aherman
/
boundary
mirror of https://github.com/hashicorp/boundary
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'db_env_var'
${ noResults }
boundary/internal/kms/testing.go

199 lines
5.9 KiB
Raw Permalink Blame History

package kms
import (
"context"
"testing"
"github.com/hashicorp/boundary/internal/db"
wrapping "github.com/hashicorp/go-kms-wrapping"
"github.com/hashicorp/go-kms-wrapping/wrappers/aead"
"github.com/jinzhu/gorm"
"github.com/stretchr/testify/require"
)
func TestRootKey(t *testing.T, conn *gorm.DB, scopeId string) *RootKey {
t.Helper()
require := require.New(t)
rw := db.New(conn)
require.NoError(conn.Where("scope_id = ?", scopeId).Delete(AllocRootKey()).Error)
k, err := NewRootKey(scopeId)
require.NoError(err)
id, err := newRootKeyId()
require.NoError(err)
k.PrivateId = id
err = rw.Create(context.Background(), k)
require.NoError(err)
return k
}
func TestRootKeyVersion(t *testing.T, conn *gorm.DB, wrapper wrapping.Wrapper, rootId string) (kv *RootKeyVersion, kvWrapper wrapping.Wrapper) {
t.Helper()
require := require.New(t)
rw := db.New(conn)
rootKeyVersionWrapper := db.TestWrapper(t)
key := rootKeyVersionWrapper.(*aead.Wrapper).GetKeyBytes()
k, err := NewRootKeyVersion(rootId, key)
require.NoError(err)
id, err := newRootKeyVersionId()
require.NoError(err)
k.PrivateId = id
err = k.Encrypt(context.Background(), wrapper)
require.NoError(err)
err = rw.Create(context.Background(), k)
require.NoError(err)
_, err = rootKeyVersionWrapper.(*aead.Wrapper).SetConfig(map[string]string{
"key_id": k.GetPrivateId(),
})
require.NoError(err)
return k, rootKeyVersionWrapper
}
func TestKms(t *testing.T, conn *gorm.DB, rootWrapper wrapping.Wrapper) *Kms {
t.Helper()
require := require.New(t)
rw := db.New(conn)
kmsRepo, err := NewRepository(rw, rw)
require.NoError(err)
kms, err := NewKms(kmsRepo)
require.NoError(err)
err = kms.AddExternalWrappers(WithRootWrapper(rootWrapper))
require.NoError(err)
return kms
}
func TestDatabaseKey(t *testing.T, conn *gorm.DB, rootKeyId string) *DatabaseKey {
t.Helper()
require := require.New(t)
rw := db.New(conn)
require.NoError(conn.Where("root_key_id = ?", rootKeyId).Delete(AllocDatabaseKey()).Error)
k, err := NewDatabaseKey(rootKeyId)
require.NoError(err)
id, err := newDatabaseKeyId()
require.NoError(err)
k.PrivateId = id
k.RootKeyId = rootKeyId
err = rw.Create(context.Background(), k)
require.NoError(err)
return k
}
func TestDatabaseKeyVersion(t *testing.T, conn *gorm.DB, rootKeyVersionWrapper wrapping.Wrapper, databaseKeyId string, key []byte) *DatabaseKeyVersion {
t.Helper()
require := require.New(t)
rw := db.New(conn)
rootKeyVersionId := rootKeyVersionWrapper.KeyID()
require.NotEmpty(rootKeyVersionId)
k, err := NewDatabaseKeyVersion(databaseKeyId, key, rootKeyVersionId)
require.NoError(err)
id, err := newDatabaseKeyVersionId()
require.NoError(err)
k.PrivateId = id
err = k.Encrypt(context.Background(), rootKeyVersionWrapper)
require.NoError(err)
err = rw.Create(context.Background(), k)
require.NoError(err)
return k
}
func TestOplogKey(t *testing.T, conn *gorm.DB, rootKeyId string) *OplogKey {
t.Helper()
require := require.New(t)
rw := db.New(conn)
require.NoError(conn.Where("root_key_id = ?", rootKeyId).Delete(AllocOplogKey()).Error)
k, err := NewOplogKey(rootKeyId)
require.NoError(err)
id, err := newOplogKeyId()
require.NoError(err)
k.PrivateId = id
k.RootKeyId = rootKeyId
err = rw.Create(context.Background(), k)
require.NoError(err)
return k
}
func TestOplogKeyVersion(t *testing.T, conn *gorm.DB, rootKeyVersionWrapper wrapping.Wrapper, oplogKeyId string, key []byte) *OplogKeyVersion {
t.Helper()
require := require.New(t)
rw := db.New(conn)
rootKeyVersionId := rootKeyVersionWrapper.KeyID()
require.NotEmpty(rootKeyVersionId)
k, err := NewOplogKeyVersion(oplogKeyId, key, rootKeyVersionId)
require.NoError(err)
id, err := newOplogKeyVersionId()
require.NoError(err)
k.PrivateId = id
err = k.Encrypt(context.Background(), rootKeyVersionWrapper)
require.NoError(err)
err = rw.Create(context.Background(), k)
require.NoError(err)
return k
}
func TestTokenKey(t *testing.T, conn *gorm.DB, rootKeyId string) *TokenKey {
t.Helper()
require := require.New(t)
rw := db.New(conn)
require.NoError(conn.Where("root_key_id = ?", rootKeyId).Delete(AllocTokenKey()).Error)
k, err := NewTokenKey(rootKeyId)
require.NoError(err)
id, err := newTokenKeyId()
require.NoError(err)
k.PrivateId = id
k.RootKeyId = rootKeyId
err = rw.Create(context.Background(), k)
require.NoError(err)
return k
}
func TestTokenKeyVersion(t *testing.T, conn *gorm.DB, rootKeyVersionWrapper wrapping.Wrapper, tokenKeyId string, key []byte) *TokenKeyVersion {
t.Helper()
require := require.New(t)
rw := db.New(conn)
rootKeyVersionId := rootKeyVersionWrapper.KeyID()
require.NotEmpty(rootKeyVersionId)
k, err := NewTokenKeyVersion(tokenKeyId, key, rootKeyVersionId)
require.NoError(err)
id, err := newTokenKeyVersionId()
require.NoError(err)
k.PrivateId = id
err = k.Encrypt(context.Background(), rootKeyVersionWrapper)
require.NoError(err)
err = rw.Create(context.Background(), k)
require.NoError(err)
return k
}
func TestSessionKey(t *testing.T, conn *gorm.DB, rootKeyId string) *SessionKey {
t.Helper()
require := require.New(t)
rw := db.New(conn)
require.NoError(conn.Where("root_key_id = ?", rootKeyId).Delete(AllocSessionKey()).Error)
k, err := NewSessionKey(rootKeyId)
require.NoError(err)
id, err := newSessionKeyId()
require.NoError(err)
k.PrivateId = id
k.RootKeyId = rootKeyId
err = rw.Create(context.Background(), k)
require.NoError(err)
return k
}
func TestSessionKeyVersion(t *testing.T, conn *gorm.DB, rootKeyVersionWrapper wrapping.Wrapper, sessionKeyId string, key []byte) *SessionKeyVersion {
t.Helper()
require := require.New(t)
rw := db.New(conn)
rootKeyVersionId := rootKeyVersionWrapper.KeyID()
require.NotEmpty(rootKeyVersionId)
k, err := NewSessionKeyVersion(sessionKeyId, key, rootKeyVersionId)
require.NoError(err)
id, err := newSessionKeyVersionId()
require.NoError(err)
k.PrivateId = id
err = k.Encrypt(context.Background(), rootKeyVersionWrapper)
require.NoError(err)
err = rw.Create(context.Background(), k)
require.NoError(err)
return k
}
Reference in new issue View Git Blame Copy Permalink