mirror of
https://github.com/edgelesssys/constellation.git
synced 2024-12-25 15:39:37 -05:00
3a5753045e
rules_go added a SIGTERM handler that has a goroutine that survives the scope of the goleak check. Currently, the best known workaround is to ignore this goroutine. https://github.com/uber-go/goleak/issues/119 https://github.com/bazelbuild/rules_go/pull/3749 https://github.com/bazelbuild/rules_go/pull/3827#issuecomment-1894002120
94 lines
2.1 KiB
Go
94 lines
2.1 KiB
Go
/*
|
|
Copyright (c) Edgeless Systems GmbH
|
|
|
|
SPDX-License-Identifier: AGPL-3.0-only
|
|
*/
|
|
|
|
package diskencryption
|
|
|
|
import (
|
|
"errors"
|
|
"path"
|
|
"testing"
|
|
|
|
"github.com/spf13/afero"
|
|
"github.com/stretchr/testify/assert"
|
|
"github.com/stretchr/testify/require"
|
|
"go.uber.org/goleak"
|
|
)
|
|
|
|
func TestMain(m *testing.M) {
|
|
goleak.VerifyTestMain(m, goleak.IgnoreAnyFunction("github.com/bazelbuild/rules_go/go/tools/bzltestutil.RegisterTimeoutHandler.func1"))
|
|
}
|
|
|
|
func TestUpdatePassphrase(t *testing.T) {
|
|
testCases := map[string]struct {
|
|
writePassphrase bool
|
|
open bool
|
|
keyslotChangeByPassphraseErr error
|
|
wantErr bool
|
|
}{
|
|
"updating passphrase works": {
|
|
writePassphrase: true,
|
|
open: true,
|
|
},
|
|
"reading initial passphrase can fail": {
|
|
open: true,
|
|
wantErr: true,
|
|
},
|
|
"changing keyslot passphrase can fail": {
|
|
open: true,
|
|
writePassphrase: true,
|
|
keyslotChangeByPassphraseErr: errors.New("keyslotChangeByPassphraseErr"),
|
|
wantErr: true,
|
|
},
|
|
}
|
|
|
|
for name, tc := range testCases {
|
|
t.Run(name, func(t *testing.T) {
|
|
assert := assert.New(t)
|
|
require := require.New(t)
|
|
|
|
fs := afero.NewMemMapFs()
|
|
if tc.writePassphrase {
|
|
require.NoError(fs.MkdirAll(path.Base(initialKeyPath), 0o777))
|
|
require.NoError(afero.WriteFile(fs, initialKeyPath, []byte("key"), 0o777))
|
|
}
|
|
|
|
crypt := DiskEncryption{
|
|
fs: fs,
|
|
device: &stubCryptdevice{keyslotChangeErr: tc.keyslotChangeByPassphraseErr},
|
|
}
|
|
|
|
err := crypt.UpdatePassphrase("new-key")
|
|
if tc.wantErr {
|
|
assert.Error(err)
|
|
return
|
|
}
|
|
require.NoError(err)
|
|
})
|
|
}
|
|
}
|
|
|
|
type stubCryptdevice struct {
|
|
uuid string
|
|
uuidErr error
|
|
keyslotChangeErr error
|
|
}
|
|
|
|
func (s *stubCryptdevice) InitByName(_ string) (func(), error) {
|
|
return func() {}, nil
|
|
}
|
|
|
|
func (s *stubCryptdevice) GetUUID() (string, error) {
|
|
return s.uuid, s.uuidErr
|
|
}
|
|
|
|
func (s *stubCryptdevice) KeyslotChangeByPassphrase(_, _ int, _, _ string) error {
|
|
return s.keyslotChangeErr
|
|
}
|
|
|
|
func (s *stubCryptdevice) SetConstellationStateDiskToken(bool) error {
|
|
return nil
|
|
}
|