func (safs *signAddFindSuite) SetUpTest(c *C) { cfg0 := &asserts.DatabaseConfig{ KeypairManager: asserts.NewMemoryKeypairManager(), } db0, err := asserts.OpenDatabase(cfg0) c.Assert(err, IsNil) safs.signingDB = db0 pk := asserts.OpenPGPPrivateKey(testPrivKey0) err = db0.ImportKey("canonical", pk) c.Assert(err, IsNil) safs.signingKeyID = pk.PublicKey().ID() topDir := filepath.Join(c.MkDir(), "asserts-db") bs, err := asserts.OpenFSBackstore(topDir) c.Assert(err, IsNil) trustedKey := testPrivKey0 cfg := &asserts.DatabaseConfig{ Backstore: bs, KeypairManager: asserts.NewMemoryKeypairManager(), TrustedKeys: []*asserts.AccountKey{asserts.BootstrapAccountKeyForTest("canonical", &trustedKey.PublicKey)}, } db, err := asserts.OpenDatabase(cfg) c.Assert(err, IsNil) safs.db = db }
func main() { topDir := "snappy-asserts-toolbelt-db" bs, err := asserts.OpenFSBackstore(topDir) if err != nil { fmt.Println(err) os.Exit(1) } keypairMgr, err := asserts.OpenFSKeypairManager(topDir) if err != nil { fmt.Println(err) os.Exit(1) } cfg := &asserts.DatabaseConfig{ Backstore: bs, KeypairManager: keypairMgr, } db, err = asserts.OpenDatabase(cfg) if err != nil { fmt.Println(err) os.Exit(1) } parser.AddCommand("generate-key", "Generate key pair", "Generate key pair", &generateKey{}) parser.AddCommand("account-key", "Make an account-key assertion", "Make an account-key assertion", &accountKey{}) parser.AddCommand("snap-build", "Make a snap-build assertion", "Make a snap-build assertion", &snapBuild{}) if _, err := parser.Parse(); err != nil { os.Exit(1) } }
func (fsbss *fsBackstoreSuite) TestOpenWorldWritableFail(c *C) { topDir := filepath.Join(c.MkDir(), "asserts-db") // make it world-writable oldUmask := syscall.Umask(0) os.MkdirAll(filepath.Join(topDir, "asserts-v0"), 0777) syscall.Umask(oldUmask) bs, err := asserts.OpenFSBackstore(topDir) c.Assert(err, ErrorMatches, "assert storage root unexpectedly world-writable: .*") c.Check(bs, IsNil) }
func (fsbss *fsBackstoreSuite) TestOpenCreateFail(c *C) { parent := filepath.Join(c.MkDir(), "var") topDir := filepath.Join(parent, "asserts-db") // make it not writable err := os.Mkdir(parent, 0555) c.Assert(err, IsNil) bs, err := asserts.OpenFSBackstore(topDir) c.Assert(err, ErrorMatches, "failed to create assert storage root: .*") c.Check(bs, IsNil) }
func (chks *checkSuite) SetUpTest(c *C) { var err error topDir := filepath.Join(c.MkDir(), "asserts-db") chks.bs, err = asserts.OpenFSBackstore(topDir) c.Assert(err, IsNil) headers := map[string]string{ "authority-id": "canonical", "primary-key": "0", } chks.a, err = asserts.AssembleAndSignInTest(asserts.TestOnlyType, headers, nil, asserts.OpenPGPPrivateKey(testPrivKey0)) c.Assert(err, IsNil) }
func (aks *accountKeySuite) openDB(c *C) *asserts.Database { trustedKey := testPrivKey0 topDir := filepath.Join(c.MkDir(), "asserts-db") bs, err := asserts.OpenFSBackstore(topDir) c.Assert(err, IsNil) cfg := &asserts.DatabaseConfig{ Backstore: bs, KeypairManager: asserts.NewMemoryKeypairManager(), TrustedKeys: []*asserts.AccountKey{asserts.BootstrapAccountKeyForTest("canonical", &trustedKey.PublicKey)}, } db, err := asserts.OpenDatabase(cfg) c.Assert(err, IsNil) return db }
func (fsbss *fsBackstoreSuite) TestOpenOK(c *C) { // ensure umask is clean when creating the DB dir oldUmask := syscall.Umask(0) defer syscall.Umask(oldUmask) topDir := filepath.Join(c.MkDir(), "asserts-db") bs, err := asserts.OpenFSBackstore(topDir) c.Check(err, IsNil) c.Check(bs, NotNil) info, err := os.Stat(filepath.Join(topDir, "asserts-v0")) c.Assert(err, IsNil) c.Assert(info.IsDir(), Equals, true) c.Check(info.Mode().Perm(), Equals, os.FileMode(0775)) }
func makeSignAndCheckDbWithAccountKey(c *C, accountID string) (signingKeyID string, accSignDB, checkDB *asserts.Database) { trustedKey := testPrivKey0 cfg1 := &asserts.DatabaseConfig{ KeypairManager: asserts.NewMemoryKeypairManager(), } accSignDB, err := asserts.OpenDatabase(cfg1) c.Assert(err, IsNil) pk1 := asserts.OpenPGPPrivateKey(testPrivKey1) err = accSignDB.ImportKey(accountID, asserts.OpenPGPPrivateKey(testPrivKey1)) c.Assert(err, IsNil) accFingerp := pk1.PublicKey().Fingerprint() accKeyID := pk1.PublicKey().ID() pubKey, err := accSignDB.PublicKey(accountID, accKeyID) c.Assert(err, IsNil) pubKeyEncoded, err := asserts.EncodePublicKey(pubKey) c.Assert(err, IsNil) accPubKeyBody := string(pubKeyEncoded) headers := map[string]string{ "authority-id": "canonical", "account-id": accountID, "public-key-id": accKeyID, "public-key-fingerprint": accFingerp, "since": "2015-11-20T15:04:00Z", "until": "2500-11-20T15:04:00Z", } accKey, err := asserts.AssembleAndSignInTest(asserts.AccountKeyType, headers, []byte(accPubKeyBody), asserts.OpenPGPPrivateKey(trustedKey)) c.Assert(err, IsNil) topDir := filepath.Join(c.MkDir(), "asserts-db") bs, err := asserts.OpenFSBackstore(topDir) c.Assert(err, IsNil) cfg := &asserts.DatabaseConfig{ Backstore: bs, KeypairManager: asserts.NewMemoryKeypairManager(), TrustedKeys: []*asserts.AccountKey{asserts.BootstrapAccountKeyForTest("canonical", &trustedKey.PublicKey)}, } checkDB, err = asserts.OpenDatabase(cfg) c.Assert(err, IsNil) err = checkDB.Add(accKey) c.Assert(err, IsNil) return accKeyID, accSignDB, checkDB }