open-vault/command/rekey_test.go

package command

import (
	"encoding/hex"
	"os"
	"sort"
	"strings"
	"testing"
	"time"

	"github.com/hashicorp/vault/http"
	"github.com/hashicorp/vault/logical"
	"github.com/hashicorp/vault/meta"
	"github.com/hashicorp/vault/vault"
	"github.com/mitchellh/cli"
)

func TestRekey(t *testing.T) {
	core, key, _ := vault.TestCoreUnsealed(t)
	ln, addr := http.TestServer(t, core)
	defer ln.Close()

	ui := new(cli.MockUi)
	c := &RekeyCommand{
		Key:         hex.EncodeToString(key),
		RecoveryKey: false,
		Meta: meta.Meta{
			Ui: ui,
		},
	}

	args := []string{"-address", addr}
	if code := c.Run(args); code != 0 {
		t.Fatalf("bad: %d\n\n%s", code, ui.ErrorWriter.String())
	}

	config, err := core.SealAccess().BarrierConfig()
	if err != nil {
		t.Fatalf("err: %s", err)
	}
	if config.SecretShares != 5 {
		t.Fatal("should rekey")
	}
}

func TestRekey_arg(t *testing.T) {
	core, key, _ := vault.TestCoreUnsealed(t)
	ln, addr := http.TestServer(t, core)
	defer ln.Close()

	ui := new(cli.MockUi)
	c := &RekeyCommand{
		RecoveryKey: false,
		Meta: meta.Meta{
			Ui: ui,
		},
	}

	args := []string{"-address", addr, hex.EncodeToString(key)}
	if code := c.Run(args); code != 0 {
		t.Fatalf("bad: %d\n\n%s", code, ui.ErrorWriter.String())
	}

	config, err := core.SealAccess().BarrierConfig()
	if err != nil {
		t.Fatalf("err: %s", err)
	}
	if config.SecretShares != 5 {
		t.Fatal("should rekey")
	}
}

func TestRekey_init(t *testing.T) {
	core, key, _ := vault.TestCoreUnsealed(t)
	ln, addr := http.TestServer(t, core)
	defer ln.Close()

	ui := new(cli.MockUi)
	c := &RekeyCommand{
		Key: hex.EncodeToString(key),
		Meta: meta.Meta{
			Ui: ui,
		},
	}

	args := []string{
		"-address", addr,
		"-init",
		"-key-threshold", "10",
		"-key-shares", "10",
	}
	if code := c.Run(args); code != 0 {
		t.Fatalf("bad: %d\n\n%s", code, ui.ErrorWriter.String())
	}

	config, err := core.RekeyConfig(false)
	if err != nil {
		t.Fatalf("err: %s", err)
	}
	if config.SecretShares != 10 {
		t.Fatal("should rekey")
	}
	if config.SecretThreshold != 10 {
		t.Fatal("should rekey")
	}
}

func TestRekey_cancel(t *testing.T) {
	core, key, _ := vault.TestCoreUnsealed(t)
	ln, addr := http.TestServer(t, core)
	defer ln.Close()

	ui := new(cli.MockUi)
	c := &RekeyCommand{
		Key: hex.EncodeToString(key),
		Meta: meta.Meta{
			Ui: ui,
		},
	}

	args := []string{"-address", addr, "-init"}
	if code := c.Run(args); code != 0 {
		t.Fatalf("bad: %d\n\n%s", code, ui.ErrorWriter.String())
	}

	args = []string{"-address", addr, "-cancel"}
	if code := c.Run(args); code != 0 {
		t.Fatalf("bad: %d\n\n%s", code, ui.ErrorWriter.String())
	}

	config, err := core.RekeyConfig(false)
	if err != nil {
		t.Fatalf("err: %s", err)
	}
	if config != nil {
		t.Fatal("should not rekey")
	}
}

func TestRekey_status(t *testing.T) {
	core, key, _ := vault.TestCoreUnsealed(t)
	ln, addr := http.TestServer(t, core)
	defer ln.Close()

	ui := new(cli.MockUi)
	c := &RekeyCommand{
		Key: hex.EncodeToString(key),
		Meta: meta.Meta{
			Ui: ui,
		},
	}

	args := []string{"-address", addr, "-init"}
	if code := c.Run(args); code != 0 {
		t.Fatalf("bad: %d\n\n%s", code, ui.ErrorWriter.String())
	}

	args = []string{"-address", addr, "-status"}
	if code := c.Run(args); code != 0 {
		t.Fatalf("bad: %d\n\n%s", code, ui.ErrorWriter.String())
	}

	if !strings.Contains(string(ui.OutputWriter.Bytes()), "Started: true") {
		t.Fatalf("bad: %s", ui.OutputWriter.String())
	}
}

func TestRekey_init_pgp(t *testing.T) {
	core, key, token := vault.TestCoreUnsealed(t)
	ln, addr := http.TestServer(t, core)
	defer ln.Close()

	bc := &logical.BackendConfig{
		Logger: nil,
		System: logical.StaticSystemView{
			DefaultLeaseTTLVal: time.Hour * 24,
			MaxLeaseTTLVal:     time.Hour * 24 * 32,
		},
	}
	sysBackend, err := vault.NewSystemBackend(core, bc)
	if err != nil {
		t.Fatal(err)
	}

	ui := new(cli.MockUi)
	c := &RekeyCommand{
		Key: hex.EncodeToString(key),
		Meta: meta.Meta{
			Ui: ui,
		},
	}

	tempDir, pubFiles, err := getPubKeyFiles(t)
	if err != nil {
		t.Fatal(err)
	}
	defer os.RemoveAll(tempDir)

	args := []string{
		"-address", addr,
		"-init",
		"-key-shares", "4",
		"-pgp-keys", pubFiles[0] + ",@" + pubFiles[1] + "," + pubFiles[2] + "," + pubFiles[3],
		"-key-threshold", "2",
		"-backup", "true",
	}

	if code := c.Run(args); code != 0 {
		t.Fatalf("bad: %d\n\n%s", code, ui.ErrorWriter.String())
	}

	config, err := core.RekeyConfig(false)
	if err != nil {
		t.Fatalf("err: %s", err)
	}
	if config.SecretShares != 4 {
		t.Fatal("should rekey")
	}
	if config.SecretThreshold != 2 {
		t.Fatal("should rekey")
	}

	c.Nonce = config.Nonce

	args = []string{
		"-address", addr,
	}
	if code := c.Run(args); code != 0 {
		t.Fatalf("bad: %d\n\n%s", code, ui.ErrorWriter.String())
	}

	type backupStruct struct {
		Keys    map[string][]string
		KeysB64 map[string][]string
	}
	backupVals := &backupStruct{}

	req := logical.TestRequest(t, logical.ReadOperation, "rekey/backup")
	resp, err := sysBackend.HandleRequest(req)
	if err != nil {
		t.Fatalf("error running backed-up unseal key fetch: %v", err)
	}
	if resp == nil {
		t.Fatalf("got nil resp with unseal key fetch")
	}
	if resp.Data["keys"] == nil {
		t.Fatalf("could not retrieve unseal keys from token")
	}
	if resp.Data["nonce"] != config.Nonce {
		t.Fatalf("nonce mismatch between rekey and backed-up keys")
	}

	backupVals.Keys = resp.Data["keys"].(map[string][]string)
	backupVals.KeysB64 = resp.Data["keys_base64"].(map[string][]string)

	// Now delete and try again; the values should be inaccessible
	req = logical.TestRequest(t, logical.DeleteOperation, "rekey/backup")
	resp, err = sysBackend.HandleRequest(req)
	if err != nil {
		t.Fatalf("error running backed-up unseal key delete: %v", err)
	}
	req = logical.TestRequest(t, logical.ReadOperation, "rekey/backup")
	resp, err = sysBackend.HandleRequest(req)
	if err != nil {
		t.Fatalf("error running backed-up unseal key fetch: %v", err)
	}
	if resp == nil {
		t.Fatalf("got nil resp with unseal key fetch")
	}
	if resp.Data["keys"] != nil {
		t.Fatalf("keys found when they should have been deleted")
	}

	// Sort, because it'll be tested with DeepEqual later
	for k, _ := range backupVals.Keys {
		sort.Strings(backupVals.Keys[k])
		sort.Strings(backupVals.KeysB64[k])
	}

	parseDecryptAndTestUnsealKeys(t, ui.OutputWriter.String(), token, true, backupVals.Keys, backupVals.KeysB64, core)
}
command/rekey: adding tests 2015-05-28 22:22:42 +00:00			`package command`

			`import (`
			`"encoding/hex"`
Add support for pgp-keys argument to rekey, as well as tests, plus refactor common bits out of init. 2015-08-25 21:24:19 +00:00			`"os"`
Fix up PGP tests from earlier code fixes 2016-01-09 03:21:41 +00:00			`"sort"`
command/rekey: adding tests 2015-05-28 22:22:42 +00:00			`"strings"`
			`"testing"`
Add rekey nonce/backup. 2015-12-16 21:56:15 +00:00			`"time"`
command/rekey: adding tests 2015-05-28 22:22:42 +00:00
			`"github.com/hashicorp/vault/http"`
Add rekey nonce/backup. 2015-12-16 21:56:15 +00:00			`"github.com/hashicorp/vault/logical"`
Move meta into its own package 2016-04-01 17:16:05 +00:00			`"github.com/hashicorp/vault/meta"`
command/rekey: adding tests 2015-05-28 22:22:42 +00:00			`"github.com/hashicorp/vault/vault"`
			`"github.com/mitchellh/cli"`
			`)`

			`func TestRekey(t *testing.T) {`
			`core, key, _ := vault.TestCoreUnsealed(t)`
			`ln, addr := http.TestServer(t, core)`
			`defer ln.Close()`

			`ui := new(cli.MockUi)`
			`c := &RekeyCommand{`
SealInterface 2016-04-04 14:44:22 +00:00			`Key: hex.EncodeToString(key),`
			`RecoveryKey: false,`
Move meta into its own package 2016-04-01 17:16:05 +00:00			`Meta: meta.Meta{`
command/rekey: adding tests 2015-05-28 22:22:42 +00:00			`Ui: ui,`
			`},`
			`}`

			`args := []string{"-address", addr}`
			`if code := c.Run(args); code != 0 {`
			`t.Fatalf("bad: %d\n\n%s", code, ui.ErrorWriter.String())`
			`}`

SealInterface 2016-04-04 14:44:22 +00:00			`config, err := core.SealAccess().BarrierConfig()`
command/rekey: adding tests 2015-05-28 22:22:42 +00:00			`if err != nil {`
			`t.Fatalf("err: %s", err)`
			`}`
			`if config.SecretShares != 5 {`
			`t.Fatal("should rekey")`
			`}`
			`}`

			`func TestRekey_arg(t *testing.T) {`
			`core, key, _ := vault.TestCoreUnsealed(t)`
			`ln, addr := http.TestServer(t, core)`
			`defer ln.Close()`

			`ui := new(cli.MockUi)`
			`c := &RekeyCommand{`
SealInterface 2016-04-04 14:44:22 +00:00			`RecoveryKey: false,`
Move meta into its own package 2016-04-01 17:16:05 +00:00			`Meta: meta.Meta{`
command/rekey: adding tests 2015-05-28 22:22:42 +00:00			`Ui: ui,`
			`},`
			`}`

			`args := []string{"-address", addr, hex.EncodeToString(key)}`
			`if code := c.Run(args); code != 0 {`
			`t.Fatalf("bad: %d\n\n%s", code, ui.ErrorWriter.String())`
			`}`

SealInterface 2016-04-04 14:44:22 +00:00			`config, err := core.SealAccess().BarrierConfig()`
command/rekey: adding tests 2015-05-28 22:22:42 +00:00			`if err != nil {`
			`t.Fatalf("err: %s", err)`
			`}`
			`if config.SecretShares != 5 {`
			`t.Fatal("should rekey")`
			`}`
			`}`

			`func TestRekey_init(t *testing.T) {`
			`core, key, _ := vault.TestCoreUnsealed(t)`
			`ln, addr := http.TestServer(t, core)`
			`defer ln.Close()`

			`ui := new(cli.MockUi)`
			`c := &RekeyCommand{`
			`Key: hex.EncodeToString(key),`
Move meta into its own package 2016-04-01 17:16:05 +00:00			`Meta: meta.Meta{`
command/rekey: adding tests 2015-05-28 22:22:42 +00:00			`Ui: ui,`
			`},`
			`}`

Add rekey nonce/backup. 2015-12-16 21:56:15 +00:00			`args := []string{`
			`"-address", addr,`
			`"-init",`
			`"-key-threshold", "10",`
			`"-key-shares", "10",`
			`}`
command/rekey: adding tests 2015-05-28 22:22:42 +00:00			`if code := c.Run(args); code != 0 {`
			`t.Fatalf("bad: %d\n\n%s", code, ui.ErrorWriter.String())`
			`}`

SealInterface 2016-04-04 14:44:22 +00:00			`config, err := core.RekeyConfig(false)`
command/rekey: adding tests 2015-05-28 22:22:42 +00:00			`if err != nil {`
			`t.Fatalf("err: %s", err)`
			`}`
			`if config.SecretShares != 10 {`
			`t.Fatal("should rekey")`
			`}`
			`if config.SecretThreshold != 10 {`
			`t.Fatal("should rekey")`
			`}`
			`}`

			`func TestRekey_cancel(t *testing.T) {`
			`core, key, _ := vault.TestCoreUnsealed(t)`
			`ln, addr := http.TestServer(t, core)`
			`defer ln.Close()`

			`ui := new(cli.MockUi)`
			`c := &RekeyCommand{`
			`Key: hex.EncodeToString(key),`
Move meta into its own package 2016-04-01 17:16:05 +00:00			`Meta: meta.Meta{`
command/rekey: adding tests 2015-05-28 22:22:42 +00:00			`Ui: ui,`
			`},`
			`}`

			`args := []string{"-address", addr, "-init"}`
			`if code := c.Run(args); code != 0 {`
			`t.Fatalf("bad: %d\n\n%s", code, ui.ErrorWriter.String())`
			`}`

			`args = []string{"-address", addr, "-cancel"}`
			`if code := c.Run(args); code != 0 {`
			`t.Fatalf("bad: %d\n\n%s", code, ui.ErrorWriter.String())`
			`}`

SealInterface 2016-04-04 14:44:22 +00:00			`config, err := core.RekeyConfig(false)`
command/rekey: adding tests 2015-05-28 22:22:42 +00:00			`if err != nil {`
			`t.Fatalf("err: %s", err)`
			`}`
			`if config != nil {`
			`t.Fatal("should not rekey")`
			`}`
			`}`

			`func TestRekey_status(t *testing.T) {`
			`core, key, _ := vault.TestCoreUnsealed(t)`
			`ln, addr := http.TestServer(t, core)`
			`defer ln.Close()`

			`ui := new(cli.MockUi)`
			`c := &RekeyCommand{`
			`Key: hex.EncodeToString(key),`
Move meta into its own package 2016-04-01 17:16:05 +00:00			`Meta: meta.Meta{`
command/rekey: adding tests 2015-05-28 22:22:42 +00:00			`Ui: ui,`
			`},`
			`}`

			`args := []string{"-address", addr, "-init"}`
			`if code := c.Run(args); code != 0 {`
			`t.Fatalf("bad: %d\n\n%s", code, ui.ErrorWriter.String())`
			`}`

			`args = []string{"-address", addr, "-status"}`
			`if code := c.Run(args); code != 0 {`
			`t.Fatalf("bad: %d\n\n%s", code, ui.ErrorWriter.String())`
			`}`

			`if !strings.Contains(string(ui.OutputWriter.Bytes()), "Started: true") {`
			`t.Fatalf("bad: %s", ui.OutputWriter.String())`
			`}`
			`}`
Add support for pgp-keys argument to rekey, as well as tests, plus refactor common bits out of init. 2015-08-25 21:24:19 +00:00
			`func TestRekey_init_pgp(t *testing.T) {`
			`core, key, token := vault.TestCoreUnsealed(t)`
			`ln, addr := http.TestServer(t, core)`
			`defer ln.Close()`

Add rekey nonce/backup. 2015-12-16 21:56:15 +00:00			`bc := &logical.BackendConfig{`
			`Logger: nil,`
			`System: logical.StaticSystemView{`
			`DefaultLeaseTTLVal: time.Hour * 24,`
Change default TTL from 30 to 32 to accommodate monthly operations (#1942) 2016-09-28 22:32:49 +00:00			`MaxLeaseTTLVal: time.Hour * 24 * 32,`
Add rekey nonce/backup. 2015-12-16 21:56:15 +00:00			`},`
			`}`
Wrapping enhancements (#1927) 2016-09-29 04:01:28 +00:00			`sysBackend, err := vault.NewSystemBackend(core, bc)`
			`if err != nil {`
			`t.Fatal(err)`
			`}`
Add rekey nonce/backup. 2015-12-16 21:56:15 +00:00
Add support for pgp-keys argument to rekey, as well as tests, plus refactor common bits out of init. 2015-08-25 21:24:19 +00:00			`ui := new(cli.MockUi)`
			`c := &RekeyCommand{`
			`Key: hex.EncodeToString(key),`
Move meta into its own package 2016-04-01 17:16:05 +00:00			`Meta: meta.Meta{`
Add support for pgp-keys argument to rekey, as well as tests, plus refactor common bits out of init. 2015-08-25 21:24:19 +00:00			`Ui: ui,`
			`},`
			`}`

			`tempDir, pubFiles, err := getPubKeyFiles(t)`
			`if err != nil {`
			`t.Fatal(err)`
			`}`
			`defer os.RemoveAll(tempDir)`

			`args := []string{`
			`"-address", addr,`
			`"-init",`
Allow ASCII-armored PGP pub keys to be passed into -pgp-keys. Fixes #940 2016-01-18 22:01:52 +00:00			`"-key-shares", "4",`
			`"-pgp-keys", pubFiles[0] + ",@" + pubFiles[1] + "," + pubFiles[2] + "," + pubFiles[3],`
Address comments from review. 2015-08-25 22:33:58 +00:00			`"-key-threshold", "2",`
Add rekey nonce/backup. 2015-12-16 21:56:15 +00:00			`"-backup", "true",`
Add support for pgp-keys argument to rekey, as well as tests, plus refactor common bits out of init. 2015-08-25 21:24:19 +00:00			`}`

			`if code := c.Run(args); code != 0 {`
			`t.Fatalf("bad: %d\n\n%s", code, ui.ErrorWriter.String())`
			`}`

SealInterface 2016-04-04 14:44:22 +00:00			`config, err := core.RekeyConfig(false)`
Add support for pgp-keys argument to rekey, as well as tests, plus refactor common bits out of init. 2015-08-25 21:24:19 +00:00			`if err != nil {`
			`t.Fatalf("err: %s", err)`
			`}`
Allow ASCII-armored PGP pub keys to be passed into -pgp-keys. Fixes #940 2016-01-18 22:01:52 +00:00			`if config.SecretShares != 4 {`
Add support for pgp-keys argument to rekey, as well as tests, plus refactor common bits out of init. 2015-08-25 21:24:19 +00:00			`t.Fatal("should rekey")`
			`}`
			`if config.SecretThreshold != 2 {`
			`t.Fatal("should rekey")`
			`}`

Add rekey nonce/backup. 2015-12-16 21:56:15 +00:00			`c.Nonce = config.Nonce`

Add support for pgp-keys argument to rekey, as well as tests, plus refactor common bits out of init. 2015-08-25 21:24:19 +00:00			`args = []string{`
			`"-address", addr,`
			`}`
			`if code := c.Run(args); code != 0 {`
			`t.Fatalf("bad: %d\n\n%s", code, ui.ErrorWriter.String())`
			`}`

Add rekey nonce/backup. 2015-12-16 21:56:15 +00:00			`type backupStruct struct {`
Provide base64 keys in addition to hex encoded. (#1734) * Provide base64 keys in addition to hex encoded. Accept these at unseal/rekey time. Also fix a bug where backup would not be honored when doing a rekey with no operation currently ongoing. 2016-08-15 20:01:15 +00:00			`Keys map[string][]string`
			`KeysB64 map[string][]string`
Add rekey nonce/backup. 2015-12-16 21:56:15 +00:00			`}`
			`backupVals := &backupStruct{}`

			`req := logical.TestRequest(t, logical.ReadOperation, "rekey/backup")`
			`resp, err := sysBackend.HandleRequest(req)`
			`if err != nil {`
			`t.Fatalf("error running backed-up unseal key fetch: %v", err)`
			`}`
			`if resp == nil {`
			`t.Fatalf("got nil resp with unseal key fetch")`
			`}`
			`if resp.Data["keys"] == nil {`
			`t.Fatalf("could not retrieve unseal keys from token")`
			`}`
			`if resp.Data["nonce"] != config.Nonce {`
			`t.Fatalf("nonce mismatch between rekey and backed-up keys")`
			`}`

Fix up PGP tests from earlier code fixes 2016-01-09 03:21:41 +00:00			`backupVals.Keys = resp.Data["keys"].(map[string][]string)`
Provide base64 keys in addition to hex encoded. (#1734) * Provide base64 keys in addition to hex encoded. Accept these at unseal/rekey time. Also fix a bug where backup would not be honored when doing a rekey with no operation currently ongoing. 2016-08-15 20:01:15 +00:00			`backupVals.KeysB64 = resp.Data["keys_base64"].(map[string][]string)`
Add rekey nonce/backup. 2015-12-16 21:56:15 +00:00
			`// Now delete and try again; the values should be inaccessible`
			`req = logical.TestRequest(t, logical.DeleteOperation, "rekey/backup")`
			`resp, err = sysBackend.HandleRequest(req)`
			`if err != nil {`
			`t.Fatalf("error running backed-up unseal key delete: %v", err)`
			`}`
			`req = logical.TestRequest(t, logical.ReadOperation, "rekey/backup")`
			`resp, err = sysBackend.HandleRequest(req)`
			`if err != nil {`
			`t.Fatalf("error running backed-up unseal key fetch: %v", err)`
			`}`
			`if resp == nil {`
			`t.Fatalf("got nil resp with unseal key fetch")`
			`}`
			`if resp.Data["keys"] != nil {`
			`t.Fatalf("keys found when they should have been deleted")`
			`}`

Fix up PGP tests from earlier code fixes 2016-01-09 03:21:41 +00:00			`// Sort, because it'll be tested with DeepEqual later`
			`for k, _ := range backupVals.Keys {`
			`sort.Strings(backupVals.Keys[k])`
Provide base64 keys in addition to hex encoded. (#1734) * Provide base64 keys in addition to hex encoded. Accept these at unseal/rekey time. Also fix a bug where backup would not be honored when doing a rekey with no operation currently ongoing. 2016-08-15 20:01:15 +00:00			`sort.Strings(backupVals.KeysB64[k])`
Fix up PGP tests from earlier code fixes 2016-01-09 03:21:41 +00:00			`}`

Provide base64 keys in addition to hex encoded. (#1734) * Provide base64 keys in addition to hex encoded. Accept these at unseal/rekey time. Also fix a bug where backup would not be honored when doing a rekey with no operation currently ongoing. 2016-08-15 20:01:15 +00:00			`parseDecryptAndTestUnsealKeys(t, ui.OutputWriter.String(), token, true, backupVals.Keys, backupVals.KeysB64, core)`
Add support for pgp-keys argument to rekey, as well as tests, plus refactor common bits out of init. 2015-08-25 21:24:19 +00:00			`}`