93 lines
3 KiB
Go
93 lines
3 KiB
Go
|
package crypto
|
||
|
|
|
||
|
|
import (
|
||
|
|
"strings"
|
||
|
|
"regexp"
|
||
|
|
"testing"
|
||
|
|
|
||
|
|
"github.com/stretchr/testify/assert"
|
||
|
|
)
|
||
|
|
|
||
|
|
const signedPlainText = "Signed message"
|
||
|
|
const testTime = 1557754627 // 2019-05-13T13:37:07+00:00
|
||
|
|
|
||
|
|
var signingKeyRing *KeyRing
|
||
|
|
var signature, signatureBin string
|
||
|
|
|
||
|
|
func TestSignTextDetached(t *testing.T) {
|
||
|
|
signingKeyRing, err := ReadArmoredKeyRing(strings.NewReader(readTestFile("keyring_privateKey", false)))
|
||
|
|
if err != nil {
|
||
|
|
t.Fatal("Cannot read private key:", err)
|
||
|
|
}
|
||
|
|
|
||
|
|
signature, err = pmCrypto.SignTextDetached(signedPlainText, signingKeyRing, "", true)
|
||
|
|
assert.EqualError(t, err, "pmcrypto: cannot sign message, unable to unlock signer key")
|
||
|
|
|
||
|
|
// Password defined in keyring_test
|
||
|
|
signature, err = pmCrypto.SignTextDetached(signedPlainText, signingKeyRing, testMailboxPassword, true)
|
||
|
|
if err != nil {
|
||
|
|
t.Fatal("Cannot generate signature with encrypted key:", err)
|
||
|
|
}
|
||
|
|
|
||
|
|
// Reset keyring to locked state
|
||
|
|
signingKeyRing, _ = ReadArmoredKeyRing(strings.NewReader(readTestFile("keyring_privateKey", false)))
|
||
|
|
// Password defined in keyring_test
|
||
|
|
err = signingKeyRing.Unlock([]byte(testMailboxPassword))
|
||
|
|
if err != nil {
|
||
|
|
t.Fatal("Cannot decrypt private key:", err)
|
||
|
|
}
|
||
|
|
|
||
|
|
signatureDec, err := pmCrypto.SignTextDetached(signedPlainText, signingKeyRing, "", true)
|
||
|
|
if err != nil {
|
||
|
|
t.Fatal("Cannot generate signature with decrypted key:", err)
|
||
|
|
}
|
||
|
|
|
||
|
|
rTest := regexp.MustCompile("(?s)^-----BEGIN PGP SIGNATURE-----.*-----END PGP SIGNATURE-----$")
|
||
|
|
assert.Regexp(t, rTest, signature)
|
||
|
|
assert.Exactly(t, signatureDec, signature)
|
||
|
|
}
|
||
|
|
|
||
|
|
func TestSignBinDetached(t *testing.T) {
|
||
|
|
var err error
|
||
|
|
|
||
|
|
// Reset keyring to locked state
|
||
|
|
signingKeyRing, _ = ReadArmoredKeyRing(strings.NewReader(readTestFile("keyring_privateKey", false)))
|
||
|
|
signatureBin, err = pmCrypto.SignBinDetached([]byte(signedPlainText), signingKeyRing, "")
|
||
|
|
assert.EqualError(t, err, "pmcrypto: cannot sign message, unable to unlock signer key")
|
||
|
|
|
||
|
|
// Password defined in keyring_test
|
||
|
|
signatureBin, err = pmCrypto.SignBinDetached([]byte(signedPlainText), signingKeyRing, testMailboxPassword)
|
||
|
|
if err != nil {
|
||
|
|
t.Fatal("Cannot generate signature with encrypted key:", err)
|
||
|
|
}
|
||
|
|
|
||
|
|
rTest := regexp.MustCompile("(?s)^-----BEGIN PGP SIGNATURE-----.*-----END PGP SIGNATURE-----$")
|
||
|
|
assert.Regexp(t, rTest, signatureBin)
|
||
|
|
}
|
||
|
|
|
||
|
|
func TestVerifyTextDetachedSig(t *testing.T) {
|
||
|
|
verified, err := pmCrypto.VerifyTextDetachedSig(signature, signedPlainText, signingKeyRing, testTime)
|
||
|
|
if err != nil {
|
||
|
|
t.Fatal("Cannot verify plaintext signature:", err)
|
||
|
|
}
|
||
|
|
|
||
|
|
assert.Exactly(t, true, verified)
|
||
|
|
}
|
||
|
|
|
||
|
|
func TestVerifyTextDetachedSigWrong(t *testing.T) {
|
||
|
|
verified, err := pmCrypto.VerifyTextDetachedSig(signature, "wrong text", signingKeyRing, testTime)
|
||
|
|
|
||
|
|
assert.EqualError(t, err, "pmcrypto: signer is empty")
|
||
|
|
assert.Exactly(t, false, verified)
|
||
|
|
}
|
||
|
|
|
||
|
|
|
||
|
|
func TestVerifyBinDetachedSig(t *testing.T) {
|
||
|
|
verified, err := pmCrypto.VerifyBinDetachedSig(signatureBin, []byte(signedPlainText), signingKeyRing, testTime)
|
||
|
|
if err != nil {
|
||
|
|
t.Fatal("Cannot verify binary signature:", err)
|
||
|
|
}
|
||
|
|
|
||
|
|
assert.Exactly(t, true, verified)
|
||
|
|
}
|