2016-04-26 00:14:16 +00:00
|
|
|
package vault
|
|
|
|
|
|
|
|
import (
|
2018-01-19 06:44:44 +00:00
|
|
|
"context"
|
|
|
|
|
2020-01-11 01:39:52 +00:00
|
|
|
"github.com/hashicorp/vault/vault/seal"
|
|
|
|
vaultseal "github.com/hashicorp/vault/vault/seal"
|
2019-01-09 00:48:57 +00:00
|
|
|
testing "github.com/mitchellh/go-testing-interface"
|
2016-04-26 00:14:16 +00:00
|
|
|
)
|
|
|
|
|
2021-02-18 20:40:18 +00:00
|
|
|
func TestCoreUnsealedWithConfigs(t testing.T, barrierConf, recoveryConf *SealConfig) (*Core, [][]byte, [][]byte, string) {
|
2018-09-18 03:03:00 +00:00
|
|
|
t.Helper()
|
2020-01-11 01:39:52 +00:00
|
|
|
opts := &seal.TestSealOpts{}
|
2018-09-18 03:03:00 +00:00
|
|
|
if recoveryConf == nil {
|
2021-12-07 01:12:20 +00:00
|
|
|
opts.StoredKeys = seal.StoredKeysSupportedShamirRoot
|
2016-04-27 20:59:06 +00:00
|
|
|
}
|
2019-10-18 18:46:00 +00:00
|
|
|
return TestCoreUnsealedWithConfigSealOpts(t, barrierConf, recoveryConf, opts)
|
2017-10-23 17:42:04 +00:00
|
|
|
}
|
|
|
|
|
2021-02-18 20:40:18 +00:00
|
|
|
func TestCoreUnsealedWithConfigSealOpts(t testing.T, barrierConf, recoveryConf *SealConfig, sealOpts *seal.TestSealOpts) (*Core, [][]byte, [][]byte, string) {
|
2019-10-18 18:46:00 +00:00
|
|
|
t.Helper()
|
2017-10-23 17:42:04 +00:00
|
|
|
seal := NewTestSeal(t, sealOpts)
|
|
|
|
core := TestCoreWithSeal(t, seal, false)
|
2018-01-19 06:44:44 +00:00
|
|
|
result, err := core.Initialize(context.Background(), &InitParams{
|
2019-10-18 18:46:00 +00:00
|
|
|
BarrierConfig: barrierConf,
|
|
|
|
RecoveryConfig: recoveryConf,
|
2020-01-11 01:39:52 +00:00
|
|
|
LegacyShamirSeal: sealOpts.StoredKeys == vaultseal.StoredKeysNotSupported,
|
2017-10-23 17:42:04 +00:00
|
|
|
})
|
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("err: %s", err)
|
|
|
|
}
|
2018-09-18 03:03:00 +00:00
|
|
|
err = core.UnsealWithStoredKeys(context.Background())
|
2019-10-18 18:46:00 +00:00
|
|
|
if err != nil && IsFatalError(err) {
|
2018-09-18 03:03:00 +00:00
|
|
|
t.Fatalf("err: %s", err)
|
2017-10-23 17:42:04 +00:00
|
|
|
}
|
2018-07-24 20:57:25 +00:00
|
|
|
if core.Sealed() {
|
2018-09-18 03:03:00 +00:00
|
|
|
for _, key := range result.SecretShares {
|
|
|
|
if _, err := core.Unseal(TestKeyCopy(key)); err != nil {
|
|
|
|
t.Fatalf("unseal err: %s", err)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if core.Sealed() {
|
|
|
|
t.Fatal("should not be sealed")
|
|
|
|
}
|
2017-10-23 17:42:04 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
return core, result.SecretShares, result.RecoveryShares, result.RootToken
|
2016-04-27 20:59:06 +00:00
|
|
|
}
|