github.com/keybase/client/go@v0.0.0-20241007131713-f10651d043c8/engine/pgp_select_test.go (about)

     1  // Copyright 2015 Keybase, Inc. All rights reserved. Use of
     2  // this source code is governed by the included BSD license.
     3  
     4  package engine
     5  
     6  import (
     7  	"os"
     8  	"path"
     9  	"testing"
    10  
    11  	"github.com/keybase/client/go/libkb"
    12  	"github.com/stretchr/testify/require"
    13  )
    14  
    15  func TestSelectEngine(t *testing.T) {
    16  	tc := SetupEngineTest(t, "select")
    17  	defer tc.Cleanup()
    18  
    19  	fu := NewFakeUserOrBust(t, "se")
    20  	if err := tc.GenerateGPGKeyring(fu.Email); err != nil {
    21  		t.Fatal(err)
    22  	}
    23  	arg := MakeTestSignupEngineRunArg(fu)
    24  	arg.SkipGPG = false
    25  	s := NewSignupEngine(tc.G, &arg)
    26  	testui := &gpgtestui{}
    27  	uis := libkb.UIs{
    28  		LogUI:    tc.G.UI.GetLogUI(),
    29  		GPGUI:    testui,
    30  		SecretUI: fu.NewSecretUI(),
    31  		LoginUI:  &libkb.TestLoginUI{Username: fu.Username},
    32  	}
    33  	m := NewMetaContextForTest(tc).WithUIs(uis)
    34  	if err := RunEngine2(m, s); err != nil {
    35  		t.Fatal(err)
    36  	}
    37  
    38  	fuUser, err := libkb.LoadUser(libkb.NewLoadUserByNameArg(tc.G, fu.Username))
    39  	if err != nil {
    40  		tc.T.Fatal(err)
    41  	}
    42  
    43  	publicKeys := fuUser.GetActivePGPKeys(false)
    44  	if len(publicKeys) != 1 {
    45  		tc.T.Fatal("There should be one generated PGP key")
    46  	}
    47  
    48  	key := publicKeys[0]
    49  	fp := key.GetFingerprint().String()
    50  	garg := GPGImportKeyArg{
    51  		Query:      fp,
    52  		AllowMulti: true,
    53  		SkipImport: false,
    54  		OnlyImport: false,
    55  	}
    56  	gpg := NewGPGImportKeyEngine(tc.G, &garg)
    57  	err = RunEngine2(m, gpg)
    58  	require.NoError(t, err)
    59  
    60  	// The GPGImportKeyEngine converts a multi select on the same key into
    61  	// an update, so our test checks that the update code ran, by counting
    62  	// on the test version of the update key prompt.
    63  	if testui.keyChosenCount != 1 {
    64  		tc.T.Fatal("Selected the same key twice and no update happened")
    65  	}
    66  	if len(gpg.duplicatedFingerprints) != 1 {
    67  		tc.T.Fatal("Server didn't return an error while updating")
    68  	}
    69  	if !key.GetFingerprint().Eq(gpg.duplicatedFingerprints[0]) {
    70  		tc.T.Fatal("Our fingerprint ID wasn't returned as up to date")
    71  	}
    72  }
    73  
    74  func TestPGPSelectThenPushSecret(t *testing.T) {
    75  	tc := SetupEngineTest(t, "select")
    76  	defer tc.Cleanup()
    77  
    78  	user := CreateAndSignupFakeUser(tc, "selc")
    79  	secUI := &libkb.TestSecretUI{Passphrase: user.Passphrase}
    80  
    81  	err := tc.GenerateGPGKeyring(user.Email)
    82  	require.NoError(t, err)
    83  
    84  	uis := libkb.UIs{
    85  		LogUI:    tc.G.UI.GetLogUI(),
    86  		SecretUI: secUI,
    87  		GPGUI:    &gpgtestui{},
    88  	}
    89  	mctx := tc.MetaContext().WithUIs(uis)
    90  
    91  	// PGP Select the key, without importing to local keyring.
    92  	garg := GPGImportKeyArg{
    93  		HasProvisionedDevice: true,
    94  		AllowMulti:           false,
    95  		SkipImport:           true,
    96  		OnlyImport:           false,
    97  	}
    98  	gpgEng := NewGPGImportKeyEngine(tc.G, &garg)
    99  	err = RunEngine2(mctx, gpgEng)
   100  	require.NoError(t, err)
   101  
   102  	kid := gpgEng.last.GetKID()
   103  
   104  	// Secret key should not be available on the server.
   105  	ss, err := mctx.ActiveDevice().SyncSecretsForce(mctx)
   106  	require.NoError(t, err)
   107  	_, ok := ss.FindPrivateKey(kid.String())
   108  	require.False(t, ok)
   109  
   110  	// Import secret key afterwards with pushing to the server.
   111  	keyBytes, err := os.ReadFile(path.Join(tc.Tp.GPGHome, "secring.gpg"))
   112  	require.NoError(t, err)
   113  	pgpEng, err := NewPGPKeyImportEngineFromBytes(tc.G, keyBytes, true /* pushSecret*/)
   114  	require.NoError(t, err)
   115  	mctx = tc.MetaContext().WithUIs(uis)
   116  	err = RunEngine2(mctx, pgpEng)
   117  	require.NoError(t, err)
   118  
   119  	// Secret key should *be* available on the server (pushSecret=true in GPG
   120  	// import engine above).
   121  	ss, err = mctx.ActiveDevice().SyncSecretsForce(mctx)
   122  	require.NoError(t, err)
   123  	privKey, ok := ss.FindPrivateKey(kid.String())
   124  	require.True(t, ok)
   125  	require.NotEmpty(t, privKey.Bundle)
   126  }