github.com/haalcala/mattermost-server-change-repo/v5@v5.33.2/app/plugin_signature_test.go (about) 1 // Copyright (c) 2015-present Mattermost, Inc. All Rights Reserved. 2 // See LICENSE.txt for license information. 3 4 package app 5 6 import ( 7 "io/ioutil" 8 "os" 9 "path/filepath" 10 "testing" 11 12 "github.com/stretchr/testify/mock" 13 "github.com/stretchr/testify/require" 14 15 "github.com/mattermost/mattermost-server/v5/model" 16 "github.com/mattermost/mattermost-server/v5/store/storetest/mocks" 17 "github.com/mattermost/mattermost-server/v5/utils/fileutils" 18 ) 19 20 func TestPluginPublicKeys(t *testing.T) { 21 th := SetupWithStoreMock(t) 22 defer th.TearDown() 23 24 mockStore := th.App.Srv().Store.(*mocks.Store) 25 mockUserStore := mocks.UserStore{} 26 mockUserStore.On("Count", mock.Anything).Return(int64(10), nil) 27 mockPostStore := mocks.PostStore{} 28 mockPostStore.On("GetMaxPostSize").Return(65535, nil) 29 mockSystemStore := mocks.SystemStore{} 30 mockSystemStore.On("GetByName", "UpgradedFromTE").Return(&model.System{Name: "UpgradedFromTE", Value: "false"}, nil) 31 mockSystemStore.On("GetByName", "InstallationDate").Return(&model.System{Name: "InstallationDate", Value: "10"}, nil) 32 mockSystemStore.On("GetByName", "FirstServerRunTimestamp").Return(&model.System{Name: "FirstServerRunTimestamp", Value: "10"}, nil) 33 34 mockStore.On("User").Return(&mockUserStore) 35 mockStore.On("Post").Return(&mockPostStore) 36 mockStore.On("System").Return(&mockSystemStore) 37 38 path, _ := fileutils.FindDir("tests") 39 publicKeyFilename := "test-public-key.plugin.gpg" 40 publicKey, err := ioutil.ReadFile(filepath.Join(path, publicKeyFilename)) 41 require.NoError(t, err) 42 fileReader, err := os.Open(filepath.Join(path, publicKeyFilename)) 43 require.NoError(t, err) 44 defer fileReader.Close() 45 th.App.AddPublicKey(publicKeyFilename, fileReader) 46 file, appErr := th.App.GetPublicKey(publicKeyFilename) 47 require.Nil(t, appErr) 48 require.Equal(t, publicKey, file) 49 _, appErr = th.App.GetPublicKey("wrong file name") 50 require.NotNil(t, appErr) 51 _, appErr = th.App.GetPublicKey("wrong-file-name.plugin.gpg") 52 require.NotNil(t, appErr) 53 54 appErr = th.App.DeletePublicKey("wrong file name") 55 require.Nil(t, appErr) 56 appErr = th.App.DeletePublicKey("wrong-file-name.plugin.gpg") 57 require.Nil(t, appErr) 58 59 appErr = th.App.DeletePublicKey(publicKeyFilename) 60 require.Nil(t, appErr) 61 _, appErr = th.App.GetPublicKey(publicKeyFilename) 62 require.NotNil(t, appErr) 63 } 64 65 func TestVerifySignature(t *testing.T) { 66 path, _ := fileutils.FindDir("tests") 67 pluginFilename := "testplugin.tar.gz" 68 signatureFilename := "testplugin.tar.gz.sig" 69 armoredSignatureFilename := "testplugin.tar.gz.asc" 70 publicKeyFilename := "development-public-key.gpg" 71 armoredPublicKeyFilename := "development-public-key.asc" 72 t.Run("verify armored signature and armored public key", func(t *testing.T) { 73 publicKeyFileReader, err := os.Open(filepath.Join(path, armoredPublicKeyFilename)) 74 require.NoError(t, err) 75 defer publicKeyFileReader.Close() 76 pluginFileReader, err := os.Open(filepath.Join(path, pluginFilename)) 77 require.NoError(t, err) 78 defer pluginFileReader.Close() 79 signatureFileReader, err := os.Open(filepath.Join(path, armoredSignatureFilename)) 80 require.NoError(t, err) 81 defer signatureFileReader.Close() 82 require.NoError(t, verifySignature(publicKeyFileReader, pluginFileReader, signatureFileReader)) 83 }) 84 t.Run("verify non armored signature and armored public key", func(t *testing.T) { 85 publicKeyFileReader, err := os.Open(filepath.Join(path, armoredPublicKeyFilename)) 86 require.NoError(t, err) 87 defer publicKeyFileReader.Close() 88 pluginFileReader, err := os.Open(filepath.Join(path, pluginFilename)) 89 require.NoError(t, err) 90 defer pluginFileReader.Close() 91 signatureFileReader, err := os.Open(filepath.Join(path, signatureFilename)) 92 require.NoError(t, err) 93 defer signatureFileReader.Close() 94 require.NoError(t, verifySignature(publicKeyFileReader, pluginFileReader, signatureFileReader)) 95 }) 96 t.Run("verify armored signature and non armored public key", func(t *testing.T) { 97 publicKeyFileReader, err := os.Open(filepath.Join(path, publicKeyFilename)) 98 require.NoError(t, err) 99 defer publicKeyFileReader.Close() 100 pluginFileReader, err := os.Open(filepath.Join(path, pluginFilename)) 101 require.NoError(t, err) 102 defer pluginFileReader.Close() 103 armoredSignatureFileReader, err := os.Open(filepath.Join(path, armoredSignatureFilename)) 104 require.NoError(t, err) 105 defer armoredSignatureFileReader.Close() 106 require.NoError(t, verifySignature(publicKeyFileReader, pluginFileReader, armoredSignatureFileReader)) 107 }) 108 t.Run("verify non armored signature and non armored public key", func(t *testing.T) { 109 publicKeyFileReader, err := os.Open(filepath.Join(path, publicKeyFilename)) 110 require.NoError(t, err) 111 defer publicKeyFileReader.Close() 112 pluginFileReader, err := os.Open(filepath.Join(path, pluginFilename)) 113 require.NoError(t, err) 114 defer pluginFileReader.Close() 115 signatureFileReader, err := os.Open(filepath.Join(path, signatureFilename)) 116 require.NoError(t, err) 117 defer signatureFileReader.Close() 118 require.NoError(t, verifySignature(publicKeyFileReader, pluginFileReader, signatureFileReader)) 119 }) 120 }