9 known_hash = "acbd18db4cc2f85cedef654fccc4a4d8"
10 known_locator = known_hash + "+3"
11 known_token = "hocfupkn2pjhrpgp2vxv8rsku7tvtx49arbc9s4bvu7p7wxqvk"
12 known_key = "13u9fkuccnboeewr0ne3mvapk28epf68a3bhj9q8sb4l6e4e5mkk" +
13 "p6nhj2mmpscgu1zze5h5enydxfe3j215024u16ij4hjaiqs5u4pzsl3nczmaoxnc" +
14 "ljkm4875xqn4xv058koz3vkptmzhyheiy6wzevzjmdvxhvcqsvr5abhl15c2d4o4" +
15 "jhl0s91lojy1mtrzqqvprqcverls0xvy9vai9t1l1lvvazpuadafm71jl4mrwq2y" +
16 "gokee3eamvjy8qq1fvy238838enjmy5wzy2md7yvsitp5vztft6j4q866efym7e6" +
17 "vu5wm9fpnwjyxfldw3vbo01mgjs75rgo7qioh8z8ij7jpyp8508okhgbbex3ceei" +
18 "786u5rw2a9gx743dj3fgq2irk"
19 known_signature = "257f3f5f5f0a4e4626a18fc74bd42ec34dcb228a"
20 known_timestamp = "7fffffff"
21 known_sig_hint = "+A" + known_signature + "@" + known_timestamp
22 known_signed_locator = known_locator + known_sig_hint
25 func TestSignLocator(t *testing.T) {
26 PermissionSecret = []byte(known_key)
27 defer func() { PermissionSecret = nil }()
29 if ts, err := ParseHexTimestamp(known_timestamp); err != nil {
30 t.Errorf("bad known_timestamp %s", known_timestamp)
32 if known_signed_locator != SignLocator(known_locator, known_token, ts) {
38 func TestVerifySignature(t *testing.T) {
39 PermissionSecret = []byte(known_key)
40 defer func() { PermissionSecret = nil }()
42 if !VerifySignature(known_signed_locator, known_token) {
47 func TestVerifySignatureExtraHints(t *testing.T) {
48 PermissionSecret = []byte(known_key)
49 defer func() { PermissionSecret = nil }()
51 if !VerifySignature(known_locator+"+K@xyzzy"+known_sig_hint, known_token) {
52 t.Fatal("Verify cannot handle hint before permission signature")
55 if !VerifySignature(known_locator+known_sig_hint+"+Zfoo", known_token) {
56 t.Fatal("Verify cannot handle hint after permission signature")
59 if !VerifySignature(known_locator+"+K@xyzzy"+known_sig_hint+"+Zfoo", known_token) {
60 t.Fatal("Verify cannot handle hints around permission signature")
64 // The size hint on the locator string should not affect signature validation.
65 func TestVerifySignatureWrongSize(t *testing.T) {
66 PermissionSecret = []byte(known_key)
67 defer func() { PermissionSecret = nil }()
69 if !VerifySignature(known_hash+"+999999"+known_sig_hint, known_token) {
70 t.Fatal("Verify cannot handle incorrect size hint")
73 if !VerifySignature(known_hash+known_sig_hint, known_token) {
74 t.Fatal("Verify cannot handle missing size hint")
78 func TestVerifySignatureBadSig(t *testing.T) {
79 PermissionSecret = []byte(known_key)
80 defer func() { PermissionSecret = nil }()
82 bad_locator := known_locator + "+Aaaaaaaaaaaaaaaa@" + known_timestamp
83 if VerifySignature(bad_locator, known_token) {
88 func TestVerifySignatureBadTimestamp(t *testing.T) {
89 PermissionSecret = []byte(known_key)
90 defer func() { PermissionSecret = nil }()
92 bad_locator := known_locator + "+A" + known_signature + "@00000000"
93 if VerifySignature(bad_locator, known_token) {
98 func TestVerifySignatureBadSecret(t *testing.T) {
99 PermissionSecret = []byte("00000000000000000000")
100 defer func() { PermissionSecret = nil }()
102 if VerifySignature(known_signed_locator, known_token) {
107 func TestVerifySignatureBadToken(t *testing.T) {
108 PermissionSecret = []byte(known_key)
109 defer func() { PermissionSecret = nil }()
111 if VerifySignature(known_signed_locator, "00000000") {
116 func TestVerifySignatureExpired(t *testing.T) {
117 PermissionSecret = []byte(known_key)
118 defer func() { PermissionSecret = nil }()
120 yesterday := time.Now().AddDate(0, 0, -1)
121 expired_locator := SignLocator(known_hash, known_token, yesterday)
122 if VerifySignature(expired_locator, known_token) {
projects / arvados.git / blob