github.com/nats-io/nats-server/v2@v2.11.0-preview.2/server/trust_test.go (about) 1 // Copyright 2018 The NATS Authors 2 // Licensed under the Apache License, Version 2.0 (the "License"); 3 // you may not use this file except in compliance with the License. 4 // You may obtain a copy of the License at 5 // 6 // http://www.apache.org/licenses/LICENSE-2.0 7 // 8 // Unless required by applicable law or agreed to in writing, software 9 // distributed under the License is distributed on an "AS IS" BASIS, 10 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 // See the License for the specific language governing permissions and 12 // limitations under the License. 13 14 package server 15 16 import ( 17 "fmt" 18 "strings" 19 "testing" 20 ) 21 22 const ( 23 t1 = "OBYEOZQ46VZMFMNETBAW2H6VGDSOBLP67VUEZJ5LPR3PIZBWWRIY4UI4" 24 t2 = "OAHC7NGAHG3YVPTD6QOUFZGPM2OMU6EOS67O2VHBUOA6BJLPTWFHGLKU" 25 ) 26 27 func TestStampedTrustedKeys(t *testing.T) { 28 opts := DefaultOptions() 29 defer func() { trustedKeys = "" }() 30 31 // Set this to a bad key. We require valid operator public keys. 32 trustedKeys = "bad" 33 if s := New(opts); s != nil { 34 s.Shutdown() 35 t.Fatalf("Expected a bad trustedKeys to return nil server") 36 } 37 38 trustedKeys = t1 39 s := New(opts) 40 if s == nil { 41 t.Fatalf("Expected non-nil server") 42 } 43 if len(s.trustedKeys) != 1 || s.trustedKeys[0] != t1 { 44 t.Fatalf("Trusted Nkeys not setup properly") 45 } 46 trustedKeys = strings.Join([]string{t1, t2}, " ") 47 if s = New(opts); s == nil { 48 t.Fatalf("Expected non-nil server") 49 } 50 if len(s.trustedKeys) != 2 || s.trustedKeys[0] != t1 || s.trustedKeys[1] != t2 { 51 t.Fatalf("Trusted Nkeys not setup properly") 52 } 53 54 opts.TrustedKeys = []string{"OVERRIDE ME"} 55 if s = New(opts); s != nil { 56 t.Fatalf("Expected opts.TrustedKeys to return nil server") 57 } 58 } 59 60 func TestTrustedKeysOptions(t *testing.T) { 61 trustedKeys = "" 62 opts := DefaultOptions() 63 opts.TrustedKeys = []string{"bad"} 64 if s := New(opts); s != nil { 65 s.Shutdown() 66 t.Fatalf("Expected a bad opts.TrustedKeys to return nil server") 67 } 68 opts.TrustedKeys = []string{t1} 69 s := New(opts) 70 if s == nil { 71 t.Fatalf("Expected non-nil server") 72 } 73 if len(s.trustedKeys) != 1 || s.trustedKeys[0] != t1 { 74 t.Fatalf("Trusted Nkeys not setup properly via options") 75 } 76 opts.TrustedKeys = []string{t1, t2} 77 if s = New(opts); s == nil { 78 t.Fatalf("Expected non-nil server") 79 } 80 if len(s.trustedKeys) != 2 || s.trustedKeys[0] != t1 || s.trustedKeys[1] != t2 { 81 t.Fatalf("Trusted Nkeys not setup properly via options") 82 } 83 } 84 85 func TestTrustConfigOption(t *testing.T) { 86 confFileName := createConfFile(t, []byte(fmt.Sprintf("trusted = %q", t1))) 87 opts, err := ProcessConfigFile(confFileName) 88 if err != nil { 89 t.Fatalf("Error parsing config: %v", err) 90 } 91 if l := len(opts.TrustedKeys); l != 1 { 92 t.Fatalf("Expected 1 trusted key, got %d", l) 93 } 94 if opts.TrustedKeys[0] != t1 { 95 t.Fatalf("Expected trusted key to be %q, got %q", t1, opts.TrustedKeys[0]) 96 } 97 98 confFileName = createConfFile(t, []byte(fmt.Sprintf("trusted = [%q, %q]", t1, t2))) 99 opts, err = ProcessConfigFile(confFileName) 100 if err != nil { 101 t.Fatalf("Error parsing config: %v", err) 102 } 103 if l := len(opts.TrustedKeys); l != 2 { 104 t.Fatalf("Expected 2 trusted key, got %d", l) 105 } 106 if opts.TrustedKeys[0] != t1 { 107 t.Fatalf("Expected trusted key to be %q, got %q", t1, opts.TrustedKeys[0]) 108 } 109 if opts.TrustedKeys[1] != t2 { 110 t.Fatalf("Expected trusted key to be %q, got %q", t2, opts.TrustedKeys[1]) 111 } 112 113 // Now do a bad one. 114 confFileName = createConfFile(t, []byte(fmt.Sprintf("trusted = [%q, %q]", t1, "bad"))) 115 _, err = ProcessConfigFile(confFileName) 116 if err == nil { 117 t.Fatalf("Expected an error parsing trust keys with a bad key") 118 } 119 }