github.com/mattermosttest/mattermost-server/v5@v5.0.0-20200917143240-9dfa12e121f9/app/plugin_signature_test.go (about) 1 // Copyright (c) 2015-present Mattermost, Inc. All Rights Reserved. 2 // See LICENSE.txt for license information. 3 4 package app 5 6 import ( 7 "io/ioutil" 8 "os" 9 "path/filepath" 10 "testing" 11 12 "github.com/mattermost/mattermost-server/v5/model" 13 "github.com/mattermost/mattermost-server/v5/store/storetest/mocks" 14 "github.com/mattermost/mattermost-server/v5/utils/fileutils" 15 "github.com/stretchr/testify/mock" 16 "github.com/stretchr/testify/require" 17 ) 18 19 func TestPluginPublicKeys(t *testing.T) { 20 th := SetupWithStoreMock(t) 21 defer th.TearDown() 22 23 mockStore := th.App.Srv().Store.(*mocks.Store) 24 mockUserStore := mocks.UserStore{} 25 mockUserStore.On("Count", mock.Anything).Return(int64(10), nil) 26 mockPostStore := mocks.PostStore{} 27 mockPostStore.On("GetMaxPostSize").Return(65535, nil) 28 mockSystemStore := mocks.SystemStore{} 29 mockSystemStore.On("GetByName", "InstallationDate").Return(&model.System{Name: "InstallationDate", Value: "10"}, nil) 30 mockSystemStore.On("GetByName", "FirstServerRunTimestamp").Return(&model.System{Name: "FirstServerRunTimestamp", Value: "10"}, nil) 31 32 mockStore.On("User").Return(&mockUserStore) 33 mockStore.On("Post").Return(&mockPostStore) 34 mockStore.On("System").Return(&mockSystemStore) 35 36 path, _ := fileutils.FindDir("tests") 37 publicKeyFilename := "test-public-key.plugin.gpg" 38 publicKey, err := ioutil.ReadFile(filepath.Join(path, publicKeyFilename)) 39 require.Nil(t, err) 40 fileReader, err := os.Open(filepath.Join(path, publicKeyFilename)) 41 require.Nil(t, err) 42 defer fileReader.Close() 43 th.App.AddPublicKey(publicKeyFilename, fileReader) 44 file, err := th.App.GetPublicKey(publicKeyFilename) 45 require.Nil(t, err) 46 require.Equal(t, publicKey, file) 47 _, err = th.App.GetPublicKey("wrong file name") 48 require.NotNil(t, err) 49 _, err = th.App.GetPublicKey("wrong-file-name.plugin.gpg") 50 require.NotNil(t, err) 51 52 err = th.App.DeletePublicKey("wrong file name") 53 require.Nil(t, err) 54 err = th.App.DeletePublicKey("wrong-file-name.plugin.gpg") 55 require.Nil(t, err) 56 57 err = th.App.DeletePublicKey(publicKeyFilename) 58 require.Nil(t, err) 59 _, err = th.App.GetPublicKey(publicKeyFilename) 60 require.NotNil(t, err) 61 } 62 63 func TestVerifySignature(t *testing.T) { 64 path, _ := fileutils.FindDir("tests") 65 pluginFilename := "testplugin.tar.gz" 66 signatureFilename := "testplugin.tar.gz.sig" 67 armoredSignatureFilename := "testplugin.tar.gz.asc" 68 publicKeyFilename := "development-public-key.gpg" 69 armoredPublicKeyFilename := "development-public-key.asc" 70 t.Run("verify armored signature and armored public key", func(t *testing.T) { 71 publicKeyFileReader, err := os.Open(filepath.Join(path, armoredPublicKeyFilename)) 72 require.Nil(t, err) 73 defer publicKeyFileReader.Close() 74 pluginFileReader, err := os.Open(filepath.Join(path, pluginFilename)) 75 require.Nil(t, err) 76 defer pluginFileReader.Close() 77 signatureFileReader, err := os.Open(filepath.Join(path, armoredSignatureFilename)) 78 require.Nil(t, err) 79 defer signatureFileReader.Close() 80 require.Nil(t, verifySignature(publicKeyFileReader, pluginFileReader, signatureFileReader)) 81 }) 82 t.Run("verify non armored signature and armored public key", func(t *testing.T) { 83 publicKeyFileReader, err := os.Open(filepath.Join(path, armoredPublicKeyFilename)) 84 require.Nil(t, err) 85 defer publicKeyFileReader.Close() 86 pluginFileReader, err := os.Open(filepath.Join(path, pluginFilename)) 87 require.Nil(t, err) 88 defer pluginFileReader.Close() 89 signatureFileReader, err := os.Open(filepath.Join(path, signatureFilename)) 90 require.Nil(t, err) 91 defer signatureFileReader.Close() 92 require.Nil(t, verifySignature(publicKeyFileReader, pluginFileReader, signatureFileReader)) 93 }) 94 t.Run("verify armored signature and non armored public key", func(t *testing.T) { 95 publicKeyFileReader, err := os.Open(filepath.Join(path, publicKeyFilename)) 96 require.Nil(t, err) 97 defer publicKeyFileReader.Close() 98 pluginFileReader, err := os.Open(filepath.Join(path, pluginFilename)) 99 require.Nil(t, err) 100 defer pluginFileReader.Close() 101 armoredSignatureFileReader, err := os.Open(filepath.Join(path, armoredSignatureFilename)) 102 require.Nil(t, err) 103 defer armoredSignatureFileReader.Close() 104 require.Nil(t, verifySignature(publicKeyFileReader, pluginFileReader, armoredSignatureFileReader)) 105 }) 106 t.Run("verify non armored signature and non armored public key", func(t *testing.T) { 107 publicKeyFileReader, err := os.Open(filepath.Join(path, publicKeyFilename)) 108 require.Nil(t, err) 109 defer publicKeyFileReader.Close() 110 pluginFileReader, err := os.Open(filepath.Join(path, pluginFilename)) 111 require.Nil(t, err) 112 defer pluginFileReader.Close() 113 signatureFileReader, err := os.Open(filepath.Join(path, signatureFilename)) 114 require.Nil(t, err) 115 defer signatureFileReader.Close() 116 require.Nil(t, verifySignature(publicKeyFileReader, pluginFileReader, signatureFileReader)) 117 }) 118 }