forked from TrueCloudLab/certificates
Add NameValidator interface and implement it for azurekms.
This commit is contained in:
parent
abdb56065d
commit
2240ebbadc
4 changed files with 40 additions and 0 deletions
|
@ -29,6 +29,12 @@ type CertificateManager interface {
|
||||||
StoreCertificate(req *StoreCertificateRequest) error
|
StoreCertificate(req *StoreCertificateRequest) error
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// ValidateName is an interface that KeyManager can implement to validate a
|
||||||
|
// given name or URI.
|
||||||
|
type NameValidator interface {
|
||||||
|
ValidateName(s string) error
|
||||||
|
}
|
||||||
|
|
||||||
// ErrNotImplemented is the type of error returned if an operation is not
|
// ErrNotImplemented is the type of error returned if an operation is not
|
||||||
// implemented.
|
// implemented.
|
||||||
type ErrNotImplemented struct {
|
type ErrNotImplemented struct {
|
||||||
|
|
|
@ -268,3 +268,9 @@ func (k *KeyVault) CreateSigner(req *apiv1.CreateSignerRequest) (crypto.Signer,
|
||||||
func (k *KeyVault) Close() error {
|
func (k *KeyVault) Close() error {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// ValidateName validates that the given string is a valid URI.
|
||||||
|
func (k *KeyVault) ValidateName(s string) error {
|
||||||
|
_, _, _, _, err := parseKeyName(s)
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
|
@ -552,3 +552,30 @@ func Test_keyType_KeyType(t *testing.T) {
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func TestKeyVault_ValidateName(t *testing.T) {
|
||||||
|
type args struct {
|
||||||
|
s string
|
||||||
|
}
|
||||||
|
tests := []struct {
|
||||||
|
name string
|
||||||
|
args args
|
||||||
|
wantErr bool
|
||||||
|
}{
|
||||||
|
{"ok", args{"azurekms:name=my-key;vault=my-vault"}, false},
|
||||||
|
{"ok hsm", args{"azurekms:name=my-key;vault=my-vault?hsm=true"}, false},
|
||||||
|
{"fail scheme", args{"azure:name=my-key;vault=my-vault"}, true},
|
||||||
|
{"fail parse uri", args{"azurekms:name=%ZZ;vault=my-vault"}, true},
|
||||||
|
{"fail no name", args{"azurekms:vault=my-vault"}, true},
|
||||||
|
{"fail no vault", args{"azurekms:name=my-key"}, true},
|
||||||
|
{"fail empty", args{""}, true},
|
||||||
|
}
|
||||||
|
for _, tt := range tests {
|
||||||
|
t.Run(tt.name, func(t *testing.T) {
|
||||||
|
k := &KeyVault{}
|
||||||
|
if err := k.ValidateName(tt.args.s); (err != nil) != tt.wantErr {
|
||||||
|
t.Errorf("KeyVault.ValidateName() error = %v, wantErr %v", err, tt.wantErr)
|
||||||
|
}
|
||||||
|
})
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
|
@ -65,6 +65,7 @@ func Test_parseKeyName(t *testing.T) {
|
||||||
{"fail empty name", args{"azurekms:name=;vault=my-vault"}, "", "", "", false, true},
|
{"fail empty name", args{"azurekms:name=;vault=my-vault"}, "", "", "", false, true},
|
||||||
{"fail no vault", args{"azurekms:name=my-key"}, "", "", "", false, true},
|
{"fail no vault", args{"azurekms:name=my-key"}, "", "", "", false, true},
|
||||||
{"fail empty vault", args{"azurekms:name=my-key;vault="}, "", "", "", false, true},
|
{"fail empty vault", args{"azurekms:name=my-key;vault="}, "", "", "", false, true},
|
||||||
|
{"fail empty", args{""}, "", "", "", false, true},
|
||||||
}
|
}
|
||||||
for _, tt := range tests {
|
for _, tt := range tests {
|
||||||
t.Run(tt.name, func(t *testing.T) {
|
t.Run(tt.name, func(t *testing.T) {
|
||||||
|
|
Loading…
Reference in a new issue