本文整理汇总了Golang中github.com/jlmucb/cloudproxy/go/tao/auth.Bytes函数的典型用法代码示例。如果您正苦于以下问题:Golang Bytes函数的具体用法?Golang Bytes怎么用?Golang Bytes使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了Bytes函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Golang代码示例。
示例1: TestDatalogSubprin
func TestDatalogSubprin(t *testing.T) {
g, _, tmpdir, err := makeDatalogGuard()
if err != nil {
t.Fatal(err)
}
defer os.RemoveAll(tmpdir)
for _, s := range datalogSubprinProg {
if err := g.AddRule(s); err != nil {
t.Fatal("Couldn't add rule '", s, "':", err)
}
}
pprin := auth.Prin{
Type: "key",
KeyHash: auth.Bytes([]byte{0x70}),
Ext: []auth.PrinExt{
auth.PrinExt{
Name: "Hash",
Arg: []auth.Term{auth.Bytes([]byte{0x71})},
},
},
}
if !g.IsAuthorized(pprin, "Execute", nil) {
t.Fatal("Subprin authorization check failed")
}
}示例2: makeACLGuard
func makeACLGuard() (*ACLGuard, *Keys, string, error) {
tmpDir, err := ioutil.TempDir("", "acl_guard_test")
if err != nil {
return nil, nil, "",
fmt.Errorf("Couldn't get a temp directory for the ACL guard test")
}
keys, err := NewTemporaryKeys(Signing)
if err != nil {
return nil, nil, "", err
}
config := ACLGuardDetails{
SignedAclsPath: proto.String(path.Join(tmpDir, "acls")),
}
tg := NewACLGuard(keys.VerifyingKey, config)
// Add a bogus rule.
p := auth.Prin{
Type: "key",
Key: auth.Bytes([]byte(`Fake key`)),
}
if err := tg.Authorize(p, "Write", []string{"filename"}); err != nil {
return nil, nil, "", err
}
return tg.(*ACLGuard), keys, tmpDir, err
}示例3: TestACLGuardDoubleAuthorize
func TestACLGuardDoubleAuthorize(t *testing.T) {
s, err := GenerateSigner()
if err != nil {
t.Fatal("Couldn't generate a signer")
}
tg, tmpdir := testNewACLGuard(t, s.GetVerifier())
defer os.RemoveAll(tmpdir)
p := auth.Prin{
Type: "key",
Key: auth.Bytes([]byte(`Fake key`)),
}
if err := tg.Authorize(p, "Write", []string{"filename"}); err != nil {
t.Fatal("Couldn't authorize a simple operation:", err)
}
// So nice, we authorize it twice.
if err := tg.Authorize(p, "Write", []string{"filename"}); err != nil {
t.Fatal("Couldn't authorize a simple operation:", err)
}
if !tg.IsAuthorized(p, "Write", []string{"filename"}) {
t.Fatal("A rule that was added to the ACL was not present")
}
if err := tg.Retract(p, "Write", []string{"filename"}); err != nil {
t.Fatal("Couldn't retract an existing double-added rule:", err)
}
if tg.IsAuthorized(p, "Write", []string{"filename"}) {
t.Fatal("A rule was still authorized after it was retracted")
}
}示例4: TestRevokeCertificate
func TestRevokeCertificate(t *testing.T) {
k, err := tao.NewTemporaryKeys(tao.Signing)
if k == nil || err != nil {
t.Fatal("Can't generate signing key")
}
serialNumber := big.NewInt(5)
says := auth.Says{
Speaker: k.SigningKey.ToPrincipal(),
Message: auth.Pred{
Name: "revoke",
Arg: []auth.Term{auth.Bytes(serialNumber.Bytes())}}}
att, err := tao.GenerateAttestation(k.SigningKey, nil, says)
if err != nil {
t.Fatal("Error generating attestation.")
}
serAtt, err := proto.Marshal(att)
if err != nil {
t.Fatal("Error serializing attestation.")
}
revokedCerts := []pkix.RevokedCertificate{}
revokedCerts, err = RevokeCertificate(serAtt, revokedCerts, &tao.Domain{Keys: k})
if err != nil {
t.Fatal(err)
}
if num := revokedCerts[0].SerialNumber.Int64(); num != 5 {
t.Fatal(fmt.Sprintf("Serial number %v doesnt match expected value 5", num))
}
}示例5: MakeTPMPrin
func MakeTPMPrin(verifier *rsa.PublicKey, pcrNums []int, pcrVals [][]byte) (auth.Prin, error) {
aik, err := x509.MarshalPKIXPublicKey(verifier)
if err != nil {
return auth.Prin{}, err
}
name := auth.Prin{
Type: "tpm",
Key: auth.Bytes(aik),
}
asp := auth.PrinExt{
Name: "PCRs",
Arg: make([]auth.Term, 2),
}
var pcrNumStrs []string
for _, v := range pcrNums {
pcrNumStrs = append(pcrNumStrs, strconv.Itoa(v))
}
asp.Arg[0] = auth.Str(strings.Join(pcrNumStrs, ","))
var pcrValStrs []string
for _, p := range pcrVals {
pcrValStrs = append(pcrValStrs, hex.EncodeToString(p))
}
asp.Arg[1] = auth.Str(strings.Join(pcrValStrs, ","))
// The PCRs are the first extension of the name.
name.Ext = []auth.PrinExt{asp}
return name, nil
}示例6: TestVerifyDirectiveWithBadProtectedObjectId_invalidProtoBuf
func TestVerifyDirectiveWithBadProtectedObjectId_invalidProtoBuf(t *testing.T) {
badBytes := []byte("bad bytes")
params := Params{
SerializedObjectId: auth.Bytes(badBytes),
}
expectError(¶ms, t)
}示例7: FormatProcessSubprin
// FormatProcessSubprin produces a string that represents a subprincipal with
// the given ID and hash.
func FormatProcessSubprin(id uint, hash []byte) auth.SubPrin {
var args []auth.Term
if id != 0 {
args = append(args, auth.Int(id))
}
args = append(args, auth.Bytes(hash))
return auth.SubPrin{auth.PrinExt{Name: "Program", Arg: args}}
}示例8: FormatDockerSubprin
// FormatDockerSubprin produces a string that represents a subprincipal with the
// given ID and hash.
func FormatDockerSubprin(id uint, hash []byte) auth.SubPrin {
var args []auth.Term
if id != 0 {
args = append(args, auth.Int(id))
}
args = append(args, auth.Bytes(hash))
return auth.SubPrin{auth.PrinExt{Name: "Container", Arg: args}}
}示例9: FormatCoreOSLinuxhostSubprin
// FormatCoreOSLinuxhostSubprin produces a string that represents a subprincipal with the
// given ID and hash.
func FormatCoreOSLinuxhostSubprin(id uint, hash []byte) auth.SubPrin {
var args []auth.Term
if id != 0 {
args = append(args, auth.Int(id))
}
args = append(args, auth.Bytes(hash))
return auth.SubPrin{auth.PrinExt{Name: "CoreOS", Arg: args}}
}示例10: Subprincipal
// Subprincipal returns subprincipal DatalogGuard, for temporary guards, or
// DatalogGuard(<key>) for persistent guards.
func (g *DatalogGuard) Subprincipal() auth.SubPrin {
e := auth.PrinExt{Name: "DatalogGuard"}
if g.Key == nil {
ser, err := proto.Marshal(&g.db)
if err == nil {
hash := sha256.Sum256(ser)
e.Arg = append(e.Arg, auth.Bytes(hash[:]))
}
} else {
e.Arg = append(e.Arg, g.Key.ToPrincipal())
}
return auth.SubPrin{e}
}示例11: Subprincipal
// Subprincipal returns a unique subprincipal for this policy.
func (a *ACLGuard) Subprincipal() auth.SubPrin {
e := auth.PrinExt{Name: "ACLGuard"}
if a.Key == nil {
ser, err := proto.Marshal(&ACLSet{Entries: a.ACL})
if err == nil {
hash := sha256.Sum256(ser)
e.Arg = append(e.Arg, auth.Bytes(hash[:]))
}
} else {
e.Arg = append(e.Arg, a.Key.ToPrincipal())
}
return auth.SubPrin{e}
}示例12: Subprincipal
// Subprincipal returns subprincipal DatalogGuard, for temporary guards, or
// DatalogGuard(<key>) for persistent guards.
func (g *DatalogGuard) Subprincipal() auth.SubPrin {
if g.Key == nil {
rules, err := proto.Marshal(&g.db)
if err != nil {
return nil
}
hash := sha256.Sum256(rules)
e := auth.PrinExt{Name: "DatalogGuard", Arg: []auth.Term{auth.Bytes(hash[:])}}
return auth.SubPrin{e}
}
e := auth.PrinExt{Name: "DatalogGuard", Arg: []auth.Term{g.Key.ToPrincipal()}}
return auth.SubPrin{e}
}示例13: Subprincipal
// Subprincipal returns a unique subprincipal for this policy.
func (a *ACLGuard) Subprincipal() auth.SubPrin {
if a.Key == nil {
acls := &ACLSet{Entries: a.ACL}
ser, err := proto.Marshal(acls)
if err != nil {
return nil
}
hash := sha256.Sum256(ser)
e := auth.PrinExt{Name: "ACLGuard", Arg: []auth.Term{auth.Bytes(hash[:])}}
return auth.SubPrin{e}
}
e := auth.PrinExt{Name: "ACLGuard", Arg: []auth.Term{a.Key.ToPrincipal()}}
return auth.SubPrin{e}
}示例14: TestDatalogSimpleTranslation
func TestDatalogSimpleTranslation(t *testing.T) {
g, keys, tmpdir, err := makeDatalogGuard()
if err != nil {
t.Fatal(err)
}
defer os.RemoveAll(tmpdir)
for _, s := range datalogProg {
if err := g.AddRule(s); err != nil {
t.Fatal("Couldn't add rule '", s, "':", err)
}
}
kprin := auth.Prin{
Type: "key",
KeyHash: auth.Bytes([]byte{0x70}),
}
if !g.IsAuthorized(kprin, "Execute", nil) {
t.Fatal("Simple authorization check failed")
}
if err := g.Save(keys.SigningKey); err != nil {
t.Fatal("Couldn't save the guard:", err)
}
ok, err := g.Query("MemberProgram(key([70]))")
if err != nil {
t.Fatal("Couldn't query the guard:", err)
}
if !ok {
t.Fatal("A simple sanity-check query failed")
}
ok, err = g.Query("Authorized(key([70]), \"Execute\")")
if err != nil {
t.Fatal("Couldn't query the guard:", err)
}
if !ok {
t.Fatal("A simple authorized query didn't succeed")
}
}示例15: TestACLGuardAuthorize
func TestACLGuardAuthorize(t *testing.T) {
s, err := GenerateSigner()
if err != nil {
t.Fatal("Couldn't generate a signer")
}
tg, tmpdir := testNewACLGuard(t, s.GetVerifier())
defer os.RemoveAll(tmpdir)
p := auth.Prin{
Type: "key",
Key: auth.Bytes([]byte(`Fake key`)),
}
if err := tg.Authorize(p, "Write", []string{"filename"}); err != nil {
t.Fatal("Couldn't authorize a simple operation:", err)
}
if !tg.IsAuthorized(p, "Write", []string{"filename"}) {
t.Fatal("A rule that was added to the ACL was not present")
}
if tg.IsAuthorized(p, "Write", []string{"file"}) {
t.Fatal("A rule was authorized even though it has the wrong file name")
}
if tg.IsAuthorized(p, "Read", []string{"filename"}) {
t.Fatal("A rule was authorized even though it has the wrong op")
}
if tg.IsAuthorized(auth.Prin{}, "Write", []string{"filename"}) {
t.Fatal("A rule was authorized even though it has the wrong principal")
}
if err := tg.Retract(p, "Write", []string{"filename"}); err != nil {
t.Fatal("Couldn't retract an existing rule:", err)
}
if tg.IsAuthorized(p, "Write", []string{"filename"}) {
t.Fatal("A rule was still authorized after it was retracted")
}
}