Add token generation using go macaroon (#437)
* Add Go macaroon library Signed-off-by: Anant Prakash <anantprakashjsr@gmail.com> * Add macaroon generation and serialization, for login token. Signed-off-by: Anant Prakash <anantprakashjsr@gmail.com> * Remove copyright, trim empty lines * Make Serialize functions private * Fix typos
This commit is contained in:
Anant Prakash
Andrew Morgan
parent
89e0a9e812
commit
afeab7b2d4
37 changed files with 6295 additions and 0 deletions
66
vendor/src/github.com/go-macaroon/macaroon/crypto_test.go
vendored
Normal file
66
vendor/src/github.com/go-macaroon/macaroon/crypto_test.go
vendored
Normal file
|
|
@ -0,0 +1,66 @@
|
|||
package macaroon
|
||||
|
||||
import (
|
||||
"crypto/rand"
|
||||
"fmt"
|
||||
|
||||
"golang.org/x/crypto/nacl/secretbox"
|
||||
gc "gopkg.in/check.v1"
|
||||
)
|
||||
|
||||
type cryptoSuite struct{}
|
||||
|
||||
var _ = gc.Suite(&cryptoSuite{})
|
||||
|
||||
var testCryptKey = &[hashLen]byte{'k', 'e', 'y'}
|
||||
var testCryptText = &[hashLen]byte{'t', 'e', 'x', 't'}
|
||||
|
||||
func (*cryptoSuite) TestEncDec(c *gc.C) {
|
||||
b, err := encrypt(testCryptKey, testCryptText, rand.Reader)
|
||||
c.Assert(err, gc.IsNil)
|
||||
t, err := decrypt(testCryptKey, b)
|
||||
c.Assert(err, gc.IsNil)
|
||||
c.Assert(string(t[:]), gc.Equals, string(testCryptText[:]))
|
||||
}
|
||||
|
||||
func (*cryptoSuite) TestUniqueNonces(c *gc.C) {
|
||||
nonces := make(map[string]struct{})
|
||||
for i := 0; i < 100; i++ {
|
||||
nonce, err := newNonce(rand.Reader)
|
||||
c.Assert(err, gc.IsNil)
|
||||
nonces[string(nonce[:])] = struct{}{}
|
||||
}
|
||||
c.Assert(nonces, gc.HasLen, 100, gc.Commentf("duplicate nonce detected"))
|
||||
}
|
||||
|
||||
type ErrorReader struct{}
|
||||
|
||||
func (*ErrorReader) Read([]byte) (int, error) {
|
||||
return 0, fmt.Errorf("fail")
|
||||
}
|
||||
|
||||
func (*cryptoSuite) TestBadRandom(c *gc.C) {
|
||||
_, err := newNonce(&ErrorReader{})
|
||||
c.Assert(err, gc.ErrorMatches, "^cannot generate random bytes:.*")
|
||||
|
||||
_, err = encrypt(testCryptKey, testCryptText, &ErrorReader{})
|
||||
c.Assert(err, gc.ErrorMatches, "^cannot generate random bytes:.*")
|
||||
}
|
||||
|
||||
func (*cryptoSuite) TestBadCiphertext(c *gc.C) {
|
||||
buf := randomBytes(nonceLen + secretbox.Overhead)
|
||||
for i := range buf {
|
||||
_, err := decrypt(testCryptKey, buf[0:i])
|
||||
c.Assert(err, gc.ErrorMatches, "message too short")
|
||||
}
|
||||
_, err := decrypt(testCryptKey, buf)
|
||||
c.Assert(err, gc.ErrorMatches, "decryption failure")
|
||||
}
|
||||
|
||||
func randomBytes(n int) []byte {
|
||||
buf := make([]byte, n)
|
||||
if _, err := rand.Reader.Read(buf); err != nil {
|
||||
panic(err)
|
||||
}
|
||||
return buf
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue