.Paths;
+import org.junit.BeforeClass;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.junit.runners.JUnit4;
@@ -36,6 +39,13 @@ import org.junit.runners.JUnit4;
 /** Tests for {@code CreateKeysetCommand}. */
 @RunWith(JUnit4.class)
 public class CreateKeysetCommandTest {
+  @BeforeClass
+  public static void setUp() throws Exception {
+    AeadConfig.register();
+    MacConfig.register();
+    KmsClientsFactory.globalInstance().addFactory(TinkeyTestKmsClient::new);
+  }
+
   @Test
   public void testCreateCleartext_shouldCreateNewKeyset() throws Exception {
     Path path = Files.createTempDirectory(/* prefix= */ "");
@@ -98,25 +108,27 @@ public class CreateKeysetCommandTest {
   }
 
   @Test
-  public void testCreateCleartext_gcp_shouldCreateNewKeyset() throws Exception {
+  public void testCreateCleartext_withMasterKey_shouldCreateNewKeyset() throws Exception {
     Path path = Files.createTempDirectory(/* prefix= */ "");
     Path outputFile = Paths.get(path.toString(), "keyset");
+    Path credentialFile = Paths.get(path.toString(), "credentials");
+    TinkeyTestKmsClient.createCredentialFile(credentialFile);
+
+    KeysetHandle masterKeyAeadKeyset =
+        KeysetHandle.generateNew(PredefinedAeadParameters.AES128_GCM);
+    Aead masterKeyAead = masterKeyAeadKeyset.getPrimitive(Aead.class);
+    String masterKeyUri = TinkeyTestKmsClient.createKeyUri(masterKeyAeadKeyset);
+
     String commandLine =
         String.format(
             "create-keyset --key-template HMAC_SHA256_128BITTAG --out-format binary "
                 + "--master-key-uri %s "
                 + "--credential %s "
                 + "--out %s",
-            TestUtil.GCP_KMS_TEST_KEY_URI, TestUtil.SERVICE_ACCOUNT_FILE, outputFile.toString());
+            masterKeyUri, credentialFile, outputFile.toString());
 
     Tinkey.main(commandLine.split(" "));
 
-    Aead masterKeyAead =
-        KmsClientsFactory.globalInstance()
-            .newClientFor(TestUtil.GCP_KMS_TEST_KEY_URI)
-            .withCredentials(TestUtil.SERVICE_ACCOUNT_FILE)
-            .getAead(TestUtil.GCP_KMS_TEST_KEY_URI);
-
     KeysetHandle handle =
         TinkProtoKeysetFormat.parseEncryptedKeyset(
             Files.readAllBytes(outputFile), masterKeyAead, new byte[] {});
@@ -127,25 +139,28 @@ public class CreateKeysetCommandTest {
   }
 
   @Test
-  public void testCreateCleartext_gcp_jsonFormat_shouldCreateNewKeyset() throws Exception {
+  public void testCreateCleartext_withMasterKey_jsonFormat_shouldCreateNewKeyset()
+      throws Exception {
     Path path = Files.createTempDirectory(/* prefix= */ "");
     Path outputFile = Paths.get(path.toString(), "keyset");
+    Path credentialFile = Paths.get(path.toString(), "credentials");
+    TinkeyTestKmsClient.createCredentialFile(credentialFile);
+
+    KeysetHandle masterKeyAeadKeyset =
+        KeysetHandle.generateNew(PredefinedAeadParameters.AES128_GCM);
+    Aead masterKeyAead = masterKeyAeadKeyset.getPrimitive(Aead.class);
+    String masterKeyUri = TinkeyTestKmsClient.createKeyUri(masterKeyAeadKeyset);
+
     String commandLine =
         String.format(
             "create-keyset --key-template HMAC_SHA256_128BITTAG --out-format json "
                 + "--master-key-uri %s "
                 + "--credential %s "
                 + "--out %s",
-            TestUtil.GCP_KMS_TEST_KEY_URI, TestUtil.SERVICE_ACCOUNT_FILE, outputFile.toString());
+            masterKeyUri, credentialFile, outputFile.toString());
 
     Tinkey.main(commandLine.split(" "));
 
-    Aead masterKeyAead =
-        KmsClientsFactory.globalInstance()
-            .newClientFor(TestUtil.GCP_KMS_TEST_KEY_URI)
-            .withCredentials(TestUtil.SERVICE_ACCOUNT_FILE)
-            .getAead(TestUtil.GCP_KMS_TEST_KEY_URI);
-
     KeysetHandle handle =
         TinkJsonProtoKeysetFormat.parseEncryptedKeyset(
             new String(Files.readAllBytes(outputFile), UTF_8), masterKeyAead, new byte[] {});
diff --git a/tools/tinkey/src/test/java/com/google/crypto/tink/tinkey/CreatePublicKeysetCommandTest.java b/tools/tinkey/src/test/java/com/google/crypto/tink/tinkey/CreatePublicKeysetCommandTest.java
index fb4d910e6..d589fb44b 100644
--- a/tools/tinkey/src/test/java/com/google/crypto/tink/tinkey/CreatePublicKeysetCommandTest.java
+++ b/tools/tinkey/src/test/java/com/google/crypto/tink/tinkey/CreatePublicKeysetCommandTest.java
@@ -27,10 +27,12 @@ import com.google.crypto.tink.KeysetHandle;
 import com.google.crypto.tink.PrivateKey;
 import com.google.crypto.tink.TinkJsonProtoKeysetFormat;
 import com.google.crypto.tink.TinkProtoKeysetFormat;
+import com.google.crypto.tink.aead.AeadConfig;
+import com.google.crypto.tink.aead.PredefinedAeadParameters;
 import com.google.crypto.tink.hybrid.HybridConfig;
+import com.google.crypto.tink.mac.MacConfig;
 import com.google.crypto.tink.signature.Ed25519Parameters;
 import com.google.crypto.tink.signature.SignatureConfig;
-import com.google.crypto.tink.testing.TestUtil;
 import java.nio.file.Files;
 import java.nio.file.Path;
 import java.nio.file.Paths;
@@ -44,18 +46,14 @@ import org.junit.runners.JUnit4;
  */
 @RunWith(JUnit4.class)
 public class CreatePublicKeysetCommandTest {
-  private enum KeyType {
-    HYBRID,
-    SIGNATURE,
-  };
-
-  private static final String OUTPUT_FORMAT = "json";
-  private static final String INPUT_FORMAT = "json";
 
   @BeforeClass
   public static void setUp() throws Exception {
+    AeadConfig.register();
+    MacConfig.register();
     HybridConfig.register();
     SignatureConfig.register();
+    KmsClientsFactory.globalInstance().addFactory(TinkeyTestKmsClient::new);
   }
 
   @Test
@@ -124,15 +122,17 @@ public class CreatePublicKeysetCommandTest {
     Path path = Files.createTempDirectory(/* prefix= */ "");
     Path privateKeyFile = Paths.get(path.toString(), "privateKeyFile");
     Path publicKeyFile = Paths.get(path.toString(), "publicKeyFile");
+    Path credentialFile = Paths.get(path.toString(), "credentials");
+    TinkeyTestKmsClient.createCredentialFile(credentialFile);
+
+    KeysetHandle masterKeyAeadKeyset =
+        KeysetHandle.generateNew(PredefinedAeadParameters.AES128_GCM);
+    Aead masterKeyAead = masterKeyAeadKeyset.getPrimitive(Aead.class);
+    String masterKeyUri = TinkeyTestKmsClient.createKeyUri(masterKeyAeadKeyset);
 
     KeysetHandle privateKeyset =
         KeysetHandle.generateNew(Ed25519Parameters.create(Ed25519Parameters.Variant.TINK));
 
-    Aead masterKeyAead =
-        KmsClientsFactory.globalInstance()
-            .newClientFor(TestUtil.GCP_KMS_TEST_KEY_URI)
-            .withCredentials(TestUtil.SERVICE_ACCOUNT_FILE)
-            .getAead(TestUtil.GCP_KMS_TEST_KEY_URI);
     String serializedKeyset =
         TinkJsonProtoKeysetFormat.serializeEncryptedKeyset(
             privateKeyset, masterKeyAead, new byte[] {});
@@ -147,9 +147,9 @@ public class CreatePublicKeysetCommandTest {
           "--out",
           publicKeyFile.toString(),
           "--master-key-uri",
-          TestUtil.GCP_KMS_TEST_KEY_URI,
+          masterKeyUri,
           "--credential",
-          TestUtil.SERVICE_ACCOUNT_FILE
+          credentialFile.toString()
         });
 
     KeysetHandle publicKeyset =
@@ -165,15 +165,17 @@ public class CreatePublicKeysetCommandTest {
     Path path = Files.createTempDirectory(/* prefix= */ "");
     Path privateKeyFile = Paths.get(path.toString(), "privateKeyFile");
     Path publicKeyFile = Paths.get(path.toString(), "publicKeyFile");
+    Path credentialFile = Paths.get(path.toString(), "credentials");
+    TinkeyTestKmsClient.createCredentialFile(credentialFile);
+
+    KeysetHandle masterKeyAeadKeyset =
+        KeysetHandle.generateNew(PredefinedAeadParameters.AES128_GCM);
+    Aead masterKeyAead = masterKeyAeadKeyset.getPrimitive(Aead.class);
+    String masterKeyUri = TinkeyTestKmsClient.createKeyUri(masterKeyAeadKeyset);
 
     KeysetHandle privateKeyset =
         KeysetHandle.generateNew(Ed25519Parameters.create(Ed25519Parameters.Variant.TINK));
 
-    Aead masterKeyAead =
-        KmsClientsFactory.globalInstance()
-            .newClientFor(TestUtil.GCP_KMS_TEST_KEY_URI)
-            .withCredentials(TestUtil.SERVICE_ACCOUNT_FILE)
-            .getAead(TestUtil.GCP_KMS_TEST_KEY_URI);
     byte[] serializedKeyset =
         TinkProtoKeysetFormat.serializeEncryptedKeyset(privateKeyset, masterKeyAead, new byte[] {});
 
@@ -189,9 +191,9 @@ public class CreatePublicKeysetCommandTest {
           "--out",
           publicKeyFile.toString(),
           "--master-key-uri",
-          TestUtil.GCP_KMS_TEST_KEY_URI,
+          masterKeyUri,
           "--credential",
-          TestUtil.SERVICE_ACCOUNT_FILE
+          credentialFile.toString()
         });
 
     KeysetHandle publicKeyset =
diff --git a/tools/tinkey/src/test/java/com/google/crypto/tink/tinkey/RotateKeysetCommandTest.java b/tools/tinkey/src/test/java/com/google/crypto/tink/tinkey/RotateKeysetCommandTest.java
index 8c5eaeebc..8185bb1a6 100644
--- a/tools/tinkey/src/test/java/com/google/crypto/tink/tinkey/RotateKeysetCommandTest.java
+++ b/tools/tinkey/src/test/java/com/google/crypto/tink/tinkey/RotateKeysetCommandTest.java
@@ -25,9 +25,10 @@ import com.google.crypto.tink.InsecureSecretKeyAccess;
 import com.google.crypto.tink.KeysetHandle;
 import com.google.crypto.tink.TinkJsonProtoKeysetFormat;
 import com.google.crypto.tink.TinkProtoKeysetFormat;
+import com.google.crypto.tink.aead.AeadConfig;
+import com.google.crypto.tink.aead.PredefinedAeadParameters;
 import com.google.crypto.tink.mac.MacConfig;
 import com.google.crypto.tink.mac.PredefinedMacParameters;
-import com.google.crypto.tink.testing.TestUtil;
 import java.nio.file.Files;
 import java.nio.file.Path;
 import java.nio.file.Paths;
@@ -41,7 +42,9 @@ import org.junit.runners.JUnit4;
 public class RotateKeysetCommandTest {
   @BeforeClass
   public static void setUp() throws Exception {
+    AeadConfig.register();
     MacConfig.register();
+    KmsClientsFactory.globalInstance().addFactory(TinkeyTestKmsClient::new);
   }
 
   @Test
@@ -84,6 +87,8 @@ public class RotateKeysetCommandTest {
     Path path = Files.createTempDirectory(/* prefix= */ "");
     Path inputFile = Paths.get(path.toString(), "input");
     Path outputFile = Paths.get(path.toString(), "output");
+    Path credentialFile = Paths.get(path.toString(), "credentials");
+    TinkeyTestKmsClient.createCredentialFile(credentialFile);
 
     KeysetHandle inputKeyset =
         KeysetHandle.generateNew(PredefinedMacParameters.HMAC_SHA256_128BITTAG);
@@ -123,12 +128,13 @@ public class RotateKeysetCommandTest {
     Path path = Files.createTempDirectory(/* prefix= */ "");
     Path inputFile = Paths.get(path.toString(), "input");
     Path outputFile = Paths.get(path.toString(), "output");
+    Path credentialFile = Paths.get(path.toString(), "credentials");
+    TinkeyTestKmsClient.createCredentialFile(credentialFile);
 
-    Aead masterKeyAead =
-        KmsClientsFactory.globalInstance()
-            .newClientFor(TestUtil.GCP_KMS_TEST_KEY_URI)
-            .withCredentials(TestUtil.SERVICE_ACCOUNT_FILE)
-            .getAead(TestUtil.GCP_KMS_TEST_KEY_URI);
+    KeysetHandle masterKeyAeadKeyset =
+        KeysetHandle.generateNew(PredefinedAeadParameters.AES128_GCM);
+    Aead masterKeyAead = masterKeyAeadKeyset.getPrimitive(Aead.class);
+    String masterKeyUri = TinkeyTestKmsClient.createKeyUri(masterKeyAeadKeyset);
 
     KeysetHandle inputKeyset =
         KeysetHandle.generateNew(PredefinedMacParameters.HMAC_SHA256_128BITTAG);
@@ -150,9 +156,9 @@ public class RotateKeysetCommandTest {
           "--key-template",
           "HMAC_SHA256_256BITTAG",
           "--master-key-uri",
-          TestUtil.GCP_KMS_TEST_KEY_URI,
+          masterKeyUri,
           "--credential",
-          TestUtil.SERVICE_ACCOUNT_FILE
+          credentialFile.toString()
         });
 
     KeysetHandle handle =
@@ -172,12 +178,13 @@ public class RotateKeysetCommandTest {
     Path path = Files.createTempDirectory(/* prefix= */ "");
     Path inputFile = Paths.get(path.toString(), "input");
     Path outputFile = Paths.get(path.toString(), "output");
+    Path credentialFile = Paths.get(path.toString(), "credentials");
+    TinkeyTestKmsClient.createCredentialFile(credentialFile);
 
-    Aead masterKeyAead =
-        KmsClientsFactory.globalInstance()
-            .newClientFor(TestUtil.GCP_KMS_TEST_KEY_URI)
-            .withCredentials(TestUtil.SERVICE_ACCOUNT_FILE)
-            .getAead(TestUtil.GCP_KMS_TEST_KEY_URI);
+    KeysetHandle masterKeyAeadKeyset =
+        KeysetHandle.generateNew(PredefinedAeadParameters.AES128_GCM);
+    Aead masterKeyAead = masterKeyAeadKeyset.getPrimitive(Aead.class);
+    String masterKeyUri = TinkeyTestKmsClient.createKeyUri(masterKeyAeadKeyset);
 
     KeysetHandle inputKeyset =
         KeysetHandle.generateNew(PredefinedMacParameters.HMAC_SHA256_128BITTAG);
@@ -200,9 +207,9 @@ public class RotateKeysetCommandTest {
           "--key-template",
           "HMAC_SHA256_256BITTAG",
           "--master-key-uri",
-          TestUtil.GCP_KMS_TEST_KEY_URI,
+          masterKeyUri,
           "--credential",
-          TestUtil.SERVICE_ACCOUNT_FILE
+          credentialFile.toString()
         });
 
     KeysetHandle handle =
@@ -222,6 +229,13 @@ public class RotateKeysetCommandTest {
     Path path = Files.createTempDirectory(/* prefix= */ "");
     Path inputFile = Paths.get(path.toString(), "input");
     Path outputFile = Paths.get(path.toString(), "output");
+    Path credentialFile = Paths.get(path.toString(), "credentials");
+    TinkeyTestKmsClient.createCredentialFile(credentialFile);
+
+    KeysetHandle masterKeyAeadKeyset =
+        KeysetHandle.generateNew(PredefinedAeadParameters.AES128_GCM);
+    String masterKeyUri = TinkeyTestKmsClient.createKeyUri(masterKeyAeadKeyset);
+
     Files.write(inputFile, new byte[] {});
 
     assertThrows(
@@ -241,9 +255,9 @@ public class RotateKeysetCommandTest {
                   "--key-template",
                   "HMAC_SHA256_256BITTAG",
                   "--master-key-uri",
-                  TestUtil.GCP_KMS_TEST_KEY_URI,
+                  masterKeyUri,
                   "--credential",
-                  TestUtil.SERVICE_ACCOUNT_FILE
+                  credentialFile.toString()
                 }));
   }
 }
author	tholenst <tholenst@google.com>	2023-06-12 09:20:30 -0700
committer	Copybara-Service <copybara-worker@google.com>	2023-06-12 09:21:35 -0700
commit	040be39f998f631212405e6b83b822d09cfd8192 (patch)
tree	d57ac1b9c68c91fcda356264b947cd2beb1bfa4f /tools
parent	385c2102189e319392049b54ebae6532c4f34667 (diff)
download	tink-040be39f998f631212405e6b83b822d09cfd8192.tar.gz