func (s *signedSuite) SetUpSuite(c *gc.C) { var imageData = map[string]string{ "/unsigned/streams/v1/index.json": unsignedIndex, "/unsigned/streams/v1/image_metadata.json": unsignedProduct, } // Set up some signed data from the unsigned data. // Overwrite the product path to use the sjson suffix. rawUnsignedIndex := strings.Replace( unsignedIndex, "streams/v1/image_metadata.json", "streams/v1/image_metadata.sjson", -1) r := bytes.NewReader([]byte(rawUnsignedIndex)) signedData, err := simplestreams.Encode( r, sstesting.SignedMetadataPrivateKey, sstesting.PrivateKeyPassphrase) c.Assert(err, jc.ErrorIsNil) imageData["/signed/streams/v1/index.sjson"] = string(signedData) // Replace the image id in the unsigned data with a different one so we can test that the right // image id is used. rawUnsignedProduct := strings.Replace( unsignedProduct, "ami-26745463", "ami-123456", -1) r = bytes.NewReader([]byte(rawUnsignedProduct)) signedData, err = simplestreams.Encode( r, sstesting.SignedMetadataPrivateKey, sstesting.PrivateKeyPassphrase) c.Assert(err, jc.ErrorIsNil) imageData["/signed/streams/v1/image_metadata.sjson"] = string(signedData) sstesting.SetRoundTripperFiles(imageData, map[string]int{"test://unauth": http.StatusUnauthorized}) s.origKey = imagemetadata.SetSigningPublicKey(sstesting.SignedMetadataPublicKey) }
func (s *simplestreamsSuite) TestOfficialSources(c *gc.C) { origKey := imagemetadata.SetSigningPublicKey(sstesting.SignedMetadataPublicKey) defer func() { imagemetadata.SetSigningPublicKey(origKey) }() ds, err := imagemetadata.OfficialDataSources("daily") c.Assert(err, jc.ErrorIsNil) c.Assert(ds, gc.HasLen, 2) url, err := ds[0].URL("") c.Assert(err, jc.ErrorIsNil) c.Assert(url, gc.Equals, "https://streams.canonical.com/juju/images/daily/") c.Assert(ds[0].PublicSigningKey(), gc.Equals, sstesting.SignedMetadataPublicKey) url, err = ds[1].URL("") c.Assert(err, jc.ErrorIsNil) c.Assert(url, gc.Equals, "http://cloud-images.ubuntu.com/daily/") c.Assert(ds[1].PublicSigningKey(), gc.Equals, sstesting.SignedMetadataPublicKey) }
func (s *signedSuite) TestSignedImageMetadataInvalidSignature(c *gc.C) { signedSource := simplestreams.NewURLDataSource("test", "test://host/signed", utils.VerifySSLHostnames, simplestreams.DEFAULT_CLOUD_DATA, true) imageConstraint := imagemetadata.NewImageConstraint(simplestreams.LookupParams{ CloudSpec: simplestreams.CloudSpec{"us-east-1", "https://ec2.us-east-1.amazonaws.com"}, Series: []string{"precise"}, Arches: []string{"amd64"}, }) imagemetadata.SetSigningPublicKey(s.origKey) _, _, err := imagemetadata.Fetch([]simplestreams.DataSource{signedSource}, imageConstraint) c.Assert(err, gc.ErrorMatches, "cannot read index data.*") }
func (s *signedSuite) TearDownSuite(c *gc.C) { sstesting.SetRoundTripperFiles(nil, nil) imagemetadata.SetSigningPublicKey(s.origKey) }
func (s *signedSuite) TearDownSuite(c *gc.C) { testRoundTripper.Sub = nil imagemetadata.SetSigningPublicKey(s.origKey) }