本文整理汇总了Golang中github.com/docker/notary/server/storage.NewMemStorage函数的典型用法代码示例。如果您正苦于以下问题:Golang NewMemStorage函数的具体用法?Golang NewMemStorage怎么用?Golang NewMemStorage使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了NewMemStorage函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Golang代码示例。
示例1: TestValidateRootCanContainOnlyx509KeysWithRightGun
func TestValidateRootCanContainOnlyx509KeysWithRightGun(t *testing.T) {
gun := "docker.com/notary"
repo, cs, err := testutils.EmptyRepo("wrong/gun")
require.NoError(t, err)
serverCrypto := testutils.CopyKeys(t, cs, data.CanonicalTimestampRole)
// if the root has the wrong gun, the server will fail to validate
r, tg, sn, ts, err := testutils.Sign(repo)
require.NoError(t, err)
root, targets, snapshot, timestamp, err := getUpdates(r, tg, sn, ts)
require.NoError(t, err)
_, err = validateUpdate(serverCrypto, gun,
[]storage.MetaUpdate{root, targets, snapshot, timestamp},
storage.NewMemStorage())
require.Error(t, err)
require.IsType(t, validation.ErrBadRoot{}, err)
// create regular non-x509 keys - change the root keys to one that is not
// an x509 key - it should also fail to validate
newRootKey, err := cs.Create(data.CanonicalRootRole, gun, data.ECDSAKey)
require.NoError(t, err)
require.NoError(t, repo.ReplaceBaseKeys(data.CanonicalRootRole, newRootKey))
r, tg, sn, ts, err = testutils.Sign(repo)
require.NoError(t, err)
root, targets, snapshot, timestamp, err = getUpdates(r, tg, sn, ts)
require.NoError(t, err)
_, err = validateUpdate(serverCrypto, gun,
[]storage.MetaUpdate{root, targets, snapshot, timestamp},
storage.NewMemStorage())
require.Error(t, err)
require.IsType(t, validation.ErrBadRoot{}, err)
}
示例2: TestGetSnapshotKeyCreateWithInvalidAlgo
func TestGetSnapshotKeyCreateWithInvalidAlgo(t *testing.T) {
store := storage.NewMemStorage()
crypto := signed.NewEd25519()
k, err := GetOrCreateSnapshotKey("gun", store, crypto, "notactuallyanalgorithm")
require.Error(t, err, "Expected error")
require.Nil(t, k, "Key should be nil")
}
示例3: TestValidationErrorFormat
// Ensures that the httpstore can interpret the errors returned from the server
func TestValidationErrorFormat(t *testing.T) {
ctx := context.WithValue(
context.Background(), "metaStore", storage.NewMemStorage())
ctx = context.WithValue(ctx, "keyAlgorithm", data.ED25519Key)
handler := RootHandler(nil, ctx, signed.NewEd25519())
server := httptest.NewServer(handler)
defer server.Close()
client, err := store.NewHTTPStore(
fmt.Sprintf("%s/v2/gun/_trust/tuf/", server.URL),
"",
"json",
"",
"key",
http.DefaultTransport,
)
_, repo, _ := testutils.EmptyRepo()
r, tg, sn, ts, err := testutils.Sign(repo)
assert.NoError(t, err)
rs, _, _, _, err := testutils.Serialize(r, tg, sn, ts)
assert.NoError(t, err)
err = client.SetMultiMeta(map[string][]byte{data.CanonicalRootRole: rs})
assert.Error(t, err)
assert.IsType(t, validation.ErrBadRoot{}, err)
}
示例4: Test_changefeed
func Test_changefeed(t *testing.T) {
s := storage.NewMemStorage()
tests := []changefeedTest{
{
name: "Empty Store",
args: changefeedArgs{
logger: logrus.New(),
store: s,
imageName: "",
changeID: "0",
pageSize: notary.DefaultPageSize,
},
want: []byte("{\"count\":0,\"records\":null}"),
wantErr: false,
},
{
name: "Bad ChangeID",
args: changefeedArgs{
logger: logrus.New(),
store: s,
imageName: "",
changeID: "not_a_number",
pageSize: notary.DefaultPageSize,
},
want: nil,
wantErr: true,
},
}
runChangefeedTests(t, tests)
}
示例5: TestValidateSnapshotGenerate
func TestValidateSnapshotGenerate(t *testing.T) {
kdb, repo, cs := testutils.EmptyRepo()
store := storage.NewMemStorage()
snapRole := kdb.GetRole(data.CanonicalSnapshotRole)
for _, id := range snapRole.KeyIDs {
k := kdb.GetKey(id)
assert.NotNil(t, k)
err := store.SetKey("testGUN", data.CanonicalSnapshotRole, k.Algorithm(), k.Public())
assert.NoError(t, err)
}
r, tg, sn, ts, err := testutils.Sign(repo)
assert.NoError(t, err)
root, targets, _, _, err := getUpdates(r, tg, sn, ts)
assert.NoError(t, err)
updates := []storage.MetaUpdate{targets}
store.UpdateCurrent("testGUN", root)
copyTimestampKey(t, kdb, store, "testGUN")
updates, err = validateUpdate(cs, "testGUN", updates, store)
assert.NoError(t, err)
}
示例6: TestCreateSnapshotNoKeyInCrypto
func TestCreateSnapshotNoKeyInCrypto(t *testing.T) {
store := storage.NewMemStorage()
repo, _, err := testutils.EmptyRepo("gun")
require.NoError(t, err)
sgnd, err := repo.SignRoot(data.DefaultExpires(data.CanonicalRootRole))
require.NoError(t, err)
rootJSON, err := json.Marshal(sgnd)
require.NoError(t, err)
// create an expired snapshot
sgnd, err = repo.SignSnapshot(time.Now().AddDate(-1, -1, -1))
require.True(t, repo.Snapshot.Signed.Expires.Before(time.Now()))
require.NoError(t, err)
snapshotJSON, err := json.Marshal(sgnd)
require.NoError(t, err)
// set all the metadata so we know the failure to sign is just because of the key
require.NoError(t, store.UpdateCurrent("gun",
storage.MetaUpdate{Role: data.CanonicalRootRole, Version: 0, Data: rootJSON}))
require.NoError(t, store.UpdateCurrent("gun",
storage.MetaUpdate{Role: data.CanonicalSnapshotRole, Version: 0, Data: snapshotJSON}))
hashBytes := sha256.Sum256(snapshotJSON)
hashHex := hex.EncodeToString(hashBytes[:])
// pass it a new cryptoservice without the key
_, _, err = GetOrCreateSnapshot("gun", hashHex, store, signed.NewEd25519())
require.Error(t, err)
require.IsType(t, signed.ErrInsufficientSignatures{}, err)
}
示例7: TestValidateSnapshotMissing
func TestValidateSnapshotMissing(t *testing.T) {
_, repo, _ := testutils.EmptyRepo()
store := storage.NewMemStorage()
r, tg, sn, ts, err := testutils.Sign(repo)
assert.NoError(t, err)
root, targets, _, _, err := testutils.Serialize(r, tg, sn, ts)
assert.NoError(t, err)
updates := []storage.MetaUpdate{
{
Role: "root",
Version: 1,
Data: root,
},
{
Role: "targets",
Version: 1,
Data: targets,
},
}
err = validateUpdate("testGUN", updates, store)
assert.Error(t, err)
assert.IsType(t, ErrBadHierarchy{}, err)
}
示例8: TestCreateSnapshotNoKeyInStorage
func TestCreateSnapshotNoKeyInStorage(t *testing.T) {
store := storage.NewMemStorage()
crypto := signed.NewEd25519()
_, _, err := createSnapshot("gun", nil, store, crypto)
assert.Error(t, err)
}
示例9: TestValidateOldRootCorruptRootRole
// We cannot validate a new root if the old root is corrupt, because there might
// have been a root key rotation.
func TestValidateOldRootCorruptRootRole(t *testing.T) {
gun := "docker.com/notary"
repo, cs, err := testutils.EmptyRepo(gun)
require.NoError(t, err)
store := storage.NewMemStorage()
r, tg, sn, ts, err := testutils.Sign(repo)
require.NoError(t, err)
root, targets, snapshot, timestamp, err := getUpdates(r, tg, sn, ts)
require.NoError(t, err)
// so a valid root, but missing the root role
signedRoot, err := data.RootFromSigned(r)
require.NoError(t, err)
delete(signedRoot.Signed.Roles, data.CanonicalRootRole)
badRootJSON, err := json.Marshal(signedRoot)
require.NoError(t, err)
badRoot := storage.MetaUpdate{
Version: root.Version,
Role: root.Role,
Data: badRootJSON,
}
store.UpdateCurrent(gun, badRoot)
updates := []storage.MetaUpdate{root, targets, snapshot, timestamp}
serverCrypto := testutils.CopyKeys(t, cs, data.CanonicalTimestampRole)
_, err = validateUpdate(serverCrypto, gun, updates, store)
require.Error(t, err)
require.IsType(t, data.ErrInvalidMetadata{}, err)
}
示例10: TestValidatePrevTimestamp
func TestValidatePrevTimestamp(t *testing.T) {
gun := "docker.com/notary"
repo, cs, err := testutils.EmptyRepo(gun)
require.NoError(t, err)
r, tg, sn, ts, err := testutils.Sign(repo)
require.NoError(t, err)
root, targets, snapshot, timestamp, err := getUpdates(r, tg, sn, ts)
require.NoError(t, err)
updates := []storage.MetaUpdate{root, targets, snapshot}
store := storage.NewMemStorage()
store.UpdateCurrent(gun, timestamp)
serverCrypto := testutils.CopyKeys(t, cs, data.CanonicalTimestampRole)
updates, err = validateUpdate(serverCrypto, gun, updates, store)
require.NoError(t, err)
// we generated our own timestamp, and did not take the other timestamp,
// but all other metadata should come from updates
var foundTimestamp bool
for _, update := range updates {
if update.Role == data.CanonicalTimestampRole {
foundTimestamp = true
oldTimestamp, newTimestamp := &data.SignedTimestamp{}, &data.SignedTimestamp{}
require.NoError(t, json.Unmarshal(timestamp.Data, oldTimestamp))
require.NoError(t, json.Unmarshal(update.Data, newTimestamp))
require.Equal(t, oldTimestamp.Signed.Version+1, newTimestamp.Signed.Version)
}
}
require.True(t, foundTimestamp)
}
示例11: TestGenerateSnapshotRootNotLoaded
// ### generateSnapshot tests ###
func TestGenerateSnapshotRootNotLoaded(t *testing.T) {
gun := "docker.com/notary"
builder := tuf.NewRepoBuilder(gun, nil, trustpinning.TrustPinConfig{})
_, err := generateSnapshot(gun, builder, storage.NewMemStorage())
require.Error(t, err)
require.IsType(t, validation.ErrValidation{}, err)
}
示例12: TestValidateTargetsModifiedHash
func TestValidateTargetsModifiedHash(t *testing.T) {
gun := "docker.com/notary"
repo, cs, err := testutils.EmptyRepo(gun)
require.NoError(t, err)
store := storage.NewMemStorage()
r, tg, sn, ts, err := testutils.Sign(repo)
require.NoError(t, err)
snap, err := data.SnapshotFromSigned(sn)
require.NoError(t, err)
snap.Signed.Meta["targets"].Hashes["sha256"][0] = snap.Signed.Meta["targets"].Hashes["sha256"][0] ^ 0xff
sn, err = snap.ToSigned()
require.NoError(t, err)
root, targets, snapshot, timestamp, err := getUpdates(r, tg, sn, ts)
require.NoError(t, err)
updates := []storage.MetaUpdate{root, targets, snapshot, timestamp}
serverCrypto := testutils.CopyKeys(t, cs, data.CanonicalTimestampRole)
_, err = validateUpdate(serverCrypto, gun, updates, store)
require.Error(t, err)
require.IsType(t, validation.ErrBadSnapshot{}, err)
}
示例13: TestValidateRootModifiedSize
// ### Snapshot size mismatch negative tests ###
func TestValidateRootModifiedSize(t *testing.T) {
gun := "docker.com/notary"
repo, cs, err := testutils.EmptyRepo(gun)
require.NoError(t, err)
store := storage.NewMemStorage()
r, tg, sn, ts, err := testutils.Sign(repo)
require.NoError(t, err)
// add another copy of the signature so the hash is different
r.Signatures = append(r.Signatures, r.Signatures[0])
root, targets, snapshot, timestamp, err := getUpdates(r, tg, sn, ts)
require.NoError(t, err)
// flip all the bits in the first byte
root.Data[0] = root.Data[0] ^ 0xff
updates := []storage.MetaUpdate{root, targets, snapshot, timestamp}
serverCrypto := testutils.CopyKeys(t, cs, data.CanonicalTimestampRole)
_, err = validateUpdate(serverCrypto, gun, updates, store)
require.Error(t, err)
require.IsType(t, validation.ErrBadRoot{}, err)
}
示例14: TestRotateKeyEndpoint
// RotateKey supports only timestamp and snapshot key rotation
func TestRotateKeyEndpoint(t *testing.T) {
ctx := context.WithValue(
context.Background(), notary.CtxKeyMetaStore, storage.NewMemStorage())
ctx = context.WithValue(ctx, notary.CtxKeyKeyAlgo, data.ED25519Key)
ccc := utils.NewCacheControlConfig(10, false)
handler := RootHandler(ctx, nil, signed.NewEd25519(), ccc, ccc, nil)
ts := httptest.NewServer(handler)
defer ts.Close()
rolesToStatus := map[string]int{
data.CanonicalTimestampRole: http.StatusOK,
data.CanonicalSnapshotRole: http.StatusOK,
data.CanonicalTargetsRole: http.StatusNotFound,
data.CanonicalRootRole: http.StatusNotFound,
"targets/delegation": http.StatusNotFound,
"somerandomrole": http.StatusNotFound,
}
var buf bytes.Buffer
for role, expectedStatus := range rolesToStatus {
res, err := http.Post(
fmt.Sprintf("%s/v2/gun/_trust/tuf/%s.key", ts.URL, role),
"text/plain", &buf)
require.NoError(t, err)
require.Equal(t, expectedStatus, res.StatusCode)
}
}
示例15: TestGetSnapshotNotExists
func TestGetSnapshotNotExists(t *testing.T) {
store := storage.NewMemStorage()
crypto := signed.NewEd25519()
_, err := GetOrCreateSnapshot("gun", store, crypto)
assert.Error(t, err)
}