open-vault/vault/seal_testing.go

53 lines
1.5 KiB
Go
Raw Normal View History

// Copyright (c) HashiCorp, Inc.
// SPDX-License-Identifier: MPL-2.0
2016-04-26 00:14:16 +00:00
package vault
import (
"context"
"github.com/hashicorp/vault/vault/seal"
vaultseal "github.com/hashicorp/vault/vault/seal"
testing "github.com/mitchellh/go-testing-interface"
2016-04-26 00:14:16 +00:00
)
func TestCoreUnsealedWithConfigs(t testing.T, barrierConf, recoveryConf *SealConfig) (*Core, [][]byte, [][]byte, string) {
2018-09-18 03:03:00 +00:00
t.Helper()
opts := &seal.TestSealOpts{}
2018-09-18 03:03:00 +00:00
if recoveryConf == nil {
opts.StoredKeys = seal.StoredKeysSupportedShamirRoot
2016-04-27 20:59:06 +00:00
}
return TestCoreUnsealedWithConfigSealOpts(t, barrierConf, recoveryConf, opts)
2017-10-23 17:42:04 +00:00
}
func TestCoreUnsealedWithConfigSealOpts(t testing.T, barrierConf, recoveryConf *SealConfig, sealOpts *seal.TestSealOpts) (*Core, [][]byte, [][]byte, string) {
t.Helper()
2017-10-23 17:42:04 +00:00
seal := NewTestSeal(t, sealOpts)
core := TestCoreWithSeal(t, seal, false)
result, err := core.Initialize(context.Background(), &InitParams{
BarrierConfig: barrierConf,
RecoveryConfig: recoveryConf,
LegacyShamirSeal: sealOpts.StoredKeys == vaultseal.StoredKeysNotSupported,
2017-10-23 17:42:04 +00:00
})
if err != nil {
t.Fatalf("err: %s", err)
}
2018-09-18 03:03:00 +00:00
err = core.UnsealWithStoredKeys(context.Background())
if err != nil && IsFatalError(err) {
2018-09-18 03:03:00 +00:00
t.Fatalf("err: %s", err)
2017-10-23 17:42:04 +00:00
}
if core.Sealed() {
2018-09-18 03:03:00 +00:00
for _, key := range result.SecretShares {
if _, err := core.Unseal(TestKeyCopy(key)); err != nil {
t.Fatalf("unseal err: %s", err)
}
}
if core.Sealed() {
t.Fatal("should not be sealed")
}
2017-10-23 17:42:04 +00:00
}
return core, result.SecretShares, result.RecoveryShares, result.RootToken
2016-04-27 20:59:06 +00:00
}