2020-02-15 22:13:50 +00:00
|
|
|
package sigcred
|
|
|
|
|
|
|
|
import (
|
|
|
|
"math/rand"
|
|
|
|
"testing"
|
|
|
|
"time"
|
2020-04-11 23:10:18 +00:00
|
|
|
|
|
|
|
"dehub.dev/src/dehub.git/fs"
|
2020-02-15 22:13:50 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
// There are not currently tests for testing pgp signature creation, as they
|
|
|
|
// require calls out to the gpg executable. Wrapping tests in docker containers
|
|
|
|
// would make this doable.
|
|
|
|
|
|
|
|
func TestPGPVerification(t *testing.T) {
|
|
|
|
tests := []struct {
|
|
|
|
descr string
|
2020-04-26 20:23:03 +00:00
|
|
|
init func(pubKeyBody []byte) (Signifier, fs.FS)
|
2020-02-15 22:13:50 +00:00
|
|
|
}{
|
|
|
|
{
|
2020-04-11 23:10:18 +00:00
|
|
|
descr: "SignifierPGP Body",
|
2020-04-26 20:23:03 +00:00
|
|
|
init: func(pubKeyBody []byte) (Signifier, fs.FS) {
|
2020-02-15 22:13:50 +00:00
|
|
|
return SignifierPGP{Body: string(pubKeyBody)}, nil
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
2020-04-11 23:10:18 +00:00
|
|
|
descr: "SignifierPGP Path",
|
2020-04-26 20:23:03 +00:00
|
|
|
init: func(pubKeyBody []byte) (Signifier, fs.FS) {
|
2020-02-15 22:13:50 +00:00
|
|
|
pubKeyPath := "some/dir/pubkey.asc"
|
|
|
|
fs := fs.Stub{pubKeyPath: pubKeyBody}
|
2020-04-11 23:10:18 +00:00
|
|
|
return SignifierPGP{Path: pubKeyPath}, fs
|
2020-02-15 22:13:50 +00:00
|
|
|
},
|
|
|
|
},
|
|
|
|
}
|
|
|
|
|
|
|
|
for _, test := range tests {
|
|
|
|
t.Run(test.descr, func(t *testing.T) {
|
|
|
|
seed := time.Now().UnixNano()
|
|
|
|
t.Logf("seed: %d", seed)
|
|
|
|
rand := rand.New(rand.NewSource(seed))
|
2020-04-12 17:59:23 +00:00
|
|
|
privKey, pubKeyBody := TestSignifierPGP("", false, rand)
|
2020-02-15 22:13:50 +00:00
|
|
|
|
|
|
|
sig, fs := test.init(pubKeyBody)
|
|
|
|
data := make([]byte, rand.Intn(1024))
|
|
|
|
if _, err := rand.Read(data); err != nil {
|
|
|
|
t.Fatal(err)
|
|
|
|
}
|
|
|
|
|
|
|
|
cred, err := privKey.Sign(nil, data)
|
|
|
|
if err != nil {
|
|
|
|
t.Fatal(err)
|
|
|
|
}
|
|
|
|
|
|
|
|
signed, err := sig.Signed(fs, cred)
|
|
|
|
if err != nil {
|
|
|
|
t.Fatal(err)
|
|
|
|
} else if !signed {
|
|
|
|
t.Fatal("expected signed to be true")
|
|
|
|
}
|
|
|
|
|
|
|
|
if err := sig.Verify(fs, data, cred); err != nil {
|
|
|
|
t.Fatal(err)
|
|
|
|
}
|
|
|
|
})
|
|
|
|
}
|
|
|
|
}
|