Added one more test, and fixed delete bug

Signed-off-by: Diogo Monica <diogo@docker.com>
2015-07-24 06:46:26 -07:00 · 2015-07-24 06:46:26 -07:00 · e568babc0a
parent 47f651ef8a
commit e568babc0a
5 changed files with 48 additions and 10 deletions
--- a/cmd/notary-signer/main.go
+++ b/cmd/notary-signer/main.go
@ -2,10 +2,13 @@ package main

 import (
 	"crypto/rand"
+	"crypto/sha256"
 	"crypto/tls"
 	"database/sql"
+	"errors"
 	_ "expvar"
 	"flag"
+	"io/ioutil"
 	"log"
 	"net"
 	"net/http"
@ -46,9 +49,15 @@ func init() {
 }

 func passphraseRetriever(keyName, alias string, createNew bool, attempts int) (passphrase string, giveup bool, err error) {
+	privKeyContent, err := ioutil.ReadFile(keyFile)
+	if err != nil {
+		return "", false, errors.New("error while reading the TLS private key")
+	}

-	//TODO(mccauley) Read from config once we have locked keys in notary-signer
-	return "", false, nil
+	privKeyHash := sha256.Sum256(privKeyContent)
+	passphrase = string(privKeyHash[:])
+
+	return passphrase, false, nil
 }

 func main() {
--- a/notarymysql/initial.sql
+++ b/notarymysql/initial.sql
@ -22,7 +22,7 @@ CREATE TABLE `private_keys` (
 	`id` int(11) NOT NULL AUTO_INCREMENT,
 	`created_at` datetime NOT NULL,
 	`updated_at` datetime NOT NULL,
-	`deleted_at` datetime NOT NULL,
+	`deleted_at` datetime DEFAULT NULL,
 	`key_id`  varchar(255) NOT NULL,
 	`encryption`  varchar(255) NOT NULL,
 	`algorithm`  varchar(50) NOT NULL,
--- a/signer/api/rpc_api.go
+++ b/signer/api/rpc_api.go
@ -32,11 +32,13 @@ func (s *KeyManagementServer) CreateKey(ctx context.Context, algorithm *pb.Algor
 	service := s.CryptoServices[keyAlgo]

 	if service == nil {
+		log.Println("[Notary-signer CreateKey] : unsupported algorithm: ", algorithm.Algorithm)
 		return nil, fmt.Errorf("algorithm %s not supported for create key", algorithm.Algorithm)
 	}

 	tufKey, err := service.Create("", keyAlgo)
 	if err != nil {
+		log.Println("[Notary-signer CreateKey] : failed to create key", err)
 		return nil, grpc.Errorf(codes.Internal, "Key creation failed")
 	}
 	log.Println("[Notary-signer CreateKey] : Created KeyID ", tufKey.ID())
--- a/trustmanager/keydbstore.go
+++ b/trustmanager/keydbstore.go
@ -23,7 +23,7 @@ type KeyDBStore struct {
 // GormPrivateKey represents a PrivateKey in the database
 type GormPrivateKey struct {
 	gorm.Model
-	keyID      string `gorm:"not null;unique_index"`
+	KeyID      string `gorm:"not null;unique_index"`
 	Encryption string `gorm:"type:varchar(50);not null"`
 	Algorithm  string `gorm:"not null"`
 	Public     []byte `gorm:"not null"`
@ -72,7 +72,7 @@ func (s *KeyDBStore) AddKey(name, alias string, privKey data.PrivateKey) error {
 	encryptedPrivKeyStr := encryptedKey.FullSerialize()

 	gormPrivKey := GormPrivateKey{
-		keyID:      privKey.ID(),
+		KeyID:      privKey.ID(),
 		Encryption: string(gojose.PBES2_HS512_A256KW),
 		Algorithm:  privKey.Algorithm().String(),
 		Public:     privKey.Public(),
@ -105,7 +105,7 @@ func (s *KeyDBStore) GetKey(name string) (data.PrivateKey, string, error) {

 	// Retrieve the GORM private key from the database
 	dbPrivateKey := GormPrivateKey{}
-	if s.db.Where(&GormPrivateKey{keyID: name}).First(&dbPrivateKey).RecordNotFound() {
+	if s.db.Where(&GormPrivateKey{KeyID: name}).First(&dbPrivateKey).RecordNotFound() {
 		return nil, "", ErrKeyNotFound{}
 	}

@ -142,7 +142,7 @@ func (s *KeyDBStore) RemoveKey(name string) error {

 	// Retrieve the GORM private key from the database
 	dbPrivateKey := GormPrivateKey{}
-	if s.db.Where(&GormPrivateKey{keyID: name}).First(&dbPrivateKey).RecordNotFound() {
+	if s.db.Where(&GormPrivateKey{KeyID: name}).First(&dbPrivateKey).RecordNotFound() {
 		return ErrKeyNotFound{}
 	}

--- a/trustmanager/keydbstore_test.go
+++ b/trustmanager/keydbstore_test.go
@ -3,7 +3,6 @@ package trustmanager
 import (
 	"crypto/rand"
 	"database/sql"
-	"fmt"
 	"io/ioutil"
 	"os"
 	"testing"
@ -36,7 +35,6 @@ func TestCreateRead(t *testing.T) {

 	// Test writing new key in database/cache
 	err = dbStore.AddKey("", "", testKey)
-	fmt.Println(err)
 	assert.NoError(t, err)

 	// Test retrieval of key from DB
@ -56,6 +54,36 @@ func TestCreateRead(t *testing.T) {
 	assert.Equal(t, retrKey, testKey)
 }

+func TestDoubleCreate(t *testing.T) {
+	tempBaseDir, err := ioutil.TempDir("", "notary-test-")
+	defer os.RemoveAll(tempBaseDir)
+
+	testKey, err := GenerateECDSAKey(rand.Reader)
+	assert.NoError(t, err)
+
+	anotherTestKey, err := GenerateECDSAKey(rand.Reader)
+	assert.NoError(t, err)
+
+	// We are using SQLite for the tests
+	db, err := sql.Open("sqlite3", tempBaseDir+"test_db")
+	assert.NoError(t, err)
+
+	// Create a new KeyDB store
+	dbStore, err := NewKeyDBStore(retriever, "sqlite3", db)
+	assert.NoError(t, err)
+
+	// Ensure that the private_key table exists
+	dbStore.db.CreateTable(&GormPrivateKey{})
+
+	// Test writing new key in database/cache
+	err = dbStore.AddKey("", "", testKey)
+	assert.NoError(t, err)
+
+	// Test writing new key succeeds
+	err = dbStore.AddKey("", "", anotherTestKey)
+	assert.NoError(t, err)
+}
+
 func TestCreateDelete(t *testing.T) {
 	tempBaseDir, err := ioutil.TempDir("", "notary-test-")
 	defer os.RemoveAll(tempBaseDir)
@ -76,7 +104,6 @@ func TestCreateDelete(t *testing.T) {

 	// Test writing new key in database/cache
 	err = dbStore.AddKey("", "", testKey)
-	fmt.Println(err)
 	assert.NoError(t, err)

 	// Test deleting the key from the db