testenv

package

v0.0.0-...-5c79d48 Latest Latest Go to latest Published: Feb 15, 2024 License: AGPL-3.0 Imports: 22 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/juser0719/teleport

Documentation ¶

Index ¶

Constants
type E
- func MustNew(opts ...Opt) *E
- func New(opts ...Opt) (*E, error)
- func (e *E) Close() error
type FakeDevice
type FakeDeviceService
type FakeMacOSDevice
- func NewFakeMacOSDevice() (*FakeMacOSDevice, error)
type FakeTPMDevice
- func NewFakeLinuxDevice() *FakeTPMDevice
- func NewFakeWindowsDevice() *FakeTPMDevice
type Opt
- func WithAutoCreateDevice(b bool) Opt

Constants ¶

View Source

const FakeEnrollmentToken = "29d73573-1682-42a1-b28f-c0e42a29942f"

FakeEnrollmentToken is a "free", never spent enrollment token.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type E ¶

type E struct {
	DevicesClient devicepb.DeviceTrustServiceClient
	Service       *FakeDeviceService
	// contains filtered or unexported fields
}

E is an integrated test environment for device trust.

func MustNew ¶

func MustNew(opts ...Opt) *E

MustNew creates a new E or panics. Callers are required to defer e.Close() to release test resources.

func New ¶

func New(opts ...Opt) (*E, error)

New creates a new E. Callers are required to defer e.Close() to release test resources.

func (*E) Close ¶

func (e *E) Close() error

Close tears down the test environment.

type FakeDevice ¶

type FakeDevice interface {
	CollectDeviceData(mode native.CollectDataMode) (*devicepb.DeviceCollectedData, error)
	EnrollDeviceInit() (*devicepb.EnrollDeviceInit, error)
	GetDeviceOSType() devicepb.OSType
	SignChallenge(chal []byte) (sig []byte, err error)
	SolveTPMEnrollChallenge(challenge *devicepb.TPMEnrollChallenge, debug bool) (*devicepb.TPMEnrollChallengeResponse, error)
	SolveTPMAuthnDeviceChallenge(challenge *devicepb.TPMAuthenticateDeviceChallenge) (*devicepb.TPMAuthenticateDeviceChallengeResponse, error)
	GetDeviceCredential() *devicepb.DeviceCredential
}

FakeDevice is implemented by the platform-native fakes and is used in tests for device authentication and enrollment.

type FakeDeviceService ¶

type FakeDeviceService struct {
	devicepb.UnimplementedDeviceTrustServiceServer
	// contains filtered or unexported fields
}

func (*FakeDeviceService) AuthenticateDevice ¶

func (s *FakeDeviceService) AuthenticateDevice(stream devicepb.DeviceTrustService_AuthenticateDeviceServer) error

AuthenticateDevice implements a fake, server-side device authentication ceremony.

AuthenticateDevice requires an enrolled device, so the challenge signature can be verified. It largely ignores received certificates and doesn't reply with proper certificates in the response. Certificates are acquired outside of devicetrust packages, so it's not essential to check them here.

func (*FakeDeviceService) CreateDevice ¶

func (s *FakeDeviceService) CreateDevice(ctx context.Context, req *devicepb.CreateDeviceRequest) (*devicepb.Device, error)

func (*FakeDeviceService) CreateDeviceEnrollToken ¶

func (s *FakeDeviceService) CreateDeviceEnrollToken(ctx context.Context, req *devicepb.CreateDeviceEnrollTokenRequest) (*devicepb.DeviceEnrollToken, error)

CreateDeviceEnrollToken implements the creation of fake device enrollment tokens.

ID-based creation requires a previously-created device and stores the new token.

Auto-enrollment is completely fake, it doesn't require the device to exist. Always returns FakeEnrollmentToken.

func (*FakeDeviceService) EnrollDevice ¶

func (s *FakeDeviceService) EnrollDevice(stream devicepb.DeviceTrustService_EnrollDeviceServer) error

EnrollDevice implements a fake, server-side device enrollment ceremony.

If the service was created using WithAutoCreateDevice, the device is automatically created. The enrollment token must either match FakeEnrollmentToken or be created via a successful [CreateDeviceEnrollToken] call.

func (*FakeDeviceService) FindDevices ¶

func (s *FakeDeviceService) FindDevices(ctx context.Context, req *devicepb.FindDevicesRequest) (*devicepb.FindDevicesResponse, error)

func (*FakeDeviceService) SetDevicesLimitReached ¶

func (s *FakeDeviceService) SetDevicesLimitReached(limitReached bool)

SetDevicesLimitReached simulates a server where the devices limit was already reached.

type FakeMacOSDevice ¶

type FakeMacOSDevice struct {
	ID           string
	SerialNumber string
	PubKeyDER    []byte
	// contains filtered or unexported fields
}

FakeMacOSDevice fakes the native methods of a macOS device, as expected by the devicetrust packages.

func NewFakeMacOSDevice ¶

func NewFakeMacOSDevice() (*FakeMacOSDevice, error)

func (*FakeMacOSDevice) CollectDeviceData ¶

func (f *FakeMacOSDevice) CollectDeviceData(mode native.CollectDataMode) (*devicepb.DeviceCollectedData, error)

func (*FakeMacOSDevice) EnrollDeviceInit ¶

func (f *FakeMacOSDevice) EnrollDeviceInit() (*devicepb.EnrollDeviceInit, error)

func (*FakeMacOSDevice) GetDeviceCredential ¶

func (f *FakeMacOSDevice) GetDeviceCredential() *devicepb.DeviceCredential

func (*FakeMacOSDevice) GetDeviceOSType ¶

func (f *FakeMacOSDevice) GetDeviceOSType() devicepb.OSType

func (*FakeMacOSDevice) SignChallenge ¶

func (f *FakeMacOSDevice) SignChallenge(chal []byte) (sig []byte, err error)

func (*FakeMacOSDevice) SolveTPMAuthnDeviceChallenge ¶

func (d *FakeMacOSDevice) SolveTPMAuthnDeviceChallenge(_ *devicepb.TPMAuthenticateDeviceChallenge) (*devicepb.TPMAuthenticateDeviceChallengeResponse, error)

func (*FakeMacOSDevice) SolveTPMEnrollChallenge ¶

func (d *FakeMacOSDevice) SolveTPMEnrollChallenge(
	_ *devicepb.TPMEnrollChallenge,
	_ bool,
) (*devicepb.TPMEnrollChallengeResponse, error)

type FakeTPMDevice ¶

type FakeTPMDevice struct {
	OSType       devicepb.OSType
	CredentialID string
	SerialNumber string
}

FakeTPMDevice allows us to exercise EnrollCeremony. To avoid requiring dependencies to support a TPM simulator, we currently do not closely emulate the behavior of a real windows device.

func NewFakeLinuxDevice ¶

func NewFakeLinuxDevice() *FakeTPMDevice

func NewFakeWindowsDevice ¶

func NewFakeWindowsDevice() *FakeTPMDevice

func (*FakeTPMDevice) CollectDeviceData ¶

func (f *FakeTPMDevice) CollectDeviceData(mode native.CollectDataMode) (*devicepb.DeviceCollectedData, error)

func (*FakeTPMDevice) EnrollDeviceInit ¶

func (f *FakeTPMDevice) EnrollDeviceInit() (*devicepb.EnrollDeviceInit, error)

func (*FakeTPMDevice) GetDeviceCredential ¶

func (f *FakeTPMDevice) GetDeviceCredential() *devicepb.DeviceCredential

func (*FakeTPMDevice) GetDeviceOSType ¶

func (f *FakeTPMDevice) GetDeviceOSType() devicepb.OSType

func (*FakeTPMDevice) SignChallenge ¶

func (f *FakeTPMDevice) SignChallenge(_ []byte) (sig []byte, err error)

func (*FakeTPMDevice) SolveTPMAuthnDeviceChallenge ¶

func (f *FakeTPMDevice) SolveTPMAuthnDeviceChallenge(
	challenge *devicepb.TPMAuthenticateDeviceChallenge,
) (*devicepb.TPMAuthenticateDeviceChallengeResponse, error)

func (*FakeTPMDevice) SolveTPMEnrollChallenge ¶

func (f *FakeTPMDevice) SolveTPMEnrollChallenge(
	challenge *devicepb.TPMEnrollChallenge,
	_ bool,
) (*devicepb.TPMEnrollChallengeResponse, error)

type Opt ¶

type Opt func(*E)

Opt is a creation option for E

func WithAutoCreateDevice ¶

func WithAutoCreateDevice(b bool) Opt

WithAutoCreateDevice instructs EnrollDevice to automatically create the requested device, if it wasn't previously registered. See also FakeEnrollmentToken.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL