Documentation ¶
Overview ¶
Package sectest contains support for security related tests
Index ¶
- Variables
- func AddToRoots(t *testing.T, p security.Principal, b security.Blessings)
- func BlessSelf(t *testing.T, p security.Principal, name string, caveats ...security.Caveat) security.Blessings
- func NewECDSAPrincipalP256(t testing.TB) security.Principal
- func NewECDSAPrincipalP256TrustAllRoots(t testing.TB) security.Principal
- func NewECDSASigner(t testing.TB, curve elliptic.Curve) security.Signer
- func NewECDSASignerP256(t testing.TB) security.Signer
- func NewED25519Principal(t testing.TB) security.Principal
- func NewED25519PrincipalTrustAllRoots(t testing.TB) security.Principal
- func NewED25519Signer(t testing.TB) security.Signer
- func NewExpiryCaveat(t testing.TB, until time.Time) security.Caveat
- func NewMethodCaveat(t testing.TB, method string, additionalMethods ...string) security.Caveat
- func NewPrincipal(t testing.TB, signer security.Signer, store security.BlessingStore, ...) security.Principal
- func NewPublicKeyUnconstrainedCaveat(t testing.TB, p security.Principal, name string) security.Caveat
- func NewSuffixCaveat(t *testing.T, suffix string) security.Caveat
- func RoundTrip(in, out interface{}) error
- type Roots
- type TrustAllRoots
Constants ¶
This section is empty.
Variables ¶
var SuffixCaveat = security.CaveatDescriptor{ Id: uniqueid.Id{0xce, 0xc4, 0xd0, 0x98, 0x94, 0x53, 0x90, 0xdb, 0x15, 0x7c, 0xa8, 0x10, 0xae, 0x62, 0x80, 0x0}, ParamType: vdl.TypeOf(string("")), }
SuffixCaveat is a Caveat that validates iff Call.Suffix matches the string.
Since at the time of this writing, it was not clear that we want to make caveats on suffixes generally available, this type is implemented in this test file. If there is a general need for such a caveat, it should be defined similar to other caveats (like methodCaveat) in caveat.vdl and removed from this test file.
Functions ¶
func AddToRoots ¶
AddToRoots calls security.AddAddToRoots.
func BlessSelf ¶
func BlessSelf(t *testing.T, p security.Principal, name string, caveats ...security.Caveat) security.Blessings
BlessSelf returns a named blessing for the supplied principal.
func NewECDSAPrincipalP256 ¶
NewECDSAPrincipalP256 returns a new ECDSA based principal using &Roots{} and the P256 curve.
func NewECDSAPrincipalP256TrustAllRoots ¶
NewECDSAPrincipalP256TrustAllRoots returns a new ECDSA based principal using &TrustAllRoots{} and the P256 curve.
func NewECDSASigner ¶
NewECDSASigner creates a new ECDSA based signer.
func NewECDSASignerP256 ¶
NewECDSASignerP256 creates a new ECDSA based signer using the P256 curve.
func NewED25519Principal ¶
NewED25519Principal returns a new ED25519 based principal using &Roots{}.
func NewED25519PrincipalTrustAllRoots ¶
NewED25519PrincipalTrustAllRoots returns a new ED25519 based principal using &TrustAllRoots{}.
func NewED25519Signer ¶
NewED25519Signer creates a new ED25519 signer.
func NewExpiryCaveat ¶
NewExpiryCaveat is like security.NewNewExpiryCaveat except that it fails on error.
func NewMethodCaveat ¶
NewMethodCaveat is like security.NewNewMethodCaveat except that it fails on error.
func NewPrincipal ¶
func NewPrincipal(t testing.TB, signer security.Signer, store security.BlessingStore, roots security.BlessingRoots) security.Principal
NewPrincipal creates a new security.Principal using the supplied signer, blessings store and roots.
func NewPublicKeyUnconstrainedCaveat ¶
func NewPublicKeyUnconstrainedCaveat(t testing.TB, p security.Principal, name string) security.Caveat
NewPublicKeyUnconstrainedCaveat creates a named, unconstrained caveat using the supplied principal and with no third party caveats.
func NewSuffixCaveat ¶
NewSuffixCaveat returns a caveat for SuffixCaveat.
Types ¶
type Roots ¶
type Roots struct {
// contains filtered or unexported fields
}
Roots is an implementation of security.BlessingRoots that trusts the roots that have been added to it.
func (*Roots) DebugString ¶
type TrustAllRoots ¶
type TrustAllRoots struct {
// contains filtered or unexported fields
}
TrustAllRoots is an implementation of security.BlessingRoots that trusts all roots, regardless of whether they have been added to it.
func (*TrustAllRoots) Add ¶
func (r *TrustAllRoots) Add(root []byte, pattern security.BlessingPattern) error
func (*TrustAllRoots) DebugString ¶
func (r *TrustAllRoots) DebugString() string
func (*TrustAllRoots) Dump ¶
func (r *TrustAllRoots) Dump() map[security.BlessingPattern][]security.PublicKey
func (*TrustAllRoots) Recognized ¶
func (r *TrustAllRoots) Recognized(root []byte, blessing string) error