3 class BlobTest < ActiveSupport::TestCase
4 @@api_token = rand(2**512).to_s(36)[0..49]
5 @@key = rand(2**2048).to_s(36)
7 @@blob_locator = Digest::MD5.hexdigest(@@blob_data) +
8 '+' + @@blob_data.size.to_s
10 @@known_locator = 'acbd18db4cc2f85cedef654fccc4a4d8+3'
11 @@known_token = 'hocfupkn2pjhrpgp2vxv8rsku7tvtx49arbc9s4bvu7p7wxqvk'
12 @@known_key = '13u9fkuccnboeewr0ne3mvapk28epf68a3bhj9q8sb4l6e4e5mkk' +
13 'p6nhj2mmpscgu1zze5h5enydxfe3j215024u16ij4hjaiqs5u4pzsl3nczmaoxnc' +
14 'ljkm4875xqn4xv058koz3vkptmzhyheiy6wzevzjmdvxhvcqsvr5abhl15c2d4o4' +
15 'jhl0s91lojy1mtrzqqvprqcverls0xvy9vai9t1l1lvvazpuadafm71jl4mrwq2y' +
16 'gokee3eamvjy8qq1fvy238838enjmy5wzy2md7yvsitp5vztft6j4q866efym7e6' +
17 'vu5wm9fpnwjyxfldw3vbo01mgjs75rgo7qioh8z8ij7jpyp8508okhgbbex3ceei' +
18 '786u5rw2a9gx743dj3fgq2irk'
19 @@known_signed_locator = 'acbd18db4cc2f85cedef654fccc4a4d8+3' +
20 '+A257f3f5f5f0a4e4626a18fc74bd42ec34dcb228a@7fffffff'
22 test 'generate predictable invincible signature' do
23 signed = Blob.sign_locator @@known_locator, {
24 api_token: @@known_token,
28 assert_equal @@known_signed_locator, signed
31 test 'verify predictable invincible signature' do
32 assert_equal true, Blob.verify_signature!(@@known_signed_locator,
33 api_token: @@known_token,
38 signed = Blob.sign_locator @@blob_locator, api_token: @@api_token, key: @@key
39 assert_equal true, Blob.verify_signature!(signed, api_token: @@api_token, key: @@key)
43 signed = Blob.sign_locator @@blob_locator, api_token: @@api_token, key: @@key, ttl: -1
44 assert_raise Blob::InvalidSignatureError do
45 Blob.verify_signature!(signed, api_token: @@api_token, key: @@key)
49 test 'expired, but no raise' do
50 signed = Blob.sign_locator @@blob_locator, api_token: @@api_token, key: @@key, ttl: -1
51 assert_equal false, Blob.verify_signature(signed,
52 api_token: @@api_token,
56 test 'bogus, wrong block hash' do
57 signed = Blob.sign_locator @@blob_locator, api_token: @@api_token, key: @@key
58 assert_raise Blob::InvalidSignatureError do
59 Blob.verify_signature!(signed.sub('acbd','abcd'), api_token: @@api_token, key: @@key)
63 test 'bogus, expired' do
64 signed = 'acbd18db4cc2f85cedef654fccc4a4d8+3+Aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa@531641bf'
65 assert_raises Blob::InvalidSignatureError do
66 Blob.verify_signature!(signed, api_token: @@api_token, key: @@key)
70 test 'bogus, wrong key' do
71 signed = Blob.sign_locator(@@blob_locator,
72 api_token: @@api_token,
74 assert_raise Blob::InvalidSignatureError do
75 Blob.verify_signature!(signed, api_token: @@api_token, key: @@key)
79 test 'bogus, wrong api token' do
80 signed = Blob.sign_locator(@@blob_locator,
81 api_token: @@api_token.reverse,
83 assert_raise Blob::InvalidSignatureError do
84 Blob.verify_signature!(signed, api_token: @@api_token, key: @@key)
88 test 'bogus, signature format 1' do
89 signed = 'acbd18db4cc2f85cedef654fccc4a4d8+3+Aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa@'
90 assert_raise Blob::InvalidSignatureError do
91 Blob.verify_signature!(signed, api_token: @@api_token, key: @@key)
95 test 'bogus, signature format 2' do
96 signed = 'acbd18db4cc2f85cedef654fccc4a4d8+3+A@531641bf'
97 assert_raise Blob::InvalidSignatureError do
98 Blob.verify_signature!(signed, api_token: @@api_token, key: @@key)
102 test 'bogus, signature format 3' do
103 signed = 'acbd18db4cc2f85cedef654fccc4a4d8+3+Axyzzy@531641bf'
104 assert_raise Blob::InvalidSignatureError do
105 Blob.verify_signature!(signed, api_token: @@api_token, key: @@key)
109 test 'bogus, timestamp format' do
110 signed = 'acbd18db4cc2f85cedef654fccc4a4d8+3+Aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa@xyzzy'
111 assert_raise Blob::InvalidSignatureError do
112 Blob.verify_signature!(signed, api_token: @@api_token, key: @@key)
116 test 'no signature at all' do
117 assert_raise Blob::InvalidSignatureError do
118 Blob.verify_signature!(@@blob_locator, api_token: @@api_token, key: @@key)