Add NameValidator interface and implement it for azurekms.

This commit is contained in:
Mariano Cano 2021-10-07 17:19:55 -07:00
parent abdb56065d
commit 2240ebbadc
4 changed files with 40 additions and 0 deletions

View file

@ -29,6 +29,12 @@ type CertificateManager interface {
StoreCertificate(req *StoreCertificateRequest) error StoreCertificate(req *StoreCertificateRequest) error
} }
// ValidateName is an interface that KeyManager can implement to validate a
// given name or URI.
type NameValidator interface {
ValidateName(s string) error
}
// ErrNotImplemented is the type of error returned if an operation is not // ErrNotImplemented is the type of error returned if an operation is not
// implemented. // implemented.
type ErrNotImplemented struct { type ErrNotImplemented struct {

View file

@ -268,3 +268,9 @@ func (k *KeyVault) CreateSigner(req *apiv1.CreateSignerRequest) (crypto.Signer,
func (k *KeyVault) Close() error { func (k *KeyVault) Close() error {
return nil return nil
} }
// ValidateName validates that the given string is a valid URI.
func (k *KeyVault) ValidateName(s string) error {
_, _, _, _, err := parseKeyName(s)
return err
}

View file

@ -552,3 +552,30 @@ func Test_keyType_KeyType(t *testing.T) {
}) })
} }
} }
func TestKeyVault_ValidateName(t *testing.T) {
type args struct {
s string
}
tests := []struct {
name string
args args
wantErr bool
}{
{"ok", args{"azurekms:name=my-key;vault=my-vault"}, false},
{"ok hsm", args{"azurekms:name=my-key;vault=my-vault?hsm=true"}, false},
{"fail scheme", args{"azure:name=my-key;vault=my-vault"}, true},
{"fail parse uri", args{"azurekms:name=%ZZ;vault=my-vault"}, true},
{"fail no name", args{"azurekms:vault=my-vault"}, true},
{"fail no vault", args{"azurekms:name=my-key"}, true},
{"fail empty", args{""}, true},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
k := &KeyVault{}
if err := k.ValidateName(tt.args.s); (err != nil) != tt.wantErr {
t.Errorf("KeyVault.ValidateName() error = %v, wantErr %v", err, tt.wantErr)
}
})
}
}

View file

@ -65,6 +65,7 @@ func Test_parseKeyName(t *testing.T) {
{"fail empty name", args{"azurekms:name=;vault=my-vault"}, "", "", "", false, true}, {"fail empty name", args{"azurekms:name=;vault=my-vault"}, "", "", "", false, true},
{"fail no vault", args{"azurekms:name=my-key"}, "", "", "", false, true}, {"fail no vault", args{"azurekms:name=my-key"}, "", "", "", false, true},
{"fail empty vault", args{"azurekms:name=my-key;vault="}, "", "", "", false, true}, {"fail empty vault", args{"azurekms:name=my-key;vault="}, "", "", "", false, true},
{"fail empty", args{""}, "", "", "", false, true},
} }
for _, tt := range tests { for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) { t.Run(tt.name, func(t *testing.T) {