mirror of
https://github.com/gravitational/teleport
synced 2024-10-19 08:43:58 +00:00
Use testauthority instead of native to generate keys in tests (#16486)
* use test authority * use testauthority for InitConfig RSAKeyPairSource * add named returns to test authority
This commit is contained in:
rosstimothy
GitHub
parent
9bc7ba815a
commit
ebfbfd496e
|
|
@ -23,13 +23,19 @@ import (
|
|||
"testing"
|
||||
"time"
|
||||
|
||||
"github.com/google/uuid"
|
||||
"github.com/gravitational/trace"
|
||||
"github.com/jonboulle/clockwork"
|
||||
"github.com/stretchr/testify/require"
|
||||
"golang.org/x/crypto/ssh"
|
||||
|
||||
"github.com/gravitational/teleport"
|
||||
"github.com/gravitational/teleport/api/client/proto"
|
||||
"github.com/gravitational/teleport/api/constants"
|
||||
apidefaults "github.com/gravitational/teleport/api/defaults"
|
||||
"github.com/gravitational/teleport/api/types"
|
||||
"github.com/gravitational/teleport/lib/auth"
|
||||
"github.com/gravitational/teleport/lib/auth/native"
|
||||
"github.com/gravitational/teleport/lib/auth/testauthority"
|
||||
"github.com/gravitational/teleport/lib/bpf"
|
||||
"github.com/gravitational/teleport/lib/pam"
|
||||
restricted "github.com/gravitational/teleport/lib/restrictedsession"
|
||||
|
|
@ -38,12 +44,6 @@ import (
|
|||
"github.com/gravitational/teleport/lib/srv/uacc"
|
||||
"github.com/gravitational/teleport/lib/sshutils"
|
||||
"github.com/gravitational/teleport/lib/utils"
|
||||
"github.com/gravitational/trace"
|
||||
|
||||
"github.com/google/uuid"
|
||||
"github.com/jonboulle/clockwork"
|
||||
"github.com/stretchr/testify/require"
|
||||
"golang.org/x/crypto/ssh"
|
||||
)
|
||||
|
||||
// teleportTestUser is additional user used for tests
|
||||
|
|
@ -207,7 +207,7 @@ func newSrvCtx(ctx context.Context, t *testing.T) *SrvCtx {
|
|||
require.NoError(t, err)
|
||||
|
||||
// set up host private key and certificate
|
||||
priv, pub, err := native.GenerateKeyPair()
|
||||
priv, pub, err := testauthority.New().GenerateKeyPair()
|
||||
require.NoError(t, err)
|
||||
|
||||
tlsPub, err := auth.PrivateKeyToPublicKeyTLS(priv)
|
||||
|
|
@ -293,7 +293,7 @@ func newSrvCtx(ctx context.Context, t *testing.T) *SrvCtx {
|
|||
|
||||
func newUpack(ctx context.Context, s *SrvCtx, username string, allowedLogins []string, allowedLabels types.Labels) (*upack, error) {
|
||||
auth := s.server.Auth()
|
||||
upriv, upub, err := native.GenerateKeyPair()
|
||||
upriv, upub, err := testauthority.New().GenerateKeyPair()
|
||||
if err != nil {
|
||||
return nil, trace.Wrap(err)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -30,13 +30,12 @@ import (
|
|||
"github.com/gravitational/teleport/api/defaults"
|
||||
"github.com/gravitational/teleport/api/types"
|
||||
"github.com/gravitational/teleport/api/utils/sshutils"
|
||||
"github.com/gravitational/teleport/lib/auth/native"
|
||||
"github.com/gravitational/teleport/lib/auth/testauthority"
|
||||
"github.com/gravitational/teleport/lib/modules"
|
||||
"github.com/gravitational/teleport/lib/services"
|
||||
"github.com/gravitational/teleport/lib/tlsca"
|
||||
|
||||
"github.com/gravitational/trace"
|
||||
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
|
@ -159,7 +158,7 @@ func newAccessRequestTestPack(ctx context.Context, t *testing.T) *accessRequestT
|
|||
require.NoError(t, err)
|
||||
}
|
||||
|
||||
privKey, pubKey, err := native.GenerateKeyPair()
|
||||
privKey, pubKey, err := testauthority.New().GenerateKeyPair()
|
||||
require.NoError(t, err)
|
||||
|
||||
return &accessRequestTestPack{
|
||||
|
|
|
|||
|
|
@ -94,6 +94,9 @@ func newTestPack(ctx context.Context, dataDir string) (testPack, error) {
|
|||
ClusterName: p.clusterName,
|
||||
Authority: testauthority.New(),
|
||||
SkipPeriodicOperations: true,
|
||||
KeyStoreConfig: keystore.Config{
|
||||
RSAKeyPairSource: testauthority.New().GenerateKeyPair,
|
||||
},
|
||||
}
|
||||
p.a, err = NewServer(authConfig)
|
||||
if err != nil {
|
||||
|
|
@ -866,6 +869,9 @@ func TestUpdateConfig(t *testing.T) {
|
|||
Backend: s.bk,
|
||||
Authority: testauthority.New(),
|
||||
SkipPeriodicOperations: true,
|
||||
KeyStoreConfig: keystore.Config{
|
||||
RSAKeyPairSource: testauthority.New().GenerateKeyPair,
|
||||
},
|
||||
}
|
||||
authServer, err := NewServer(authConfig)
|
||||
require.NoError(t, err)
|
||||
|
|
@ -2041,7 +2047,7 @@ func TestCAGeneration(t *testing.T) {
|
|||
)
|
||||
native.PrecomputeKeys()
|
||||
// Cache key for better performance as we don't care about the value being unique.
|
||||
privKey, pubKey, err := native.GenerateKeyPair()
|
||||
privKey, pubKey, err := testauthority.New().GenerateKeyPair()
|
||||
require.NoError(t, err)
|
||||
|
||||
ksConfig := keystore.Config{
|
||||
|
|
|
|||
|
|
@ -35,6 +35,7 @@ import (
|
|||
apiutils "github.com/gravitational/teleport/api/utils"
|
||||
"github.com/gravitational/teleport/api/utils/sshutils"
|
||||
"github.com/gravitational/teleport/lib/auth/native"
|
||||
"github.com/gravitational/teleport/lib/auth/testauthority"
|
||||
libdefaults "github.com/gravitational/teleport/lib/defaults"
|
||||
"github.com/gravitational/teleport/lib/events"
|
||||
"github.com/gravitational/teleport/lib/fixtures"
|
||||
|
|
@ -54,7 +55,7 @@ func TestLocalUserCanReissueCerts(t *testing.T) {
|
|||
t.Parallel()
|
||||
srv := newTestTLSServer(t)
|
||||
|
||||
_, pub, err := native.GenerateKeyPair()
|
||||
_, pub, err := testauthority.New().GenerateKeyPair()
|
||||
require.NoError(t, err)
|
||||
|
||||
start := srv.AuthServer.Clock().Now()
|
||||
|
|
@ -143,7 +144,7 @@ func TestSSOUserCanReissueCert(t *testing.T) {
|
|||
client, err := srv.NewClient(TestUser(user.GetName()))
|
||||
require.NoError(t, err)
|
||||
|
||||
_, pub, err := native.GenerateKeyPair()
|
||||
_, pub, err := testauthority.New().GenerateKeyPair()
|
||||
require.NoError(t, err)
|
||||
|
||||
_, err = client.GenerateUserCerts(ctx, proto.UserCertsRequest{
|
||||
|
|
@ -1041,7 +1042,7 @@ func TestGenerateUserCertsWithRoleRequest(t *testing.T) {
|
|||
client, err := srv.NewClient(TestUser(user.GetName()))
|
||||
require.NoError(t, err)
|
||||
|
||||
_, pub, err := native.GenerateKeyPair()
|
||||
_, pub, err := testauthority.New().GenerateKeyPair()
|
||||
require.NoError(t, err)
|
||||
|
||||
certs, err := client.GenerateUserCerts(ctx, proto.UserCertsRequest{
|
||||
|
|
@ -1139,7 +1140,7 @@ func TestRoleRequestDenyReimpersonation(t *testing.T) {
|
|||
// Generate cert with a role request.
|
||||
client, err := srv.NewClient(TestUser(user.GetName()))
|
||||
require.NoError(t, err)
|
||||
priv, pub, err := native.GenerateKeyPair()
|
||||
priv, pub, err := testauthority.New().GenerateKeyPair()
|
||||
require.NoError(t, err)
|
||||
|
||||
// Request certs for only the `foo` role.
|
||||
|
|
@ -3655,7 +3656,7 @@ func TestGenerateHostCert(t *testing.T) {
|
|||
|
||||
clusterName := srv.ClusterName()
|
||||
|
||||
_, pub, err := native.GenerateKeyPair()
|
||||
_, pub, err := testauthority.New().GenerateKeyPair()
|
||||
require.NoError(t, err)
|
||||
|
||||
noError := func(err error) bool {
|
||||
|
|
|
|||
|
|
@ -22,17 +22,18 @@ import (
|
|||
"testing"
|
||||
"time"
|
||||
|
||||
"github.com/gravitational/trace"
|
||||
"github.com/stretchr/testify/require"
|
||||
"golang.org/x/crypto/ssh"
|
||||
|
||||
"github.com/gravitational/teleport/api/client/proto"
|
||||
"github.com/gravitational/teleport/api/constants"
|
||||
"github.com/gravitational/teleport/api/types"
|
||||
"github.com/gravitational/teleport/api/types/wrappers"
|
||||
"github.com/gravitational/teleport/lib/auth/native"
|
||||
"github.com/gravitational/teleport/lib/auth/testauthority"
|
||||
"github.com/gravitational/teleport/lib/modules"
|
||||
"github.com/gravitational/teleport/lib/tlsca"
|
||||
"github.com/gravitational/teleport/lib/utils"
|
||||
"github.com/gravitational/trace"
|
||||
"github.com/stretchr/testify/require"
|
||||
"golang.org/x/crypto/ssh"
|
||||
)
|
||||
|
||||
// TestServerCreateBotFeatureDisabled ensures that you cannot create a bot when
|
||||
|
|
@ -211,7 +212,7 @@ func TestRegisterBotOnboardFeatureDisabled(t *testing.T) {
|
|||
err = srv.Auth().UpsertToken(ctx, goodToken)
|
||||
require.NoError(t, err)
|
||||
|
||||
privateKey, publicKey, err := native.GenerateKeyPair()
|
||||
privateKey, publicKey, err := testauthority.New().GenerateKeyPair()
|
||||
require.NoError(t, err)
|
||||
sshPrivateKey, err := ssh.ParseRawPrivateKey(privateKey)
|
||||
require.NoError(t, err)
|
||||
|
|
@ -278,7 +279,7 @@ func TestRegisterBotCertificateGenerationCheck(t *testing.T) {
|
|||
})
|
||||
require.NoError(t, err)
|
||||
|
||||
privateKey, publicKey, err := native.GenerateKeyPair()
|
||||
privateKey, publicKey, err := testauthority.New().GenerateKeyPair()
|
||||
require.NoError(t, err)
|
||||
sshPrivateKey, err := ssh.ParseRawPrivateKey(privateKey)
|
||||
require.NoError(t, err)
|
||||
|
|
@ -335,7 +336,7 @@ func TestRegisterBotCertificateGenerationStolen(t *testing.T) {
|
|||
})
|
||||
require.NoError(t, err)
|
||||
|
||||
privateKey, publicKey, err := native.GenerateKeyPair()
|
||||
privateKey, publicKey, err := testauthority.New().GenerateKeyPair()
|
||||
require.NoError(t, err)
|
||||
sshPrivateKey, err := ssh.ParseRawPrivateKey(privateKey)
|
||||
require.NoError(t, err)
|
||||
|
|
|
|||
|
|
@ -26,7 +26,10 @@ import (
|
|||
"testing"
|
||||
"time"
|
||||
|
||||
"github.com/stretchr/testify/require"
|
||||
|
||||
"github.com/gravitational/teleport/api/types"
|
||||
"github.com/gravitational/teleport/lib/auth/keystore"
|
||||
authority "github.com/gravitational/teleport/lib/auth/testauthority"
|
||||
"github.com/gravitational/teleport/lib/backend"
|
||||
"github.com/gravitational/teleport/lib/backend/memory"
|
||||
|
|
@ -35,7 +38,6 @@ import (
|
|||
"github.com/gravitational/teleport/lib/modules"
|
||||
"github.com/gravitational/teleport/lib/services"
|
||||
"github.com/gravitational/teleport/lib/utils"
|
||||
"github.com/stretchr/testify/require"
|
||||
|
||||
"github.com/gravitational/trace"
|
||||
|
||||
|
|
@ -74,6 +76,9 @@ func setupGithubContext(ctx context.Context, t *testing.T) *githubContext {
|
|||
Backend: tt.b,
|
||||
Authority: authority.New(),
|
||||
SkipPeriodicOperations: true,
|
||||
KeyStoreConfig: keystore.Config{
|
||||
RSAKeyPairSource: authority.New().GenerateKeyPair,
|
||||
},
|
||||
}
|
||||
tt.a, err = NewServer(authConfig)
|
||||
require.NoError(t, err)
|
||||
|
|
|
|||
|
|
@ -51,7 +51,7 @@ import (
|
|||
apiutils "github.com/gravitational/teleport/api/utils"
|
||||
"github.com/gravitational/teleport/api/utils/sshutils"
|
||||
"github.com/gravitational/teleport/lib/auth/mocku2f"
|
||||
"github.com/gravitational/teleport/lib/auth/native"
|
||||
"github.com/gravitational/teleport/lib/auth/testauthority"
|
||||
wanlib "github.com/gravitational/teleport/lib/auth/webauthn"
|
||||
"github.com/gravitational/teleport/lib/defaults"
|
||||
"github.com/gravitational/teleport/lib/services"
|
||||
|
|
@ -823,7 +823,7 @@ func TestGenerateUserSingleUseCert(t *testing.T) {
|
|||
}
|
||||
}
|
||||
|
||||
_, pub, err := native.GenerateKeyPair()
|
||||
_, pub, err := testauthority.New().GenerateKeyPair()
|
||||
require.NoError(t, err)
|
||||
|
||||
tests := []struct {
|
||||
|
|
@ -1357,7 +1357,7 @@ func TestGenerateHostCerts(t *testing.T) {
|
|||
clt, err := srv.NewClient(TestAdmin())
|
||||
require.NoError(t, err)
|
||||
|
||||
priv, pub, err := native.GenerateKeyPair()
|
||||
priv, pub, err := testauthority.New().GenerateKeyPair()
|
||||
require.NoError(t, err)
|
||||
|
||||
pubTLS, err := PrivateKeyToPublicKeyTLS(priv)
|
||||
|
|
@ -1397,7 +1397,7 @@ func TestInstanceCertAndControlStream(t *testing.T) {
|
|||
require.NoError(t, err)
|
||||
defer clt.Close()
|
||||
|
||||
priv, pub, err := native.GenerateKeyPair()
|
||||
priv, pub, err := testauthority.New().GenerateKeyPair()
|
||||
require.NoError(t, err)
|
||||
|
||||
pubTLS, err := PrivateKeyToPublicKeyTLS(priv)
|
||||
|
|
|
|||
|
|
@ -38,6 +38,7 @@ import (
|
|||
apidefaults "github.com/gravitational/teleport/api/defaults"
|
||||
"github.com/gravitational/teleport/api/types"
|
||||
apiutils "github.com/gravitational/teleport/api/utils"
|
||||
"github.com/gravitational/teleport/lib/auth/keystore"
|
||||
"github.com/gravitational/teleport/lib/auth/native"
|
||||
authority "github.com/gravitational/teleport/lib/auth/testauthority"
|
||||
"github.com/gravitational/teleport/lib/backend"
|
||||
|
|
@ -247,6 +248,9 @@ func NewTestAuthServer(cfg TestAuthServerConfig) (*TestAuthServer, error) {
|
|||
SkipPeriodicOperations: true,
|
||||
Emitter: emitter,
|
||||
TraceClient: cfg.TraceClient,
|
||||
KeyStoreConfig: keystore.Config{
|
||||
RSAKeyPairSource: authority.New().GenerateKeyPair,
|
||||
},
|
||||
}, WithClock(cfg.Clock))
|
||||
if err != nil {
|
||||
return nil, trace.Wrap(err)
|
||||
|
|
|
|||
|
|
@ -28,6 +28,7 @@ import (
|
|||
"github.com/gravitational/teleport/api/types"
|
||||
apiutils "github.com/gravitational/teleport/api/utils"
|
||||
apisshutils "github.com/gravitational/teleport/api/utils/sshutils"
|
||||
"github.com/gravitational/teleport/lib/auth/keystore"
|
||||
"github.com/gravitational/teleport/lib/auth/native"
|
||||
"github.com/gravitational/teleport/lib/auth/testauthority"
|
||||
"github.com/gravitational/teleport/lib/backend"
|
||||
|
|
@ -607,6 +608,9 @@ func setupConfig(t *testing.T) InitConfig {
|
|||
StaticTokens: types.DefaultStaticTokens(),
|
||||
AuthPreference: types.DefaultAuthPreference(),
|
||||
SkipPeriodicOperations: true,
|
||||
KeyStoreConfig: keystore.Config{
|
||||
RSAKeyPairSource: testauthority.New().GenerateKeyPair,
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -23,15 +23,15 @@ import (
|
|||
"testing"
|
||||
"time"
|
||||
|
||||
"github.com/gravitational/teleport/api/defaults"
|
||||
"github.com/gravitational/teleport/api/types"
|
||||
"github.com/gravitational/teleport/lib/auth/native"
|
||||
"github.com/gravitational/trace"
|
||||
|
||||
"github.com/aws/aws-sdk-go-v2/service/ec2"
|
||||
ec2types "github.com/aws/aws-sdk-go-v2/service/ec2/types"
|
||||
"github.com/gravitational/trace"
|
||||
"github.com/jonboulle/clockwork"
|
||||
"github.com/stretchr/testify/require"
|
||||
|
||||
"github.com/gravitational/teleport/api/defaults"
|
||||
"github.com/gravitational/teleport/api/types"
|
||||
"github.com/gravitational/teleport/lib/auth/testauthority"
|
||||
)
|
||||
|
||||
type ec2Instance struct {
|
||||
|
|
@ -157,7 +157,7 @@ func TestAuth_RegisterUsingToken_EC2(t *testing.T) {
|
|||
_, err = a.UpsertNode(ctx, node)
|
||||
require.NoError(t, err)
|
||||
|
||||
sshPrivateKey, sshPublicKey, err := native.GenerateKeyPair()
|
||||
sshPrivateKey, sshPublicKey, err := testauthority.New().GenerateKeyPair()
|
||||
require.NoError(t, err)
|
||||
|
||||
tlsPublicKey, err := PrivateKeyToPublicKeyTLS(sshPrivateKey)
|
||||
|
|
@ -607,7 +607,7 @@ func TestHostUniqueCheck(t *testing.T) {
|
|||
err = a.UpsertToken(context.Background(), token)
|
||||
require.NoError(t, err)
|
||||
|
||||
sshPrivateKey, sshPublicKey, err := native.GenerateKeyPair()
|
||||
sshPrivateKey, sshPublicKey, err := testauthority.New().GenerateKeyPair()
|
||||
require.NoError(t, err)
|
||||
|
||||
tlsPublicKey, err := PrivateKeyToPublicKeyTLS(sshPrivateKey)
|
||||
|
|
|
|||
|
|
@ -28,13 +28,13 @@ import (
|
|||
"text/template"
|
||||
"time"
|
||||
|
||||
"github.com/coreos/go-semver/semver"
|
||||
"github.com/gravitational/trace"
|
||||
"github.com/stretchr/testify/require"
|
||||
|
||||
"github.com/gravitational/teleport/api/client/proto"
|
||||
"github.com/gravitational/teleport/api/types"
|
||||
"github.com/gravitational/teleport/lib/auth/native"
|
||||
"github.com/gravitational/trace"
|
||||
|
||||
"github.com/coreos/go-semver/semver"
|
||||
"github.com/stretchr/testify/require"
|
||||
"github.com/gravitational/teleport/lib/auth/testauthority"
|
||||
)
|
||||
|
||||
func responseFromAWSIdentity(id awsIdentity) string {
|
||||
|
|
@ -115,7 +115,7 @@ func TestAuth_RegisterUsingIAMMethod(t *testing.T) {
|
|||
require.NoError(t, err)
|
||||
a := p.a
|
||||
|
||||
sshPrivateKey, sshPublicKey, err := native.GenerateKeyPair()
|
||||
sshPrivateKey, sshPublicKey, err := testauthority.New().GenerateKeyPair()
|
||||
require.NoError(t, err)
|
||||
|
||||
tlsPublicKey, err := PrivateKeyToPublicKeyTLS(sshPrivateKey)
|
||||
|
|
|
|||
|
|
@ -21,17 +21,18 @@ import (
|
|||
"testing"
|
||||
"time"
|
||||
|
||||
"github.com/gravitational/teleport/api/client/proto"
|
||||
"github.com/gravitational/teleport/api/types"
|
||||
"github.com/gravitational/teleport/api/types/wrappers"
|
||||
"github.com/gravitational/teleport/api/utils/sshutils"
|
||||
"github.com/gravitational/teleport/lib/auth/native"
|
||||
"github.com/gravitational/teleport/lib/tlsca"
|
||||
"github.com/gravitational/teleport/lib/utils"
|
||||
"github.com/gravitational/trace"
|
||||
"github.com/jonboulle/clockwork"
|
||||
"github.com/stretchr/testify/require"
|
||||
"golang.org/x/crypto/ssh"
|
||||
|
||||
"github.com/gravitational/teleport/api/client/proto"
|
||||
"github.com/gravitational/teleport/api/types"
|
||||
"github.com/gravitational/teleport/api/types/wrappers"
|
||||
"github.com/gravitational/teleport/api/utils/sshutils"
|
||||
"github.com/gravitational/teleport/lib/auth/testauthority"
|
||||
"github.com/gravitational/teleport/lib/tlsca"
|
||||
"github.com/gravitational/teleport/lib/utils"
|
||||
)
|
||||
|
||||
func TestAuth_RegisterUsingToken(t *testing.T) {
|
||||
|
|
@ -60,7 +61,7 @@ func TestAuth_RegisterUsingToken(t *testing.T) {
|
|||
require.NoError(t, err)
|
||||
require.NotNil(t, dynamicToken)
|
||||
|
||||
sshPrivateKey, sshPublicKey, err := native.GenerateKeyPair()
|
||||
sshPrivateKey, sshPublicKey, err := testauthority.New().GenerateKeyPair()
|
||||
require.NoError(t, err)
|
||||
|
||||
tlsPublicKey, err := PrivateKeyToPublicKeyTLS(sshPrivateKey)
|
||||
|
|
@ -298,7 +299,7 @@ func TestRegister_Bot(t *testing.T) {
|
|||
err = srv.Auth().UpsertToken(context.Background(), wrongUser)
|
||||
require.NoError(t, err)
|
||||
|
||||
privateKey, publicKey, err := native.GenerateKeyPair()
|
||||
privateKey, publicKey, err := testauthority.New().GenerateKeyPair()
|
||||
require.NoError(t, err)
|
||||
sshPrivateKey, err := ssh.ParseRawPrivateKey(privateKey)
|
||||
require.NoError(t, err)
|
||||
|
|
|
|||
|
|
@ -41,6 +41,7 @@ import (
|
|||
"github.com/gravitational/teleport"
|
||||
"github.com/gravitational/teleport/api/constants"
|
||||
"github.com/gravitational/teleport/api/types"
|
||||
"github.com/gravitational/teleport/lib/auth/keystore"
|
||||
authority "github.com/gravitational/teleport/lib/auth/testauthority"
|
||||
"github.com/gravitational/teleport/lib/backend"
|
||||
"github.com/gravitational/teleport/lib/backend/memory"
|
||||
|
|
@ -78,6 +79,9 @@ func setUpSuite(t *testing.T) *OIDCSuite {
|
|||
Backend: s.b,
|
||||
Authority: authority.New(),
|
||||
SkipPeriodicOperations: true,
|
||||
KeyStoreConfig: keystore.Config{
|
||||
RSAKeyPairSource: authority.New().GenerateKeyPair,
|
||||
},
|
||||
}
|
||||
s.a, err = NewServer(authConfig)
|
||||
require.NoError(t, err)
|
||||
|
|
|
|||
|
|
@ -31,6 +31,7 @@ import (
|
|||
"github.com/gravitational/teleport/api/types"
|
||||
apievents "github.com/gravitational/teleport/api/types/events"
|
||||
wantypes "github.com/gravitational/teleport/api/types/webauthn"
|
||||
"github.com/gravitational/teleport/lib/auth/keystore"
|
||||
authority "github.com/gravitational/teleport/lib/auth/testauthority"
|
||||
wanlib "github.com/gravitational/teleport/lib/auth/webauthn"
|
||||
"github.com/gravitational/teleport/lib/backend"
|
||||
|
|
@ -78,6 +79,9 @@ func setupPasswordSuite(t *testing.T) *passwordSuite {
|
|||
Backend: s.bk,
|
||||
Authority: authority.New(),
|
||||
SkipPeriodicOperations: true,
|
||||
KeyStoreConfig: keystore.Config{
|
||||
RSAKeyPairSource: authority.New().GenerateKeyPair,
|
||||
},
|
||||
}
|
||||
s.a, err = NewServer(authConfig)
|
||||
require.NoError(t, err)
|
||||
|
|
|
|||
|
|
@ -34,6 +34,7 @@ import (
|
|||
|
||||
apidefaults "github.com/gravitational/teleport/api/defaults"
|
||||
"github.com/gravitational/teleport/api/types"
|
||||
"github.com/gravitational/teleport/lib/auth/keystore"
|
||||
authority "github.com/gravitational/teleport/lib/auth/testauthority"
|
||||
"github.com/gravitational/teleport/lib/backend/memory"
|
||||
"github.com/gravitational/teleport/lib/defaults"
|
||||
|
|
@ -65,6 +66,9 @@ func TestCreateSAMLUser(t *testing.T) {
|
|||
Backend: b,
|
||||
Authority: authority.New(),
|
||||
SkipPeriodicOperations: true,
|
||||
KeyStoreConfig: keystore.Config{
|
||||
RSAKeyPairSource: authority.New().GenerateKeyPair,
|
||||
},
|
||||
}
|
||||
|
||||
a, err := NewServer(authConfig)
|
||||
|
|
@ -188,6 +192,9 @@ func TestPingSAMLWorkaround(t *testing.T) {
|
|||
Backend: b,
|
||||
Authority: authority.New(),
|
||||
SkipPeriodicOperations: true,
|
||||
KeyStoreConfig: keystore.Config{
|
||||
RSAKeyPairSource: authority.New().GenerateKeyPair,
|
||||
},
|
||||
}
|
||||
|
||||
a, err := NewServer(authConfig)
|
||||
|
|
@ -277,6 +284,9 @@ func TestServer_getConnectorAndProvider(t *testing.T) {
|
|||
Backend: b,
|
||||
Authority: authority.New(),
|
||||
SkipPeriodicOperations: true,
|
||||
KeyStoreConfig: keystore.Config{
|
||||
RSAKeyPairSource: authority.New().GenerateKeyPair,
|
||||
},
|
||||
}
|
||||
|
||||
a, err := NewServer(authConfig)
|
||||
|
|
@ -391,6 +401,9 @@ func TestServer_ValidateSAMLResponse(t *testing.T) {
|
|||
Backend: b,
|
||||
Authority: authority.New(),
|
||||
SkipPeriodicOperations: true,
|
||||
KeyStoreConfig: keystore.Config{
|
||||
RSAKeyPairSource: authority.New().GenerateKeyPair,
|
||||
},
|
||||
}
|
||||
|
||||
a, err := NewServer(authConfig)
|
||||
|
|
|
|||
|
|
@ -22,12 +22,12 @@ import (
|
|||
"context"
|
||||
random "math/rand"
|
||||
|
||||
"github.com/gravitational/trace"
|
||||
"github.com/jonboulle/clockwork"
|
||||
|
||||
"github.com/gravitational/teleport/api/utils/keys"
|
||||
"github.com/gravitational/teleport/lib/auth/native"
|
||||
"github.com/gravitational/teleport/lib/services"
|
||||
"github.com/gravitational/trace"
|
||||
)
|
||||
|
||||
type Keygen struct {
|
||||
|
|
@ -56,11 +56,11 @@ func (n *Keygen) GeneratePrivateKey() (*keys.PrivateKey, error) {
|
|||
return keys.ParsePrivateKey(priv)
|
||||
}
|
||||
|
||||
func (n *Keygen) GetNewKeyPairFromPool() ([]byte, []byte, error) {
|
||||
func (n *Keygen) GetNewKeyPairFromPool() (priv []byte, pub []byte, err error) {
|
||||
return n.GenerateKeyPair()
|
||||
}
|
||||
|
||||
func (n *Keygen) GenerateKeyPair() ([]byte, []byte, error) {
|
||||
func (n *Keygen) GenerateKeyPair() (priv []byte, pub []byte, err error) {
|
||||
randomKey := testPairs[(random.Int() % len(testPairs))]
|
||||
return randomKey.Priv, randomKey.Pub, nil
|
||||
}
|
||||
|
|
@ -73,6 +73,43 @@ func (n *Keygen) GenerateUserCert(c services.UserCertParams) ([]byte, error) {
|
|||
return n.GenerateUserCertWithoutValidation(c)
|
||||
}
|
||||
|
||||
func (n *Keygen) GenerateJWT() (pub []byte, priv []byte, err error) {
|
||||
return []byte(`-----BEGIN RSA PUBLIC KEY-----
|
||||
MIIBCgKCAQEA+Igxw1i29PtAgaXOdJnkpPRaKANbIYvXpXZ3+UZ0MGYEnS01nqVE
|
||||
gSic9sDPKtPcw0Bj35u6/2TTJpB1BJqYrcMB1ahP2aRzBgomUSV1BPVLI7F7EH6U
|
||||
TIdk41ZT0qBtpPlUWJEAjmkPEcC8e+4oBpwW+mvdvupVcrTgFFLqzsvx2ger2S89
|
||||
/IrVPWPoW513Dml5zJMgiWEf5cKyyXtQAtieftQmX5bJ9t4PEmH3+mMCu4WKKNt9
|
||||
rLkmqva/gU21PHsop4nbjl5Sd8wITJkfvf/okxLIv1YXkg9z7RpbzSfvQSUUp9RR
|
||||
9n4Y1beA+k6YyMGjUHeRw3PfbKfiDFaRvQIDAQAB
|
||||
-----END RSA PUBLIC KEY-----`), []byte(`-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEpQIBAAKCAQEA+Igxw1i29PtAgaXOdJnkpPRaKANbIYvXpXZ3+UZ0MGYEnS01
|
||||
nqVEgSic9sDPKtPcw0Bj35u6/2TTJpB1BJqYrcMB1ahP2aRzBgomUSV1BPVLI7F7
|
||||
EH6UTIdk41ZT0qBtpPlUWJEAjmkPEcC8e+4oBpwW+mvdvupVcrTgFFLqzsvx2ger
|
||||
2S89/IrVPWPoW513Dml5zJMgiWEf5cKyyXtQAtieftQmX5bJ9t4PEmH3+mMCu4WK
|
||||
KNt9rLkmqva/gU21PHsop4nbjl5Sd8wITJkfvf/okxLIv1YXkg9z7RpbzSfvQSUU
|
||||
p9RR9n4Y1beA+k6YyMGjUHeRw3PfbKfiDFaRvQIDAQABAoIBAQCFdN0EAQd91c11
|
||||
0QtkIZ9d1Lj085hkEyvhdhRGj0alFqMzo6s/XY/Dq4NeHXshjFLnphP7ZyyrKAEa
|
||||
nEe6CSojZKv/hzoZrOz3OUwKFwsXdoC60fs7iD0qOyo5yYmJeQxnoltgk7ywvEmT
|
||||
RuPvyJtFsVvFbVbNxhfMWMRbJYthL6Pwxi5yd0gGt1Iyav5AqUojnBCQsPM0NEHI
|
||||
SyoO0Id0Fqc8j621IlnHhsR6yTQjsOeRX7mn3oBsAVQ/xS7RG5vF9NzJW58PgSiA
|
||||
4OYDbwzZvUq76AF1CcuTOkoaqiTnvkljvSK60EkmCAB2J5ivOM1VqjfFUREsrg5y
|
||||
1ZQHNXkhAoGBAP18/TJL/SVpqD/4fJq8ZUk7jGYhcpRMSAOSkTVfQ3wQrJZx1hAD
|
||||
K75OVUyLKe5R+4uS1VuMrkwK5EBIWhbFjTvcOKQjkWMYQsY/lSvJsyhHImYvnjnQ
|
||||
cYDb44bKfRZ+iVPnYotxmdZ5aalFS3iEJh7ZXsMnIJ9Twc0Vo0QYN7unAoGBAPr+
|
||||
ohQc5VGPsGmNUY/+9CDtTBUlnd8hDU/LY2d2A0pW3Pp3yc/LKbNN+o9r8TjgaMe+
|
||||
FH0AcglXy3hyX1Tx6e6C4ZpaAk1utxpgEVVou12mKYmndyNaH2tgwb1hFbzTdKPV
|
||||
Ff+ygtki/Eu6urigZZss9bhq61r4k3AzuPjC4GP7AoGBAJRy2iTWc42xbqLn9rD3
|
||||
m6ljgjldZSiL87CD6R4EiBTj/u6sA9ykvr1YSoPlC81RnaqDdweCP6Cw0DMFLB0h
|
||||
3DAuK82UNtR9pL1NByL5oD36Sp7lTBg3hgEcxQZvFwpRWEMWwpM/GASOXd6Pgj81
|
||||
xM1UJzbKd0RXXKup/E8oj5sJAoGAU2rPSSn1WO8NbXcnNVlBn7PeBmUzG9YrS2rI
|
||||
RblmDI3j8WZgbywRVuNCs+nnCMUkbcYRnx3HyK0iFYzFfEDOQ5PCEP97Jmr2ddCZ
|
||||
0i31n4E66uH6aYhpStGkciFTDSel61FFd27HqAzFlxGfPv8n5bPCkqEOSXS146N9
|
||||
BUgXNYMCgYEA3PmxSB3+P8wdozMxWUndrzwol07rNjWJGSMvBa+TPgHqNRQoDByZ
|
||||
9xs+lyfPZlyk4fBG4Il1AhnMgPH5/eph0ERYVokNH+k3lsIKZ9xorWQXEM6X2tNO
|
||||
UDjWGmIjGpyTetPVS0OEpVzwTSMg/t5s7QhRNMvfnqPcm0DhY6fB2bA=
|
||||
-----END RSA PRIVATE KEY-----`), nil
|
||||
}
|
||||
|
||||
type PreparedKeyPair struct {
|
||||
Priv []byte
|
||||
Pub []byte
|
||||
|
|
|
|||
|
|
@ -47,7 +47,7 @@ import (
|
|||
"github.com/gravitational/teleport/api/types"
|
||||
apiutils "github.com/gravitational/teleport/api/utils"
|
||||
"github.com/gravitational/teleport/api/utils/sshutils"
|
||||
"github.com/gravitational/teleport/lib/auth/native"
|
||||
"github.com/gravitational/teleport/lib/auth/testauthority"
|
||||
"github.com/gravitational/teleport/lib/defaults"
|
||||
"github.com/gravitational/teleport/lib/fixtures"
|
||||
"github.com/gravitational/teleport/lib/jwt"
|
||||
|
|
@ -1769,7 +1769,7 @@ func TestPluginData(t *testing.T) {
|
|||
ctx := context.Background()
|
||||
tt := setupAuthContext(ctx, t)
|
||||
|
||||
priv, pub, err := native.GenerateKeyPair()
|
||||
priv, pub, err := testauthority.New().GenerateKeyPair()
|
||||
require.NoError(t, err)
|
||||
|
||||
// make sure we can parse the private and public key
|
||||
|
|
@ -1861,7 +1861,7 @@ func TestGenerateCerts(t *testing.T) {
|
|||
ctx := context.Background()
|
||||
|
||||
srv := newTestTLSServer(t)
|
||||
priv, pub, err := native.GenerateKeyPair()
|
||||
priv, pub, err := testauthority.New().GenerateKeyPair()
|
||||
require.NoError(t, err)
|
||||
|
||||
// make sure we can parse the private and public key
|
||||
|
|
@ -2317,7 +2317,7 @@ func TestCertificateFormat(t *testing.T) {
|
|||
ctx := context.Background()
|
||||
tt := setupAuthContext(ctx, t)
|
||||
|
||||
priv, pub, err := native.GenerateKeyPair()
|
||||
priv, pub, err := testauthority.New().GenerateKeyPair()
|
||||
require.NoError(t, err)
|
||||
|
||||
// make sure we can parse the private and public key
|
||||
|
|
@ -2396,7 +2396,7 @@ func TestClusterConfigContext(t *testing.T) {
|
|||
proxy, err := tt.server.NewClient(TestBuiltin(types.RoleProxy))
|
||||
require.NoError(t, err)
|
||||
|
||||
_, pub, err := native.GenerateKeyPair()
|
||||
_, pub, err := testauthority.New().GenerateKeyPair()
|
||||
require.NoError(t, err)
|
||||
|
||||
// try and generate a host cert, this should fail because we are recording
|
||||
|
|
@ -2648,7 +2648,7 @@ func TestLoginNoLocalAuth(t *testing.T) {
|
|||
require.True(t, trace.IsAccessDenied(err))
|
||||
|
||||
// Make sure access is denied for SSH login.
|
||||
_, pub, err := native.GenerateKeyPair()
|
||||
_, pub, err := testauthority.New().GenerateKeyPair()
|
||||
require.NoError(t, err)
|
||||
_, err = tt.server.Auth().AuthenticateSSHUser(ctx, AuthenticateSSHRequest{
|
||||
AuthenticateUserRequest: AuthenticateUserRequest{
|
||||
|
|
@ -2760,7 +2760,7 @@ func TestRegisterCAPin(t *testing.T) {
|
|||
require.NoError(t, err)
|
||||
|
||||
// Generate public and private keys for node.
|
||||
priv, pub, err := native.GenerateKeyPair()
|
||||
priv, pub, err := testauthority.New().GenerateKeyPair()
|
||||
require.NoError(t, err)
|
||||
privateKey, err := ssh.ParseRawPrivateKey(priv)
|
||||
require.NoError(t, err)
|
||||
|
|
@ -2899,7 +2899,7 @@ func TestRegisterCAPath(t *testing.T) {
|
|||
require.NoError(t, err)
|
||||
|
||||
// Generate public and private keys for node.
|
||||
priv, pub, err := native.GenerateKeyPair()
|
||||
priv, pub, err := testauthority.New().GenerateKeyPair()
|
||||
require.NoError(t, err)
|
||||
privateKey, err := ssh.ParseRawPrivateKey(priv)
|
||||
require.NoError(t, err)
|
||||
|
|
|
|||
|
|
@ -24,6 +24,7 @@ import (
|
|||
|
||||
"github.com/gravitational/teleport"
|
||||
"github.com/gravitational/teleport/api/types"
|
||||
"github.com/gravitational/teleport/lib/auth/keystore"
|
||||
authority "github.com/gravitational/teleport/lib/auth/testauthority"
|
||||
"github.com/gravitational/teleport/lib/backend/memory"
|
||||
"github.com/gravitational/teleport/lib/services"
|
||||
|
|
@ -282,6 +283,9 @@ func newTestAuthServer(ctx context.Context, t *testing.T, name ...string) *Serve
|
|||
Backend: bk,
|
||||
Authority: authority.New(),
|
||||
SkipPeriodicOperations: true,
|
||||
KeyStoreConfig: keystore.Config{
|
||||
RSAKeyPairSource: authority.New().GenerateKeyPair,
|
||||
},
|
||||
}
|
||||
a, err := NewServer(authConfig)
|
||||
require.NoError(t, err)
|
||||
|
|
|
|||
|
|
@ -26,17 +26,7 @@ import (
|
|||
"time"
|
||||
|
||||
"github.com/google/uuid"
|
||||
"github.com/gravitational/teleport"
|
||||
apidefaults "github.com/gravitational/teleport/api/defaults"
|
||||
"github.com/gravitational/teleport/api/types"
|
||||
"github.com/gravitational/teleport/lib/auth"
|
||||
"github.com/gravitational/teleport/lib/auth/native"
|
||||
"github.com/gravitational/teleport/lib/events/eventstest"
|
||||
"github.com/gravitational/trace"
|
||||
|
||||
"github.com/gravitational/teleport/lib/limiter"
|
||||
"github.com/gravitational/teleport/lib/services"
|
||||
"github.com/gravitational/teleport/lib/tlsca"
|
||||
"github.com/jonboulle/clockwork"
|
||||
"github.com/stretchr/testify/require"
|
||||
"k8s.io/client-go/kubernetes"
|
||||
|
|
@ -44,6 +34,17 @@ import (
|
|||
"k8s.io/client-go/rest"
|
||||
"k8s.io/client-go/tools/clientcmd"
|
||||
clientcmdapi "k8s.io/client-go/tools/clientcmd/api"
|
||||
|
||||
"github.com/gravitational/teleport"
|
||||
apidefaults "github.com/gravitational/teleport/api/defaults"
|
||||
"github.com/gravitational/teleport/api/types"
|
||||
"github.com/gravitational/teleport/lib/auth"
|
||||
"github.com/gravitational/teleport/lib/auth/native"
|
||||
"github.com/gravitational/teleport/lib/auth/testauthority"
|
||||
"github.com/gravitational/teleport/lib/events/eventstest"
|
||||
"github.com/gravitational/teleport/lib/limiter"
|
||||
"github.com/gravitational/teleport/lib/services"
|
||||
"github.com/gravitational/teleport/lib/tlsca"
|
||||
)
|
||||
|
||||
type testContext struct {
|
||||
|
|
@ -280,7 +281,7 @@ func (c *testContext) genTestKubeClientTLSCert(t *testing.T, userName, kubeClust
|
|||
tlsCA, err := tlsca.FromCertAndSigner(caCert, signer)
|
||||
require.NoError(t, err)
|
||||
|
||||
privPEM, _, err := native.GenerateKeyPair()
|
||||
privPEM, _, err := testauthority.New().GenerateKeyPair()
|
||||
require.NoError(t, err)
|
||||
|
||||
priv, err := tlsca.ParsePrivateKeyPEM(privPEM)
|
||||
|
|
|
|||
|
|
@ -24,7 +24,6 @@ import (
|
|||
"github.com/stretchr/testify/require"
|
||||
|
||||
"github.com/gravitational/teleport/api/types"
|
||||
"github.com/gravitational/teleport/lib/auth/native"
|
||||
"github.com/gravitational/teleport/lib/auth/testauthority"
|
||||
. "github.com/gravitational/teleport/lib/services"
|
||||
"github.com/gravitational/teleport/lib/tlsca"
|
||||
|
|
@ -171,7 +170,7 @@ func TestCertAuthorityUTCUnmarshal(t *testing.T) {
|
|||
ta := testauthority.New()
|
||||
t.Cleanup(ta.Close)
|
||||
|
||||
_, pub, err := native.GenerateKeyPair()
|
||||
_, pub, err := testauthority.New().GenerateKeyPair()
|
||||
require.NoError(t, err)
|
||||
_, cert, err := tlsca.GenerateSelfSignedCA(pkix.Name{CommonName: "clustername"}, nil, time.Hour)
|
||||
require.NoError(t, err)
|
||||
|
|
|
|||
|
|
@ -29,20 +29,21 @@ import (
|
|||
|
||||
"github.com/google/go-cmp/cmp"
|
||||
"github.com/google/uuid"
|
||||
"github.com/gravitational/teleport"
|
||||
"github.com/gravitational/teleport/api/constants"
|
||||
apidefaults "github.com/gravitational/teleport/api/defaults"
|
||||
"github.com/gravitational/teleport/api/types"
|
||||
"github.com/gravitational/teleport/lib/defaults"
|
||||
"github.com/gravitational/teleport/lib/fixtures"
|
||||
"github.com/gravitational/teleport/lib/jwt"
|
||||
"github.com/gravitational/teleport/lib/services"
|
||||
"github.com/gravitational/teleport/lib/tlsca"
|
||||
"github.com/gravitational/trace"
|
||||
"github.com/jonboulle/clockwork"
|
||||
log "github.com/sirupsen/logrus"
|
||||
"github.com/stretchr/testify/require"
|
||||
"golang.org/x/crypto/ssh"
|
||||
|
||||
"github.com/gravitational/teleport"
|
||||
"github.com/gravitational/teleport/api/constants"
|
||||
apidefaults "github.com/gravitational/teleport/api/defaults"
|
||||
"github.com/gravitational/teleport/api/types"
|
||||
"github.com/gravitational/teleport/lib/auth/testauthority"
|
||||
"github.com/gravitational/teleport/lib/defaults"
|
||||
"github.com/gravitational/teleport/lib/fixtures"
|
||||
"github.com/gravitational/teleport/lib/services"
|
||||
"github.com/gravitational/teleport/lib/tlsca"
|
||||
)
|
||||
|
||||
// NewTestCA returns new test authority with a test key as a public and
|
||||
|
|
@ -119,7 +120,7 @@ func NewTestCAWithConfig(config TestCAConfig) *types.CertAuthorityV2 {
|
|||
case types.KindJWT:
|
||||
// Generating keys is CPU intensive operation. Generate JWT keys only
|
||||
// when needed.
|
||||
publicKey, privateKey, err := jwt.GenerateKeyPair()
|
||||
publicKey, privateKey, err := testauthority.New().GenerateJWT()
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -40,7 +40,7 @@ import (
|
|||
"github.com/gravitational/teleport/api/types"
|
||||
apievents "github.com/gravitational/teleport/api/types/events"
|
||||
"github.com/gravitational/teleport/lib/auth"
|
||||
"github.com/gravitational/teleport/lib/auth/native"
|
||||
"github.com/gravitational/teleport/lib/auth/testauthority"
|
||||
"github.com/gravitational/teleport/lib/events"
|
||||
"github.com/gravitational/teleport/lib/services"
|
||||
libsession "github.com/gravitational/teleport/lib/session"
|
||||
|
|
@ -215,7 +215,7 @@ func SetUpSuiteWithConfig(t *testing.T, config suiteConfig) *Suite {
|
|||
tlsConfig.Time = s.clock.Now
|
||||
|
||||
// Generate certificate for user.
|
||||
privateKey, publicKey, err := native.GenerateKeyPair()
|
||||
privateKey, publicKey, err := testauthority.New().GenerateKeyPair()
|
||||
require.NoError(t, err)
|
||||
certificate, err := s.tlsServer.Auth().GenerateUserAppTestCert(auth.AppTestCertRequest{
|
||||
PublicKey: publicKey,
|
||||
|
|
@ -229,7 +229,7 @@ func SetUpSuiteWithConfig(t *testing.T, config suiteConfig) *Suite {
|
|||
require.NoError(t, err)
|
||||
|
||||
// Generate certificate for AWS console application.
|
||||
privateKey, publicKey, err = native.GenerateKeyPair()
|
||||
privateKey, publicKey, err = testauthority.New().GenerateKeyPair()
|
||||
require.NoError(t, err)
|
||||
certificate, err = s.tlsServer.Auth().GenerateUserAppTestCert(auth.AppTestCertRequest{
|
||||
PublicKey: publicKey,
|
||||
|
|
|
|||
|
|
@ -36,6 +36,7 @@ import (
|
|||
apievents "github.com/gravitational/teleport/api/types/events"
|
||||
apisshutils "github.com/gravitational/teleport/api/utils/sshutils"
|
||||
"github.com/gravitational/teleport/lib/auth"
|
||||
"github.com/gravitational/teleport/lib/auth/keystore"
|
||||
"github.com/gravitational/teleport/lib/auth/testauthority"
|
||||
"github.com/gravitational/teleport/lib/backend/lite"
|
||||
"github.com/gravitational/teleport/lib/events/eventstest"
|
||||
|
|
@ -120,6 +121,9 @@ func NewMockServer(t *testing.T) *MockServer {
|
|||
Authority: testauthority.New(),
|
||||
ClusterName: clusterName,
|
||||
StaticTokens: staticTokens,
|
||||
KeyStoreConfig: keystore.Config{
|
||||
RSAKeyPairSource: testauthority.New().GenerateKeyPair,
|
||||
},
|
||||
}
|
||||
|
||||
authServer, err := auth.NewServer(authCfg, auth.WithClock(clock))
|
||||
|
|
|
|||
|
|
@ -45,7 +45,7 @@ import (
|
|||
tracessh "github.com/gravitational/teleport/api/observability/tracing/ssh"
|
||||
"github.com/gravitational/teleport/api/types"
|
||||
"github.com/gravitational/teleport/lib/auth"
|
||||
"github.com/gravitational/teleport/lib/auth/native"
|
||||
"github.com/gravitational/teleport/lib/auth/testauthority"
|
||||
"github.com/gravitational/teleport/lib/bpf"
|
||||
"github.com/gravitational/teleport/lib/events"
|
||||
"github.com/gravitational/teleport/lib/limiter"
|
||||
|
|
@ -149,7 +149,7 @@ func newCustomFixture(t *testing.T, mutateCfg func(*auth.TestServerConfig), sshO
|
|||
require.NoError(t, err)
|
||||
t.Cleanup(func() { require.NoError(t, testServer.Shutdown(ctx)) })
|
||||
|
||||
priv, pub, err := native.GenerateKeyPair()
|
||||
priv, pub, err := testauthority.New().GenerateKeyPair()
|
||||
require.NoError(t, err)
|
||||
|
||||
tlsPub, err := auth.PrivateKeyToPublicKeyTLS(priv)
|
||||
|
|
@ -1646,7 +1646,7 @@ func newRawNode(t *testing.T, authSrv *auth.Server) *rawNode {
|
|||
hostname, err := os.Hostname()
|
||||
require.NoError(t, err)
|
||||
|
||||
priv, pub, err := native.GenerateKeyPair()
|
||||
priv, pub, err := testauthority.New().GenerateKeyPair()
|
||||
require.NoError(t, err)
|
||||
|
||||
tlsPub, err := auth.PrivateKeyToPublicKeyTLS(priv)
|
||||
|
|
@ -2082,7 +2082,7 @@ type upack struct {
|
|||
func newUpack(testSvr *auth.TestServer, username string, allowedLogins []string, allowedLabels types.Labels) (*upack, error) {
|
||||
ctx := context.Background()
|
||||
auth := testSvr.Auth()
|
||||
upriv, upub, err := native.GenerateKeyPair()
|
||||
upriv, upub, err := testauthority.New().GenerateKeyPair()
|
||||
if err != nil {
|
||||
return nil, trace.Wrap(err)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -21,21 +21,21 @@ import (
|
|||
"testing"
|
||||
"time"
|
||||
|
||||
"github.com/gravitational/trace"
|
||||
"github.com/jonboulle/clockwork"
|
||||
"github.com/stretchr/testify/require"
|
||||
"golang.org/x/crypto/ssh"
|
||||
|
||||
"github.com/gravitational/teleport/api/client/proto"
|
||||
"github.com/gravitational/teleport/api/client/webclient"
|
||||
"github.com/gravitational/teleport/api/constants"
|
||||
"github.com/gravitational/teleport/api/types"
|
||||
"github.com/gravitational/teleport/lib/auth"
|
||||
"github.com/gravitational/teleport/lib/auth/native"
|
||||
"github.com/gravitational/teleport/lib/auth/testauthority"
|
||||
"github.com/gravitational/teleport/lib/fixtures"
|
||||
"github.com/gravitational/teleport/lib/services"
|
||||
"github.com/gravitational/teleport/lib/tbot/identity"
|
||||
"github.com/gravitational/teleport/lib/tlsca"
|
||||
"github.com/gravitational/trace"
|
||||
"github.com/jonboulle/clockwork"
|
||||
"github.com/stretchr/testify/require"
|
||||
"golang.org/x/crypto/ssh"
|
||||
)
|
||||
|
||||
const (
|
||||
|
|
@ -189,7 +189,7 @@ func getTestIdent(t *testing.T, username string, reqs ...identRequest) *identity
|
|||
ca, err := tlsca.FromKeys([]byte(fixtures.TLSCACertPEM), []byte(fixtures.TLSCAKeyPEM))
|
||||
require.NoError(t, err)
|
||||
|
||||
privateKey, sshPublicKey, err := native.GenerateKeyPair()
|
||||
privateKey, sshPublicKey, err := testauthority.New().GenerateKeyPair()
|
||||
require.NoError(t, err)
|
||||
|
||||
sshPrivateKey, err := ssh.ParseRawPrivateKey(privateKey)
|
||||
|
|
|
|||
|
|
@ -72,7 +72,7 @@ import (
|
|||
apievents "github.com/gravitational/teleport/api/types/events"
|
||||
"github.com/gravitational/teleport/lib/auth"
|
||||
"github.com/gravitational/teleport/lib/auth/mocku2f"
|
||||
"github.com/gravitational/teleport/lib/auth/native"
|
||||
"github.com/gravitational/teleport/lib/auth/testauthority"
|
||||
wanlib "github.com/gravitational/teleport/lib/auth/webauthn"
|
||||
"github.com/gravitational/teleport/lib/backend"
|
||||
"github.com/gravitational/teleport/lib/bpf"
|
||||
|
|
@ -185,7 +185,7 @@ func newWebSuite(t *testing.T) *WebSuite {
|
|||
})
|
||||
require.NoError(t, err)
|
||||
|
||||
priv, pub, err := native.GenerateKeyPair()
|
||||
priv, pub, err := testauthority.New().GenerateKeyPair()
|
||||
require.NoError(t, err)
|
||||
|
||||
tlsPub, err := auth.PrivateKeyToPublicKeyTLS(priv)
|
||||
|
|
@ -4477,7 +4477,7 @@ func newWebPack(t *testing.T, numProxies int) *webPack {
|
|||
})
|
||||
require.NoError(t, err)
|
||||
|
||||
priv, pub, err := native.GenerateKeyPair()
|
||||
priv, pub, err := testauthority.New().GenerateKeyPair()
|
||||
require.NoError(t, err)
|
||||
|
||||
tlsPub, err := auth.PrivateKeyToPublicKeyTLS(priv)
|
||||
|
|
|
|||
Loading…
Reference in a new issue