blob: 650b01bf3440514b6832cba21494db3ad2601920 [file] [log] [blame]
// Copyright 2020 The Fuchsia Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
package artifactory
import (
"crypto/ed25519"
"crypto/x509"
"encoding/base64"
"encoding/pem"
"io/ioutil"
"path/filepath"
"reflect"
"testing"
)
func TestSign(t *testing.T) {
dir := t.TempDir()
var pkey ed25519.PrivateKey
dataFile := filepath.Join(dir, "data")
uploads := []Upload{{
Source: dataFile,
Destination: "data",
}}
actual, err := Sign(uploads, pkey)
if err != nil {
t.Errorf("failed to sign uploads: %v", err)
}
if !reflect.DeepEqual(actual, uploads) {
t.Errorf("missing pkey should return unmodified uploads; got %v", actual)
}
_, pkey, err = ed25519.GenerateKey(nil)
if err != nil {
t.Errorf("failed to generate key: %v", err)
}
actual, err = Sign(uploads, pkey)
if err != nil {
t.Errorf("failed to sign uploads: %v", err)
}
if !reflect.DeepEqual(actual, uploads) {
t.Errorf("missing data file should return unmodified uploads; got %v", actual)
}
err = ioutil.WriteFile(dataFile, []byte("data"), 0o400)
if err != nil {
t.Errorf("failed to write data file: %v", err)
}
expectedSignature := base64.StdEncoding.EncodeToString(ed25519.Sign(pkey, []byte("data")))
expected := []Upload{{
Source: dataFile,
Destination: "data",
Metadata: map[string]string{
signatureKey: expectedSignature,
},
}}
actual, err = Sign(uploads, pkey)
if err != nil {
t.Errorf("failed to sign uploads: %v", err)
}
if !reflect.DeepEqual(actual, expected) {
t.Errorf("expected: %v, actual: %v", expected, actual)
}
}
func TestPublicKeyUpload(t *testing.T) {
upload, err := PublicKeyUpload("namespace", []byte{})
if err == nil {
t.Errorf("nil public key should err")
}
if upload != nil {
t.Errorf("nil public key should return nil pubkey upload; got: %v", upload)
}
expectedPubkey, pkey, err := ed25519.GenerateKey(nil)
if err != nil {
t.Errorf("failed to generate key: %v", err)
}
upload, err = PublicKeyUpload("namespace", pkey.Public().(ed25519.PublicKey))
if err != nil {
t.Errorf("failed to derive public key: %v", err)
}
if upload == nil || len(upload.Contents) == 0 {
t.Errorf("got empty pubkey data")
}
expectedDest := filepath.Join("namespace", releasePubkeyFilename)
if upload.Destination != expectedDest {
t.Errorf("incorrect destination; got: %s, expected: %s", upload.Destination, expectedDest)
}
block, _ := pem.Decode(upload.Contents)
if block.Bytes == nil {
t.Errorf("failed to decode public key from pem")
}
pubkey, err := x509.ParsePKIXPublicKey(block.Bytes)
if err != nil {
t.Errorf("failed to parse public key from DER bytes")
}
if string(pubkey.(ed25519.PublicKey)) != string(expectedPubkey) {
t.Errorf("got: %s, expected: %s", string(pubkey.(ed25519.PublicKey)), string(expectedPubkey))
}
}