github.phpd.cn/thought-machine/please@v12.2.0+incompatible/tools/release_signer/signer/signer_test.go

github.phpd.cn/thought-machine/please@v12.2.0+incompatible/tools/release_signer/signer/signer_test.go (about)

     1  package signer
     2  
     3  import (
     4  	"os"
     5  	"testing"
     6  
     7  	"github.com/stretchr/testify/assert"
     8  	"golang.org/x/crypto/openpgp"
     9  )
    10  
    11  const (
    12  	pubKey  = "tools/release_signer/signer/test_data/pub.gpg"
    13  	secKey  = "tools/release_signer/signer/test_data/sec.gpg"
    14  	testTxt = "tools/release_signer/signer/test_data/test.txt"
    15  	badTxt  = "tools/release_signer/signer/test_data/bad.txt"
    16  )
    17  
    18  func must(err error) {
    19  	if err != nil {
    20  		panic(err)
    21  	}
    22  }
    23  
    24  func verifyFile(signed, signature, keyring string) bool {
    25  	f1, err := os.Open(signed)
    26  	must(err)
    27  	f2, err := os.Open(signature)
    28  	must(err)
    29  	f3, err := os.Open(keyring)
    30  	must(err)
    31  	entities, err := openpgp.ReadArmoredKeyRing(f3)
    32  	must(err)
    33  	_, err = openpgp.CheckArmoredDetachedSignature(entities, f1, f2)
    34  	return err == nil
    35  }
    36  
    37  func TestSignFile(t *testing.T) {
    38  	assert.NoError(t, SignFile(testTxt, "test.txt.asc", secKey, "test@please.build", "testtest"))
    39  	assert.True(t, verifyFile(testTxt, "test.txt.asc", pubKey))
    40  }
    41  
    42  func TestSignFileBadPassphrase(t *testing.T) {
    43  	assert.Error(t, SignFile(testTxt, "test.txt.asc", secKey, "test@please.build", "nope"))
    44  }
    45  
    46  func TestSignFileBadSignature(t *testing.T) {
    47  	assert.NoError(t, SignFile(testTxt, "test.txt.asc", secKey, "test@please.build", "testtest"))
    48  	assert.False(t, verifyFile(badTxt, "test.txt.asc", pubKey))
    49  }
    50  
    51  func TestSignFileUnknownUser(t *testing.T) {
    52  	assert.Error(t, SignFile(testTxt, "test.txt.asc", secKey, "not@please.build", "testtest"))
    53  }
    54  
    55  func TestSignFileMissingKeyring(t *testing.T) {
    56  	assert.Error(t, SignFile(testTxt, "test.txt.asc", "doesnt_exist", "test@please.build", "testtest"))
    57  }
    58  
    59  func TestSignFileBadKeyring(t *testing.T) {
    60  	assert.Error(t, SignFile(testTxt, "test.txt.asc", badTxt, "test@please.build", "testtest"))
    61  }
    62  
    63  func TestSignFileMissingInput(t *testing.T) {
    64  	assert.Error(t, SignFile("doesnt_exist", "test.txt.asc", secKey, "test@please.build", "testtest"))
    65  }
    66  
    67  func TestSignFileCantOutput(t *testing.T) {
    68  	assert.Error(t, SignFile(testTxt, "dir/doesnt/exist", secKey, "test@please.build", "testtest"))
    69  }