dehub/sigcred/pgp_test.go

package sigcred

import (
	"dehub/fs"
	"math/rand"
	"testing"
	"time"
)

// There are not currently tests for testing pgp signature creation, as they
// require calls out to the gpg executable. Wrapping tests in docker containers
// would make this doable.

func TestPGPVerification(t *testing.T) {
	tests := []struct {
		descr string
		init  func(pubKeyBody []byte) (SignifierInterface, fs.FS)
	}{
		{
			descr: "SignifierPGP",
			init: func(pubKeyBody []byte) (SignifierInterface, fs.FS) {
				return SignifierPGP{Body: string(pubKeyBody)}, nil
			},
		},
		{
			descr: "SignifierPGPFile",
			init: func(pubKeyBody []byte) (SignifierInterface, fs.FS) {
				pubKeyPath := "some/dir/pubkey.asc"
				fs := fs.Stub{pubKeyPath: pubKeyBody}
				sigPGPFile := SignifierPGPFile{Path: pubKeyPath}
				return sigPGPFile, fs
			},
		},
	}

	for _, test := range tests {
		t.Run(test.descr, func(t *testing.T) {
			seed := time.Now().UnixNano()
			t.Logf("seed: %d", seed)
			rand := rand.New(rand.NewSource(seed))
			privKey, pubKeyBody := SignifierPGPTmp("foo", rand)

			sig, fs := test.init(pubKeyBody)
			data := make([]byte, rand.Intn(1024))
			if _, err := rand.Read(data); err != nil {
				t.Fatal(err)
			}

			cred, err := privKey.Sign(nil, data)
			if err != nil {
				t.Fatal(err)
			}

			signed, err := sig.Signed(fs, cred)
			if err != nil {
				t.Fatal(err)
			} else if !signed {
				t.Fatal("expected signed to be true")
			}

			if err := sig.Verify(fs, data, cred); err != nil {
				t.Fatal(err)
			}
		})
	}
}
Initial commit, can create master commit and verify previous master commits message: Initial commit, can create master commit and verify previous master commits change_hash: ADgeVBdfi1hA0TTDrBIkYHaQQYoxZaInZz1p/BAH35Ng credentials: - type: pgp_signature pub_key_id: 95C46FA6A41148AC body: iQIzBAABAgAdFiEEJ6tQKp6olvZKJ0lwlcRvpqQRSKwFAl5IbRgACgkQlcRvpqQRSKzWjg/+P0a3einWQ8wFUe05qXUbmMQ4K86Oa4I85pF6kubZlFy/UbcjiPnTPRMKAhmGZi4WCz1sW1F2al4qKvtq3nvn6+hZY8dj0SjPgGG2lkMMLEVy1hjsO7d9S9ZEfUv0cHOcvkphgVQk+InkegBXvFS45mwKQLDOiW5tPcTFDHTHBmC/nlCV/sKCrZEmQGU7KaELJKOf26LSY2zXe6fbVCa8njpIycYS7Wulu2OODcI5n6Ye2U6DvxN6MvuNvziyX7VMePS1xEdJYpltsNMhSkMMGLU7dovxbrhD617uwOsm1847YX9HTJ3Ixs+M0yobHmz8ob4OBcZx8r3AoiyDo+HNMmAZ96ue8pPHmI+2O9jEmbmbH61yq4crhUVAP8PncSTdq0tiYKj/zaSTJ8CT2W0uicX/3v9EtIFn0thqe/qZzHh6upixvpXDpNjZZ5SxiVm8MITnWzInQRbo9yvFsfgd7LqMGKZeGv5q5rgNTRM4fwGrJDuslwj8V2B4uw1ofPncL+LHmXArXWiewvvJFU2uRpfvsl+u4is2dl2SGVpe7ixm+a088gllOQCMRgLbuaN8dQ/eqdkfdxUg+SYQlx6vykrdJOSQrs9zaX/JuxnaNBTi/yLY1FqFXaXBGID6qX1cnPilw+J6vEZYt1MBtzXX+UEjHyVowIhMRsnts6Wq3Z8= account: mediocregopher 2020-02-15 22:13:50 +00:00			`package sigcred`

			`import (`
			`"dehub/fs"`
			`"math/rand"`
			`"testing"`
			`"time"`
			`)`

			`// There are not currently tests for testing pgp signature creation, as they`
			`// require calls out to the gpg executable. Wrapping tests in docker containers`
			`// would make this doable.`

			`func TestPGPVerification(t *testing.T) {`
			`tests := []struct {`
			`descr string`
			`init func(pubKeyBody []byte) (SignifierInterface, fs.FS)`
			`}{`
			`{`
			`descr: "SignifierPGP",`
			`init: func(pubKeyBody []byte) (SignifierInterface, fs.FS) {`
			`return SignifierPGP{Body: string(pubKeyBody)}, nil`
			`},`
			`},`
			`{`
			`descr: "SignifierPGPFile",`
			`init: func(pubKeyBody []byte) (SignifierInterface, fs.FS) {`
			`pubKeyPath := "some/dir/pubkey.asc"`
			`fs := fs.Stub{pubKeyPath: pubKeyBody}`
			`sigPGPFile := SignifierPGPFile{Path: pubKeyPath}`
			`return sigPGPFile, fs`
			`},`
			`},`
			`}`

			`for _, test := range tests {`
			`t.Run(test.descr, func(t *testing.T) {`
			`seed := time.Now().UnixNano()`
			`t.Logf("seed: %d", seed)`
			`rand := rand.New(rand.NewSource(seed))`
Modify how SignifierInterface is produced so it always sets AccountID on Credentials --- type: change message: \|- Modify how SignifierInterface is produced so it always sets AccountID on Credentials Previously it was the responsibility of the caller of the Sign method to set the AccountID on the produced Credential, but this didn't really make sense. This commit makes it so that all SignifierInterface's produced by Signifier implicitly set the AccountID field. The solution here is still a bit hacky, and ultimately the real solution will probably be to refactor the structore of Credential, so that it doesn't have AccountID. change_hash: ADPuz04GuyxWwjo/0/jc7DcsPMl5rK0osSpaqmUxv818 credentials: - type: pgp_signature pub_key_id: 95C46FA6A41148AC body: iQIzBAABAgAdFiEEJ6tQKp6olvZKJ0lwlcRvpqQRSKwFAl5r+hgACgkQlcRvpqQRSKzwYBAAsY4tj+E5xtJSZ1TvrS0mwJ/lSHYWE4rS3eDMY3JUJLE1tr5k3OTRtUhh2UHCsArXSVF4sU8cBSCtf2noaThQm8KQghPMgoZ1LnPd4BnxxlE2gPik4FMcv+mCv9OgUh0AUO+rSXeYJA3oWunaW9kYollUdX/mVTQTmmbLBqBpeXF/TQO/bJTEEzA853j5QDT8//onfSIlzUw0UB57IZZZImp5/XrggHBbKdfhUTJ75LGMgDEDvDNIdV8lBys+RnMzK0Yj6EvLQhsw426+0Sf9vX3jtzj6WKhmi8QyYvcxIbcrWUScEfA/RAgf0A8KhqKq91bicSHjvyK1TZRSSWcS43ewamgvVWx0KSYYoIn7PPwOTmpHP8u6RzGEQFjOhP1EaGytQJKMXidU6CPTh+pYVtPZc8oLAwk+DyMquqfUSbzN/63t90HpTm7uycuzOnQxilYe2HKlbMJCId0a0DyAFrA+0pNRz0tyd3DvF4svCdEy82rzlUGEhq7aIJKoXIut+fKGEBd6Znz6oX15CyQq0oPthZcCqgFR0oTqufvV2iWo+26cd9dVTPVbJA9kSbaFchgdAqCkPA5wDVuNJJtMftf7STW8Lm6dnU6q9YFjZVdR55WtvUCINxBUtOirRzG1jcS0VNhhtb+SMNATEvDGJmt6neHM6Z17MAdwGS+s/hA= account: mediocregopher 2020-03-13 21:24:46 +00:00			`privKey, pubKeyBody := SignifierPGPTmp("foo", rand)`
Initial commit, can create master commit and verify previous master commits message: Initial commit, can create master commit and verify previous master commits change_hash: ADgeVBdfi1hA0TTDrBIkYHaQQYoxZaInZz1p/BAH35Ng credentials: - type: pgp_signature pub_key_id: 95C46FA6A41148AC body: iQIzBAABAgAdFiEEJ6tQKp6olvZKJ0lwlcRvpqQRSKwFAl5IbRgACgkQlcRvpqQRSKzWjg/+P0a3einWQ8wFUe05qXUbmMQ4K86Oa4I85pF6kubZlFy/UbcjiPnTPRMKAhmGZi4WCz1sW1F2al4qKvtq3nvn6+hZY8dj0SjPgGG2lkMMLEVy1hjsO7d9S9ZEfUv0cHOcvkphgVQk+InkegBXvFS45mwKQLDOiW5tPcTFDHTHBmC/nlCV/sKCrZEmQGU7KaELJKOf26LSY2zXe6fbVCa8njpIycYS7Wulu2OODcI5n6Ye2U6DvxN6MvuNvziyX7VMePS1xEdJYpltsNMhSkMMGLU7dovxbrhD617uwOsm1847YX9HTJ3Ixs+M0yobHmz8ob4OBcZx8r3AoiyDo+HNMmAZ96ue8pPHmI+2O9jEmbmbH61yq4crhUVAP8PncSTdq0tiYKj/zaSTJ8CT2W0uicX/3v9EtIFn0thqe/qZzHh6upixvpXDpNjZZ5SxiVm8MITnWzInQRbo9yvFsfgd7LqMGKZeGv5q5rgNTRM4fwGrJDuslwj8V2B4uw1ofPncL+LHmXArXWiewvvJFU2uRpfvsl+u4is2dl2SGVpe7ixm+a088gllOQCMRgLbuaN8dQ/eqdkfdxUg+SYQlx6vykrdJOSQrs9zaX/JuxnaNBTi/yLY1FqFXaXBGID6qX1cnPilw+J6vEZYt1MBtzXX+UEjHyVowIhMRsnts6Wq3Z8= account: mediocregopher 2020-02-15 22:13:50 +00:00
			`sig, fs := test.init(pubKeyBody)`
			`data := make([]byte, rand.Intn(1024))`
			`if _, err := rand.Read(data); err != nil {`
			`t.Fatal(err)`
			`}`

			`cred, err := privKey.Sign(nil, data)`
			`if err != nil {`
			`t.Fatal(err)`
			`}`

			`signed, err := sig.Signed(fs, cred)`
			`if err != nil {`
			`t.Fatal(err)`
			`} else if !signed {`
			`t.Fatal("expected signed to be true")`
			`}`

			`if err := sig.Verify(fs, data, cred); err != nil {`
			`t.Fatal(err)`
			`}`
			`})`
			`}`
			`}`