TheArchive/tailscale
1
0
Fork 0
mirror of https://github.com/tailscale/tailscale.git synced 2025-08-14 15:07:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

tka,types/key: implement NLPrivate glue for tailnet key authority keys

Browse Source 
Signed-off-by: Tom DNetto <tom@tailscale.com>
This commit is contained in:
Tom DNetto
2022-07-29 11:03:23 -07:00
committed by Tom
parent 7a74466998
commit 023d4e2216
11 changed files with 188 additions and 68 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
tka/builder_test.go
View File

@@ -5,11 +5,19 @@
package tka
import (
"crypto/ed25519"
"testing"
"github.com/google/go-cmp/cmp"
)
type signer25519 ed25519.PrivateKey
func (s signer25519) SignAUM(update *AUM) error {
update.sign25519(ed25519.PrivateKey(s))
return nil
}
func TestAuthorityBuilderAddKey(t *testing.T) {
pub, priv := testingKey25519(t, 1)
key := Key{Kind: Key25519, Public: pub, Votes: 2}
@@ -17,7 +25,7 @@ func TestAuthorityBuilderAddKey(t *testing.T) {
a, _, err := Create(&Mem{}, State{
Keys: []Key{key},
DisablementSecrets: [][]byte{disablementKDF([]byte{1, 2, 3})},
}, priv)
}, signer25519(priv))
if err != nil {
t.Fatalf("Create() failed: %v", err)
}
@@ -25,10 +33,7 @@ func TestAuthorityBuilderAddKey(t *testing.T) {
pub2, _ := testingKey25519(t, 2)
key2 := Key{Kind: Key25519, Public: pub2, Votes: 1}
b := a.NewUpdater(func(update *AUM) error {
update.sign25519(priv)
return nil
})
b := a.NewUpdater(signer25519(priv))
if err := b.AddKey(key2); err != nil {
t.Fatalf("AddKey(%v) failed: %v", key2, err)
}
@@ -56,15 +61,12 @@ func TestAuthorityBuilderRemoveKey(t *testing.T) {
a, _, err := Create(&Mem{}, State{
Keys: []Key{key, key2},
DisablementSecrets: [][]byte{disablementKDF([]byte{1, 2, 3})},
}, priv)
}, signer25519(priv))
if err != nil {
t.Fatalf("Create() failed: %v", err)
}
b := a.NewUpdater(func(update *AUM) error {
update.sign25519(priv)
return nil
})
b := a.NewUpdater(signer25519(priv))
if err := b.RemoveKey(key2.ID()); err != nil {
t.Fatalf("RemoveKey(%v) failed: %v", key2, err)
}
@@ -90,15 +92,12 @@ func TestAuthorityBuilderSetKeyVote(t *testing.T) {
a, _, err := Create(&Mem{}, State{
Keys: []Key{key},
DisablementSecrets: [][]byte{disablementKDF([]byte{1, 2, 3})},
}, priv)
}, signer25519(priv))
if err != nil {
t.Fatalf("Create() failed: %v", err)
}
b := a.NewUpdater(func(update *AUM) error {
update.sign25519(priv)
return nil
})
b := a.NewUpdater(signer25519(priv))
if err := b.SetKeyVote(key.ID(), 5); err != nil {
t.Fatalf("SetKeyVote(%v) failed: %v", key.ID(), err)
}
@@ -128,15 +127,12 @@ func TestAuthorityBuilderSetKeyMeta(t *testing.T) {
a, _, err := Create(&Mem{}, State{
Keys: []Key{key},
DisablementSecrets: [][]byte{disablementKDF([]byte{1, 2, 3})},
}, priv)
}, signer25519(priv))
if err != nil {
t.Fatalf("Create() failed: %v", err)
}
b := a.NewUpdater(func(update *AUM) error {
update.sign25519(priv)
return nil
})
b := a.NewUpdater(signer25519(priv))
if err := b.SetKeyMeta(key.ID(), map[string]string{"b": "c"}); err != nil {
t.Fatalf("SetKeyMeta(%v) failed: %v", key, err)
}
@@ -166,7 +162,7 @@ func TestAuthorityBuilderMultiple(t *testing.T) {
a, _, err := Create(&Mem{}, State{
Keys: []Key{key},
DisablementSecrets: [][]byte{disablementKDF([]byte{1, 2, 3})},
}, priv)
}, signer25519(priv))
if err != nil {
t.Fatalf("Create() failed: %v", err)
}
@@ -174,10 +170,7 @@ func TestAuthorityBuilderMultiple(t *testing.T) {
pub2, _ := testingKey25519(t, 2)
key2 := Key{Kind: Key25519, Public: pub2, Votes: 1}
b := a.NewUpdater(func(update *AUM) error {
update.sign25519(priv)
return nil
})
b := a.NewUpdater(signer25519(priv))
if err := b.AddKey(key2); err != nil {
t.Fatalf("AddKey(%v) failed: %v", key2, err)
}