2011-03-15 05:51:36 +00:00
|
|
|
/*
|
2018-01-04 00:52:49 +00:00
|
|
|
Copyright 2011 The Perkeep Authors
|
2011-03-15 05:51:36 +00:00
|
|
|
|
|
|
|
|
Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
|
you may not use this file except in compliance with the License.
|
|
|
|
|
You may obtain a copy of the License at
|
|
|
|
|
|
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
|
|
|
|
|
|
Unless required by applicable law or agreed to in writing, software
|
|
|
|
|
distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
|
See the License for the specific language governing permissions and
|
|
|
|
|
limitations under the License.
|
|
|
|
|
*/
|
|
|
|
|
|
2013-11-16 23:00:30 +00:00
|
|
|
package jsonsign_test
|
2011-03-15 05:51:36 +00:00
|
|
|
|
|
|
|
|
import (
|
2012-03-20 04:00:51 +00:00
|
|
|
"bytes"
|
2018-01-16 23:03:16 +00:00
|
|
|
"context"
|
2011-03-15 16:55:10 +00:00
|
|
|
"fmt"
|
2012-03-20 04:00:51 +00:00
|
|
|
"sort"
|
2011-03-15 16:55:10 +00:00
|
|
|
"strings"
|
2011-03-15 05:51:36 +00:00
|
|
|
"testing"
|
2012-03-20 04:00:51 +00:00
|
|
|
|
2016-11-28 18:31:33 +00:00
|
|
|
"golang.org/x/crypto/openpgp"
|
Rename import paths from camlistore.org to perkeep.org.
Part of the project renaming, issue #981.
After this, users will need to mv their $GOPATH/src/camlistore.org to
$GOPATH/src/perkeep.org. Sorry.
This doesn't yet rename the tools like camlistored, camput, camget,
camtool, etc.
Also, this only moves the lru package to internal. More will move to
internal later.
Also, this doesn't yet remove the "/pkg/" directory. That'll likely
happen later.
This updates some docs, but not all.
devcam test now passes again, even with Go 1.10 (which requires vet
checks are clean too). So a bunch of vet tests are fixed in this CL
too, and a bunch of other broken tests are now fixed (introduced from
the past week of merging the CL backlog).
Change-Id: If580db1691b5b99f8ed6195070789b1f44877dd4
2018-01-01 22:41:41 +00:00
|
|
|
. "perkeep.org/pkg/jsonsign"
|
|
|
|
|
"perkeep.org/pkg/test"
|
|
|
|
|
. "perkeep.org/pkg/test/asserts"
|
2011-03-15 05:51:36 +00:00
|
|
|
)
|
|
|
|
|
|
2018-01-16 23:03:16 +00:00
|
|
|
var ctxbg = context.Background()
|
|
|
|
|
|
2011-03-15 16:55:10 +00:00
|
|
|
var pubKey1 = `-----BEGIN PGP PUBLIC KEY BLOCK-----
|
|
|
|
|
Version: GnuPG v1.4.10 (GNU/Linux)
|
|
|
|
|
|
|
|
|
|
mQENBEzgoVsBCAC/56aEJ9BNIGV9FVP+WzenTAkg12k86YqlwJVAB/VwdMlyXxvi
|
|
|
|
|
bCT1RVRfnYxscs14LLfcMWF3zMucw16mLlJCBSLvbZ0jn4h+/8vK5WuAdjw2YzLs
|
|
|
|
|
WtBcjWn3lV6tb4RJz5gtD/o1w8VWxwAnAVIWZntKAWmkcChCRgdUeWso76+plxE5
|
|
|
|
|
aRYBJqdT1mctGqNEISd/WYPMgwnWXQsVi3x4z1dYu2tD9uO1dkAff12z1kyZQIBQ
|
|
|
|
|
rexKYRRRh9IKAayD4kgS0wdlULjBU98aeEaMz1ckuB46DX3lAYqmmTEL/Rl9cOI0
|
|
|
|
|
Enpn/oOOfYFa5h0AFndZd1blMvruXfdAobjVABEBAAG0JUNhbWxpIFRlc3RlciA8
|
|
|
|
|
Y2FtbGktdGVzdEBleGFtcGxlLmNvbT6JATgEEwECACIFAkzgoVsCGwMGCwkIBwMC
|
|
|
|
|
BhUIAgkKCwQWAgMBAh4BAheAAAoJECkxpnwm9avaHE0IAJ/pMZgiURl3kefrFMAV
|
|
|
|
|
7ei0XDfTekZOwDRcZWTVQ/A97phpzO8t78qLYbFeHuq3myNhrlVO9Gyp+2V904rN
|
|
|
|
|
dudoHLhpegf5TNeHGmAGHBxcooMPMp0JyIDnUBxtCNGxgWfbKpEDRsQAjkCc7sR0
|
|
|
|
|
H+OegzlEf6JZGzEhV5ohOioTsC1DmJNoQsRz5Kes7sLoAzpQCbCv4yv+1o+mnzgW
|
|
|
|
|
9qPJXKxcScc0t2YTvcvpJ7LV8no1OP6vpYqB1A9Pzze6XFBlcXOUKbRKk0fEIV/u
|
|
|
|
|
pU3ph1fF7wlyRgA4A3iPwDC4BgVmHYkz9nYPn+7IcT/dDig5SWU+n7WZgGeyv75y
|
|
|
|
|
0Ue5AQ0ETOChWwEIALuHxKI+oSH+eeMSXhxcSUXnhp4cUeyvOV7oNPYcmsDclF0Y
|
|
|
|
|
7y8NrSPiEZod9vSTEDMq7hd3BG+feCBqjgR4qtmoXguJhWcnJqDBk5iAMuuAph9O
|
|
|
|
|
CC8QLACMJPhoxQ0UtDPKlpG4X8kLK1woHd716ulPl2KLjTgd6K4kCGj+CV5Ekn6u
|
|
|
|
|
IJj+3IPbYDOwk1l06ksimwQAY4dA1CXOTviH1bVqR6CzuzVPg4hcryWDva1rEO5c
|
|
|
|
|
LcOR8Wk/thANFLSNjqX8UgtGXhFZRWxKetFDQiX5f2BKoqTVYvD3pqt+zzyLNFAz
|
|
|
|
|
xhMc3cyFfqM8yQdzdEey/DIWtMoDqZCSVMJ63N8AEQEAAYkBHwQYAQIACQUCTOCh
|
|
|
|
|
WwIbDAAKCRApMaZ8JvWr2mHACACkco+fAfRK+gmprF2m8E0Bp1frwFH0g4RJVHXQ
|
|
|
|
|
BUDbg7OZbWumzD4Br28si6XDVMP6fLOeyD0EHYb6LhAHDkBLqx6e3kKG1mQ8fMIV
|
|
|
|
|
O4YMQfskYH2FJqlCtgMnM8N3oslPBTpZedNPSUq7HJh2pKr9GIDi1V+Hgc/qEigE
|
|
|
|
|
dj9f2zSSaKZdC4eL73GvlQOh+4XqgaMnMiKfI+/2WlRaJs1KOgKmIp5yHt0qY0ef
|
|
|
|
|
y+40BY/z9pMjyUvr/Wwp8KXArw0NAwzp8NUl5fNxRg9XWQWLn6hW8ydR20X3t2ym
|
|
|
|
|
iNSWzNQiTT6k7fumOABCoSZsow/AJxQSxqKOJBjgpKjIKCgY
|
|
|
|
|
=ru0J
|
|
|
|
|
-----END PGP PUBLIC KEY BLOCK-----`
|
|
|
|
|
|
2011-03-16 01:01:04 +00:00
|
|
|
var pubKey2 = `-----BEGIN PGP PUBLIC KEY BLOCK-----
|
|
|
|
|
Version: GnuPG v1.4.10 (GNU/Linux)
|
|
|
|
|
|
|
|
|
|
mQENBEz61lcBCADRQhcb9LIQdV3LhU5f7cCjOctmLsL+y4k4VKmznssWORiNPEHQ
|
|
|
|
|
13CxFLjRDN2OQYXi4NSqoUqHNMsRTUJTVW0CnznUUb11ibXLUYW/zbPN9dWs8PlI
|
|
|
|
|
UZSScS1dxtGKKk+VfXrvc1LB6pqrjWmAgEwQxsBWToW2IFR/eMo1LiVU83dzpKU1
|
|
|
|
|
n/yb8Jy9wizchspd9xecK2X0JnKLRIJklLTAKQ+XKP+cSwXmShcs+3pxu5f4piqF
|
|
|
|
|
7oBfh9noFA0vdGYNBGVch3DfJwFcTmLkkGFZKdiehWncvVYT1jxUkJvc0K44ohDH
|
|
|
|
|
smkG2VZm3rJCwi2GIWA/clLiDAhYM6vTI3oZABEBAAG0K0NhbWxpIFRlc3R1c2Vy
|
|
|
|
|
IFR3byA8Y2FtbGkudGVzdEBleGFtcGxlLmNvbT6JATgEEwECACIFAkz61lcCGwMG
|
|
|
|
|
CwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEIUeCLJL7Fq1c44IAKOJjymoinXd
|
|
|
|
|
9NOW7GfpHCmynzSflJJoRcRzsNz83lJbwITYCd1ExQxkO84sMKRPJiefc9epP/Hg
|
|
|
|
|
8V4b1SwkGi+A8WaoH/OZtEM8HA7iEKmV+wjfZE6kt+y0trbxdu42W5hLz/uerrNl
|
|
|
|
|
G+r90mBNjmJXsZxmwaZEFrLtFlqezCzdQSur35QLZMFvW6aoYFTAgOk1rk9lBtkC
|
|
|
|
|
DePaadZQGHNWr+Rw2M5xXv9BZ4Rrjl6VLjE2DuqMSBVkelckBcsmRppaszF3J8y3
|
|
|
|
|
9gd10xC+5/LVfhU8niDZjY3pIcjQwsYJ+Jdyce2OEYo1i6pQDiq2WewXdCJ28DVK
|
|
|
|
|
1SX38WFB3Zm5AQ0ETPrWVwEIAMQ/dRCrkhy2D0SzJV5o/Z3uVf1nFLlEFfavV45F
|
|
|
|
|
8wtG/Bi5EuZXoYqU+O79O7sPy9Dw3Qhxtvt159l6/sSLXYTBBs3HJ2zTVhI5tbAZ
|
|
|
|
|
DMz4/wfkRP/h74KuXnWfin1ynswzqdPVXgrRvTsfHbkwbTaRwbx186VYqM17Wqy2
|
|
|
|
|
hFAUCdQIIW0+X9upjGek+kESldSzeUV87fr3IN/pq6fRc90h8xAKfz6mMc7AAUUL
|
|
|
|
|
NLNxb9y18u4Bw+fKgc6W7YxB+gQN1IajmgGPcqUTxNxydWF974iqsKnkZpzHg0Ce
|
|
|
|
|
zGGLWzCAGzI8drltgJPBoGGo56U1s2hW6JzLUi03phV10H8AEQEAAYkBHwQYAQIA
|
|
|
|
|
CQUCTPrWVwIbDAAKCRCFHgiyS+xatUPIB/9VPOeIxH5UcNYuZT+LW2tdcWPNhyQ+
|
|
|
|
|
u5UC9DC2A3F9AYNYRwDcSVOMmqS8hPJxg/biFxFoGFgm14Vp0nd1blOHcmNXcDzk
|
|
|
|
|
XTv2CKcUbgYpvDVmfCcEf6seSf+/RDbyj/VzebE6yvXuwsPus7ntbMw+Dum42z55
|
|
|
|
|
XYiYsfEFu25RtxritG3eYklCKymdRg615pj8zoRpL5Z1NAy5QBb5sv5hPbdGSyqL
|
|
|
|
|
Kw6aLcq2IU7kev6CYJVyXzJ1XtsYv/o7hzKKmZ5WcwuPc9Yqh6onJt1RC8jzz8Ry
|
|
|
|
|
jyVNPb8AaaWVW1uZLg6Em61aKnbOG10B30m3CQ8dwBjF9hgmtcY0IZ/Y
|
|
|
|
|
=OWHA
|
|
|
|
|
-----END PGP PUBLIC KEY BLOCK-----
|
|
|
|
|
`
|
|
|
|
|
|
2011-03-19 04:17:26 +00:00
|
|
|
var pubKeyBlob1 = &test.Blob{pubKey1} // user 1
|
|
|
|
|
var pubKeyBlob2 = &test.Blob{pubKey2} // user 2
|
2011-03-15 16:55:10 +00:00
|
|
|
|
2011-03-24 23:47:51 +00:00
|
|
|
var testFetcher = &test.Fetcher{}
|
2011-03-15 16:55:10 +00:00
|
|
|
|
|
|
|
|
func init() {
|
|
|
|
|
testFetcher.AddBlob(pubKeyBlob1)
|
2011-03-16 01:01:04 +00:00
|
|
|
testFetcher.AddBlob(pubKeyBlob2)
|
2011-03-15 16:55:10 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func TestSigningBadInput(t *testing.T) {
|
2011-03-16 01:01:04 +00:00
|
|
|
sr := newRequest(1)
|
2011-03-15 16:55:10 +00:00
|
|
|
|
2012-07-28 22:42:56 +00:00
|
|
|
sr.UnsignedJSON = ""
|
2018-01-16 23:03:16 +00:00
|
|
|
_, err := sr.Sign(ctxbg)
|
2011-03-15 16:55:10 +00:00
|
|
|
ExpectErrorContains(t, err, "json parse error", "empty input")
|
|
|
|
|
|
2012-07-28 22:42:56 +00:00
|
|
|
sr.UnsignedJSON = "{}"
|
2018-01-16 23:03:16 +00:00
|
|
|
_, err = sr.Sign(ctxbg)
|
2011-03-15 16:55:10 +00:00
|
|
|
ExpectErrorContains(t, err, "json lacks \"camliSigner\" key", "just braces")
|
|
|
|
|
|
2012-07-28 22:42:56 +00:00
|
|
|
sr.UnsignedJSON = `{"camliSigner": 123}`
|
2018-01-16 23:03:16 +00:00
|
|
|
_, err = sr.Sign(ctxbg)
|
2011-03-15 16:55:10 +00:00
|
|
|
ExpectErrorContains(t, err, "\"camliSigner\" key is malformed or unsupported", "camliSigner 123")
|
|
|
|
|
|
2012-07-28 22:42:56 +00:00
|
|
|
sr.UnsignedJSON = `{"camliSigner": ""}`
|
2018-01-16 23:03:16 +00:00
|
|
|
_, err = sr.Sign(ctxbg)
|
2011-03-15 16:55:10 +00:00
|
|
|
ExpectErrorContains(t, err, "\"camliSigner\" key is malformed or unsupported", "empty camliSigner")
|
|
|
|
|
}
|
|
|
|
|
|
2011-03-16 01:01:04 +00:00
|
|
|
func newRequest(userN int) *SignRequest {
|
|
|
|
|
if userN < 1 || userN > 2 {
|
|
|
|
|
panic("invalid userid")
|
|
|
|
|
}
|
|
|
|
|
suffix := ".gpg"
|
|
|
|
|
if userN == 2 {
|
|
|
|
|
suffix = "2.gpg"
|
|
|
|
|
}
|
2011-03-15 16:55:10 +00:00
|
|
|
return &SignRequest{
|
2012-07-28 22:42:56 +00:00
|
|
|
UnsignedJSON: "",
|
2011-03-15 16:55:10 +00:00
|
|
|
Fetcher: testFetcher,
|
|
|
|
|
ServerMode: true,
|
2011-03-16 01:01:04 +00:00
|
|
|
SecretKeyringPath: "./testdata/test-secring" + suffix,
|
2011-03-15 16:55:10 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func TestSigning(t *testing.T) {
|
2011-03-16 01:01:04 +00:00
|
|
|
sr := newRequest(1)
|
2012-07-28 22:42:56 +00:00
|
|
|
sr.UnsignedJSON = fmt.Sprintf(`{"camliVersion": 1, "foo": "fooVal", "camliSigner": %q }`, pubKeyBlob1.BlobRef().String())
|
2018-01-16 23:03:16 +00:00
|
|
|
signed, err := sr.Sign(ctxbg)
|
2011-03-15 16:55:10 +00:00
|
|
|
AssertNil(t, err, "no error signing")
|
2011-03-16 00:37:52 +00:00
|
|
|
Assert(t, strings.Contains(signed, `"camliSig":`), "got a camliSig")
|
2011-03-15 16:55:10 +00:00
|
|
|
|
2011-03-16 00:37:52 +00:00
|
|
|
vr := NewVerificationRequest(signed, testFetcher)
|
2018-01-16 23:03:16 +00:00
|
|
|
if _, err := vr.Verify(ctxbg); err != nil {
|
|
|
|
|
t.Fatalf("verification failed on signed json [%s]: %v", signed, err)
|
2011-03-16 01:01:04 +00:00
|
|
|
}
|
|
|
|
|
ExpectString(t, "fooVal", vr.PayloadMap["foo"].(string), "PayloadMap")
|
|
|
|
|
ExpectString(t, "2931A67C26F5ABDA", vr.SignerKeyId, "SignerKeyId")
|
|
|
|
|
|
|
|
|
|
// Test a non-matching signature.
|
|
|
|
|
fakeSigned := strings.Replace(signed, pubKeyBlob1.BlobRef().String(), pubKeyBlob2.BlobRef().String(), 1)
|
|
|
|
|
vr = NewVerificationRequest(fakeSigned, testFetcher)
|
2018-01-16 23:03:16 +00:00
|
|
|
if _, err := vr.Verify(ctxbg); err == nil {
|
2011-03-16 01:01:04 +00:00
|
|
|
t.Fatalf("unexpected verification of faked signature")
|
2011-03-16 00:37:52 +00:00
|
|
|
}
|
2014-02-09 00:04:14 +00:00
|
|
|
AssertErrorContains(t, vr.Err, "openpgp: invalid signature: hash tag doesn't match",
|
2011-03-16 01:01:04 +00:00
|
|
|
"expected signature verification error")
|
|
|
|
|
|
|
|
|
|
t.Logf("TODO: verify GPG-vs-Go sign & verify interop both ways, once implemented.")
|
2011-03-15 16:55:10 +00:00
|
|
|
}
|
2012-03-20 02:02:18 +00:00
|
|
|
|
2012-03-20 04:00:51 +00:00
|
|
|
func TestEntityFromSecring(t *testing.T) {
|
|
|
|
|
ent, err := EntityFromSecring("26F5ABDA", "testdata/test-secring.gpg")
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("EntityFromSecring: %v", err)
|
|
|
|
|
}
|
|
|
|
|
if ent == nil {
|
|
|
|
|
t.Fatalf("nil entity")
|
|
|
|
|
}
|
|
|
|
|
if _, ok := ent.Identities["Camli Tester <camli-test@example.com>"]; !ok {
|
|
|
|
|
t.Errorf("missing expected identity")
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2012-03-20 02:02:18 +00:00
|
|
|
func TestWriteKeyRing(t *testing.T) {
|
2012-03-20 04:00:51 +00:00
|
|
|
ent, err := EntityFromSecring("26F5ABDA", "testdata/test-secring.gpg")
|
2012-03-20 02:02:18 +00:00
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("NewEntity: %v", err)
|
|
|
|
|
}
|
2012-03-20 04:00:51 +00:00
|
|
|
var buf bytes.Buffer
|
|
|
|
|
err = WriteKeyRing(&buf, openpgp.EntityList([]*openpgp.Entity{ent}))
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("WriteKeyRing: %v", err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
el, err := openpgp.ReadKeyRing(&buf)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("ReadKeyRing: %v", err)
|
|
|
|
|
}
|
|
|
|
|
if len(el) != 1 {
|
|
|
|
|
t.Fatalf("ReadKeyRing read %d entities; want 1", len(el))
|
|
|
|
|
}
|
|
|
|
|
orig := entityString(ent)
|
|
|
|
|
got := entityString(el[0])
|
|
|
|
|
if orig != got {
|
|
|
|
|
t.Fatalf("original vs. wrote-then-read entities differ:\norig: %s\n got: %s", orig, got)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// stupid entity stringier for testing.
|
|
|
|
|
func entityString(ent *openpgp.Entity) string {
|
|
|
|
|
var buf bytes.Buffer
|
|
|
|
|
fmt.Fprintf(&buf, "PublicKey=%s", ent.PrimaryKey.KeyIdShortString())
|
|
|
|
|
var ids []string
|
|
|
|
|
for k := range ent.Identities {
|
|
|
|
|
ids = append(ids, k)
|
|
|
|
|
}
|
|
|
|
|
sort.Strings(ids)
|
|
|
|
|
for _, k := range ids {
|
|
|
|
|
fmt.Fprintf(&buf, " id[%q]", k)
|
|
|
|
|
}
|
|
|
|
|
return buf.String()
|
2012-03-20 02:02:18 +00:00
|
|
|
}
|
