2022-09-05 03:06:08 -04:00
|
|
|
/*
|
|
|
|
Copyright (c) Edgeless Systems GmbH
|
|
|
|
|
|
|
|
SPDX-License-Identifier: AGPL-3.0-only
|
|
|
|
*/
|
|
|
|
|
2022-06-29 10:13:01 -04:00
|
|
|
package server
|
|
|
|
|
|
|
|
import (
|
|
|
|
"context"
|
|
|
|
"errors"
|
|
|
|
"testing"
|
|
|
|
|
2022-09-21 07:47:57 -04:00
|
|
|
"github.com/edgelesssys/constellation/v2/internal/logger"
|
2023-01-11 04:08:57 -05:00
|
|
|
"github.com/edgelesssys/constellation/v2/keyservice/keyserviceproto"
|
2022-06-29 10:13:01 -04:00
|
|
|
"github.com/stretchr/testify/assert"
|
|
|
|
"github.com/stretchr/testify/require"
|
|
|
|
"go.uber.org/goleak"
|
|
|
|
)
|
|
|
|
|
|
|
|
func TestMain(m *testing.M) {
|
|
|
|
goleak.VerifyTestMain(m)
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestGetDataKey(t *testing.T) {
|
|
|
|
assert := assert.New(t)
|
|
|
|
require := require.New(t)
|
|
|
|
|
|
|
|
log := logger.NewTest(t)
|
|
|
|
|
|
|
|
kms := &stubKMS{derivedKey: []byte{0x0, 0x1, 0x2, 0x3, 0x4, 0x5}}
|
|
|
|
api := New(log, kms)
|
|
|
|
|
2023-01-11 04:08:57 -05:00
|
|
|
res, err := api.GetDataKey(context.Background(), &keyserviceproto.GetDataKeyRequest{DataKeyId: "1", Length: 32})
|
2022-06-29 10:13:01 -04:00
|
|
|
require.NoError(err)
|
|
|
|
assert.Equal(kms.derivedKey, res.DataKey)
|
|
|
|
|
|
|
|
// Test no data key id
|
2023-01-11 04:08:57 -05:00
|
|
|
res, err = api.GetDataKey(context.Background(), &keyserviceproto.GetDataKeyRequest{Length: 32})
|
2022-06-29 10:13:01 -04:00
|
|
|
require.Error(err)
|
|
|
|
assert.Nil(res)
|
|
|
|
|
|
|
|
// Test no / zero key length
|
2023-01-11 04:08:57 -05:00
|
|
|
res, err = api.GetDataKey(context.Background(), &keyserviceproto.GetDataKeyRequest{DataKeyId: "1"})
|
2022-06-29 10:13:01 -04:00
|
|
|
require.Error(err)
|
|
|
|
assert.Nil(res)
|
|
|
|
|
|
|
|
// Test derive key error
|
|
|
|
api = New(log, &stubKMS{deriveKeyErr: errors.New("error")})
|
2023-01-11 04:08:57 -05:00
|
|
|
res, err = api.GetDataKey(context.Background(), &keyserviceproto.GetDataKeyRequest{DataKeyId: "1", Length: 32})
|
2022-06-29 10:13:01 -04:00
|
|
|
assert.Error(err)
|
|
|
|
assert.Nil(res)
|
|
|
|
}
|
|
|
|
|
|
|
|
type stubKMS struct {
|
|
|
|
masterKey []byte
|
|
|
|
derivedKey []byte
|
|
|
|
deriveKeyErr error
|
|
|
|
}
|
|
|
|
|
|
|
|
func (c *stubKMS) CreateKEK(ctx context.Context, keyID string, kek []byte) error {
|
|
|
|
c.masterKey = kek
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (c *stubKMS) GetDEK(ctx context.Context, kekID string, dekID string, dekSize int) ([]byte, error) {
|
|
|
|
if c.deriveKeyErr != nil {
|
|
|
|
return nil, c.deriveKeyErr
|
|
|
|
}
|
|
|
|
return c.derivedKey, nil
|
|
|
|
}
|