services/keepstore/perms_test.go

   1 package main
   2
   3 import (
   4         "strconv"
   5         "testing"
   6         "time"
   7 )
   8
   9 const (
  10         knownHash    = "acbd18db4cc2f85cedef654fccc4a4d8"
  11         knownLocator = knownHash + "+3"
  12         knownToken   = "hocfupkn2pjhrpgp2vxv8rsku7tvtx49arbc9s4bvu7p7wxqvk"
  13         knownKey     = "13u9fkuccnboeewr0ne3mvapk28epf68a3bhj9q8sb4l6e4e5mkk" +
  14                 "p6nhj2mmpscgu1zze5h5enydxfe3j215024u16ij4hjaiqs5u4pzsl3nczmaoxnc" +
  15                 "ljkm4875xqn4xv058koz3vkptmzhyheiy6wzevzjmdvxhvcqsvr5abhl15c2d4o4" +
  16                 "jhl0s91lojy1mtrzqqvprqcverls0xvy9vai9t1l1lvvazpuadafm71jl4mrwq2y" +
  17                 "gokee3eamvjy8qq1fvy238838enjmy5wzy2md7yvsitp5vztft6j4q866efym7e6" +
  18                 "vu5wm9fpnwjyxfldw3vbo01mgjs75rgo7qioh8z8ij7jpyp8508okhgbbex3ceei" +
  19                 "786u5rw2a9gx743dj3fgq2irk"
  20         knownSignatureTTL  = 1209600 * time.Second
  21         knownSignature     = "89118b78732c33104a4d6231e8b5a5fa1e4301e3"
  22         knownTimestamp     = "7fffffff"
  23         knownSigHint       = "+A" + knownSignature + "@" + knownTimestamp
  24         knownSignedLocator = knownLocator + knownSigHint
  25 )
  26
  27 func TestSignLocator(t *testing.T) {
  28         defer func(b []byte) {
  29                 PermissionSecret = b
  30         }(PermissionSecret)
  31
  32         tsInt, err := strconv.ParseInt(knownTimestamp, 16, 0)
  33         if err != nil {
  34                 t.Fatal(err)
  35         }
  36         t0 := time.Unix(tsInt, 0)
  37
  38         blobSignatureTTL = knownSignatureTTL
  39
  40         PermissionSecret = []byte(knownKey)
  41         if x := SignLocator(knownLocator, knownToken, t0); x != knownSignedLocator {
  42                 t.Fatalf("Got %+q, expected %+q", x, knownSignedLocator)
  43         }
  44
  45         PermissionSecret = []byte("arbitrarykey")
  46         if x := SignLocator(knownLocator, knownToken, t0); x == knownSignedLocator {
  47                 t.Fatalf("Got same signature %+q, even though PermissionSecret changed", x)
  48         }
  49 }
  50
  51 func TestVerifyLocator(t *testing.T) {
  52         defer func(b []byte) {
  53                 PermissionSecret = b
  54         }(PermissionSecret)
  55
  56         blobSignatureTTL = knownSignatureTTL
  57
  58         PermissionSecret = []byte(knownKey)
  59         if err := VerifySignature(knownSignedLocator, knownToken); err != nil {
  60                 t.Fatal(err)
  61         }
  62
  63         PermissionSecret = []byte("arbitrarykey")
  64         if err := VerifySignature(knownSignedLocator, knownToken); err == nil {
  65                 t.Fatal("Verified signature even with wrong PermissionSecret")
  66         }
  67 }