docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Added one more test, and fixed delete bug 

Signed-off-by: Diogo Monica <diogo@docker.com>
This commit is contained in:
Diogo Monica 2015-07-24 06:46:26 -07:00
parent 47f651ef8a
commit e568babc0a
5 changed files with 48 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
cmd/notary-signer/main.go
View File

@ -2,10 +2,13 @@ package main
import ( import (
"crypto/rand" "crypto/rand"
"crypto/sha256"
"crypto/tls" "crypto/tls"
"database/sql" "database/sql"
"errors"
_ "expvar" _ "expvar"
"flag" "flag"
"io/ioutil"
"log" "log"
"net" "net"
"net/http" "net/http"
@ -46,9 +49,15 @@ func init() {
} }
func passphraseRetriever(keyName, alias string, createNew bool, attempts int) (passphrase string, giveup bool, err error) { func passphraseRetriever(keyName, alias string, createNew bool, attempts int) (passphrase string, giveup bool, err error) {
privKeyContent, err := ioutil.ReadFile(keyFile)
if err != nil {
return "", false, errors.New("error while reading the TLS private key")
}
//TODO(mccauley) Read from config once we have locked keys in notary-signer privKeyHash := sha256.Sum256(privKeyContent)
return "", false, nil passphrase = string(privKeyHash[:])
return passphrase, false, nil
} }
func main() { func main() {

2
notarymysql/initial.sql
View File

@ -22,7 +22,7 @@ CREATE TABLE `private_keys` (
`id` int(11) NOT NULL AUTO_INCREMENT, `id` int(11) NOT NULL AUTO_INCREMENT,
`created_at` datetime NOT NULL, `created_at` datetime NOT NULL,
`updated_at` datetime NOT NULL, `updated_at` datetime NOT NULL,
`deleted_at` datetime NOT NULL, `deleted_at` datetime DEFAULT NULL,
`key_id` varchar(255) NOT NULL, `key_id` varchar(255) NOT NULL,
`encryption` varchar(255) NOT NULL, `encryption` varchar(255) NOT NULL,
`algorithm` varchar(50) NOT NULL, `algorithm` varchar(50) NOT NULL,

2
signer/api/rpc_api.go
View File

@ -32,11 +32,13 @@ func (s *KeyManagementServer) CreateKey(ctx context.Context, algorithm *pb.Algor
service := s.CryptoServices[keyAlgo] service := s.CryptoServices[keyAlgo]
if service == nil { if service == nil {
log.Println("[Notary-signer CreateKey] : unsupported algorithm: ", algorithm.Algorithm)
return nil, fmt.Errorf("algorithm %s not supported for create key", algorithm.Algorithm) return nil, fmt.Errorf("algorithm %s not supported for create key", algorithm.Algorithm)
} }
tufKey, err := service.Create("", keyAlgo) tufKey, err := service.Create("", keyAlgo)
if err != nil { if err != nil {
log.Println("[Notary-signer CreateKey] : failed to create key", err)
return nil, grpc.Errorf(codes.Internal, "Key creation failed") return nil, grpc.Errorf(codes.Internal, "Key creation failed")
} }
log.Println("[Notary-signer CreateKey] : Created KeyID ", tufKey.ID()) log.Println("[Notary-signer CreateKey] : Created KeyID ", tufKey.ID())

8
trustmanager/keydbstore.go
View File

@ -23,7 +23,7 @@ type KeyDBStore struct {
// GormPrivateKey represents a PrivateKey in the database // GormPrivateKey represents a PrivateKey in the database
type GormPrivateKey struct { type GormPrivateKey struct {
gorm.Model gorm.Model
keyID string `gorm:"not null;unique_index"` KeyID string `gorm:"not null;unique_index"`
Encryption string `gorm:"type:varchar(50);not null"` Encryption string `gorm:"type:varchar(50);not null"`
Algorithm string `gorm:"not null"` Algorithm string `gorm:"not null"`
Public []byte `gorm:"not null"` Public []byte `gorm:"not null"`
@ -72,7 +72,7 @@ func (s *KeyDBStore) AddKey(name, alias string, privKey data.PrivateKey) error {
encryptedPrivKeyStr := encryptedKey.FullSerialize() encryptedPrivKeyStr := encryptedKey.FullSerialize()
gormPrivKey := GormPrivateKey{ gormPrivKey := GormPrivateKey{
keyID: privKey.ID(), KeyID: privKey.ID(),
Encryption: string(gojose.PBES2_HS512_A256KW), Encryption: string(gojose.PBES2_HS512_A256KW),
Algorithm: privKey.Algorithm().String(), Algorithm: privKey.Algorithm().String(),
Public: privKey.Public(), Public: privKey.Public(),
@ -105,7 +105,7 @@ func (s *KeyDBStore) GetKey(name string) (data.PrivateKey, string, error) {
// Retrieve the GORM private key from the database // Retrieve the GORM private key from the database
dbPrivateKey := GormPrivateKey{} dbPrivateKey := GormPrivateKey{}
if s.db.Where(&GormPrivateKey{keyID: name}).First(&dbPrivateKey).RecordNotFound() { if s.db.Where(&GormPrivateKey{KeyID: name}).First(&dbPrivateKey).RecordNotFound() {
return nil, "", ErrKeyNotFound{} return nil, "", ErrKeyNotFound{}
} }
@ -142,7 +142,7 @@ func (s *KeyDBStore) RemoveKey(name string) error {
// Retrieve the GORM private key from the database // Retrieve the GORM private key from the database
dbPrivateKey := GormPrivateKey{} dbPrivateKey := GormPrivateKey{}
if s.db.Where(&GormPrivateKey{keyID: name}).First(&dbPrivateKey).RecordNotFound() { if s.db.Where(&GormPrivateKey{KeyID: name}).First(&dbPrivateKey).RecordNotFound() {
return ErrKeyNotFound{} return ErrKeyNotFound{}
} }

33
trustmanager/keydbstore_test.go
View File

@ -3,7 +3,6 @@ package trustmanager
import ( import (
"crypto/rand" "crypto/rand"
"database/sql" "database/sql"
"fmt"
"io/ioutil" "io/ioutil"
"os" "os"
"testing" "testing"
@ -36,7 +35,6 @@ func TestCreateRead(t *testing.T) {
// Test writing new key in database/cache // Test writing new key in database/cache
err = dbStore.AddKey("", "", testKey) err = dbStore.AddKey("", "", testKey)
fmt.Println(err)
assert.NoError(t, err) assert.NoError(t, err)
// Test retrieval of key from DB // Test retrieval of key from DB
@ -56,6 +54,36 @@ func TestCreateRead(t *testing.T) {
assert.Equal(t, retrKey, testKey) assert.Equal(t, retrKey, testKey)
} }
func TestDoubleCreate(t *testing.T) {
tempBaseDir, err := ioutil.TempDir("", "notary-test-")
defer os.RemoveAll(tempBaseDir)
testKey, err := GenerateECDSAKey(rand.Reader)
assert.NoError(t, err)
anotherTestKey, err := GenerateECDSAKey(rand.Reader)
assert.NoError(t, err)
// We are using SQLite for the tests
db, err := sql.Open("sqlite3", tempBaseDir+"test_db")
assert.NoError(t, err)
// Create a new KeyDB store
dbStore, err := NewKeyDBStore(retriever, "sqlite3", db)
assert.NoError(t, err)
// Ensure that the private_key table exists
dbStore.db.CreateTable(&GormPrivateKey{})
// Test writing new key in database/cache
err = dbStore.AddKey("", "", testKey)
assert.NoError(t, err)
// Test writing new key succeeds
err = dbStore.AddKey("", "", anotherTestKey)
assert.NoError(t, err)
}
func TestCreateDelete(t *testing.T) { func TestCreateDelete(t *testing.T) {
tempBaseDir, err := ioutil.TempDir("", "notary-test-") tempBaseDir, err := ioutil.TempDir("", "notary-test-")
defer os.RemoveAll(tempBaseDir) defer os.RemoveAll(tempBaseDir)
@ -76,7 +104,6 @@ func TestCreateDelete(t *testing.T) {
// Test writing new key in database/cache // Test writing new key in database/cache
err = dbStore.AddKey("", "", testKey) err = dbStore.AddKey("", "", testKey)
fmt.Println(err)
assert.NoError(t, err) assert.NoError(t, err)
// Test deleting the key from the db // Test deleting the key from the db