package sigcred import ( "dehub.dev/src/dehub.git/fs" "math/rand" "testing" "time" ) // There are not currently tests for testing pgp signature creation, as they // require calls out to the gpg executable. Wrapping tests in docker containers // would make this doable. func TestPGPVerification(t *testing.T) { tests := []struct { descr string init func(pubKeyBody []byte) (SignifierInterface, fs.FS) }{ { descr: "SignifierPGP", init: func(pubKeyBody []byte) (SignifierInterface, fs.FS) { return SignifierPGP{Body: string(pubKeyBody)}, nil }, }, { descr: "SignifierPGPFile", init: func(pubKeyBody []byte) (SignifierInterface, fs.FS) { pubKeyPath := "some/dir/pubkey.asc" fs := fs.Stub{pubKeyPath: pubKeyBody} sigPGPFile := SignifierPGPFile{Path: pubKeyPath} return sigPGPFile, fs }, }, } for _, test := range tests { t.Run(test.descr, func(t *testing.T) { seed := time.Now().UnixNano() t.Logf("seed: %d", seed) rand := rand.New(rand.NewSource(seed)) privKey, pubKeyBody := SignifierPGPTmp("foo", rand) sig, fs := test.init(pubKeyBody) data := make([]byte, rand.Intn(1024)) if _, err := rand.Read(data); err != nil { t.Fatal(err) } cred, err := privKey.Sign(nil, data) if err != nil { t.Fatal(err) } signed, err := sig.Signed(fs, cred) if err != nil { t.Fatal(err) } else if !signed { t.Fatal("expected signed to be true") } if err := sig.Verify(fs, data, cred); err != nil { t.Fatal(err) } }) } }