本文整理汇总了Golang中github.com/snapcore/snapd/asserts.OpenDatabase函数的典型用法代码示例。如果您正苦于以下问题:Golang OpenDatabase函数的具体用法?Golang OpenDatabase怎么用?Golang OpenDatabase使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了OpenDatabase函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Golang代码示例。
示例1: SetUpTest
func (safs *signAddFindSuite) SetUpTest(c *C) {
cfg0 := &asserts.DatabaseConfig{}
db0, err := asserts.OpenDatabase(cfg0)
c.Assert(err, IsNil)
safs.signingDB = db0
pk := testPrivKey0
err = db0.ImportKey(pk)
c.Assert(err, IsNil)
safs.signingKeyID = pk.PublicKey().ID()
topDir := filepath.Join(c.MkDir(), "asserts-db")
bs, err := asserts.OpenFSBackstore(topDir)
c.Assert(err, IsNil)
trustedKey := testPrivKey0
cfg := &asserts.DatabaseConfig{
Backstore: bs,
Trusted: []asserts.Assertion{
asserts.BootstrapAccountForTest("canonical"),
asserts.BootstrapAccountKeyForTest("canonical", trustedKey.PublicKey()),
},
}
db, err := asserts.OpenDatabase(cfg)
c.Assert(err, IsNil)
safs.db = db
}示例2: TestUseInSigningFailure
func (gkms *gpgKeypairMgrSuite) TestUseInSigningFailure(c *C) {
mockGPG := func(prev asserts.GPGRunner, input []byte, args ...string) ([]byte, error) {
if args[1] == "--list-secret-keys" || args[1] == "--export" {
return prev(input, args...)
}
n := len(args)
c.Assert(args[n-1], Equals, "--detach-sign")
return nil, fmt.Errorf("boom")
}
restore := asserts.MockRunGPG(mockGPG)
defer restore()
signDB, err := asserts.OpenDatabase(&asserts.DatabaseConfig{
KeypairManager: gkms.keypairMgr,
})
c.Assert(err, IsNil)
headers := map[string]interface{}{
"authority-id": "dev1-id",
"snap-sha3-384": blobSHA3_384,
"snap-id": "snap-id-1",
"grade": "devel",
"snap-size": "1025",
"timestamp": time.Now().Format(time.RFC3339),
}
_, err = signDB.Sign(asserts.SnapBuildType, headers, nil, assertstest.DevKeyID)
c.Check(err, ErrorMatches, "cannot sign assertion: cannot sign using GPG: boom")
}示例3: TestCheckUnsupportedFormat
func (chks *checkSuite) TestCheckUnsupportedFormat(c *C) {
trustedKey := testPrivKey0
cfg := &asserts.DatabaseConfig{
Backstore: chks.bs,
Trusted: []asserts.Assertion{asserts.BootstrapAccountKeyForTest("canonical", trustedKey.PublicKey())},
}
db, err := asserts.OpenDatabase(cfg)
c.Assert(err, IsNil)
var a asserts.Assertion
(func() {
restore := asserts.MockMaxSupportedFormat(asserts.TestOnlyType, 77)
defer restore()
var err error
headers := map[string]interface{}{
"authority-id": "canonical",
"primary-key": "0",
"format": "77",
}
a, err = asserts.AssembleAndSignInTest(asserts.TestOnlyType, headers, nil, trustedKey)
c.Assert(err, IsNil)
})()
err = db.Check(a)
c.Assert(err, FitsTypeOf, &asserts.UnsupportedFormatError{})
c.Check(err, ErrorMatches, `proposed "test-only" assertion has format 77 but 1 is latest supported`)
}示例4: getMemoryKeyStore
func getMemoryKeyStore(config ConfigSettings) (*KeypairDatabase, error) {
db, err := asserts.OpenDatabase(&asserts.DatabaseConfig{
KeypairManager: asserts.NewMemoryKeypairManager(),
})
kdb := KeypairDatabase{FilesystemStore, db, nil}
return &kdb, err
}示例5: TestFetch
func (s *fetcherSuite) TestFetch(c *C) {
s.prereqSnapAssertions(c, 10)
db, err := asserts.OpenDatabase(&asserts.DatabaseConfig{
Backstore: asserts.NewMemoryBackstore(),
Trusted: s.storeSigning.Trusted,
})
c.Assert(err, IsNil)
ref := &asserts.Ref{
Type: asserts.SnapRevisionType,
PrimaryKey: []string{makeDigest(10)},
}
retrieve := func(ref *asserts.Ref) (asserts.Assertion, error) {
return ref.Resolve(s.storeSigning.Find)
}
f := asserts.NewFetcher(db, retrieve, db.Add)
err = f.Fetch(ref)
c.Assert(err, IsNil)
snapRev, err := ref.Resolve(db.Find)
c.Assert(err, IsNil)
c.Check(snapRev.(*asserts.SnapRevision).SnapRevision(), Equals, 10)
snapDecl, err := db.Find(asserts.SnapDeclarationType, map[string]string{
"series": "16",
"snap-id": "snap-id-1",
})
c.Assert(err, IsNil)
c.Check(snapDecl.(*asserts.SnapDeclaration).SnapName(), Equals, "foo")
}示例6: SetUpTest
func (s *snapassertsSuite) SetUpTest(c *C) {
rootPrivKey, _ := assertstest.GenerateKey(1024)
storePrivKey, _ := assertstest.GenerateKey(752)
s.storeSigning = assertstest.NewStoreStack("can0nical", rootPrivKey, storePrivKey)
s.dev1Acct = assertstest.NewAccount(s.storeSigning, "developer1", nil, "")
localDB, err := asserts.OpenDatabase(&asserts.DatabaseConfig{
Backstore: asserts.NewMemoryBackstore(),
Trusted: s.storeSigning.Trusted,
})
c.Assert(err, IsNil)
s.localDB = localDB
// add in prereqs assertions
err = s.localDB.Add(s.storeSigning.StoreAccountKey(""))
c.Assert(err, IsNil)
err = s.localDB.Add(s.dev1Acct)
c.Assert(err, IsNil)
headers := map[string]interface{}{
"series": "16",
"snap-id": "snap-id-1",
"snap-name": "foo",
"publisher-id": s.dev1Acct.AccountID(),
"timestamp": time.Now().Format(time.RFC3339),
}
snapDecl, err := s.storeSigning.Sign(asserts.SnapDeclarationType, headers, nil, "")
c.Assert(err, IsNil)
err = s.localDB.Add(snapDecl)
c.Assert(err, IsNil)
}示例7: SetUpTest
func (s *deviceMgrSuite) SetUpTest(c *C) {
dirs.SetRootDir(c.MkDir())
rootPrivKey, _ := assertstest.GenerateKey(1024)
storePrivKey, _ := assertstest.GenerateKey(752)
s.storeSigning = assertstest.NewStoreStack("canonical", rootPrivKey, storePrivKey)
s.state = state.New(nil)
db, err := asserts.OpenDatabase(&asserts.DatabaseConfig{
Backstore: asserts.NewMemoryBackstore(),
Trusted: s.storeSigning.Trusted,
})
c.Assert(err, IsNil)
s.state.Lock()
assertstate.ReplaceDB(s.state, db)
s.state.Unlock()
err = db.Add(s.storeSigning.StoreAccountKey(""))
c.Assert(err, IsNil)
mgr, err := devicestate.Manager(s.state)
c.Assert(err, IsNil)
s.db = db
s.mgr = mgr
s.state.Lock()
snapstate.ReplaceStore(s.state, &fakeStore{
state: s.state,
db: s.storeSigning,
})
s.state.Unlock()
}示例8: TestOpenDatabaseTrustedAccount
func (opens *openSuite) TestOpenDatabaseTrustedAccount(c *C) {
headers := map[string]interface{}{
"authority-id": "canonical",
"account-id": "trusted",
"display-name": "Trusted",
"validation": "certified",
"timestamp": "2015-01-01T14:00:00Z",
}
acct, err := asserts.AssembleAndSignInTest(asserts.AccountType, headers, nil, testPrivKey0)
c.Assert(err, IsNil)
cfg := &asserts.DatabaseConfig{
Backstore: asserts.NewMemoryBackstore(),
Trusted: []asserts.Assertion{acct},
}
db, err := asserts.OpenDatabase(cfg)
c.Assert(err, IsNil)
a, err := db.Find(asserts.AccountType, map[string]string{
"account-id": "trusted",
})
c.Assert(err, IsNil)
acct1 := a.(*asserts.Account)
c.Check(acct1.AccountID(), Equals, "trusted")
c.Check(acct1.DisplayName(), Equals, "Trusted")
c.Check(db.IsTrustedAccount("trusted"), Equals, true)
// empty account id (invalid) is not trusted
c.Check(db.IsTrustedAccount(""), Equals, false)
}示例9: TestCheckForgery
func (chks *checkSuite) TestCheckForgery(c *C) {
trustedKey := testPrivKey0
cfg := &asserts.DatabaseConfig{
Backstore: chks.bs,
Trusted: []asserts.Assertion{asserts.BootstrapAccountKeyForTest("canonical", trustedKey.PublicKey())},
}
db, err := asserts.OpenDatabase(cfg)
c.Assert(err, IsNil)
encoded := asserts.Encode(chks.a)
content, encodedSig := chks.a.Signature()
// forgery
forgedSig := new(packet.Signature)
forgedSig.PubKeyAlgo = packet.PubKeyAlgoRSA
forgedSig.Hash = crypto.SHA512
forgedSig.CreationTime = time.Now()
h := crypto.SHA512.New()
h.Write(content)
pk1 := packet.NewRSAPrivateKey(time.Unix(1, 0), testPrivKey1RSA)
err = forgedSig.Sign(h, pk1, &packet.Config{DefaultHash: crypto.SHA512})
c.Assert(err, IsNil)
buf := new(bytes.Buffer)
forgedSig.Serialize(buf)
b := append([]byte{0x1}, buf.Bytes()...)
forgedSigEncoded := base64.StdEncoding.EncodeToString(b)
forgedEncoded := bytes.Replace(encoded, encodedSig, []byte(forgedSigEncoded), 1)
c.Assert(forgedEncoded, Not(DeepEquals), encoded)
forgedAssert, err := asserts.Decode(forgedEncoded)
c.Assert(err, IsNil)
err = db.Check(forgedAssert)
c.Assert(err, ErrorMatches, "failed signature verification: .*")
}示例10: TestOpenDatabaseOK
func (opens *openSuite) TestOpenDatabaseOK(c *C) {
cfg := &asserts.DatabaseConfig{
Backstore: asserts.NewMemoryBackstore(),
}
db, err := asserts.OpenDatabase(cfg)
c.Assert(err, IsNil)
c.Assert(db, NotNil)
}示例11: getErrorMockKeyStore
func getErrorMockKeyStore(config ConfigSettings) (*KeypairDatabase, error) {
mockStore := new(errorMockKeypairManager)
db, err := asserts.OpenDatabase(&asserts.DatabaseConfig{
KeypairManager: mockStore,
})
kdb := KeypairDatabase{FilesystemStore, db, nil}
return &kdb, err
}示例12: TestUseInSigning
func (gkms *gpgKeypairMgrSuite) TestUseInSigning(c *C) {
store := assertstest.NewStoreStack("trusted", testPrivKey0, testPrivKey1)
devKey, err := gkms.keypairMgr.Get(assertstest.DevKeyID)
c.Assert(err, IsNil)
devAcct := assertstest.NewAccount(store, "devel1", map[string]interface{}{
"account-id": "dev1-id",
}, "")
devAccKey := assertstest.NewAccountKey(store, devAcct, nil, devKey.PublicKey(), "")
signDB, err := asserts.OpenDatabase(&asserts.DatabaseConfig{
KeypairManager: gkms.keypairMgr,
})
c.Assert(err, IsNil)
checkDB, err := asserts.OpenDatabase(&asserts.DatabaseConfig{
Backstore: asserts.NewMemoryBackstore(),
Trusted: store.Trusted,
})
c.Assert(err, IsNil)
// add store key
err = checkDB.Add(store.StoreAccountKey(""))
c.Assert(err, IsNil)
// enable devel key
err = checkDB.Add(devAcct)
c.Assert(err, IsNil)
err = checkDB.Add(devAccKey)
c.Assert(err, IsNil)
headers := map[string]interface{}{
"authority-id": "dev1-id",
"snap-sha3-384": blobSHA3_384,
"snap-id": "snap-id-1",
"grade": "devel",
"snap-size": "1025",
"timestamp": time.Now().Format(time.RFC3339),
}
snapBuild, err := signDB.Sign(asserts.SnapBuildType, headers, nil, assertstest.DevKeyID)
c.Assert(err, IsNil)
err = checkDB.Check(snapBuild)
c.Check(err, IsNil)
}示例13: TestCheckNoPubKey
func (chks *checkSuite) TestCheckNoPubKey(c *C) {
cfg := &asserts.DatabaseConfig{
Backstore: chks.bs,
}
db, err := asserts.OpenDatabase(cfg)
c.Assert(err, IsNil)
err = db.Check(chks.a)
c.Assert(err, ErrorMatches, `no matching public key "[[:alnum:]_-]+" for signature by "canonical"`)
}示例14: GetKeyStore
// GetKeyStore returns the keystore as defined in the config file
func GetKeyStore(config ConfigSettings) (*KeypairDatabase, error) {
switch config.KeyStoreType {
case DatabaseStore.Name:
// Prepare the memory store for the unsealed keys
memStore := asserts.NewMemoryKeypairManager()
db, err := asserts.OpenDatabase(&asserts.DatabaseConfig{
KeypairManager: memStore,
})
dbOperator := DatabaseKeypairOperator{}
keypairDB = KeypairDatabase{DatabaseStore, db, &dbOperator}
return &keypairDB, err
case TPM20Store.Name:
// Initalize the TPM store
tpm20 := TPM20KeypairOperator{config.KeyStorePath, config.KeyStoreSecret, &tpm20Command{}}
// Prepare the memory store for the unsealed keys
memStore := asserts.NewMemoryKeypairManager()
db, err := asserts.OpenDatabase(&asserts.DatabaseConfig{
KeypairManager: memStore,
})
keypairDB = KeypairDatabase{TPM20Store, db, &tpm20}
return &keypairDB, err
case FilesystemStore.Name:
fsStore, err := asserts.OpenFSKeypairManager(config.KeyStorePath)
if err != nil {
return nil, err
}
db, err := asserts.OpenDatabase(&asserts.DatabaseConfig{
KeypairManager: fsStore,
})
keypairDB = KeypairDatabase{FilesystemStore, db, nil}
return &keypairDB, err
default:
return nil, ErrorInvalidKeystoreType
}
}示例15: MakeFakeRefreshForSnaps
func MakeFakeRefreshForSnaps(snaps []string, blobDir string) error {
storePrivKey, _ := assertstest.ReadPrivKey(systestkeys.TestStorePrivKey)
db, err := asserts.OpenDatabase(&asserts.DatabaseConfig{
KeypairManager: asserts.NewMemoryKeypairManager(),
Backstore: asserts.NewMemoryBackstore(),
Trusted: sysdb.Trusted(),
})
if err != nil {
return err
}
// for signing
db.ImportKey(storePrivKey)
var cliConfig client.Config
cli := client.New(&cliConfig)
retrieve := func(ref *asserts.Ref) (asserts.Assertion, error) {
headers := make(map[string]string)
for i, k := range ref.Type.PrimaryKey {
headers[k] = ref.PrimaryKey[i]
}
as, err := cli.Known(ref.Type.Name, headers)
if err != nil {
return nil, err
}
switch len(as) {
case 1:
return as[0], nil
case 0:
return nil, asserts.ErrNotFound
default:
panic(fmt.Sprintf("multiple assertions when retrieving by primary key: %v", ref))
}
}
save := func(a asserts.Assertion) error {
err := db.Add(a)
if err != nil {
if _, ok := err.(*asserts.RevisionError); !ok {
return err
}
}
return writeAssert(a, blobDir)
}
f := asserts.NewFetcher(db, retrieve, save)
for _, snap := range snaps {
if err := makeFakeRefreshForSnap(snap, blobDir, db, f); err != nil {
return err
}
}
return nil
}