Documentation
¶
Overview ¶
Package credz provides helper APIs to simplify writing credentialz test cases.
Index ¶
- func CreateHibaKeys(t *testing.T, dir string)
- func CreateHostCertificate(t *testing.T, dir string, dutKeyContents []byte)
- func CreateSSHKeyPair(t *testing.T, dir, keyName string)
- func CreateUserCertificate(t *testing.T, dir, userPrincipal string)
- func GeneratePassword() string
- func GetAcceptTelemetry(t *testing.T, dut *ondatra.DUTDevice) (uint64, uint64)
- func GetDutPublicKey(t *testing.T, dut *ondatra.DUTDevice) []byte
- func GetDutTarget(t *testing.T, dut *ondatra.DUTDevice) string
- func GetRejectTelemetry(t *testing.T, dut *ondatra.DUTDevice) (uint64, uint64)
- func PrettyPrint(i interface{}) string
- func RotateAuthenticationArtifacts(t *testing.T, dut *ondatra.DUTDevice, keyDir, certDir, version string, ...)
- func RotateAuthenticationTypes(t *testing.T, dut *ondatra.DUTDevice, authTypes []cpb.AuthenticationType)
- func RotateAuthorizedKey(t *testing.T, dut *ondatra.DUTDevice, dir, username, version string, ...)
- func RotateAuthorizedPrincipal(t *testing.T, dut *ondatra.DUTDevice, username, userPrincipal string)
- func RotateAuthorizedPrincipalCheck(t *testing.T, dut *ondatra.DUTDevice, ...)
- func RotateTrustedUserCA(t *testing.T, dut *ondatra.DUTDevice, dir string)
- func RotateUserPassword(t *testing.T, dut *ondatra.DUTDevice, username, password, version string, ...)
- func SSHWithCertificate(t *testing.T, target, username, dir string) (*ssh.Client, error)
- func SSHWithKey(t *testing.T, target, username, dir string) (*ssh.Client, error)
- func SSHWithPassword(target, username, password string) (*ssh.Client, error)
- func SetupUser(t *testing.T, dut *ondatra.DUTDevice, username string)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CreateHibaKeys ¶
CreateHibaKeys creates/copies hiba granted keys/certificates in the specified directory. If hiba tool is not installed on the testbed, ensure following files (generated after executing steps from https://github.com/google/hiba/blob/main/CA.md) are present in the test directory : feature/security/gnsi/credentialz/tests/hiba_authentication/ca, feature/security/gnsi/credentialz/tests/hiba_authentication/ca.pub, feature/security/gnsi/credentialz/tests/hiba_authentication/hosts/dut, feature/security/gnsi/credentialz/tests/hiba_authentication/hosts/dut.pub, feature/security/gnsi/credentialz/tests/hiba_authentication/hosts/dut-cert.pub, feature/security/gnsi/credentialz/tests/hiba_authentication/users/testuser, feature/security/gnsi/credentialz/tests/hiba_authentication/users/testuser.pub, feature/security/gnsi/credentialz/tests/hiba_authentication/users/testuser-cert.pub,
func CreateHostCertificate ¶
CreateHostCertificate takes in dut key contents & creates ssh host certificate in the specified directory.
func CreateSSHKeyPair ¶
CreateSSHKeyPair creates ssh keypair with a filename of keyName in the specified directory. Keypairs can be created for ca/dut/testuser as per individual credentialz test requirements.
func CreateUserCertificate ¶
CreateUserCertificate creates ssh user certificate in the specified directory.
func GeneratePassword ¶
func GeneratePassword() string
GeneratePassword creates a password with following restrictions: - Must be 24-32 characters long. - Must use 4 of the 5 character classes ([a-z], [A-Z], [0-9], [!@#$%^&*(){}[]\|:;'"], [ ]).
func GetAcceptTelemetry ¶
GetAcceptTelemetry retrieve ssh accept telemetry counters from the dut.
func GetDutPublicKey ¶
GetDutPublicKey retrieve single host public key from the dut.
func GetDutTarget ¶
GetDutTarget returns ssh target for the dut to be used in credentialz tests.
func GetRejectTelemetry ¶
GetRejectTelemetry retrieve ssh reject telemetry counters from the dut.
func PrettyPrint ¶
func PrettyPrint(i interface{}) string
PrettyPrint prints rpc requests/responses in a pretty format.
func RotateAuthenticationArtifacts ¶
func RotateAuthenticationArtifacts(t *testing.T, dut *ondatra.DUTDevice, keyDir, certDir, version string, createdOn uint64)
RotateAuthenticationArtifacts read dut key/certificate contents from the specified directory & apply it as host authentication artifacts on the dut.
func RotateAuthenticationTypes ¶
func RotateAuthenticationTypes(t *testing.T, dut *ondatra.DUTDevice, authTypes []cpb.AuthenticationType)
RotateAuthenticationTypes apply specified host authentication types on the dut.
func RotateAuthorizedKey ¶
func RotateAuthorizedKey(t *testing.T, dut *ondatra.DUTDevice, dir, username, version string, createdOn uint64)
RotateAuthorizedKey read user key contents from the specified directory & apply it as authorized key on the dut.
func RotateAuthorizedPrincipal ¶
func RotateAuthorizedPrincipal(t *testing.T, dut *ondatra.DUTDevice, username, userPrincipal string)
RotateAuthorizedPrincipal apply authorized principal for the specified username on the dut.
func RotateAuthorizedPrincipalCheck ¶
func RotateAuthorizedPrincipalCheck(t *testing.T, dut *ondatra.DUTDevice, tool cpb.AuthorizedPrincipalCheckRequest_Tool)
RotateAuthorizedPrincipalCheck apply specified authorized principal tool on the dut.
func RotateTrustedUserCA ¶
RotateTrustedUserCA read CA key contents from the specified directory & apply it on the dut.
func RotateUserPassword ¶
func RotateUserPassword(t *testing.T, dut *ondatra.DUTDevice, username, password, version string, createdOn uint64)
RotateUserPassword apply password for the specified username on the dut.
func SSHWithCertificate ¶
SSHWithCertificate dials ssh with user certificate to be used in credentialz tests.
func SSHWithKey ¶
SSHWithKey dials ssh with key based authentication to be used in credentialz tests.
func SSHWithPassword ¶
SSHWithPassword dials ssh with password based authentication to be used in credentialz tests.
Types ¶
This section is empty.
Source Files