2017-07-05 15:25:10 +00:00
|
|
|
package transit_test
|
|
|
|
|
|
|
|
import (
|
|
|
|
"testing"
|
|
|
|
|
|
|
|
"github.com/hashicorp/vault/api"
|
|
|
|
"github.com/hashicorp/vault/audit"
|
|
|
|
"github.com/hashicorp/vault/builtin/audit/file"
|
|
|
|
"github.com/hashicorp/vault/builtin/logical/transit"
|
|
|
|
vaulthttp "github.com/hashicorp/vault/http"
|
2019-04-12 21:54:35 +00:00
|
|
|
"github.com/hashicorp/vault/sdk/logical"
|
2017-07-05 15:25:10 +00:00
|
|
|
"github.com/hashicorp/vault/vault"
|
|
|
|
)
|
|
|
|
|
|
|
|
func TestTransit_Issue_2958(t *testing.T) {
|
|
|
|
coreConfig := &vault.CoreConfig{
|
|
|
|
LogicalBackends: map[string]logical.Factory{
|
|
|
|
"transit": transit.Factory,
|
|
|
|
},
|
|
|
|
AuditBackends: map[string]audit.Factory{
|
|
|
|
"file": file.Factory,
|
|
|
|
},
|
|
|
|
}
|
|
|
|
|
2017-07-31 15:28:06 +00:00
|
|
|
cluster := vault.NewTestCluster(t, coreConfig, &vault.TestClusterOptions{
|
|
|
|
HandlerFunc: vaulthttp.Handler,
|
|
|
|
})
|
|
|
|
cluster.Start()
|
|
|
|
defer cluster.Cleanup()
|
2017-07-05 15:25:10 +00:00
|
|
|
|
|
|
|
cores := cluster.Cores
|
|
|
|
|
|
|
|
vault.TestWaitActive(t, cores[0].Core)
|
|
|
|
|
|
|
|
client := cores[0].Client
|
|
|
|
|
|
|
|
err := client.Sys().EnableAuditWithOptions("file", &api.EnableAuditOptions{
|
|
|
|
Type: "file",
|
|
|
|
Options: map[string]string{
|
|
|
|
"file_path": "/dev/null",
|
|
|
|
},
|
|
|
|
})
|
|
|
|
if err != nil {
|
|
|
|
t.Fatal(err)
|
|
|
|
}
|
|
|
|
|
|
|
|
err = client.Sys().Mount("transit", &api.MountInput{
|
|
|
|
Type: "transit",
|
|
|
|
})
|
|
|
|
if err != nil {
|
|
|
|
t.Fatal(err)
|
|
|
|
}
|
|
|
|
|
|
|
|
_, err = client.Logical().Write("transit/keys/foo", map[string]interface{}{
|
|
|
|
"type": "ecdsa-p256",
|
|
|
|
})
|
|
|
|
if err != nil {
|
|
|
|
t.Fatal(err)
|
|
|
|
}
|
|
|
|
|
2019-10-03 16:32:43 +00:00
|
|
|
_, err = client.Logical().Write("transit/keys/foobar", map[string]interface{}{
|
|
|
|
"type": "ecdsa-p384",
|
|
|
|
})
|
|
|
|
if err != nil {
|
|
|
|
t.Fatal(err)
|
|
|
|
}
|
|
|
|
|
2017-07-05 15:25:10 +00:00
|
|
|
_, err = client.Logical().Write("transit/keys/bar", map[string]interface{}{
|
|
|
|
"type": "ed25519",
|
|
|
|
})
|
|
|
|
if err != nil {
|
|
|
|
t.Fatal(err)
|
|
|
|
}
|
|
|
|
|
|
|
|
_, err = client.Logical().Read("transit/keys/foo")
|
|
|
|
if err != nil {
|
|
|
|
t.Fatal(err)
|
|
|
|
}
|
|
|
|
|
2019-10-03 16:32:43 +00:00
|
|
|
_, err = client.Logical().Read("transit/keys/foobar")
|
|
|
|
if err != nil {
|
|
|
|
t.Fatal(err)
|
|
|
|
}
|
|
|
|
|
2017-07-05 15:25:10 +00:00
|
|
|
_, err = client.Logical().Read("transit/keys/bar")
|
|
|
|
if err != nil {
|
|
|
|
t.Fatal(err)
|
|
|
|
}
|
|
|
|
}
|