github.com/keybase/client/go@v0.0.0-20241007131713-f10651d043c8/engine/pgp_verify_test.go (about) 1 // Copyright 2015 Keybase, Inc. All rights reserved. Use of 2 // this source code is governed by the included BSD license. 3 4 package engine 5 6 import ( 7 "io" 8 "strings" 9 "testing" 10 11 "github.com/keybase/client/go/libkb" 12 keybase1 "github.com/keybase/client/go/protocol/keybase1" 13 ) 14 15 func doVerify(t *testing.T, msg string) { 16 tc := SetupEngineTest(t, "PGPVerify") 17 defer tc.Cleanup() 18 fu := createFakeUserWithPGPSibkey(tc) 19 20 uis := libkb.UIs{ 21 IdentifyUI: &FakeIdentifyUI{}, 22 SecretUI: fu.NewSecretUI(), 23 LogUI: tc.G.UI.GetLogUI(), 24 PgpUI: &TestPgpUI{}, 25 } 26 27 m := NewMetaContextForTest(tc).WithUIs(uis) 28 29 // create detached sig 30 detached := sign(m, tc, msg, keybase1.SignMode_DETACHED) 31 32 // create clearsign sig 33 clearsign := sign(m, tc, msg, keybase1.SignMode_CLEAR) 34 35 // create attached sig w/ sign 36 attached := sign(m, tc, msg, keybase1.SignMode_ATTACHED) 37 38 // create attached sig w/ encrypt 39 attachedEnc := signEnc(m, tc, msg) 40 41 // Start with a fresh secret ui so the Called* flags will be false. 42 // If the verify() func works, it will ensure that the ones it cares 43 // about are false after each time it is called. 44 m = m.WithSecretUI(fu.NewSecretUI()) 45 46 // still logged in as signer: 47 verify(m, tc, msg, detached, "detached logged in", true) 48 verify(m, tc, clearsign, "", "clearsign logged in", true) 49 verify(m, tc, attached, "", "attached logged in", true) 50 verify(m, tc, attachedEnc, "", "attached/encrypted logged in", true) 51 52 Logout(tc) 53 54 // these are all valid logged out 55 verify(m, tc, msg, detached, "detached logged out", true) 56 verify(m, tc, clearsign, "", "clearsign logged out", true) 57 verify(m, tc, attached, "", "attached logged out", true) 58 // attached encrypted is not valid logged out: 59 verify(m, tc, attachedEnc, "", "attached/encrypted logged out", false) 60 61 // sign in as a different user 62 tc2 := SetupEngineTest(t, "PGPVerify") 63 defer tc2.Cleanup() 64 fu2 := CreateAndSignupFakeUser(tc2, "pgp") 65 66 m = m.WithSecretUI(fu2.NewSecretUI()) 67 verify(m, tc2, msg, detached, "detached different user", true) 68 verify(m, tc2, clearsign, "", "clearsign different user", true) 69 verify(m, tc2, attached, "", "attached different user", true) 70 verify(m, tc2, attachedEnc, "", "attached/encrypted different user", false) 71 72 // extra credit: 73 // encrypt a message for another user and sign it 74 // verify that attached signature 75 } 76 77 func TestPGPVerify(t *testing.T) { 78 msg := "If you wish to stop receiving notifications from this topic, please click or visit the link below to unsubscribe:" 79 doVerify(t, msg) 80 } 81 82 func TestPGPVerifyShortMsg(t *testing.T) { 83 msg := "less than 100 characters" 84 doVerify(t, msg) 85 } 86 87 func sign(m libkb.MetaContext, tc libkb.TestContext, msg string, mode keybase1.SignMode) string { 88 sink := libkb.NewBufferCloser() 89 arg := &PGPSignArg{ 90 Sink: sink, 91 Source: io.NopCloser(strings.NewReader(msg)), 92 Opts: keybase1.PGPSignOptions{Mode: mode}, 93 } 94 eng := NewPGPSignEngine(tc.G, arg) 95 if err := RunEngine2(m, eng); err != nil { 96 tc.T.Fatal(err) 97 } 98 return sink.String() 99 } 100 101 func signEnc(m libkb.MetaContext, tc libkb.TestContext, msg string) string { 102 sink := libkb.NewBufferCloser() 103 arg := &PGPEncryptArg{ 104 Sink: sink, 105 Source: strings.NewReader(msg), 106 } 107 eng := NewPGPEncrypt(tc.G, arg) 108 if err := RunEngine2(m, eng); err != nil { 109 tc.T.Fatal(err) 110 } 111 return sink.String() 112 } 113 114 func verify(m libkb.MetaContext, tc libkb.TestContext, msg, sig, name string, valid bool) { 115 arg := &PGPVerifyArg{ 116 Source: strings.NewReader(msg), 117 Signature: []byte(sig), 118 } 119 eng := NewPGPVerify(tc.G, arg) 120 if err := RunEngine2(m, eng); err != nil { 121 if valid { 122 tc.T.Logf("%s: sig: %s", name, sig) 123 tc.T.Errorf("%s not valid: %s", name, err) 124 } 125 return 126 } 127 if !valid { 128 tc.T.Errorf("%s validated, but it shouldn't have", name) 129 } 130 s, ok := m.UIs().SecretUI.(*libkb.TestSecretUI) 131 if !ok { 132 tc.T.Fatalf("%s: invalid secret ui: %T", name, m.UIs().SecretUI) 133 } 134 if s.CalledGetPassphrase { 135 tc.T.Errorf("%s: called get passphrase, shouldn't have", name) 136 s.CalledGetPassphrase = false // reset it for next caller 137 } 138 p, ok := m.UIs().PgpUI.(*TestPgpUI) 139 if !ok { 140 tc.T.Fatalf("%s: invalid pgp ui: %T", name, m.UIs().PgpUI) 141 } 142 if p.OutputCount == 0 { 143 tc.T.Errorf("%s: did not output signature success", name) 144 } 145 }