func genTestPrivKey() *packet.PrivateKey {
privKey, err := asserts.GeneratePrivateKeyInTest()
if err != nil {
panic(fmt.Errorf("failed to create priv key for tests: %v", err))
}
return privKey
}
func (aks *accountKeySuite) TestAccountKeyCheck(c *C) {
trustedKey, err := asserts.GeneratePrivateKeyInTest()
c.Assert(err, IsNil)
headers := map[string]string{
"authority-id": "canonical",
"account-id": "acc-id1",
"fingerprint": aks.fp,
"since": aks.since.Format(time.RFC3339),
"until": aks.until.Format(time.RFC3339),
}
accKey, err := asserts.BuildAndSignInTest(asserts.AccountKeyType, headers, []byte(aks.pubKeyBody), trustedKey)
c.Assert(err, IsNil)
rootDir := filepath.Join(c.MkDir(), "asserts-db")
cfg := &asserts.DatabaseConfig{
Path: rootDir,
TrustedKeys: map[string][]asserts.PublicKey{
"canonical": {asserts.WrapPublicKey(&trustedKey.PublicKey)},
},
}
db, err := asserts.OpenDatabase(cfg)
c.Assert(err, IsNil)
err = db.Check(accKey)
c.Assert(err, IsNil)
}
func (aks *accountKeySuite) SetUpSuite(c *C) {
pk, err := asserts.GeneratePrivateKeyInTest()
c.Assert(err, IsNil)
aks.fp = hex.EncodeToString(pk.PublicKey.Fingerprint[:])
aks.since, err = time.Parse(time.RFC822, "16 Nov 15 15:04 UTC")
c.Assert(err, IsNil)
aks.until = aks.since.AddDate(1, 0, 0)
buf := new(bytes.Buffer)
err = pk.PublicKey.Serialize(buf)
c.Assert(err, IsNil)
aks.pubKeyBody = "openpgp " + base64.StdEncoding.EncodeToString(buf.Bytes())
aks.sinceLine = "since: " + aks.since.Format(time.RFC3339) + "\n"
aks.untilLine = "until: " + aks.until.Format(time.RFC3339) + "\n"
}
func (dbs *databaseSuite) TestImportKey(c *C) {
privk, err := asserts.GeneratePrivateKeyInTest()
c.Assert(err, IsNil)
expectedFingerprint := hex.EncodeToString(privk.PublicKey.Fingerprint[:])
fingerp, err := dbs.db.ImportKey("account0", privk)
c.Assert(err, IsNil)
c.Check(fingerp, Equals, expectedFingerprint)
keyPath := filepath.Join(dbs.rootDir, "private-keys-v0/account0", fingerp)
info, err := os.Stat(keyPath)
c.Assert(err, IsNil)
c.Check(info.Mode().Perm(), Equals, os.FileMode(0600)) // secret
// too white box? ok at least until we have more functionality
fpriv, err := os.Open(keyPath)
c.Assert(err, IsNil)
pk, err := packet.Read(fpriv)
c.Assert(err, IsNil)
privKeyFromDisk, ok := pk.(*packet.PrivateKey)
c.Assert(ok, Equals, true)
c.Check(hex.EncodeToString(privKeyFromDisk.PublicKey.Fingerprint[:]), Equals, expectedFingerprint)
}