testenv

package
v1.3.3-0...-f31c912 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 9, 2024 License: AGPL-3.0 Imports: 22 Imported by: 0

Documentation

Index

Constants

View Source 
const FakeEnrollmentToken = "29d73573-1682-42a1-b28f-c0e42a29942f"

FakeEnrollmentToken is a "free", never spent enrollment token.

Variables

This section is empty.

Functions

This section is empty.

Types

type E 

type E struct {
	DevicesClient devicepb.DeviceTrustServiceClient
	Service       *FakeDeviceService
	// contains filtered or unexported fields
}

E is an integrated test environment for device trust.

func MustNew 

func MustNew(opts ...Opt) *E

MustNew creates a new E or panics. Callers are required to defer e.Close() to release test resources.

func New 

func New(opts ...Opt) (*E, error)

New creates a new E. Callers are required to defer e.Close() to release test resources.

func (*E) Close 

func (e *E) Close() error

Close tears down the test environment.

type FakeDevice 

type FakeDevice interface {
	CollectDeviceData(mode native.CollectDataMode) (*devicepb.DeviceCollectedData, error)
	EnrollDeviceInit() (*devicepb.EnrollDeviceInit, error)
	GetDeviceOSType() devicepb.OSType
	SignChallenge(chal []byte) (sig []byte, err error)
	SolveTPMEnrollChallenge(challenge *devicepb.TPMEnrollChallenge, debug bool) (*devicepb.TPMEnrollChallengeResponse, error)
	SolveTPMAuthnDeviceChallenge(challenge *devicepb.TPMAuthenticateDeviceChallenge) (*devicepb.TPMAuthenticateDeviceChallengeResponse, error)
	GetDeviceCredential() *devicepb.DeviceCredential
}

FakeDevice is implemented by the platform-native fakes and is used in tests for device authentication and enrollment.

type FakeDeviceService 

type FakeDeviceService struct {
	devicepb.UnimplementedDeviceTrustServiceServer
	// contains filtered or unexported fields
}

func (*FakeDeviceService) AuthenticateDevice 

func (s *FakeDeviceService) AuthenticateDevice(stream devicepb.DeviceTrustService_AuthenticateDeviceServer) error

AuthenticateDevice implements a fake, server-side device authentication ceremony.

AuthenticateDevice requires an enrolled device, so the challenge signature can be verified. It largely ignores received certificates and doesn't reply with proper certificates in the response. Certificates are acquired outside of devicetrust packages, so it's not essential to check them here.

func (*FakeDeviceService) CreateDevice 

func (s *FakeDeviceService) CreateDevice(ctx context.Context, req *devicepb.CreateDeviceRequest) (*devicepb.Device, error)

func (*FakeDeviceService) CreateDeviceEnrollToken 

func (s *FakeDeviceService) CreateDeviceEnrollToken(ctx context.Context, req *devicepb.CreateDeviceEnrollTokenRequest) (*devicepb.DeviceEnrollToken, error)

CreateDeviceEnrollToken implements the creation of fake device enrollment tokens.

ID-based creation requires a previously-created device and stores the new token.

Auto-enrollment is completely fake, it doesn't require the device to exist. Always returns FakeEnrollmentToken.

func (*FakeDeviceService) EnrollDevice 

func (s *FakeDeviceService) EnrollDevice(stream devicepb.DeviceTrustService_EnrollDeviceServer) error

EnrollDevice implements a fake, server-side device enrollment ceremony.

If the service was created using WithAutoCreateDevice, the device is automatically created. The enrollment token must either match FakeEnrollmentToken or be created via a successful [CreateDeviceEnrollToken] call.

func (*FakeDeviceService) FindDevices 

func (s *FakeDeviceService) FindDevices(ctx context.Context, req *devicepb.FindDevicesRequest) (*devicepb.FindDevicesResponse, error)

func (*FakeDeviceService) SetDevicesLimitReached 

func (s *FakeDeviceService) SetDevicesLimitReached(limitReached bool)

SetDevicesLimitReached simulates a server where the devices limit was already reached.

type FakeMacOSDevice 

type FakeMacOSDevice struct {
	ID           string
	SerialNumber string
	PubKeyDER    []byte
	// contains filtered or unexported fields
}

FakeMacOSDevice fakes the native methods of a macOS device, as expected by the devicetrust packages.

func NewFakeMacOSDevice 

func NewFakeMacOSDevice() (*FakeMacOSDevice, error)

func (*FakeMacOSDevice) CollectDeviceData 

func (f *FakeMacOSDevice) CollectDeviceData(mode native.CollectDataMode) (*devicepb.DeviceCollectedData, error)

func (*FakeMacOSDevice) EnrollDeviceInit 

func (f *FakeMacOSDevice) EnrollDeviceInit() (*devicepb.EnrollDeviceInit, error)

func (*FakeMacOSDevice) GetDeviceCredential 

func (f *FakeMacOSDevice) GetDeviceCredential() *devicepb.DeviceCredential

func (*FakeMacOSDevice) GetDeviceOSType 

func (f *FakeMacOSDevice) GetDeviceOSType() devicepb.OSType

func (*FakeMacOSDevice) SignChallenge 

func (f *FakeMacOSDevice) SignChallenge(chal []byte) (sig []byte, err error)

func (*FakeMacOSDevice) SolveTPMAuthnDeviceChallenge 

func (d *FakeMacOSDevice) SolveTPMAuthnDeviceChallenge(_ *devicepb.TPMAuthenticateDeviceChallenge) (*devicepb.TPMAuthenticateDeviceChallengeResponse, error)

func (*FakeMacOSDevice) SolveTPMEnrollChallenge 

func (d *FakeMacOSDevice) SolveTPMEnrollChallenge(
	_ *devicepb.TPMEnrollChallenge,
	_ bool,
) (*devicepb.TPMEnrollChallengeResponse, error)

type FakeTPMDevice 

type FakeTPMDevice struct {
	OSType       devicepb.OSType
	CredentialID string
	SerialNumber string
}

FakeTPMDevice allows us to exercise EnrollCeremony. To avoid requiring dependencies to support a TPM simulator, we currently do not closely emulate the behavior of a real windows device.

func NewFakeLinuxDevice 

func NewFakeLinuxDevice() *FakeTPMDevice

func NewFakeWindowsDevice 

func NewFakeWindowsDevice() *FakeTPMDevice

func (*FakeTPMDevice) CollectDeviceData 

func (f *FakeTPMDevice) CollectDeviceData(mode native.CollectDataMode) (*devicepb.DeviceCollectedData, error)

func (*FakeTPMDevice) EnrollDeviceInit 

func (f *FakeTPMDevice) EnrollDeviceInit() (*devicepb.EnrollDeviceInit, error)

func (*FakeTPMDevice) GetDeviceCredential 

func (f *FakeTPMDevice) GetDeviceCredential() *devicepb.DeviceCredential

func (*FakeTPMDevice) GetDeviceOSType 

func (f *FakeTPMDevice) GetDeviceOSType() devicepb.OSType

func (*FakeTPMDevice) SignChallenge 

func (f *FakeTPMDevice) SignChallenge(_ []byte) (sig []byte, err error)

func (*FakeTPMDevice) SolveTPMAuthnDeviceChallenge 

func (f *FakeTPMDevice) SolveTPMAuthnDeviceChallenge(
	challenge *devicepb.TPMAuthenticateDeviceChallenge,
) (*devicepb.TPMAuthenticateDeviceChallengeResponse, error)

func (*FakeTPMDevice) SolveTPMEnrollChallenge 

func (f *FakeTPMDevice) SolveTPMEnrollChallenge(
	challenge *devicepb.TPMEnrollChallenge,
	_ bool,
) (*devicepb.TPMEnrollChallengeResponse, error)

type Opt 

type Opt func(*E)

Opt is a creation option for E

func WithAutoCreateDevice 

func WithAutoCreateDevice(b bool) Opt

WithAutoCreateDevice instructs EnrollDevice to automatically create the requested device, if it wasn't previously registered. See also FakeEnrollmentToken.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.