services/keepstore/perms_test.go

   1 // Copyright (C) The Arvados Authors. All rights reserved.
   2 //
   3 // SPDX-License-Identifier: AGPL-3.0
   4
   5 package main
   6
   7 import (
   8         "strconv"
   9         "time"
  10
  11         "git.arvados.org/arvados.git/sdk/go/arvados"
  12         check "gopkg.in/check.v1"
  13 )
  14
  15 const (
  16         knownHash    = "acbd18db4cc2f85cedef654fccc4a4d8"
  17         knownLocator = knownHash + "+3"
  18         knownToken   = "hocfupkn2pjhrpgp2vxv8rsku7tvtx49arbc9s4bvu7p7wxqvk"
  19         knownKey     = "13u9fkuccnboeewr0ne3mvapk28epf68a3bhj9q8sb4l6e4e5mkk" +
  20                 "p6nhj2mmpscgu1zze5h5enydxfe3j215024u16ij4hjaiqs5u4pzsl3nczmaoxnc" +
  21                 "ljkm4875xqn4xv058koz3vkptmzhyheiy6wzevzjmdvxhvcqsvr5abhl15c2d4o4" +
  22                 "jhl0s91lojy1mtrzqqvprqcverls0xvy9vai9t1l1lvvazpuadafm71jl4mrwq2y" +
  23                 "gokee3eamvjy8qq1fvy238838enjmy5wzy2md7yvsitp5vztft6j4q866efym7e6" +
  24                 "vu5wm9fpnwjyxfldw3vbo01mgjs75rgo7qioh8z8ij7jpyp8508okhgbbex3ceei" +
  25                 "786u5rw2a9gx743dj3fgq2irk"
  26         knownSignatureTTL  = arvados.Duration(24 * 14 * time.Hour)
  27         knownSignature     = "89118b78732c33104a4d6231e8b5a5fa1e4301e3"
  28         knownTimestamp     = "7fffffff"
  29         knownSigHint       = "+A" + knownSignature + "@" + knownTimestamp
  30         knownSignedLocator = knownLocator + knownSigHint
  31 )
  32
  33 func (s *HandlerSuite) TestSignLocator(c *check.C) {
  34         tsInt, err := strconv.ParseInt(knownTimestamp, 16, 0)
  35         if err != nil {
  36                 c.Fatal(err)
  37         }
  38         t0 := time.Unix(tsInt, 0)
  39
  40         s.cluster.Collections.BlobSigningTTL = knownSignatureTTL
  41         s.cluster.Collections.BlobSigningKey = knownKey
  42         if x := SignLocator(s.cluster, knownLocator, knownToken, t0); x != knownSignedLocator {
  43                 c.Fatalf("Got %+q, expected %+q", x, knownSignedLocator)
  44         }
  45
  46         s.cluster.Collections.BlobSigningKey = "arbitrarykey"
  47         if x := SignLocator(s.cluster, knownLocator, knownToken, t0); x == knownSignedLocator {
  48                 c.Fatalf("Got same signature %+q, even though blobSigningKey changed", x)
  49         }
  50 }
  51
  52 func (s *HandlerSuite) TestVerifyLocator(c *check.C) {
  53         s.cluster.Collections.BlobSigningTTL = knownSignatureTTL
  54         s.cluster.Collections.BlobSigningKey = knownKey
  55         if err := VerifySignature(s.cluster, knownSignedLocator, knownToken); err != nil {
  56                 c.Fatal(err)
  57         }
  58
  59         s.cluster.Collections.BlobSigningKey = "arbitrarykey"
  60         if err := VerifySignature(s.cluster, knownSignedLocator, knownToken); err == nil {
  61                 c.Fatal("Verified signature even with wrong blobSigningKey")
  62         }
  63 }