9 knownHash = "acbd18db4cc2f85cedef654fccc4a4d8"
10 knownLocator = knownHash + "+3"
11 knownToken = "hocfupkn2pjhrpgp2vxv8rsku7tvtx49arbc9s4bvu7p7wxqvk"
12 knownKey = "13u9fkuccnboeewr0ne3mvapk28epf68a3bhj9q8sb4l6e4e5mkk" +
13 "p6nhj2mmpscgu1zze5h5enydxfe3j215024u16ij4hjaiqs5u4pzsl3nczmaoxnc" +
14 "ljkm4875xqn4xv058koz3vkptmzhyheiy6wzevzjmdvxhvcqsvr5abhl15c2d4o4" +
15 "jhl0s91lojy1mtrzqqvprqcverls0xvy9vai9t1l1lvvazpuadafm71jl4mrwq2y" +
16 "gokee3eamvjy8qq1fvy238838enjmy5wzy2md7yvsitp5vztft6j4q866efym7e6" +
17 "vu5wm9fpnwjyxfldw3vbo01mgjs75rgo7qioh8z8ij7jpyp8508okhgbbex3ceei" +
18 "786u5rw2a9gx743dj3fgq2irk"
19 knownSignature = "89118b78732c33104a4d6231e8b5a5fa1e4301e3"
20 knownTimestamp = "7fffffff"
21 knownSigHint = "+A" + knownSignature + "@" + knownTimestamp
22 knownSignedLocator = knownLocator + knownSigHint
23 blobSignatureTTL = 1209600 * time.Second
26 func TestSignLocator(t *testing.T) {
27 if ts, err := parseHexTimestamp(knownTimestamp); err != nil {
28 t.Errorf("bad knownTimestamp %s", knownTimestamp)
30 if knownSignedLocator != SignLocator(knownLocator, knownToken, ts, blobSignatureTTL, []byte(knownKey)) {
36 func TestVerifySignature(t *testing.T) {
37 if VerifySignature(knownSignedLocator, knownToken, blobSignatureTTL, []byte(knownKey)) != nil {
42 func TestVerifySignatureExtraHints(t *testing.T) {
43 if VerifySignature(knownLocator+"+K@xyzzy"+knownSigHint, knownToken, blobSignatureTTL, []byte(knownKey)) != nil {
44 t.Fatal("Verify cannot handle hint before permission signature")
47 if VerifySignature(knownLocator+knownSigHint+"+Zfoo", knownToken, blobSignatureTTL, []byte(knownKey)) != nil {
48 t.Fatal("Verify cannot handle hint after permission signature")
51 if VerifySignature(knownLocator+"+K@xyzzy"+knownSigHint+"+Zfoo", knownToken, blobSignatureTTL, []byte(knownKey)) != nil {
52 t.Fatal("Verify cannot handle hints around permission signature")
56 // The size hint on the locator string should not affect signature validation.
57 func TestVerifySignatureWrongSize(t *testing.T) {
58 if VerifySignature(knownHash+"+999999"+knownSigHint, knownToken, blobSignatureTTL, []byte(knownKey)) != nil {
59 t.Fatal("Verify cannot handle incorrect size hint")
62 if VerifySignature(knownHash+knownSigHint, knownToken, blobSignatureTTL, []byte(knownKey)) != nil {
63 t.Fatal("Verify cannot handle missing size hint")
67 func TestVerifySignatureBadSig(t *testing.T) {
68 badLocator := knownLocator + "+Aaaaaaaaaaaaaaaa@" + knownTimestamp
69 if VerifySignature(badLocator, knownToken, blobSignatureTTL, []byte(knownKey)) != ErrSignatureMissing {
74 func TestVerifySignatureBadTimestamp(t *testing.T) {
75 badLocator := knownLocator + "+A" + knownSignature + "@OOOOOOOl"
76 if VerifySignature(badLocator, knownToken, blobSignatureTTL, []byte(knownKey)) != ErrSignatureMissing {
81 func TestVerifySignatureBadSecret(t *testing.T) {
82 if VerifySignature(knownSignedLocator, knownToken, blobSignatureTTL, []byte("00000000000000000000")) != ErrSignatureInvalid {
87 func TestVerifySignatureBadToken(t *testing.T) {
88 if VerifySignature(knownSignedLocator, "00000000", blobSignatureTTL, []byte(knownKey)) != ErrSignatureInvalid {
93 func TestVerifySignatureExpired(t *testing.T) {
94 yesterday := time.Now().AddDate(0, 0, -1)
95 expiredLocator := SignLocator(knownHash, knownToken, yesterday, blobSignatureTTL, []byte(knownKey))
96 if VerifySignature(expiredLocator, knownToken, blobSignatureTTL, []byte(knownKey)) != ErrSignatureExpired {
projects / arvados.git / blob