passforios-gopenpgp/crypto/keyring_test.go

package crypto

import (
	"encoding/base64"
	"io/ioutil"
	"strings"
	"testing"

	"golang.org/x/crypto/openpgp/armor"

	"github.com/ProtonMail/gopenpgp/constants"
	"github.com/stretchr/testify/assert"
)

var decodedSymmetricKey, _ = base64.StdEncoding.DecodeString("ExXmnSiQ2QCey20YLH6qlLhkY3xnIBC1AwlIXwK/HvY=")

var testSymmetricKey = &SymmetricKey{
	Key:  decodedSymmetricKey,
	Algo: constants.AES256,
}

// Corresponding key in testdata/keyring_privateKey
const testMailboxPassword = "apple"

// Corresponding key in testdata/keyring_privateKeyLegacy
// const testMailboxPasswordLegacy = "123"

const testToken = "d79ca194a22810a5363eeddfdef7dfbc327c6229"

var (
	testPrivateKeyRing *KeyRing
	testPublicKeyRing  *KeyRing
)

var testIdentity = &Identity{
	Name:  "UserID",
	Email: "",
}

func init() {
	var err error

	testPrivateKeyRing, err = ReadArmoredKeyRing(strings.NewReader(readTestFile("keyring_privateKey", false)))
	if err != nil {
		panic(err)
	}

	testPublicKeyRing, err = ReadArmoredKeyRing(strings.NewReader(readTestFile("keyring_publicKey", false)))
	if err != nil {
		panic(err)
	}

	err = testPrivateKeyRing.Unlock([]byte(testMailboxPassword))
	if err != nil {
		panic(err)
	}
}

func TestKeyRing_Decrypt(t *testing.T) {
	decString, err := testPrivateKeyRing.DecryptMessageIfNeeded(readTestFile("keyring_token", false))
	if err != nil {
		t.Fatal("Cannot decrypt token:", err)
	}

	assert.Exactly(t, testToken, decString)
}

func TestKeyRing_Encrypt(t *testing.T) {
	encrypted, err := testPublicKeyRing.EncryptMessage(testToken, testPrivateKeyRing)
	if err != nil {
		t.Fatal("Cannot encrypt token:", err)
	}

	// We can't just check if encrypted == testEncryptedToken
	// Decrypt instead
	ss, err := testPrivateKeyRing.DecryptMessage(encrypted)
	if err != nil {
		t.Fatal("Cannot decrypt token:", err)
	}

	assert.Exactly(t, testToken, ss.String)

	signatureKeyRing := ss.Signed.KeyRing()
	assert.Exactly(t, testPrivateKeyRing, signatureKeyRing)

	isby := ss.Signed.IsBy(testPublicKeyRing)
	assert.Exactly(t, true, isby)
}

func TestKeyRing_ArmoredPublicKeyString(t *testing.T) {
	s, err := testPrivateKeyRing.GetArmoredPublicKey()
	if err != nil {
		t.Fatal("Expected no error while getting armored public key, got:", err)
	}

	// Decode armored keys
	block, err := armor.Decode(strings.NewReader(s))
	if err != nil {
		t.Fatal("Expected no error while decoding armored public key, got:", err)
	}

	expected, err := armor.Decode(strings.NewReader(readTestFile("keyring_publicKey", false)))
	if err != nil {
		t.Fatal("Expected no error while decoding expected armored public key, got:", err)
	}

	assert.Exactly(t, expected.Type, block.Type)

	b, err := ioutil.ReadAll(block.Body)
	if err != nil {
		t.Fatal("Expected no error while reading armored public key body, got:", err)
	}

	eb, err := ioutil.ReadAll(expected.Body)
	if err != nil {
		t.Fatal("Expected no error while reading expected armored public key body, got:", err)
	}

	assert.Exactly(t, eb, b)
}

func TestCheckPassphrase(t *testing.T) {
	encryptedKeyRing, _ := ReadArmoredKeyRing(strings.NewReader(readTestFile("keyring_privateKey", false)))
	isCorrect := encryptedKeyRing.CheckPassphrase("Wrong password")
	assert.Exactly(t, false, isCorrect)

	isCorrect = encryptedKeyRing.CheckPassphrase(testMailboxPassword)
	assert.Exactly(t, true, isCorrect)
}

func TestIdentities(t *testing.T) {
	identities := testPrivateKeyRing.Identities()
	assert.Len(t, identities, 1)
	assert.Exactly(t, identities[0], testIdentity)
}


func TestFilterExpiredKeys(t *testing.T) {
	expiredKey, _ := ReadArmoredKeyRing(strings.NewReader(readTestFile("key_expiredKey", false)))
	keys := []*KeyRing {testPrivateKeyRing, expiredKey}
	unexpired, err := FilterExpiredKeys(keys)

	if err != nil {
		t.Fatal("Expected no error while filtering expired keyrings, got:", err)
	}

	assert.Len(t, unexpired, 1)
	assert.Exactly(t, unexpired[0], testPrivateKeyRing)
}