sectest

package

v0.2.0 Latest Latest Go to latest Published: Apr 17, 2023 License: BSD-3-Clause Imports: 10 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/vanadium/core

Links

Open Source Insights

Documentation ¶

Overview ¶

Package sectest contains support for security related tests

Index ¶

Variables
func AddToRoots(t *testing.T, p security.Principal, b security.Blessings)
func BlessSelf(t *testing.T, p security.Principal, name string, caveats ...security.Caveat) security.Blessings
func GenPurposeAndMessage(psize, msize int) (purpose, message []byte)
func NewExpiryCaveat(t testing.TB, until time.Time) security.Caveat
func NewMethodCaveat(t testing.TB, method string, additionalMethods ...string) security.Caveat
func NewPrincipal(t testing.TB, signer security.Signer, store security.BlessingStore, ...) security.Principal
func NewPrincipalRootsOnly(t testing.TB, signer security.Signer) security.Principal
func NewPublicKeyUnconstrainedCaveat(t testing.TB, p security.Principal, name string) security.Caveat
func NewSuffixCaveat(t *testing.T, suffix string) security.Caveat
func RoundTrip(in, out interface{}) error
type Roots
type TrustAllRoots

Constants ¶

This section is empty.

Variables ¶

View Source

var SuffixCaveat = security.CaveatDescriptor{
	Id:        uniqueid.Id{0xce, 0xc4, 0xd0, 0x98, 0x94, 0x53, 0x90, 0xdb, 0x15, 0x7c, 0xa8, 0x10, 0xae, 0x62, 0x80, 0x0},
	ParamType: vdl.TypeOf(string("")),
}

SuffixCaveat is a Caveat that validates iff Call.Suffix matches the string.

Since at the time of this writing, it was not clear that we want to make caveats on suffixes generally available, this type is implemented in this test file. If there is a general need for such a caveat, it should be defined similar to other caveats (like methodCaveat) in caveat.vdl and removed from this test file.

Functions ¶

func AddToRoots ¶

func AddToRoots(t *testing.T, p security.Principal, b security.Blessings)

AddToRoots calls security.AddAddToRoots.

func BlessSelf ¶

func BlessSelf(t *testing.T, p security.Principal, name string, caveats ...security.Caveat) security.Blessings

BlessSelf returns a named blessing for the supplied principal.

func GenPurposeAndMessage ¶ added in v0.2.0

func GenPurposeAndMessage(psize, msize int) (purpose, message []byte)

GenPurposeAndMessage generates a random purpose and message of the the requested size.

func NewExpiryCaveat ¶

func NewExpiryCaveat(t testing.TB, until time.Time) security.Caveat

NewExpiryCaveat is like security.NewNewExpiryCaveat except that it fails on error.

func NewMethodCaveat ¶

func NewMethodCaveat(t testing.TB, method string, additionalMethods ...string) security.Caveat

NewMethodCaveat is like security.NewNewMethodCaveat except that it fails on error.

func NewPrincipal ¶

func NewPrincipal(t testing.TB, signer security.Signer, store security.BlessingStore, roots security.BlessingRoots) security.Principal

NewPrincipal creates a new security.Principal using the supplied signer, blessings store and roots.

func NewPrincipalRootsOnly ¶ added in v0.2.0

func NewPrincipalRootsOnly(t testing.TB, signer security.Signer) security.Principal

NewPrincipalRootsOnly creates a new security.Principal using the supplied signer, no blessing store and &Roots{}.

func NewPublicKeyUnconstrainedCaveat ¶

func NewPublicKeyUnconstrainedCaveat(t testing.TB, p security.Principal, name string) security.Caveat

NewPublicKeyUnconstrainedCaveat creates a named, unconstrained caveat using the supplied principal and with no third party caveats.

func NewSuffixCaveat ¶

func NewSuffixCaveat(t *testing.T, suffix string) security.Caveat

NewSuffixCaveat returns a caveat for SuffixCaveat.

func RoundTrip ¶

func RoundTrip(in, out interface{}) error

RoundTrip simulates a network round trip by encoding/decoding from to/from vom.

Types ¶

type Roots ¶

type Roots struct {
	// contains filtered or unexported fields
}

Roots is an implementation of security.BlessingRoots that trusts the roots that have been added to it.

func (*Roots) Add ¶

func (r *Roots) Add(root []byte, pattern security.BlessingPattern) error

func (*Roots) DebugString ¶

func (*Roots) DebugString() string

func (*Roots) Dump ¶

func (r *Roots) Dump() map[security.BlessingPattern][]security.PublicKey

func (*Roots) Recognized ¶

func (r *Roots) Recognized(root []byte, blessing string) error

func (*Roots) RecognizedCert ¶ added in v0.2.0

func (r *Roots) RecognizedCert(root *security.Certificate, blessing string) error

type TrustAllRoots ¶

type TrustAllRoots struct {
	// contains filtered or unexported fields
}

TrustAllRoots is an implementation of security.BlessingRoots that trusts all roots, regardless of whether they have been added to it.

func (*TrustAllRoots) Add ¶

func (r *TrustAllRoots) Add(root []byte, pattern security.BlessingPattern) error

func (*TrustAllRoots) DebugString ¶

func (r *TrustAllRoots) DebugString() string

func (*TrustAllRoots) Dump ¶

func (r *TrustAllRoots) Dump() map[security.BlessingPattern][]security.PublicKey

func (*TrustAllRoots) Recognized ¶

func (r *TrustAllRoots) Recognized(cert []byte, blessing string) error

func (*TrustAllRoots) RecognizedCert ¶ added in v0.2.0

func (r *TrustAllRoots) RecognizedCert(root *security.Certificate, blessing string) error

Source Files ¶

View all Source files

security.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL