Example 1 with AutoGeneratedKeyProvider
use of com.yahoo.vespa.hosted.athenz.instanceproviderservice.AutoGeneratedKeyProvider in project vespa by vespa-engine.
the class InstanceValidatorTest method invalid_signature.
@Test
public void invalid_signature() throws Exception {
KeyProvider keyProvider = new AutoGeneratedKeyProvider();
InstanceValidator instanceValidator = new InstanceValidator(keyProvider, null);
KeyProvider fakeKeyProvider = new AutoGeneratedKeyProvider();
InstanceConfirmation instanceConfirmation = createInstanceConfirmation(fakeKeyProvider.getPrivateKey(0), applicationId, domain, service);
assertFalse(instanceValidator.isInstanceSignatureValid(instanceConfirmation));
}
Also used :
KeyProvider(com.yahoo.vespa.hosted.athenz.instanceproviderservice.KeyProvider)
AutoGeneratedKeyProvider(com.yahoo.vespa.hosted.athenz.instanceproviderservice.AutoGeneratedKeyProvider)
AutoGeneratedKeyProvider(com.yahoo.vespa.hosted.athenz.instanceproviderservice.AutoGeneratedKeyProvider)
Test(org.junit.Test)
Example 2 with AutoGeneratedKeyProvider
use of com.yahoo.vespa.hosted.athenz.instanceproviderservice.AutoGeneratedKeyProvider in project vespa by vespa-engine.
the class InstanceValidatorTest method valid_signature.
@Test
public void valid_signature() throws Exception {
KeyProvider keyProvider = new AutoGeneratedKeyProvider();
InstanceValidator instanceValidator = new InstanceValidator(keyProvider, null);
InstanceConfirmation instanceConfirmation = createInstanceConfirmation(keyProvider.getPrivateKey(0), applicationId, domain, service);
assertTrue(instanceValidator.isInstanceSignatureValid(instanceConfirmation));
}
Also used :
KeyProvider(com.yahoo.vespa.hosted.athenz.instanceproviderservice.KeyProvider)
AutoGeneratedKeyProvider(com.yahoo.vespa.hosted.athenz.instanceproviderservice.AutoGeneratedKeyProvider)
AutoGeneratedKeyProvider(com.yahoo.vespa.hosted.athenz.instanceproviderservice.AutoGeneratedKeyProvider)
Test(org.junit.Test)
Example 3 with AutoGeneratedKeyProvider
use of com.yahoo.vespa.hosted.athenz.instanceproviderservice.AutoGeneratedKeyProvider in project vespa by vespa-engine.
the class IdentityDocumentGeneratorTest method generates_valid_identity_document.
@Test
public void generates_valid_identity_document() throws Exception {
String hostname = "x.y.com";
ApplicationId appid = ApplicationId.from(TenantName.from("tenant"), ApplicationName.from("application"), InstanceName.from("default"));
Allocation allocation = new Allocation(appid, ClusterMembership.from("container/default/0/0", Version.fromString("1.2.3")), Generation.inital(), false);
Node n = Node.create("ostkid", ImmutableSet.of("127.0.0.1"), new HashSet<>(), hostname, Optional.empty(), new MockNodeFlavors().getFlavorOrThrow("default"), NodeType.tenant).with(allocation);
NodeRepository nodeRepository = mock(NodeRepository.class);
when(nodeRepository.getNode(eq(hostname))).thenReturn(Optional.of(n));
AutoGeneratedKeyProvider keyProvider = new AutoGeneratedKeyProvider();
String dnsSuffix = "vespa.dns.suffix";
AthenzProviderServiceConfig config = getAthenzProviderConfig("domain", "service", dnsSuffix, ZONE);
IdentityDocumentGenerator identityDocumentGenerator = new IdentityDocumentGenerator(config, nodeRepository, ZONE, keyProvider);
SignedIdentityDocument signedIdentityDocument = identityDocumentGenerator.generateSignedIdentityDocument(hostname);
// Verify attributes
assertEquals(hostname, signedIdentityDocument.identityDocument.instanceHostname);
String environment = "dev";
String region = "us-north-1";
String expectedZoneDnsSuffix = environment + "-" + region + "." + dnsSuffix;
assertEquals(expectedZoneDnsSuffix, signedIdentityDocument.dnsSuffix);
ProviderUniqueId expectedProviderUniqueId = new ProviderUniqueId("tenant", "application", environment, region, "default", "default", 0);
assertEquals(expectedProviderUniqueId, signedIdentityDocument.identityDocument.providerUniqueId);
// Validate signature
assertTrue("Message", InstanceValidator.isSignatureValid(keyProvider.getPublicKey(0), signedIdentityDocument.rawIdentityDocument, signedIdentityDocument.signature));
}
Also used :
MockNodeFlavors(com.yahoo.vespa.hosted.provision.testutils.MockNodeFlavors)
Allocation(com.yahoo.vespa.hosted.provision.node.Allocation)
Node(com.yahoo.vespa.hosted.provision.Node)
NodeRepository(com.yahoo.vespa.hosted.provision.NodeRepository)
AutoGeneratedKeyProvider(com.yahoo.vespa.hosted.athenz.instanceproviderservice.AutoGeneratedKeyProvider)
AthenzProviderServiceConfig(com.yahoo.vespa.hosted.athenz.instanceproviderservice.config.AthenzProviderServiceConfig)
ApplicationId(com.yahoo.config.provision.ApplicationId)
HashSet(java.util.HashSet)
Test(org.junit.Test)
Aggregations
AutoGeneratedKeyProvider (com.yahoo.vespa.hosted.athenz.instanceproviderservice.AutoGeneratedKeyProvider)3
Test (org.junit.Test)3
KeyProvider (com.yahoo.vespa.hosted.athenz.instanceproviderservice.KeyProvider)2
ApplicationId (com.yahoo.config.provision.ApplicationId)1
AthenzProviderServiceConfig (com.yahoo.vespa.hosted.athenz.instanceproviderservice.config.AthenzProviderServiceConfig)1
Node (com.yahoo.vespa.hosted.provision.Node)1
NodeRepository (com.yahoo.vespa.hosted.provision.NodeRepository)1
Allocation (com.yahoo.vespa.hosted.provision.node.Allocation)1
MockNodeFlavors (com.yahoo.vespa.hosted.provision.testutils.MockNodeFlavors)1
HashSet (java.util.HashSet)1
