func (s *SRestful) restCreateSecureStorage(request *restful.Request, response *restful.Response) {
secret := request.HeaderParameter(secretIDParam)
data, err := ss.NewStorage([]byte(secret), checkSecretStrength)
if err != nil {
s.setError(response, http.StatusBadRequest, err)
return
}
s.st.SecureStorage = data
response.WriteHeaderAndEntity(http.StatusCreated, s.getURLPath(request))
}
// StoreLoadTest : common store load testing for all the different properties
func StoreLoadTest(t *testing.T, userData interface{}, propertyName string) {
filePath := "./tmp.txt"
key := "key"
secret := []byte("12345678")
logger.Init(ioutil.Discard, ioutil.Discard, ioutil.Discard, ioutil.Discard)
storage, err := ss.NewStorage(secret, false)
if err != nil {
t.Errorf("Fatal error: can't create storage, error: %v", err)
}
s := Serializers[propertyName]
err = s.AddToStorage(key, userData, storage)
if err != nil {
t.Fatal("Fatal error: can't add to storage, error:", err)
}
err = s.AddToStorage(key, nil, storage)
if err == nil {
t.Errorf("Test fail: Successfully add undefined property to storage")
}
err = s.AddToStorage(key, userData, nil)
if err == nil {
t.Errorf("Test fail: Successfully add property to nil storage")
}
storage.StoreInfo(filePath)
storage, err = ss.LoadInfo(filePath, secret)
if err != nil {
t.Fatal("Fatal error: can't load from storage, error:", err)
}
_, err = s.ReadFromStorage(key, nil)
loadStorage := storage.GetDecryptStorageData()
if err == nil {
t.Fatal("Fatal error: Read pass but storage is nil")
}
_, err = s.ReadFromStorage("", loadStorage)
if err == nil {
t.Fatal("Fatal error: Read pass but the key is empty")
}
_, err = s.ReadFromStorage(key, loadStorage)
if err != nil {
t.Fatal("Fatal error: can't load from storage, error:", err)
}
data, err := s.ReadFromStorage(key, loadStorage)
if err != nil {
t.Fatal("Fatal error: can't read from storage, error:", err)
}
if s.IsEqualProperties(userData, data) == false {
t.Fatal("Fatal error: Data read from storage:", s.PrintProperties(data), "is not equal to the one that was write to storage:", userData)
}
if s.IsEqualProperties(userData, "") == true {
t.Fatal("Fatal error: unequal properies were found equal")
}
logger.Trace.Println("Data:", s.PrintProperties(data))
}
func generateSecureStorage() (*ss.SecureStorage, []byte) {
var secret []byte
secret = make([]byte, aesSecretLen)
io.ReadFull(rand.Reader, secret)
storage, _ := ss.NewStorage(secret, false)
for i := 0; i < 10; i++ {
keyText := fmt.Sprintf(keyFmt, i)
dataText := fmt.Sprintf(dataFmt, i*10+1)
storage.AddItem(keyText, dataText)
}
return storage, secret
}
func init() {
logger.Init(ioutil.Discard, ioutil.Discard, ioutil.Discard, ioutil.Discard)
servicePath = cr.ServicePathPrefix + cr.Version + sPrefix
resourcePath = listener + servicePath + storagePath
itemPath = listener + servicePath + storageItemPath
baseHeaderInfo[secretIDParam] = secretCode
usersList := en.New()
stRestful = libsecurityRestful.NewLibsecurityRestful()
secureStorage, _ := ss.NewStorage([]byte(secretCode), true)
stRestful.SetData(usersList, nil, nil, nil, secureStorage)
stRestful.SetToFilterFlag(false)
go runServer()
time.Sleep(100 * time.Millisecond)
}
// Test corners:
func Test_corners(t *testing.T) {
userName := "******"
groupName := "g1"
u, _ := newUser(userName)
g, _ := newGroup(groupName)
g.addUserToGroup(u.Name)
err := g.addUserToGroup("")
if err == nil {
t.Errorf("Test fail: Success to add undefined user to group")
}
logger.Trace.Println("The data is:", g.String())
err = g.addGroupToStorage(groupName, nil)
if err == nil {
t.Errorf("Test fail: Add group to nil storage")
}
err = u.Entity.addEntityToStorage(groupName, nil)
if err == nil {
t.Errorf("Test fail: Add entity to nil storage")
}
err = u.Entity.addProperty(groupName, nil)
if err == nil {
t.Errorf("Test fail: Add property with nil data")
}
storage, _ := ss.NewStorage([]byte("12345678"), false)
err = g.addGroupToStorage(groupName, storage)
if err != nil {
t.Errorf("Test fail: Can't add group to storage")
}
_, err = readEntityFromStorage("a12", storage)
if err == nil {
t.Errorf("Test fail: undefined entity name was found in the storage")
}
_, err = readEntityFromStorage(groupName, nil)
if err == nil {
t.Errorf("Test fail: read entity from nil storage")
}
_, err = readGroupFromStorage(groupName, nil)
if err == nil {
t.Errorf("Test fail: read group from nil storage")
}
}
// StoreInfo : Store all the data of all the entities in the list including their properties in the secure storage
func (el *EntityManager) StoreInfo(filePath string, secret []byte, checkSecretStrength bool) error {
lock.Lock()
defer lock.Unlock()
prefix := ""
storage, err := ss.NewStorage(secret, checkSecretStrength)
if err != nil {
logger.Error.Printf("Fatal error: Cannot create storage, error: %v", err)
return fmt.Errorf("Fatal error: Cannot create storage, error: %v", err)
}
for name, e := range el.Users {
err := addUserResourceToStorage(userTypeStr, name, e.Entity, prefix, storage)
if err != nil {
return err
}
}
for name, e := range el.Groups {
err := addGroupToStorage(groupTypeStr, name, e, prefix, storage)
if err != nil {
return err
}
}
for name, e := range el.Resources {
err := addUserResourceToStorage(resourceTypeStr, name, e.Entity, prefix, storage)
if err != nil {
return err
}
}
for name := range el.Permissions {
err := addPermissionToStorage(name, prefix, storage)
if err != nil {
return err
}
}
logger.Info.Println("Store Security Tool data to file:", filePath)
return storage.StoreInfo(filePath)
}
