github.com/coreos/mantle@v0.13.0/update/signature/signature_test.go (about) 1 // Copyright 2016 CoreOS, Inc. 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 15 package signature 16 17 import ( 18 "bytes" 19 "encoding/base64" 20 "testing" 21 22 "github.com/golang/protobuf/proto" 23 24 "github.com/coreos/mantle/update/metadata" 25 ) 26 27 const ( 28 // must match the developer key in signature.go 29 developerKeyBits = 2048 30 developerKeyBytes = developerKeyBits / 8 31 // protobuf encoding and Version field take up 8 bytes 32 developerSigBytes = developerKeyBytes + 8 33 34 // base64 encoded sha256 hash of nothing 35 testHashStr = `47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=` 36 37 // signature of that hash using the developer key, 38 // generated by openssl and base64 encoded. 39 testSigStr = ` 40 ouJu+zJ3fHr0m4+O7GxNIa3vuFS1c453OSoA9IMjkZSrAw7yZfnpROQjwn3tQHZB 41 X5uBcmv1y+UEgyWDA5pnpL/gpw1NSB04H/J7atzO4s42ilkmhH6smLLV9OsQQ5/W 42 tmxkVDxFH7GgGyueuxqlTFL4BsBA89/PXZ1gbcn/4fvQc9quq8aAynBSJcAoZca2 43 Eby/N3mSO3sPZLAOzbfwZ23Ph6gJ9QJ6VnFh2xe6NGSwXhgjyHGKiYcajdzF2Iqf 44 7ajqxLe8xVnC2KmRKcY25qs1Atq6e66Cs5PdN7uzNhhLrqBeCoTQjAUnjOA90wt8 45 1rgCGKxZBVYqZPQsuBdSaw==` 46 ) 47 48 var ( 49 testHash []byte 50 testSig []byte 51 ) 52 53 func init() { 54 var err error 55 testHash, err = base64.StdEncoding.DecodeString(testHashStr) 56 if err != nil { 57 panic(err) 58 } 59 if len(testHash) != signatureHash.Size() { 60 panic("invalid test hash") 61 } 62 testSig, err = base64.StdEncoding.DecodeString(testSigStr) 63 if err != nil { 64 panic(err) 65 } 66 if len(testSig) != developerKeyBytes { 67 panic("invalid test sig") 68 } 69 } 70 71 func TestKeySize(t *testing.T) { 72 n, err := keySize() 73 if err != nil { 74 t.Fatal(err) 75 } 76 77 if n != developerKeyBytes { 78 t.Errorf("key size is %d not %d", n, developerKeyBytes) 79 } 80 } 81 82 func TestSignaturesSize(t *testing.T) { 83 n, err := SignaturesSize() 84 if err != nil { 85 t.Fatal(err) 86 } 87 88 if n != developerSigBytes { 89 t.Errorf("sig size is %d not %d", n, developerSigBytes) 90 } 91 } 92 93 func TestSign(t *testing.T) { 94 sigs, err := Sign(testHash) 95 if err != nil { 96 t.Fatal(err) 97 } 98 99 if len(sigs.Signatures) != 1 { 100 t.Fatalf("Unexpected: %s", sigs) 101 } 102 103 if *sigs.Signatures[0].Version != signatureVersion { 104 t.Errorf("Unexpected version %d", *sigs.Signatures[0].Version) 105 } 106 107 if !bytes.Equal(sigs.Signatures[0].Data, testSig) { 108 t.Errorf("Unexpected signature %q", sigs.Signatures[0].Data) 109 } 110 } 111 112 func TestVerifySignature(t *testing.T) { 113 sigs := &metadata.Signatures{ 114 Signatures: []*metadata.Signatures_Signature{ 115 &metadata.Signatures_Signature{ 116 Version: proto.Uint32(signatureVersion), 117 Data: testSig, 118 }, 119 }, 120 } 121 122 if err := VerifySignature(testHash, sigs); err != nil { 123 t.Error(err) 124 } 125 }