Documentation

Overview

    Package assertstest provides helpers for testing code that involves assertions.

    Index

    Constants

    View Source
    const (
    	DevKey = `` /* 3349-byte string literal not displayed */
    
    	DevKeyID = "EAD4DbLxK_kn0gzNCXOs3kd6DeMU3f-L6BEsSEuJGBqCORR0gXkdDxMbOm11mRFu"
    
    	DevKeyPGPFingerprint = "966e70f4b9f257a2772f8f354a423d28aaea4b4f"
    )

      A sample developer key. See systestkeys for a prebuilt set of trusted keys and assertions.

      Variables

      This section is empty.

      Functions

      func AddMany

      func AddMany(db accuDB, assertions ...asserts.Assertion)

        AddMany conveniently adds the given assertions to the db. It is idempotent but otherwise panics on error.

        func FakeAssertion

        func FakeAssertion(headerLayers ...map[string]interface{}) asserts.Assertion

          FakeAssertion builds a fake assertion with given layered headers and an empty body. A fake assertion cannot be verified or added to a database or properly encoded. It can still be useful for unit tests but shouldn't be used in integration tests.

          func FakeAssertionWithBody

          func FakeAssertionWithBody(body []byte, headerLayers ...map[string]interface{}) asserts.Assertion

            FakeAssertionWithBody builds a fake assertion with the given body and layered headers. A fake assertion cannot be verified or added to a database or properly encoded. It can still be useful for unit tests but shouldn't be used in integration tests.

            func GPGImportKey

            func GPGImportKey(homedir, armoredKey string)

              GPGImportKey imports the given PGP armored key into the GnuPG setup at homedir. It panics on error.

              func GenerateKey

              func GenerateKey(bits int) (asserts.PrivateKey, *rsa.PrivateKey)

                GenerateKey generates a private/public key pair of the given bits. It panics on error.

                func MockBuiltinBaseDeclaration

                func MockBuiltinBaseDeclaration(headers []byte) (restore func())

                  MockBuiltinBaseDeclaration mocks the builtin base-declaration exposed by asserts.BuiltinBaseDeclaration.

                  func NewAccount

                  func NewAccount(db SignerDB, username string, otherHeaders map[string]interface{}, keyID string) *asserts.Account

                    NewAccount creates an account assertion for username, it fills in values for other missing headers as needed. It panics on error.

                    func NewAccountKey

                    func NewAccountKey(db SignerDB, acct *asserts.Account, otherHeaders map[string]interface{}, pubKey asserts.PublicKey, keyID string) *asserts.AccountKey

                      NewAccountKey creates an account-key assertion for the account, it fills in values for missing headers as needed. In panics on error.

                      func ReadPrivKey

                      func ReadPrivKey(pk string) (asserts.PrivateKey, *rsa.PrivateKey)

                        ReadPrivKey reads a PGP private key (either armored or simply base64 encoded). It panics on error.

                        Types

                        type SignerDB

                        type SignerDB interface {
                        	Sign(assertType *asserts.AssertionType, headers map[string]interface{}, body []byte, keyID string) (asserts.Assertion, error)
                        }

                          A SignerDB can sign assertions using its key pairs.

                          type SigningAccounts

                          type SigningAccounts struct {
                          	// contains filtered or unexported fields
                          }

                            SigningAccounts manages a set of brand or user accounts, with their keys that can sign models etc.

                            func NewSigningAccounts

                            func NewSigningAccounts(store *StoreStack) *SigningAccounts

                              NewSigningAccounts creates a new SigningAccounts instance.

                              func (*SigningAccounts) Account

                              func (sa *SigningAccounts) Account(accountID string) *asserts.Account

                              func (*SigningAccounts) AccountKey

                              func (sa *SigningAccounts) AccountKey(accountID string) *asserts.AccountKey

                              func (*SigningAccounts) AccountsAndKeys

                              func (sa *SigningAccounts) AccountsAndKeys(accountIDs ...string) []asserts.Assertion

                                AccountsAndKeys returns the account and account-key for each given accountID in that order.

                                func (*SigningAccounts) Model

                                func (sa *SigningAccounts) Model(accountID, model string, extras ...map[string]interface{}) *asserts.Model

                                  Model creates a new model for accountID. accountID can also be the account-id of the underlying store stack.

                                  func (*SigningAccounts) PublicKey

                                  func (sa *SigningAccounts) PublicKey(accountID string) asserts.PublicKey

                                  func (*SigningAccounts) Register

                                  func (sa *SigningAccounts) Register(accountID string, brandPrivKey asserts.PrivateKey, extra map[string]interface{}) *SigningDB

                                  func (*SigningAccounts) Signing

                                  func (sa *SigningAccounts) Signing(accountID string) *SigningDB

                                  type SigningDB

                                  type SigningDB struct {
                                  	AuthorityID string
                                  	KeyID       string
                                  
                                  	*asserts.Database
                                  }

                                    SigningDB embeds a signing assertion database with a default private key and assigned authority id. Sign will use the assigned authority id. "" can be passed for keyID to Sign and PublicKey to use the default key.

                                    func NewSigningDB

                                    func NewSigningDB(authorityID string, privKey asserts.PrivateKey) *SigningDB

                                      NewSigningDB creates a test signing assertion db with the given defaults. It panics on error.

                                      func (*SigningDB) PublicKey

                                      func (db *SigningDB) PublicKey(keyID string) (asserts.PublicKey, error)

                                      func (*SigningDB) Sign

                                      func (db *SigningDB) Sign(assertType *asserts.AssertionType, headers map[string]interface{}, body []byte, keyID string) (asserts.Assertion, error)

                                      type StoreKeys

                                      type StoreKeys struct {
                                      	Root          asserts.PrivateKey
                                      	Store         asserts.PrivateKey
                                      	Generic       asserts.PrivateKey
                                      	GenericModels asserts.PrivateKey
                                      }

                                        StoreKeys holds a set of store private keys.

                                        type StoreStack

                                        type StoreStack struct {
                                        	// Trusted authority assertions.
                                        	TrustedAccount *asserts.Account
                                        	TrustedKey     *asserts.AccountKey
                                        	Trusted        []asserts.Assertion
                                        
                                        	// Generic authority assertions.
                                        	GenericAccount      *asserts.Account
                                        	GenericKey          *asserts.AccountKey
                                        	GenericModelsKey    *asserts.AccountKey
                                        	Generic             []asserts.Assertion
                                        	GenericClassicModel *asserts.Model
                                        
                                        	// Signing assertion db that signs with the root private key.
                                        	RootSigning *SigningDB
                                        
                                        	// The store-like signing functionality that signs with a store key, setup to also store assertions if desired. It stores a default account-key for the store private key, see also the StoreStack.Key method.
                                        	*SigningDB
                                        }

                                          StoreStack realises a store-like set of founding trusted assertions and signing setup.

                                          func NewStoreStack

                                          func NewStoreStack(authorityID string, keys *StoreKeys) *StoreStack

                                            NewStoreStack creates a new store assertion stack. It panics on error. Optional keys specify private keys to use for the various roles.

                                            func (*StoreStack) StoreAccountKey

                                            func (ss *StoreStack) StoreAccountKey(keyID string) *asserts.AccountKey

                                              StoreAccountKey retrieves one of the account-key assertions for the signing keys of the simulated store signing database. "" for keyID means the default one. It panics on error.

                                              Source Files