示例#1
0
func TestDelete(t *testing.T) {
	w := httptest.NewRecorder()

	m := mux.NewRouter()
	addRoutes(m)

	key := new(secrets.Key)
	err := key.New("968cd432-c97a-11e5-9956-625662870761")
	priv := key.Display()
	assert.Nil(t, err, "Should not return error")

	testDb := new(mocks.DB)

	r, err := http.NewRequest("DELETE", "/secrets/delete/secrets/test-secret", nil)
	assert.Nil(t, err, "Should not return error")

	secrets.New("test-secret", []byte("test"))

	authSetup(testDb, r, priv)

	testDb.On("GetRootSecret", &secrets.Secret{Name: "test-secret"}).Run(func(args mock.Arguments) {
		args.Get(0).(*secrets.Secret).Name = "test-secret"
		args.Get(0).(*secrets.Secret).ID = 2
	}).Return(nil)
	testDb.On("DeleteSecret", &secrets.Secret{ID: 2, Name: "test-secret"}).Return(nil)

	database = testDb

	m.ServeHTTP(w, r)
}
示例#2
0
func TestUnseal(t *testing.T) {

	master, err := secrets.Initialise()
	assert.Nil(t, err, "Should not return error")

	testDb := new(mocks.DB)

	r := new(http.Request)

	authSetup(testDb, r, master.Key.Display())

	testDb.On("GetRootSecret", &secrets.Secret{Name: "master"}).Run(func(args mock.Arguments) {
		args.Get(0).(*secrets.Secret).Name = "master"
		args.Get(0).(*secrets.Secret).Nonce = master.Nonce
		args.Get(0).(*secrets.Secret).Message = master.Message
	}).Return(nil)

	database = testDb

	w := httptest.NewRecorder()

	assert.Nil(t, err, "Should not return error")

	Unseal(w, r)

	res := getResp(w.Body.Bytes())
	assert.Contains(t, res, "response", "Result should contain response")
	assert.Equal(t, "OK", res["response"], "Should unseal vault")
}
示例#3
0
func TestUpdate(t *testing.T) {
	w := httptest.NewRecorder()

	secret, err := secrets.New("testsecret", []byte("testmessage"))
	assert.Nil(t, err, "Should not return error")

	req := request{Name: "testsecret", Message: "newmessage"}
	data, err := json.Marshal(req)
	assert.Nil(t, err, "Should not return error")

	r, err := http.NewRequest("POST", "/secrets/message", bytes.NewReader(data))
	assert.Nil(t, err, "Should not return error")

	testDb := new(mocks.DB)

	authSetup(testDb, r, nil)

	testDb.On("GetRootSecret", &secrets.Secret{Name: "testsecret"}).Run(func(args mock.Arguments) {
		args.Get(0).(*secrets.Secret).Name = secret.Name
		args.Get(0).(*secrets.Secret).Nonce = secret.Nonce
		args.Get(0).(*secrets.Secret).Message = secret.Message
		args.Get(0).(*secrets.Secret).Key = secret.Key
	}).Return(nil)

	testDb.Mock.On("UpdateSecret", mock.AnythingOfType("*secrets.Secret")).Return(nil)
	database = testDb

	Update(w, r)

	res := getResp(w.Body.Bytes())
	assert.Contains(t, res, "response", "Result should contain response")
	assert.Equal(t, "OK", res["response"])
}
示例#4
0
func TestHealth(t *testing.T) {
	w := httptest.NewRecorder()
	testDb := new(mocks.DB)
	testDb.On("Ping").Return(nil)
	database = testDb
	Health(w, nil)
	res := getResp(w.Body.Bytes())
	assert.Contains(t, res, "response", "Result should contain response")
	assert.Equal(t, "OK", res["response"])
}
示例#5
0
func TestListSecret(t *testing.T) {
	w := httptest.NewRecorder()

	m := mux.NewRouter()
	addRoutes(m)

	secretList := make([]secrets.Secret, 20)

	for i := range secretList {
		s, err := secrets.New(fmt.Sprintf("secret-%d", i), []byte("testmessage"))
		secretList[i] = *s
		assert.Nil(t, err, "Should not return error")
	}

	testDb := new(mocks.DB)

	r, err := http.NewRequest("GET", "/secrets/list/secrets", nil)
	assert.Nil(t, err, "Should not return error")

	key := new(secrets.Key)
	err = key.New("968cd432-c97a-11e5-9956-625662870761")
	priv := key.Display()
	assert.Nil(t, err, "Should not return error")

	authSetup(testDb, r, priv)

	pos := 0

	testDb.On("ListSecrets", mock.Anything).Return(func(n int) ([]secrets.Secret, error) {
		start := pos
		end := pos + n
		if start >= len(secretList) {
			start = len(secretList)
		}
		if end >= len(secretList) {
			end = len(secretList)
		}
		pos = end
		return secretList[start:end], nil
	})

	database = testDb

	m.ServeHTTP(w, r)

	expected, err := json.MarshalIndent(secretList[0:10], "", "  ")
	assert.Nil(t, err, "Should not return error")
	buf, err := json.MarshalIndent(secretList[10:], "", "  ")
	assert.Nil(t, err, "Should not return error")
	expected = append(expected, buf...)

	assert.Equal(t, expected, w.Body.Bytes())

}
示例#6
0
func TestView(t *testing.T) {
	w := httptest.NewRecorder()

	root, err := secrets.New("testsecret", []byte("testmessage"))
	assert.Nil(t, err, "Should not return error")

	key := new(secrets.Key)
	err = key.New("968cd432-c97a-11e5-9956-625662870761")
	priv := key.Display()
	assert.Nil(t, err, "Should not return error")

	shared, err := root.Share(key)
	assert.Nil(t, err, "Should not return error")

	req := request{Name: "testsecret"}
	data, err := json.Marshal(req)
	assert.Nil(t, err, "Should not return error")

	r, err := http.NewRequest("POST", "/secrets/view", bytes.NewReader(data))
	assert.Nil(t, err, "Should not return error")

	testDb := new(mocks.DB)

	authSetup(testDb, r, priv)

	testDb.On(
		"GetSharedSecret",
		&secrets.Secret{Name: "testsecret"},
		&secrets.Key{Name: "968cd432-c97a-11e5-9956-625662870761"}).Run(
		func(args mock.Arguments) {
			args.Get(0).(*secrets.Secret).Name = shared.Name
			args.Get(0).(*secrets.Secret).Nonce = shared.Nonce
			args.Get(0).(*secrets.Secret).Message = shared.Message
			args.Get(0).(*secrets.Secret).Pubkey = shared.Pubkey
			args.Get(0).(*secrets.Secret).Key = shared.Key
		}).Return(nil)

	testDb.On("GetRootSecret", mock.AnythingOfType("*secrets.Secret")).Run(func(args mock.Arguments) {
		args.Get(0).(*secrets.Secret).Name = root.Name
		args.Get(0).(*secrets.Secret).Nonce = root.Nonce
		args.Get(0).(*secrets.Secret).Message = root.Message
		args.Get(0).(*secrets.Secret).Pubkey = root.Pubkey
		args.Get(0).(*secrets.Secret).Key = root.Key
	}).Return(nil)

	database = testDb

	View(w, r)
	assert.Equal(t, "testmessage", string(w.Body.Bytes()))

}
示例#7
0
func TestInititalise(t *testing.T) {

	testDb := new(mocks.DB)

	testDb.On("GetRootSecret", &secrets.Secret{Name: "master"}).Return(gorm.ErrRecordNotFound)
	testDb.On("AddSecret", mock.AnythingOfType("*secrets.Secret")).Return(nil)

	database = testDb

	w := httptest.NewRecorder()
	Initialise(w, nil)

	res := getResp(w.Body.Bytes())

	assert.Contains(t, res, "Id", "Result should contain Id")
	assert.Contains(t, res, "Key", "Result should contain Key")

	assert.Equal(t, "master", res["Id"], "Result name should be master")

	testDb = new(mocks.DB)

	testDb.On("GetRootSecret", &secrets.Secret{Name: "master"}).Return(nil)

	database = testDb

	w = httptest.NewRecorder()
	Initialise(w, nil)

	res = getResp(w.Body.Bytes())
	assert.Equal(t, "Vault already initialised", res["error"], "Should return error")
}
示例#8
0
func TestShare(t *testing.T) {
	w := httptest.NewRecorder()

	secret, err := secrets.New("testsecret", []byte("testmessage"))
	assert.Nil(t, err, "Should not return error")

	pub := new([32]byte)
	curve25519.ScalarBaseMult(pub, &authKey)

	req := request{Name: "testsecret", KeyID: "1-2-3-4"}
	data, err := json.Marshal(req)
	assert.Nil(t, err, "Should not return error")

	r, err := http.NewRequest("POST", "/secrets/share", bytes.NewReader(data))
	assert.Nil(t, err, "Should not return error")

	testDb := new(mocks.DB)

	authSetup(testDb, r, nil)

	testDb.Mock.On("GetKey", mock.AnythingOfType("*secrets.Key")).Run(func(args mock.Arguments) {
		args.Get(0).(*secrets.Key).Name = "1-2-3-4"
		args.Get(0).(*secrets.Key).Public = pub[:]
	}).Return(nil)

	testDb.On("GetRootSecret", &secrets.Secret{Name: "testsecret"}).Run(func(args mock.Arguments) {
		args.Get(0).(*secrets.Secret).Name = secret.Name
		args.Get(0).(*secrets.Secret).Nonce = secret.Nonce
		args.Get(0).(*secrets.Secret).Message = secret.Message
		args.Get(0).(*secrets.Secret).Key = secret.Key
	}).Return(nil)

	testDb.On("AddSecret", mock.AnythingOfType("*secrets.Secret")).Return(nil)

	database = testDb

	Share(w, r)

	res := getResp(w.Body.Bytes())
	assert.Contains(t, res, "response", "Result should contain response")
	assert.Equal(t, "OK", res["response"])
}
示例#9
0
func authSetup(testDb *mocks.DB, req *http.Request, key []byte) {

	priv := new([32]byte)
	if key == nil {
		priv = &authKey
	} else {
		copy(priv[:], key)
	}

	if req != nil {
		req.Header = make(http.Header)
		req.Header.Set("X-Secret-ID", "968cd432-c97a-11e5-9956-625662870761")
		req.Header.Set("X-Secret-Key", base64.StdEncoding.EncodeToString(priv[:]))
	}

	pub := new([32]byte)
	curve25519.ScalarBaseMult(pub, priv)

	testDb.On("GetKey", &secrets.Key{Name: "968cd432-c97a-11e5-9956-625662870761"}).Run(func(args mock.Arguments) {
		args.Get(0).(*secrets.Key).Name = "968cd432-c97a-11e5-9956-625662870761"
		args.Get(0).(*secrets.Key).Public = pub[:]
	}).Return(nil)
}