Example #1
0
func GenerateSignature(c *cli.Context) {
	url := c.String("url")

	if url == "" {
		cli.ShowCommandHelp(c, "generate")
		os.Exit(1)
	}

	crypto, err := common.CreateCrypto(c)
	if err != nil {
		os.Exit(1)
	}

	signature, err := createSigFromArgs(c)
	if err != nil {
		os.Exit(1)
	}

	sigEncoded, metaEncoded, err := route_service.BuildSignatureAndMetadata(crypto, &signature)
	if err != nil {
		fmt.Printf("Failed to create signature: %s", err.Error())
		os.Exit(1)
	}

	fmt.Printf("Encoded Signature:\n%s\n\n", sigEncoded)
	fmt.Printf("Encoded Metadata:\n%s\n\n", metaEncoded)
}
Example #2
0
		crypto.EncryptStub = func(plainText []byte) ([]byte, []byte, []byte, error) {
			nonce := []byte("some-nonce")
			iv := []byte("some-iv")
			cipherText := append(plainText, "encrypted"...)
			cipherText = append(cipherText, nonce...)
			cipherText = append(cipherText, iv...)
			return cipherText, nonce, iv, nil
		}

		signature = &route_service.Signature{RequestedTime: time.Now()}
	})

	Describe("Build Signature and Metadata", func() {
		It("builds signature and metadata headers", func() {
			signatureHeader, metadata, err := route_service.BuildSignatureAndMetadata(crypto, signature)
			Expect(err).ToNot(HaveOccurred())
			Expect(signatureHeader).ToNot(BeNil())
			metadataDecoded, err := base64.URLEncoding.DecodeString(metadata)
			Expect(err).ToNot(HaveOccurred())
			metadataStruct := route_service.Metadata{}
			err = json.Unmarshal([]byte(metadataDecoded), &metadataStruct)
			Expect(err).ToNot(HaveOccurred())
			Expect(metadataStruct.Nonce).To(Equal([]byte("some-nonce")))
			Expect(metadataStruct.IV).To(Equal([]byte("some-iv")))
		})

		Context("when unable to encrypt the signature", func() {
			BeforeEach(func() {
				crypto.EncryptReturns([]byte{}, []byte{}, []byte{}, errors.New("No entropy"))
			})
Example #3
0
			// validate client request header
			Expect(r.Header.Get("X-CF-Forwarded-Url")).To(Equal(forwardedUrl))

			w.Write([]byte("My Special Snowflake Route Service\n"))
		})

		crypto, err := secure.NewAesGCM([]byte(cryptoKey))
		Expect(err).ToNot(HaveOccurred())

		signature := &route_service.Signature{
			RequestedTime: time.Now(),
			ForwardedUrl:  forwardedUrl,
		}

		signatureHeader, metadataHeader, err = route_service.BuildSignatureAndMetadata(crypto, signature)
		Expect(err).ToNot(HaveOccurred())
	})

	Context("with Route Services disabled", func() {
		BeforeEach(func() {
			conf.RouteServiceEnabled = false
			conf.SSLSkipValidation = true
			routeServiceHandler = http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
				Fail("Should not get here into Route Service")
			})
		})

		It("return 502 Bad Gateway", func() {
			ln := registerHandlerWithRouteService(r, "my_host.com", "https://"+routeServiceListener.Addr().String(), func(conn *test_util.HttpConn) {
				Fail("Should not get here into the app")