mirror of
https://github.com/thegeeklab/drone-yaml.git
synced 2024-11-18 08:00:40 +00:00
143 lines
2.9 KiB
Go
143 lines
2.9 KiB
Go
|
package signer
|
||
|
|
||
|
import (
|
||
|
"io/ioutil"
|
||
|
"testing"
|
||
|
)
|
||
|
|
||
|
func TestSign(t *testing.T) {
|
||
|
in, err := ioutil.ReadFile("testdata/signed.yml")
|
||
|
if err != nil {
|
||
|
t.Error(err)
|
||
|
return
|
||
|
}
|
||
|
|
||
|
key := KeyString("589396227fff5a93ba934965e8735f88")
|
||
|
want := "389cf92a7472870783a9a5ea77b4abe58a4bb67ba58e1e7293e943aee314aedc"
|
||
|
got, err := Sign(in, key)
|
||
|
if err != nil {
|
||
|
t.Error(err)
|
||
|
}
|
||
|
if got != want {
|
||
|
t.Errorf("Expected hash %s, got %s", want, got)
|
||
|
}
|
||
|
|
||
|
verified, err := Verify(in, key)
|
||
|
if err != nil {
|
||
|
t.Error(err)
|
||
|
}
|
||
|
if !verified {
|
||
|
t.Errorf("Expected signature verified")
|
||
|
}
|
||
|
}
|
||
|
|
||
|
func TestVerify_Invalid(t *testing.T) {
|
||
|
in, err := ioutil.ReadFile("testdata/invalid_signature.yml")
|
||
|
if err != nil {
|
||
|
t.Error(err)
|
||
|
return
|
||
|
}
|
||
|
key := KeyString("c953bd41ad0f75848a78ccd54d3861fa")
|
||
|
verified, err := Verify(in, key)
|
||
|
if err != nil {
|
||
|
t.Error(err)
|
||
|
}
|
||
|
if verified {
|
||
|
t.Errorf("Expected signature verification failure")
|
||
|
}
|
||
|
}
|
||
|
|
||
|
func TestVerify_InvalidKey(t *testing.T) {
|
||
|
in, err := ioutil.ReadFile("testdata/signed.yml")
|
||
|
if err != nil {
|
||
|
t.Error(err)
|
||
|
return
|
||
|
}
|
||
|
key := []byte("this-is-an-invalid-key")
|
||
|
_, err = Verify(in, key)
|
||
|
if err != ErrInvalidKey {
|
||
|
t.Errorf("Expected ErrInvalidKey")
|
||
|
}
|
||
|
}
|
||
|
|
||
|
// This test verifies that signature verification
|
||
|
// fails if no signature is present in the yaml.
|
||
|
func TestVerify_MissingSignature(t *testing.T) {
|
||
|
in, err := ioutil.ReadFile("testdata/missing_signature.yml")
|
||
|
if err != nil {
|
||
|
t.Error(err)
|
||
|
return
|
||
|
}
|
||
|
key := KeyString("589396227fff5a93ba934965e8735f88")
|
||
|
verified, err := Verify(in, key)
|
||
|
if err != nil {
|
||
|
t.Error(err)
|
||
|
}
|
||
|
if verified {
|
||
|
t.Errorf("Expected signature verification failure")
|
||
|
}
|
||
|
}
|
||
|
|
||
|
// The test verifies that the SignUpdate function signs the
|
||
|
// configuraiton and appends the signature.
|
||
|
func TestSignUpdate(t *testing.T) {
|
||
|
before, err := ioutil.ReadFile("testdata/invalid_signature.yml")
|
||
|
if err != nil {
|
||
|
t.Error(err)
|
||
|
return
|
||
|
}
|
||
|
|
||
|
key := KeyString("589396227fff5a93ba934965e8735f88")
|
||
|
after, err := SignUpdate(before, key)
|
||
|
if err != nil {
|
||
|
t.Error(err)
|
||
|
return
|
||
|
}
|
||
|
|
||
|
verified, err := Verify(after, key)
|
||
|
if err != nil {
|
||
|
t.Error(err)
|
||
|
}
|
||
|
if !verified {
|
||
|
t.Errorf("Expected signature verified")
|
||
|
}
|
||
|
}
|
||
|
|
||
|
// The test verifies that the SignUpdate function signs the
|
||
|
// configuraiton and appends the signature.
|
||
|
func TestSignUpdate_Append(t *testing.T) {
|
||
|
before, err := ioutil.ReadFile("testdata/missing_signature.yml")
|
||
|
if err != nil {
|
||
|
t.Error(err)
|
||
|
return
|
||
|
}
|
||
|
|
||
|
key := KeyString("589396227fff5a93ba934965e8735f88")
|
||
|
after, err := SignUpdate(before, key)
|
||
|
if err != nil {
|
||
|
t.Error(err)
|
||
|
return
|
||
|
}
|
||
|
|
||
|
verified, err := Verify(after, key)
|
||
|
if err != nil {
|
||
|
t.Error(err)
|
||
|
}
|
||
|
if !verified {
|
||
|
t.Errorf("Expected signature verified")
|
||
|
}
|
||
|
}
|
||
|
|
||
|
func TestSignUpdate_InvalidKey(t *testing.T) {
|
||
|
in, err := ioutil.ReadFile("testdata/signed.yml")
|
||
|
if err != nil {
|
||
|
t.Error(err)
|
||
|
return
|
||
|
}
|
||
|
key := KeyString("this-is-an-invalid-key")
|
||
|
_, err = SignUpdate(in, key)
|
||
|
if err != ErrInvalidKey {
|
||
|
t.Errorf("Expected ErrInvalidKey")
|
||
|
}
|
||
|
}
|