Documentation ¶
Overview ¶
Package testkms implements a mock type for KeyManagementServiceClientInterface for KMS-based signing code to be tested positively and negatively.
Index ¶
- func InitGrpcKmsTestServers(t testing.TB, m kmspb.KeyManagementServiceServer, i iampb.IAMPolicyServer) grpc.ClientConnInterface
- type FakeKmsServer
- func (s *FakeKmsServer) AsymmetricSign(ctx context.Context, req *kmspb.AsymmetricSignRequest) (*kmspb.AsymmetricSignResponse, error)
- func (s *FakeKmsServer) CreateCryptoKey(_ context.Context, req *kmspb.CreateCryptoKeyRequest) (key *kmspb.CryptoKey, err error)
- func (s *FakeKmsServer) CreateCryptoKeyVersion(_ context.Context, req *kmspb.CreateCryptoKeyVersionRequest) (key *kmspb.CryptoKeyVersion, err error)
- func (s *FakeKmsServer) CreateKeyRing(_ context.Context, req *kmspb.CreateKeyRingRequest) (keyring *kmspb.KeyRing, err error)
- func (s *FakeKmsServer) DestroyCryptoKeyVersion(_ context.Context, req *kmspb.DestroyCryptoKeyVersionRequest) (key *kmspb.CryptoKeyVersion, err error)
- func (s *FakeKmsServer) GetCryptoKey(_ context.Context, req *kmspb.GetCryptoKeyRequest) (key *kmspb.CryptoKey, err error)
- func (s *FakeKmsServer) GetCryptoKeyVersion(_ context.Context, req *kmspb.GetCryptoKeyVersionRequest) (key *kmspb.CryptoKeyVersion, err error)
- func (s *FakeKmsServer) GetKeyRing(_ context.Context, req *kmspb.GetKeyRingRequest) (*kmspb.KeyRing, error)
- func (s *FakeKmsServer) GetPublicKey(ctx context.Context, req *kmspb.GetPublicKeyRequest) (*kmspb.PublicKey, error)
- func (s *FakeKmsServer) ListCryptoKeyVersions(_ context.Context, req *kmspb.ListCryptoKeyVersionsRequest) (*kmspb.ListCryptoKeyVersionsResponse, error)
- func (s *FakeKmsServer) ListCryptoKeys(_ context.Context, req *kmspb.ListCryptoKeysRequest) (*kmspb.ListCryptoKeysResponse, error)
- type IAMPolicyServer
- type KeyManagementServer
- func (s *KeyManagementServer) AddKmsSignatureResponse(toHashAndSign, signature []byte)
- func (s *KeyManagementServer) AddPKResponse(keyVersionName string, signer styp.Signer, t *testing.T)
- func (s *KeyManagementServer) AsymmetricSign(_ context.Context, req *kmspb.AsymmetricSignRequest) (*kmspb.AsymmetricSignResponse, error)
- func (s *KeyManagementServer) Clear()
- func (s *KeyManagementServer) CreateCryptoKey(_ context.Context, req *kmspb.CreateCryptoKeyRequest) (key *kmspb.CryptoKey, err error)
- func (s *KeyManagementServer) CreateCryptoKeyVersion(_ context.Context, req *kmspb.CreateCryptoKeyVersionRequest) (key *kmspb.CryptoKeyVersion, err error)
- func (s *KeyManagementServer) CreateKeyRing(context.Context, *kmspb.CreateKeyRingRequest) (keyring *kmspb.KeyRing, err error)
- func (s *KeyManagementServer) DestroyCryptoKeyVersion(_ context.Context, req *kmspb.DestroyCryptoKeyVersionRequest) (key *kmspb.CryptoKeyVersion, err error)
- func (s *KeyManagementServer) GetCryptoKey(_ context.Context, req *kmspb.GetCryptoKeyRequest) (key *kmspb.CryptoKey, err error)
- func (s *KeyManagementServer) GetCryptoKeyVersion(_ context.Context, req *kmspb.GetCryptoKeyVersionRequest) (key *kmspb.CryptoKeyVersion, err error)
- func (s *KeyManagementServer) GetKeyRing(context.Context, *kmspb.GetKeyRingRequest) (*kmspb.KeyRing, error)
- func (s *KeyManagementServer) GetPublicKey(_ context.Context, req *kmspb.GetPublicKeyRequest) (*kmspb.PublicKey, error)
- func (s *KeyManagementServer) ListCryptoKeyVersions(_ context.Context, req *kmspb.ListCryptoKeyVersionsRequest) (*kmspb.ListCryptoKeyVersionsResponse, error)
- func (s *KeyManagementServer) ListCryptoKeys(context.Context, *kmspb.ListCryptoKeysRequest) (*kmspb.ListCryptoKeysResponse, error)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func InitGrpcKmsTestServers ¶
func InitGrpcKmsTestServers(t testing.TB, m kmspb.KeyManagementServiceServer, i iampb.IAMPolicyServer) grpc.ClientConnInterface
InitGrpcKmsTestServers creates a server for the given KMS and IAMPolicy server implementations and returns gRPC connections that can be used to make clients.
Types ¶
type FakeKmsServer ¶
type FakeKmsServer struct { kmspb.KeyManagementServiceServer Signer *nonprod.Signer // contains filtered or unexported fields }
FakeKmsServer responds to KMS RPCs with non-production signer values. Most metadata is elided since it is not used in this application.
func (*FakeKmsServer) AsymmetricSign ¶
func (s *FakeKmsServer) AsymmetricSign(ctx context.Context, req *kmspb.AsymmetricSignRequest) (*kmspb.AsymmetricSignResponse, error)
AsymmetricSign signs a given digest with a named crypto key version's private key.
func (*FakeKmsServer) CreateCryptoKey ¶
func (s *FakeKmsServer) CreateCryptoKey(_ context.Context, req *kmspb.CreateCryptoKeyRequest) (key *kmspb.CryptoKey, err error)
CreateCryptoKey creates a crypto key and returns its object handle.
func (*FakeKmsServer) CreateCryptoKeyVersion ¶
func (s *FakeKmsServer) CreateCryptoKeyVersion(_ context.Context, req *kmspb.CreateCryptoKeyVersionRequest) (key *kmspb.CryptoKeyVersion, err error)
CreateCryptoKeyVersion creates a new crypto key version under a given crypto key.
func (*FakeKmsServer) CreateKeyRing ¶
func (s *FakeKmsServer) CreateKeyRing(_ context.Context, req *kmspb.CreateKeyRingRequest) (keyring *kmspb.KeyRing, err error)
CreateKeyRing creates a key ring and returns its object handle.
func (*FakeKmsServer) DestroyCryptoKeyVersion ¶
func (s *FakeKmsServer) DestroyCryptoKeyVersion(_ context.Context, req *kmspb.DestroyCryptoKeyVersionRequest) (key *kmspb.CryptoKeyVersion, err error)
DestroyCryptoKeyVersion marks the named crypto key version for destruction. We don't care if the key doesn't exist. Don't error.
func (*FakeKmsServer) GetCryptoKey ¶
func (s *FakeKmsServer) GetCryptoKey(_ context.Context, req *kmspb.GetCryptoKeyRequest) (key *kmspb.CryptoKey, err error)
GetCryptoKey returns the object handle for a named crypto key.
func (*FakeKmsServer) GetCryptoKeyVersion ¶
func (s *FakeKmsServer) GetCryptoKeyVersion(_ context.Context, req *kmspb.GetCryptoKeyVersionRequest) (key *kmspb.CryptoKeyVersion, err error)
GetCryptoKeyVersion returns the object handle for a named crypto key version.
func (*FakeKmsServer) GetKeyRing ¶
func (s *FakeKmsServer) GetKeyRing(_ context.Context, req *kmspb.GetKeyRingRequest) (*kmspb.KeyRing, error)
GetKeyRing returns the keyring object handle for a named keyring.
func (*FakeKmsServer) GetPublicKey ¶
func (s *FakeKmsServer) GetPublicKey(ctx context.Context, req *kmspb.GetPublicKeyRequest) (*kmspb.PublicKey, error)
GetPublicKey returns the named crypto key version's public key.
func (*FakeKmsServer) ListCryptoKeyVersions ¶
func (s *FakeKmsServer) ListCryptoKeyVersions(_ context.Context, req *kmspb.ListCryptoKeyVersionsRequest) (*kmspb.ListCryptoKeyVersionsResponse, error)
ListCryptoKeyVersions returns the crypto key versions under a crypto key.
func (*FakeKmsServer) ListCryptoKeys ¶
func (s *FakeKmsServer) ListCryptoKeys(_ context.Context, req *kmspb.ListCryptoKeysRequest) (*kmspb.ListCryptoKeysResponse, error)
ListCryptoKeys returns the crypto keys under a key ring.
type IAMPolicyServer ¶
type IAMPolicyServer struct {
iampb.IAMPolicyServer
}
IAMPolicyServer is a mock IAM service client server that only deals with no-op policies.
func (*IAMPolicyServer) SetIamPolicy ¶
func (*IAMPolicyServer) SetIamPolicy(_ context.Context, in *iampb.SetIamPolicyRequest) (*iampb.Policy, error)
SetIamPolicy returns the given policy.
type KeyManagementServer ¶
type KeyManagementServer struct { // Embed for forward compatibility. // Tests will keep working if more methods are added // in the future. kmspb.KeyManagementServiceServer // Reqs captures all requests sent in order. Reqs []proto.Message // If set, all calls return this error. Err error // Specialized responses for non-*Response return values UpdateCryptoKeyPrimaryVersionResp *kmspb.CryptoKey CreateCryptoKeyResp map[string]*kmspb.CryptoKey CreateCryptoKeyVersionResp map[string]*kmspb.CryptoKeyVersion DestroyCryptoKeyVersionResp map[string]*kmspb.CryptoKeyVersion GetCryptoKeyResp map[string]*kmspb.CryptoKey GetCryptoKeyVersionResp map[string]*kmspb.CryptoKeyVersion AsymmetricSignResp map[string]*kmspb.AsymmetricSignResponse ListCryptoKeyVersionsResp map[string]*kmspb.ListCryptoKeyVersionsResponse CreateKeyRingErr error CreateCryptoKeyErr map[string]error // Resps represents responses to return if err == nil, and not special-cased by above fields. Resps []proto.Message }
KeyManagementServer represents a crude mock object that implements the Cloud KMS client interface for testing KMS interactions. There is no Cloud KMS-owned mock implementation for others to use, so we just do what we can here.
func (*KeyManagementServer) AddKmsSignatureResponse ¶
func (s *KeyManagementServer) AddKmsSignatureResponse(toHashAndSign, signature []byte)
AddKmsSignatureResponse stores an AsymmetricSign response for the given digest.
func (*KeyManagementServer) AddPKResponse ¶
func (s *KeyManagementServer) AddPKResponse(keyVersionName string, signer styp.Signer, t *testing.T)
AddPKResponse extends s.Resps with the expected response object for a GetPublicKey request using a key in the given signer. Failures use `t` to indicate failure instead of returning an error.
func (*KeyManagementServer) AsymmetricSign ¶
func (s *KeyManagementServer) AsymmetricSign(_ context.Context, req *kmspb.AsymmetricSignRequest) (*kmspb.AsymmetricSignResponse, error)
AsymmetricSign uses an asymmetric key's private key to sign a given digest.
func (*KeyManagementServer) Clear ¶
func (s *KeyManagementServer) Clear()
Clear resets all per-test requests and responses back to empty.
func (*KeyManagementServer) CreateCryptoKey ¶
func (s *KeyManagementServer) CreateCryptoKey(_ context.Context, req *kmspb.CreateCryptoKeyRequest) (key *kmspb.CryptoKey, err error)
CreateCryptoKey creates a new crypto key and returns its object handle.
func (*KeyManagementServer) CreateCryptoKeyVersion ¶
func (s *KeyManagementServer) CreateCryptoKeyVersion(_ context.Context, req *kmspb.CreateCryptoKeyVersionRequest) (key *kmspb.CryptoKeyVersion, err error)
CreateCryptoKeyVersion creates a new crypto key version and returns its object handle.
func (*KeyManagementServer) CreateKeyRing ¶
func (s *KeyManagementServer) CreateKeyRing(context.Context, *kmspb.CreateKeyRingRequest) (keyring *kmspb.KeyRing, err error)
CreateKeyRing creates a new keyring and returns its object handle.
func (*KeyManagementServer) DestroyCryptoKeyVersion ¶
func (s *KeyManagementServer) DestroyCryptoKeyVersion(_ context.Context, req *kmspb.DestroyCryptoKeyVersionRequest) (key *kmspb.CryptoKeyVersion, err error)
DestroyCryptoKeyVersion marks a named crypto key version for destruction.
func (*KeyManagementServer) GetCryptoKey ¶
func (s *KeyManagementServer) GetCryptoKey(_ context.Context, req *kmspb.GetCryptoKeyRequest) (key *kmspb.CryptoKey, err error)
GetCryptoKey returns a CryptoKey object from its resource name.
func (*KeyManagementServer) GetCryptoKeyVersion ¶
func (s *KeyManagementServer) GetCryptoKeyVersion(_ context.Context, req *kmspb.GetCryptoKeyVersionRequest) (key *kmspb.CryptoKeyVersion, err error)
GetCryptoKeyVersion returns a CryptoKeyVersion object from its resource name.
func (*KeyManagementServer) GetKeyRing ¶
func (s *KeyManagementServer) GetKeyRing(context.Context, *kmspb.GetKeyRingRequest) (*kmspb.KeyRing, error)
GetKeyRing returns the first KeyRing response in the mock's list of responses.
func (*KeyManagementServer) GetPublicKey ¶
func (s *KeyManagementServer) GetPublicKey(_ context.Context, req *kmspb.GetPublicKeyRequest) (*kmspb.PublicKey, error)
GetPublicKey returns the name key's public key.
func (*KeyManagementServer) ListCryptoKeyVersions ¶
func (s *KeyManagementServer) ListCryptoKeyVersions(_ context.Context, req *kmspb.ListCryptoKeyVersionsRequest) (*kmspb.ListCryptoKeyVersionsResponse, error)
ListCryptoKeyVersions returns the crypto key versions under a crypto key.
func (*KeyManagementServer) ListCryptoKeys ¶
func (s *KeyManagementServer) ListCryptoKeys(context.Context, *kmspb.ListCryptoKeysRequest) (*kmspb.ListCryptoKeysResponse, error)
ListCryptoKeys returns the crypto keys under a key ring.