github.com/vmware/govmomi@v0.51.0/crypto/manager_kmip_test.go (about) 1 // © Broadcom. All Rights Reserved. 2 // The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries. 3 // SPDX-License-Identifier: Apache-2.0 4 5 package crypto_test 6 7 import ( 8 "context" 9 "math" 10 "testing" 11 12 "github.com/google/uuid" 13 "github.com/stretchr/testify/assert" 14 15 "github.com/vmware/govmomi/crypto" 16 "github.com/vmware/govmomi/fault" 17 "github.com/vmware/govmomi/object" 18 "github.com/vmware/govmomi/simulator" 19 "github.com/vmware/govmomi/vim25" 20 "github.com/vmware/govmomi/vim25/types" 21 ) 22 23 // CryptoManagerKmip should implement the Reference interface. 24 var _ object.Reference = crypto.ManagerKmip{} 25 26 func TestCryptoManagerKmip(t *testing.T) { 27 28 t.Run("RegisterKmipCluster", func(t *testing.T) { 29 simulator.Test(func(ctx context.Context, c *vim25.Client) { 30 m, err := crypto.GetManagerKmip(c) 31 assert.NoError(t, err) 32 33 providerID := uuid.NewString() 34 35 assert.NoError(t, m.RegisterKmsCluster( 36 ctx, 37 providerID, 38 types.KmipClusterInfoKmsManagementTypeUnknown)) 39 40 isValid, err := m.IsValidProvider(ctx, providerID) 41 assert.NoError(t, err) 42 assert.True(t, isValid) 43 44 err = m.RegisterKmsCluster( 45 ctx, 46 providerID, 47 types.KmipClusterInfoKmsManagementTypeUnknown) 48 assert.EqualError(t, err, "ServerFaultCode: Already registered") 49 assert.True(t, fault.Is(err, &types.RuntimeFault{})) 50 }) 51 }) 52 53 t.Run("GetClusterStatus", func(t *testing.T) { 54 simulator.Test(func(ctx context.Context, c *vim25.Client) { 55 m, err := crypto.GetManagerKmip(c) 56 assert.NoError(t, err) 57 58 providerID := uuid.NewString() 59 60 status, err := m.GetClusterStatus(ctx, providerID) 61 assert.EqualError(t, err, "invalid cluster ID") 62 assert.Nil(t, status) 63 64 assert.NoError(t, m.RegisterKmsCluster( 65 ctx, 66 providerID, 67 types.KmipClusterInfoKmsManagementTypeUnknown)) 68 69 status, err = m.GetClusterStatus(ctx, providerID) 70 assert.NoError(t, err) 71 assert.NotNil(t, status) 72 assert.Equal(t, providerID, status.ClusterId.Id) 73 }) 74 }) 75 76 t.Run("UnregisterKmsCluster", func(t *testing.T) { 77 simulator.Test(func(ctx context.Context, c *vim25.Client) { 78 m, err := crypto.GetManagerKmip(c) 79 assert.NoError(t, err) 80 81 providerID := uuid.NewString() 82 83 err = m.UnregisterKmsCluster(ctx, providerID) 84 assert.EqualError(t, err, "ServerFaultCode: Invalid cluster ID") 85 assert.True(t, fault.Is(err, &types.RuntimeFault{})) 86 87 assert.NoError(t, m.RegisterKmsCluster( 88 ctx, 89 providerID, 90 types.KmipClusterInfoKmsManagementTypeUnknown)) 91 92 isValid, err := m.IsValidProvider(ctx, providerID) 93 assert.NoError(t, err) 94 assert.True(t, isValid) 95 96 assert.NoError(t, m.UnregisterKmsCluster(ctx, providerID)) 97 98 isValid, err = m.IsValidProvider(ctx, providerID) 99 assert.NoError(t, err) 100 assert.False(t, isValid) 101 }) 102 }) 103 104 t.Run("IsValidProvider", func(t *testing.T) { 105 simulator.Test(func(ctx context.Context, c *vim25.Client) { 106 m, err := crypto.GetManagerKmip(c) 107 assert.NoError(t, err) 108 109 providerID := uuid.NewString() 110 111 ok, err := m.IsValidProvider(ctx, providerID) 112 assert.NoError(t, err) 113 assert.False(t, ok) 114 115 assert.NoError(t, m.RegisterKmsCluster( 116 ctx, 117 providerID, 118 types.KmipClusterInfoKmsManagementTypeUnknown)) 119 120 ok, err = m.IsValidProvider(ctx, providerID) 121 assert.NoError(t, err) 122 assert.True(t, ok) 123 }) 124 }) 125 126 t.Run("GetDefaultKmsClusterID", func(t *testing.T) { 127 simulator.Test(func(ctx context.Context, c *vim25.Client) { 128 m, err := crypto.GetManagerKmip(c) 129 assert.NoError(t, err) 130 131 provider1ID := uuid.NewString() 132 provider2ID := uuid.NewString() 133 provider3ID := uuid.NewString() 134 135 assert.NoError(t, m.RegisterKmsCluster( 136 ctx, 137 provider1ID, 138 types.KmipClusterInfoKmsManagementTypeUnknown)) 139 assert.NoError(t, m.RegisterKmsCluster( 140 ctx, 141 provider2ID, 142 types.KmipClusterInfoKmsManagementTypeUnknown)) 143 assert.NoError(t, m.RegisterKmsCluster( 144 ctx, 145 provider3ID, 146 types.KmipClusterInfoKmsManagementTypeNativeProvider)) 147 148 defaultProviderID, err := m.GetDefaultKmsClusterID(ctx, nil, true) 149 assert.EqualError(t, err, "ServerFaultCode: No default provider") 150 assert.True(t, fault.Is(err, &types.RuntimeFault{})) 151 assert.Empty(t, defaultProviderID) 152 153 assert.NoError(t, m.MarkDefault(ctx, provider3ID)) 154 defaultProviderID, err = m.GetDefaultKmsClusterID(ctx, nil, true) 155 assert.NoError(t, err) 156 assert.Equal(t, provider3ID, defaultProviderID) 157 158 // Assert setting the default a second time does not return an 159 // error. 160 assert.NoError(t, m.MarkDefault(ctx, provider3ID)) 161 defaultProviderID, err = m.GetDefaultKmsClusterID(ctx, nil, true) 162 assert.NoError(t, err) 163 assert.Equal(t, provider3ID, defaultProviderID) 164 165 fakeMoRef := types.ManagedObjectReference{ 166 Type: "fake", 167 Value: "fake", 168 } 169 170 defaultProviderID, err = m.GetDefaultKmsClusterID(ctx, &fakeMoRef, true) 171 assert.EqualError(t, err, "ServerFaultCode: No default provider") 172 assert.True(t, fault.Is(err, &types.RuntimeFault{})) 173 assert.Empty(t, defaultProviderID) 174 175 assert.NoError(t, m.SetDefaultKmsClusterId( 176 ctx, provider2ID, &fakeMoRef)) 177 defaultProviderID, err = m.GetDefaultKmsClusterID(ctx, &fakeMoRef, true) 178 assert.NoError(t, err) 179 assert.Equal(t, provider2ID, defaultProviderID) 180 181 // Assert setting the default for an entity a second time does not 182 // return an error. 183 assert.NoError(t, m.SetDefaultKmsClusterId( 184 ctx, provider2ID, &fakeMoRef)) 185 defaultProviderID, err = m.GetDefaultKmsClusterID(ctx, &fakeMoRef, true) 186 assert.NoError(t, err) 187 assert.Equal(t, provider2ID, defaultProviderID) 188 189 // Remove the default for the entity. 190 assert.NoError(t, m.SetDefaultKmsClusterId(ctx, "", &fakeMoRef)) 191 defaultProviderID, err = m.GetDefaultKmsClusterID(ctx, &fakeMoRef, true) 192 assert.EqualError(t, err, "ServerFaultCode: No default provider") 193 assert.True(t, fault.Is(err, &types.RuntimeFault{})) 194 assert.Empty(t, defaultProviderID) 195 196 // Remove the default. 197 assert.NoError(t, m.SetDefaultKmsClusterId(ctx, "", nil)) 198 assert.EqualError(t, err, "ServerFaultCode: No default provider") 199 assert.True(t, fault.Is(err, &types.RuntimeFault{})) 200 assert.Empty(t, defaultProviderID) 201 }) 202 }) 203 204 t.Run("RegisterKmipServer", func(t *testing.T) { 205 simulator.Test(func(ctx context.Context, c *vim25.Client) { 206 m, err := crypto.GetManagerKmip(c) 207 assert.NoError(t, err) 208 209 providerID := uuid.NewString() 210 serverName := uuid.NewString() 211 212 serverSpec := types.KmipServerSpec{ 213 ClusterId: types.KeyProviderId{ 214 Id: providerID, 215 }, 216 Info: types.KmipServerInfo{ 217 Name: serverName, 218 }, 219 } 220 221 err = m.RegisterKmsCluster( 222 ctx, 223 providerID, 224 types.KmipClusterInfoKmsManagementTypeVCenter) 225 assert.True(t, fault.Is(err, &types.InvalidArgument{})) 226 227 assert.NoError(t, m.RegisterKmipServer(ctx, serverSpec)) 228 229 ok, err := m.IsValidServer(ctx, providerID, serverName) 230 assert.NoError(t, err) 231 assert.True(t, ok) 232 233 err = m.RegisterKmipServer(ctx, serverSpec) 234 assert.EqualError(t, err, "ServerFaultCode: Already registered") 235 assert.True(t, fault.Is(err, &types.RuntimeFault{})) 236 }) 237 }) 238 239 t.Run("GetServerStatus", func(t *testing.T) { 240 simulator.Test(func(ctx context.Context, c *vim25.Client) { 241 m, err := crypto.GetManagerKmip(c) 242 assert.NoError(t, err) 243 244 providerID := uuid.NewString() 245 serverName := uuid.NewString() 246 247 status, err := m.GetServerStatus(ctx, providerID, serverName) 248 assert.EqualError(t, err, "invalid cluster ID") 249 assert.Nil(t, status) 250 251 assert.NoError(t, m.RegisterKmsCluster( 252 ctx, 253 providerID, 254 types.KmipClusterInfoKmsManagementTypeUnknown)) 255 256 status, err = m.GetServerStatus(ctx, providerID, serverName) 257 assert.EqualError(t, err, "invalid server name") 258 assert.Nil(t, status) 259 260 assert.NoError(t, m.RegisterKmipServer(ctx, types.KmipServerSpec{ 261 ClusterId: types.KeyProviderId{ 262 Id: providerID, 263 }, 264 Info: types.KmipServerInfo{ 265 Name: serverName, 266 }, 267 })) 268 269 status, err = m.GetServerStatus(ctx, providerID, serverName) 270 assert.NoError(t, err) 271 assert.NotNil(t, status) 272 assert.Equal(t, serverName, status.Name) 273 }) 274 }) 275 276 t.Run("ListKmipServers", func(t *testing.T) { 277 simulator.Test(func(ctx context.Context, c *vim25.Client) { 278 m, err := crypto.GetManagerKmip(c) 279 assert.NoError(t, err) 280 281 clusters, err := m.ListKmipServers(ctx, nil) 282 assert.NoError(t, err) 283 assert.Len(t, clusters, 0) 284 285 provider1ID := uuid.NewString() 286 provider2ID := uuid.NewString() 287 provider3ID := uuid.NewString() 288 289 provider1serverName1 := uuid.NewString() 290 provider1serverName2 := uuid.NewString() 291 provider2serverName1 := uuid.NewString() 292 provider2serverName2 := uuid.NewString() 293 provider2serverName3 := uuid.NewString() 294 provider3serverName1 := uuid.NewString() 295 296 assert.NoError(t, m.RegisterKmsCluster( 297 ctx, 298 provider1ID, 299 types.KmipClusterInfoKmsManagementTypeUnknown)) 300 assert.NoError(t, m.RegisterKmsCluster( 301 ctx, 302 provider2ID, 303 types.KmipClusterInfoKmsManagementTypeUnknown)) 304 assert.NoError(t, m.RegisterKmsCluster( 305 ctx, 306 provider3ID, 307 types.KmipClusterInfoKmsManagementTypeNativeProvider)) 308 309 assert.NoError(t, m.RegisterKmipServer(ctx, types.KmipServerSpec{ 310 ClusterId: types.KeyProviderId{ 311 Id: provider1ID, 312 }, 313 Info: types.KmipServerInfo{ 314 Name: provider1serverName1, 315 }, 316 })) 317 assert.NoError(t, m.RegisterKmipServer(ctx, types.KmipServerSpec{ 318 ClusterId: types.KeyProviderId{ 319 Id: provider1ID, 320 }, 321 Info: types.KmipServerInfo{ 322 Name: provider1serverName2, 323 }, 324 })) 325 assert.NoError(t, m.RegisterKmipServer(ctx, types.KmipServerSpec{ 326 ClusterId: types.KeyProviderId{ 327 Id: provider2ID, 328 }, 329 Info: types.KmipServerInfo{ 330 Name: provider2serverName1, 331 }, 332 })) 333 assert.NoError(t, m.RegisterKmipServer(ctx, types.KmipServerSpec{ 334 ClusterId: types.KeyProviderId{ 335 Id: provider2ID, 336 }, 337 Info: types.KmipServerInfo{ 338 Name: provider2serverName2, 339 }, 340 })) 341 assert.NoError(t, m.RegisterKmipServer(ctx, types.KmipServerSpec{ 342 ClusterId: types.KeyProviderId{ 343 Id: provider2ID, 344 }, 345 Info: types.KmipServerInfo{ 346 Name: provider2serverName3, 347 }, 348 })) 349 assert.NoError(t, m.RegisterKmipServer(ctx, types.KmipServerSpec{ 350 ClusterId: types.KeyProviderId{ 351 Id: provider3ID, 352 }, 353 Info: types.KmipServerInfo{ 354 Name: provider3serverName1, 355 }, 356 })) 357 358 clusters, err = m.ListKmipServers(ctx, nil) 359 assert.NoError(t, err) 360 assert.Len(t, clusters, 3) 361 362 assert.Equal(t, clusters[0].ClusterId.Id, provider1ID) 363 assert.Equal(t, clusters[0].ManagementType, string(types.KmipClusterInfoKmsManagementTypeUnknown)) 364 assert.Len(t, clusters[0].Servers, 2) 365 assert.Equal(t, clusters[0].Servers[0].Name, provider1serverName1) 366 assert.Equal(t, clusters[0].Servers[1].Name, provider1serverName2) 367 368 assert.Equal(t, clusters[1].ClusterId.Id, provider2ID) 369 assert.Equal(t, clusters[1].ManagementType, string(types.KmipClusterInfoKmsManagementTypeUnknown)) 370 assert.Len(t, clusters[1].Servers, 3) 371 assert.Equal(t, clusters[1].Servers[0].Name, provider2serverName1) 372 assert.Equal(t, clusters[1].Servers[1].Name, provider2serverName2) 373 assert.Equal(t, clusters[1].Servers[2].Name, provider2serverName3) 374 375 assert.Equal(t, clusters[2].ClusterId.Id, provider3ID) 376 assert.Equal(t, clusters[2].ManagementType, string(types.KmipClusterInfoKmsManagementTypeNativeProvider)) 377 assert.Len(t, clusters[2].Servers, 1) 378 assert.Equal(t, clusters[2].Servers[0].Name, provider3serverName1) 379 380 // List all with a limit. 381 clusters, err = m.ListKmipServers(ctx, types.NewInt32(math.MaxInt32)) 382 assert.NoError(t, err) 383 assert.Len(t, clusters, 3) 384 385 assert.Equal(t, clusters[0].ClusterId.Id, provider1ID) 386 assert.Equal(t, clusters[0].ManagementType, string(types.KmipClusterInfoKmsManagementTypeUnknown)) 387 assert.Len(t, clusters[0].Servers, 2) 388 assert.Equal(t, clusters[0].Servers[0].Name, provider1serverName1) 389 assert.Equal(t, clusters[0].Servers[1].Name, provider1serverName2) 390 391 assert.Equal(t, clusters[1].ClusterId.Id, provider2ID) 392 assert.Equal(t, clusters[1].ManagementType, string(types.KmipClusterInfoKmsManagementTypeUnknown)) 393 assert.Len(t, clusters[1].Servers, 3) 394 assert.Equal(t, clusters[1].Servers[0].Name, provider2serverName1) 395 assert.Equal(t, clusters[1].Servers[1].Name, provider2serverName2) 396 assert.Equal(t, clusters[1].Servers[2].Name, provider2serverName3) 397 398 assert.Equal(t, clusters[2].ClusterId.Id, provider3ID) 399 assert.Equal(t, clusters[2].ManagementType, string(types.KmipClusterInfoKmsManagementTypeNativeProvider)) 400 assert.Len(t, clusters[2].Servers, 1) 401 assert.Equal(t, clusters[2].Servers[0].Name, provider3serverName1) 402 403 // List the first cluster. 404 clusters, err = m.ListKmipServers(ctx, types.NewInt32(1)) 405 assert.NoError(t, err) 406 assert.Len(t, clusters, 1) 407 408 assert.Equal(t, clusters[0].ClusterId.Id, provider1ID) 409 assert.Equal(t, clusters[0].ManagementType, string(types.KmipClusterInfoKmsManagementTypeUnknown)) 410 assert.Len(t, clusters[0].Servers, 2) 411 assert.Equal(t, clusters[0].Servers[0].Name, provider1serverName1) 412 assert.Equal(t, clusters[0].Servers[1].Name, provider1serverName2) 413 414 // List the first and second cluster. 415 clusters, err = m.ListKmipServers(ctx, types.NewInt32(2)) 416 assert.NoError(t, err) 417 assert.Len(t, clusters, 2) 418 419 assert.Equal(t, clusters[0].ClusterId.Id, provider1ID) 420 assert.Equal(t, clusters[0].ManagementType, string(types.KmipClusterInfoKmsManagementTypeUnknown)) 421 assert.Len(t, clusters[0].Servers, 2) 422 assert.Equal(t, clusters[0].Servers[0].Name, provider1serverName1) 423 assert.Equal(t, clusters[0].Servers[1].Name, provider1serverName2) 424 425 assert.Equal(t, clusters[1].ClusterId.Id, provider2ID) 426 assert.Equal(t, clusters[1].ManagementType, string(types.KmipClusterInfoKmsManagementTypeUnknown)) 427 assert.Len(t, clusters[1].Servers, 3) 428 assert.Equal(t, clusters[1].Servers[0].Name, provider2serverName1) 429 assert.Equal(t, clusters[1].Servers[1].Name, provider2serverName2) 430 assert.Equal(t, clusters[1].Servers[2].Name, provider2serverName3) 431 }) 432 }) 433 434 t.Run("UpdateKmipServer", func(t *testing.T) { 435 simulator.Test(func(ctx context.Context, c *vim25.Client) { 436 m, err := crypto.GetManagerKmip(c) 437 assert.NoError(t, err) 438 439 providerID := uuid.NewString() 440 serverName := uuid.NewString() 441 442 assert.NoError(t, m.RegisterKmsCluster( 443 ctx, 444 providerID, 445 types.KmipClusterInfoKmsManagementTypeUnknown)) 446 447 spec := types.KmipServerSpec{ 448 ClusterId: types.KeyProviderId{ 449 Id: providerID, 450 }, 451 Info: types.KmipServerInfo{ 452 Name: serverName, 453 }, 454 } 455 456 assert.NoError(t, m.RegisterKmipServer(ctx, spec)) 457 458 ok, err := m.IsValidServer(ctx, providerID, serverName) 459 assert.NoError(t, err) 460 assert.True(t, ok) 461 462 spec.ClusterId.Id = "invalid" 463 spec.Info.Name = "invalid" 464 spec.Info.Port = 123 465 466 err = m.UpdateKmipServer(ctx, spec) 467 assert.EqualError(t, err, "ServerFaultCode: Invalid cluster ID") 468 assert.True(t, fault.Is(err, &types.RuntimeFault{})) 469 470 clusters, err := m.ListKmipServers(ctx, nil) 471 assert.NoError(t, err) 472 assert.Len(t, clusters, 1) 473 assert.Len(t, clusters[0].Servers, 1) 474 assert.Equal(t, int32(0), clusters[0].Servers[0].Port) 475 476 spec.ClusterId.Id = providerID 477 478 err = m.UpdateKmipServer(ctx, spec) 479 assert.EqualError(t, err, "ServerFaultCode: Invalid server name") 480 assert.True(t, fault.Is(err, &types.RuntimeFault{})) 481 482 clusters, err = m.ListKmipServers(ctx, nil) 483 assert.NoError(t, err) 484 assert.Len(t, clusters, 1) 485 assert.Len(t, clusters[0].Servers, 1) 486 assert.Equal(t, int32(0), clusters[0].Servers[0].Port) 487 488 spec.Info.Name = serverName 489 490 assert.NoError(t, m.UpdateKmipServer(ctx, spec)) 491 492 clusters, err = m.ListKmipServers(ctx, nil) 493 assert.NoError(t, err) 494 assert.Len(t, clusters, 1) 495 assert.Len(t, clusters[0].Servers, 1) 496 assert.Equal(t, int32(123), clusters[0].Servers[0].Port) 497 }) 498 }) 499 500 t.Run("RemoveKmipServer", func(t *testing.T) { 501 simulator.Test(func(ctx context.Context, c *vim25.Client) { 502 m, err := crypto.GetManagerKmip(c) 503 assert.NoError(t, err) 504 505 providerID := uuid.NewString() 506 serverName := uuid.NewString() 507 508 err = m.RemoveKmipServer(ctx, providerID, serverName) 509 assert.EqualError(t, err, "ServerFaultCode: Invalid cluster ID") 510 assert.True(t, fault.Is(err, &types.RuntimeFault{})) 511 512 assert.NoError(t, m.RegisterKmsCluster( 513 ctx, 514 providerID, 515 types.KmipClusterInfoKmsManagementTypeUnknown)) 516 517 err = m.RemoveKmipServer(ctx, providerID, serverName) 518 assert.EqualError(t, err, "ServerFaultCode: Invalid server name") 519 assert.True(t, fault.Is(err, &types.RuntimeFault{})) 520 521 assert.NoError(t, m.RegisterKmipServer(ctx, types.KmipServerSpec{ 522 ClusterId: types.KeyProviderId{ 523 Id: providerID, 524 }, 525 Info: types.KmipServerInfo{ 526 Name: serverName, 527 }, 528 })) 529 530 ok, err := m.IsValidServer(ctx, providerID, serverName) 531 assert.NoError(t, err) 532 assert.True(t, ok) 533 534 assert.NoError(t, m.RemoveKmipServer(ctx, providerID, serverName)) 535 536 ok, err = m.IsValidServer(ctx, providerID, serverName) 537 assert.NoError(t, err) 538 assert.False(t, ok) 539 }) 540 }) 541 542 t.Run("IsValidServer", func(t *testing.T) { 543 simulator.Test(func(ctx context.Context, c *vim25.Client) { 544 m, err := crypto.GetManagerKmip(c) 545 assert.NoError(t, err) 546 547 providerID := uuid.NewString() 548 serverName := uuid.NewString() 549 550 assert.NoError(t, m.RegisterKmsCluster( 551 ctx, 552 providerID, 553 types.KmipClusterInfoKmsManagementTypeUnknown)) 554 555 assert.NoError(t, m.RegisterKmipServer(ctx, types.KmipServerSpec{ 556 ClusterId: types.KeyProviderId{ 557 Id: providerID, 558 }, 559 Info: types.KmipServerInfo{ 560 Name: serverName, 561 }, 562 })) 563 564 ok, err := m.IsValidServer(ctx, providerID, serverName) 565 assert.NoError(t, err) 566 assert.True(t, ok) 567 568 assert.NoError(t, m.RemoveKmipServer(ctx, providerID, serverName)) 569 570 ok, err = m.IsValidServer(ctx, providerID, serverName) 571 assert.NoError(t, err) 572 assert.False(t, ok) 573 }) 574 }) 575 576 t.Run("GetStatus", func(t *testing.T) { 577 simulator.Test(func(ctx context.Context, c *vim25.Client) { 578 m, err := crypto.GetManagerKmip(c) 579 assert.NoError(t, err) 580 581 status, err := m.GetStatus(ctx) 582 assert.NoError(t, err) 583 assert.Nil(t, status) 584 585 provider1ID := uuid.NewString() 586 provider2ID := uuid.NewString() 587 provider3ID := uuid.NewString() 588 589 provider1serverName1 := uuid.NewString() 590 provider1serverName2 := uuid.NewString() 591 provider2serverName1 := uuid.NewString() 592 provider2serverName2 := uuid.NewString() 593 provider2serverName3 := uuid.NewString() 594 provider3serverName1 := uuid.NewString() 595 596 assert.NoError(t, m.RegisterKmsCluster( 597 ctx, 598 provider1ID, 599 types.KmipClusterInfoKmsManagementTypeUnknown)) 600 assert.NoError(t, m.RegisterKmsCluster( 601 ctx, 602 provider2ID, 603 types.KmipClusterInfoKmsManagementTypeUnknown)) 604 assert.NoError(t, m.RegisterKmsCluster( 605 ctx, 606 provider3ID, 607 types.KmipClusterInfoKmsManagementTypeNativeProvider)) 608 609 assert.NoError(t, m.RegisterKmipServer(ctx, types.KmipServerSpec{ 610 ClusterId: types.KeyProviderId{ 611 Id: provider1ID, 612 }, 613 Info: types.KmipServerInfo{ 614 Name: provider1serverName1, 615 }, 616 })) 617 assert.NoError(t, m.RegisterKmipServer(ctx, types.KmipServerSpec{ 618 ClusterId: types.KeyProviderId{ 619 Id: provider1ID, 620 }, 621 Info: types.KmipServerInfo{ 622 Name: provider1serverName2, 623 }, 624 })) 625 assert.NoError(t, m.RegisterKmipServer(ctx, types.KmipServerSpec{ 626 ClusterId: types.KeyProviderId{ 627 Id: provider2ID, 628 }, 629 Info: types.KmipServerInfo{ 630 Name: provider2serverName1, 631 }, 632 })) 633 assert.NoError(t, m.RegisterKmipServer(ctx, types.KmipServerSpec{ 634 ClusterId: types.KeyProviderId{ 635 Id: provider2ID, 636 }, 637 Info: types.KmipServerInfo{ 638 Name: provider2serverName2, 639 }, 640 })) 641 assert.NoError(t, m.RegisterKmipServer(ctx, types.KmipServerSpec{ 642 ClusterId: types.KeyProviderId{ 643 Id: provider2ID, 644 }, 645 Info: types.KmipServerInfo{ 646 Name: provider2serverName3, 647 }, 648 })) 649 assert.NoError(t, m.RegisterKmipServer(ctx, types.KmipServerSpec{ 650 ClusterId: types.KeyProviderId{ 651 Id: provider3ID, 652 }, 653 Info: types.KmipServerInfo{ 654 Name: provider3serverName1, 655 }, 656 })) 657 658 status, err = m.GetStatus(ctx) 659 assert.NoError(t, err) 660 assert.NotNil(t, status) 661 assert.Len(t, status, 3) 662 663 assert.Equal(t, status[0].ClusterId.Id, provider1ID) 664 assert.Equal(t, status[0].ManagementType, string(types.KmipClusterInfoKmsManagementTypeUnknown)) 665 assert.Len(t, status[0].Servers, 2) 666 assert.Equal(t, status[0].Servers[0].Name, provider1serverName1) 667 assert.Equal(t, status[0].Servers[1].Name, provider1serverName2) 668 669 assert.Equal(t, status[1].ClusterId.Id, provider2ID) 670 assert.Equal(t, status[1].ManagementType, string(types.KmipClusterInfoKmsManagementTypeUnknown)) 671 assert.Len(t, status[1].Servers, 3) 672 assert.Equal(t, status[1].Servers[0].Name, provider2serverName1) 673 assert.Equal(t, status[1].Servers[1].Name, provider2serverName2) 674 assert.Equal(t, status[1].Servers[2].Name, provider2serverName3) 675 676 assert.Equal(t, status[2].ClusterId.Id, provider3ID) 677 assert.Equal(t, status[2].ManagementType, string(types.KmipClusterInfoKmsManagementTypeNativeProvider)) 678 assert.Len(t, status[2].Servers, 1) 679 assert.Equal(t, status[2].Servers[0].Name, provider3serverName1) 680 681 status, err = m.GetStatus(ctx, types.KmipClusterInfo{ 682 ClusterId: types.KeyProviderId{ 683 Id: provider2ID, 684 }, 685 Servers: []types.KmipServerInfo{ 686 { 687 Name: provider2serverName2, 688 }, 689 }, 690 }) 691 assert.NoError(t, err) 692 assert.NotNil(t, status) 693 assert.Len(t, status, 1) 694 695 assert.Equal(t, status[0].ClusterId.Id, provider2ID) 696 assert.Equal(t, status[0].ManagementType, string(types.KmipClusterInfoKmsManagementTypeUnknown)) 697 assert.Len(t, status[0].Servers, 1) 698 assert.Equal(t, status[0].Servers[0].Name, provider2serverName2) 699 }) 700 }) 701 702 t.Run("IsDefaultProviderNative", func(t *testing.T) { 703 simulator.Test(func(ctx context.Context, c *vim25.Client) { 704 m, err := crypto.GetManagerKmip(c) 705 assert.NoError(t, err) 706 707 provider1ID := uuid.NewString() 708 provider2ID := uuid.NewString() 709 provider3ID := uuid.NewString() 710 711 assert.NoError(t, m.RegisterKmsCluster( 712 ctx, 713 provider1ID, 714 types.KmipClusterInfoKmsManagementTypeUnknown)) 715 assert.NoError(t, m.RegisterKmsCluster( 716 ctx, 717 provider2ID, 718 types.KmipClusterInfoKmsManagementTypeUnknown)) 719 assert.NoError(t, m.RegisterKmsCluster( 720 ctx, 721 provider3ID, 722 types.KmipClusterInfoKmsManagementTypeNativeProvider)) 723 724 ok, err := m.IsDefaultProviderNative(ctx, nil, false) 725 assert.EqualError(t, err, "ServerFaultCode: No default provider") 726 assert.True(t, fault.Is(err, &types.RuntimeFault{})) 727 assert.False(t, ok) 728 729 assert.NoError(t, m.MarkDefault(ctx, provider3ID)) 730 731 ok, err = m.IsDefaultProviderNative(ctx, nil, false) 732 assert.NoError(t, err) 733 assert.True(t, ok) 734 }) 735 }) 736 737 t.Run("MarkDefault", func(t *testing.T) { 738 simulator.Test(func(ctx context.Context, c *vim25.Client) { 739 m, err := crypto.GetManagerKmip(c) 740 assert.NoError(t, err) 741 742 provider1ID := uuid.NewString() 743 provider2ID := uuid.NewString() 744 provider3ID := uuid.NewString() 745 746 assert.NoError(t, m.RegisterKmsCluster( 747 ctx, 748 provider1ID, 749 types.KmipClusterInfoKmsManagementTypeUnknown)) 750 assert.NoError(t, m.RegisterKmsCluster( 751 ctx, 752 provider2ID, 753 types.KmipClusterInfoKmsManagementTypeUnknown)) 754 assert.NoError(t, m.RegisterKmsCluster( 755 ctx, 756 provider3ID, 757 types.KmipClusterInfoKmsManagementTypeNativeProvider)) 758 759 assert.NoError(t, m.MarkDefault(ctx, provider2ID)) 760 defaultProviderID, err := m.GetDefaultKmsClusterID(ctx, nil, true) 761 assert.NoError(t, err) 762 assert.Equal(t, provider2ID, defaultProviderID) 763 764 assert.NoError(t, m.MarkDefault(ctx, provider1ID)) 765 defaultProviderID, err = m.GetDefaultKmsClusterID(ctx, nil, true) 766 assert.NoError(t, err) 767 assert.Equal(t, provider1ID, defaultProviderID) 768 769 assert.NoError(t, m.MarkDefault(ctx, provider3ID)) 770 defaultProviderID, err = m.GetDefaultKmsClusterID(ctx, nil, true) 771 assert.NoError(t, err) 772 assert.Equal(t, provider3ID, defaultProviderID) 773 774 assert.NoError(t, m.MarkDefault(ctx, "")) 775 defaultProviderID, err = m.GetDefaultKmsClusterID(ctx, nil, true) 776 assert.EqualError(t, err, "ServerFaultCode: No default provider") 777 assert.True(t, fault.Is(err, &types.RuntimeFault{})) 778 assert.Empty(t, defaultProviderID) 779 }) 780 }) 781 782 t.Run("SetDefaultKmsClusterId", func(t *testing.T) { 783 simulator.Test(func(ctx context.Context, c *vim25.Client) { 784 m, err := crypto.GetManagerKmip(c) 785 assert.NoError(t, err) 786 787 provider1ID := uuid.NewString() 788 provider2ID := uuid.NewString() 789 provider3ID := uuid.NewString() 790 791 assert.NoError(t, m.RegisterKmsCluster( 792 ctx, 793 provider1ID, 794 types.KmipClusterInfoKmsManagementTypeUnknown)) 795 assert.NoError(t, m.RegisterKmsCluster( 796 ctx, 797 provider2ID, 798 types.KmipClusterInfoKmsManagementTypeUnknown)) 799 assert.NoError(t, m.RegisterKmsCluster( 800 ctx, 801 provider3ID, 802 types.KmipClusterInfoKmsManagementTypeNativeProvider)) 803 804 assert.NoError(t, m.SetDefaultKmsClusterId(ctx, provider2ID, nil)) 805 defaultProviderID, err := m.GetDefaultKmsClusterID(ctx, nil, true) 806 assert.NoError(t, err) 807 assert.Equal(t, provider2ID, defaultProviderID) 808 809 assert.NoError(t, m.SetDefaultKmsClusterId(ctx, provider1ID, nil)) 810 defaultProviderID, err = m.GetDefaultKmsClusterID(ctx, nil, true) 811 assert.NoError(t, err) 812 assert.Equal(t, provider1ID, defaultProviderID) 813 814 assert.NoError(t, m.SetDefaultKmsClusterId(ctx, provider3ID, nil)) 815 defaultProviderID, err = m.GetDefaultKmsClusterID(ctx, nil, true) 816 assert.NoError(t, err) 817 assert.Equal(t, provider3ID, defaultProviderID) 818 819 err = m.SetDefaultKmsClusterId(ctx, "invalid", nil) 820 assert.EqualError(t, err, "ServerFaultCode: Invalid cluster ID") 821 assert.True(t, fault.Is(err, &types.RuntimeFault{})) 822 823 assert.NoError(t, m.SetDefaultKmsClusterId(ctx, "", nil)) 824 defaultProviderID, err = m.GetDefaultKmsClusterID(ctx, nil, true) 825 assert.EqualError(t, err, "ServerFaultCode: No default provider") 826 assert.True(t, fault.Is(err, &types.RuntimeFault{})) 827 assert.Empty(t, defaultProviderID) 828 }) 829 }) 830 831 t.Run("GenerateKey", func(t *testing.T) { 832 simulator.Test(func(ctx context.Context, c *vim25.Client) { 833 m, err := crypto.GetManagerKmip(c) 834 assert.NoError(t, err) 835 836 providerID1 := uuid.NewString() 837 providerID2 := uuid.NewString() 838 839 assert.NoError(t, m.RegisterKmsCluster( 840 ctx, 841 providerID1, 842 types.KmipClusterInfoKmsManagementTypeNativeProvider)) 843 844 keyID, err := m.GenerateKey(ctx, "") 845 assert.EqualError(t, err, "ServerFaultCode: No default provider") 846 assert.True(t, fault.Is(err, &types.RuntimeFault{})) 847 assert.Empty(t, keyID) 848 849 assert.NoError(t, m.MarkDefault(ctx, providerID1)) 850 851 keyID, err = m.GenerateKey(ctx, providerID1) 852 assert.EqualError(t, err, 853 "ServerFaultCode: Cannot generate keys with native key provider") 854 assert.True(t, fault.Is(err, &types.RuntimeFault{})) 855 assert.Empty(t, keyID) 856 857 assert.NoError(t, m.RegisterKmsCluster( 858 ctx, 859 providerID2, 860 types.KmipClusterInfoKmsManagementTypeUnknown)) 861 862 keyID, err = m.GenerateKey(ctx, providerID2) 863 assert.NoError(t, err) 864 assert.NotEmpty(t, keyID) 865 866 assert.NoError(t, m.MarkDefault(ctx, providerID2)) 867 868 keyID, err = m.GenerateKey(ctx, "") 869 assert.NoError(t, err) 870 assert.NotEmpty(t, keyID) 871 }) 872 }) 873 874 t.Run("ListKeys", func(t *testing.T) { 875 simulator.Test(func(ctx context.Context, c *vim25.Client) { 876 m, err := crypto.GetManagerKmip(c) 877 assert.NoError(t, err) 878 879 providerID1 := uuid.NewString() 880 providerID2 := uuid.NewString() 881 providerID3 := uuid.NewString() 882 883 keys, err := m.ListKeys(ctx, nil) 884 assert.NoError(t, err) 885 assert.Len(t, keys, 0) 886 887 assert.NoError(t, m.RegisterKmsCluster( 888 ctx, 889 providerID1, 890 types.KmipClusterInfoKmsManagementTypeUnknown)) 891 assert.NoError(t, m.RegisterKmsCluster( 892 ctx, 893 providerID2, 894 types.KmipClusterInfoKmsManagementTypeUnknown)) 895 assert.NoError(t, m.RegisterKmsCluster( 896 ctx, 897 providerID3, 898 types.KmipClusterInfoKmsManagementTypeNativeProvider)) 899 900 keyID1, err := m.GenerateKey(ctx, providerID2) 901 assert.NoError(t, err) 902 assert.NotEmpty(t, keyID1) 903 904 assert.NoError(t, m.MarkDefault(ctx, providerID2)) 905 keyID2, err := m.GenerateKey(ctx, "") 906 assert.NoError(t, err) 907 assert.NotEmpty(t, keyID2) 908 909 assert.NoError(t, m.MarkDefault(ctx, providerID1)) 910 keyID3, err := m.GenerateKey(ctx, "") 911 assert.NoError(t, err) 912 assert.NotEmpty(t, keyID3) 913 914 keys, err = m.ListKeys(ctx, nil) 915 assert.NoError(t, err) 916 assert.Len(t, keys, 3) 917 assert.ElementsMatch(t, keys, []types.CryptoKeyId{ 918 { 919 KeyId: keyID1, 920 ProviderId: &types.KeyProviderId{Id: providerID2}, 921 }, 922 { 923 KeyId: keyID2, 924 ProviderId: &types.KeyProviderId{Id: providerID2}, 925 }, 926 { 927 KeyId: keyID3, 928 ProviderId: &types.KeyProviderId{Id: providerID1}, 929 }, 930 }) 931 932 keys, err = m.ListKeys(ctx, types.NewInt32(math.MaxInt32)) 933 assert.NoError(t, err) 934 assert.Len(t, keys, 3) 935 assert.ElementsMatch(t, keys, []types.CryptoKeyId{ 936 { 937 KeyId: keyID1, 938 ProviderId: &types.KeyProviderId{Id: providerID2}, 939 }, 940 { 941 KeyId: keyID2, 942 ProviderId: &types.KeyProviderId{Id: providerID2}, 943 }, 944 { 945 KeyId: keyID3, 946 ProviderId: &types.KeyProviderId{Id: providerID1}, 947 }, 948 }) 949 950 keys, err = m.ListKeys(ctx, types.NewInt32(1)) 951 assert.NoError(t, err) 952 assert.Len(t, keys, 1) 953 954 keys, err = m.ListKeys(ctx, types.NewInt32(2)) 955 assert.NoError(t, err) 956 assert.Len(t, keys, 2) 957 }) 958 }) 959 960 t.Run("IsValidKey", func(t *testing.T) { 961 simulator.Test(func(ctx context.Context, c *vim25.Client) { 962 m, err := crypto.GetManagerKmip(c) 963 assert.NoError(t, err) 964 965 providerID := uuid.NewString() 966 967 assert.NoError(t, m.RegisterKmsCluster( 968 ctx, 969 providerID, 970 types.KmipClusterInfoKmsManagementTypeUnknown)) 971 972 assert.NoError(t, m.MarkDefault(ctx, providerID)) 973 974 keyID, err := m.GenerateKey(ctx, "") 975 assert.NoError(t, err) 976 assert.NotEmpty(t, keyID) 977 978 ok, err := m.IsValidKey(ctx, providerID, keyID) 979 assert.NoError(t, err) 980 assert.True(t, ok) 981 }) 982 }) 983 }