write_test.go 6.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273
  1. // Copyright 2011 The Go Authors. All rights reserved.
  2. // Use of this source code is governed by a BSD-style
  3. // license that can be found in the LICENSE file.
  4. package openpgp
  5. import (
  6. "bytes"
  7. "io"
  8. "io/ioutil"
  9. "testing"
  10. "time"
  11. "golang.org/x/crypto/openpgp/packet"
  12. )
  13. func TestSignDetached(t *testing.T) {
  14. kring, _ := ReadKeyRing(readerFromHex(testKeys1And2PrivateHex))
  15. out := bytes.NewBuffer(nil)
  16. message := bytes.NewBufferString(signedInput)
  17. err := DetachSign(out, kring[0], message, nil)
  18. if err != nil {
  19. t.Error(err)
  20. }
  21. testDetachedSignature(t, kring, out, signedInput, "check", testKey1KeyId)
  22. }
  23. func TestSignTextDetached(t *testing.T) {
  24. kring, _ := ReadKeyRing(readerFromHex(testKeys1And2PrivateHex))
  25. out := bytes.NewBuffer(nil)
  26. message := bytes.NewBufferString(signedInput)
  27. err := DetachSignText(out, kring[0], message, nil)
  28. if err != nil {
  29. t.Error(err)
  30. }
  31. testDetachedSignature(t, kring, out, signedInput, "check", testKey1KeyId)
  32. }
  33. func TestSignDetachedDSA(t *testing.T) {
  34. kring, _ := ReadKeyRing(readerFromHex(dsaTestKeyPrivateHex))
  35. out := bytes.NewBuffer(nil)
  36. message := bytes.NewBufferString(signedInput)
  37. err := DetachSign(out, kring[0], message, nil)
  38. if err != nil {
  39. t.Error(err)
  40. }
  41. testDetachedSignature(t, kring, out, signedInput, "check", testKey3KeyId)
  42. }
  43. func TestSignDetachedP256(t *testing.T) {
  44. kring, _ := ReadKeyRing(readerFromHex(p256TestKeyPrivateHex))
  45. kring[0].PrivateKey.Decrypt([]byte("passphrase"))
  46. out := bytes.NewBuffer(nil)
  47. message := bytes.NewBufferString(signedInput)
  48. err := DetachSign(out, kring[0], message, nil)
  49. if err != nil {
  50. t.Error(err)
  51. }
  52. testDetachedSignature(t, kring, out, signedInput, "check", testKeyP256KeyId)
  53. }
  54. func TestNewEntity(t *testing.T) {
  55. if testing.Short() {
  56. return
  57. }
  58. // Check bit-length with no config.
  59. e, err := NewEntity("Test User", "test", "test@example.com", nil)
  60. if err != nil {
  61. t.Errorf("failed to create entity: %s", err)
  62. return
  63. }
  64. bl, err := e.PrimaryKey.BitLength()
  65. if err != nil {
  66. t.Errorf("failed to find bit length: %s", err)
  67. }
  68. if int(bl) != defaultRSAKeyBits {
  69. t.Errorf("BitLength %v, expected %v", int(bl), defaultRSAKeyBits)
  70. }
  71. // Check bit-length with a config.
  72. cfg := &packet.Config{RSABits: 1024}
  73. e, err = NewEntity("Test User", "test", "test@example.com", cfg)
  74. if err != nil {
  75. t.Errorf("failed to create entity: %s", err)
  76. return
  77. }
  78. bl, err = e.PrimaryKey.BitLength()
  79. if err != nil {
  80. t.Errorf("failed to find bit length: %s", err)
  81. }
  82. if int(bl) != cfg.RSABits {
  83. t.Errorf("BitLength %v, expected %v", bl, cfg.RSABits)
  84. }
  85. w := bytes.NewBuffer(nil)
  86. if err := e.SerializePrivate(w, nil); err != nil {
  87. t.Errorf("failed to serialize entity: %s", err)
  88. return
  89. }
  90. serialized := w.Bytes()
  91. el, err := ReadKeyRing(w)
  92. if err != nil {
  93. t.Errorf("failed to reparse entity: %s", err)
  94. return
  95. }
  96. if len(el) != 1 {
  97. t.Errorf("wrong number of entities found, got %d, want 1", len(el))
  98. }
  99. w = bytes.NewBuffer(nil)
  100. if err := e.SerializePrivate(w, nil); err != nil {
  101. t.Errorf("failed to serialize entity second time: %s", err)
  102. return
  103. }
  104. if !bytes.Equal(w.Bytes(), serialized) {
  105. t.Errorf("results differed")
  106. }
  107. }
  108. func TestSymmetricEncryption(t *testing.T) {
  109. buf := new(bytes.Buffer)
  110. plaintext, err := SymmetricallyEncrypt(buf, []byte("testing"), nil, nil)
  111. if err != nil {
  112. t.Errorf("error writing headers: %s", err)
  113. return
  114. }
  115. message := []byte("hello world\n")
  116. _, err = plaintext.Write(message)
  117. if err != nil {
  118. t.Errorf("error writing to plaintext writer: %s", err)
  119. }
  120. err = plaintext.Close()
  121. if err != nil {
  122. t.Errorf("error closing plaintext writer: %s", err)
  123. }
  124. md, err := ReadMessage(buf, nil, func(keys []Key, symmetric bool) ([]byte, error) {
  125. return []byte("testing"), nil
  126. }, nil)
  127. if err != nil {
  128. t.Errorf("error rereading message: %s", err)
  129. }
  130. messageBuf := bytes.NewBuffer(nil)
  131. _, err = io.Copy(messageBuf, md.UnverifiedBody)
  132. if err != nil {
  133. t.Errorf("error rereading message: %s", err)
  134. }
  135. if !bytes.Equal(message, messageBuf.Bytes()) {
  136. t.Errorf("recovered message incorrect got '%s', want '%s'", messageBuf.Bytes(), message)
  137. }
  138. }
  139. var testEncryptionTests = []struct {
  140. keyRingHex string
  141. isSigned bool
  142. }{
  143. {
  144. testKeys1And2PrivateHex,
  145. false,
  146. },
  147. {
  148. testKeys1And2PrivateHex,
  149. true,
  150. },
  151. {
  152. dsaElGamalTestKeysHex,
  153. false,
  154. },
  155. {
  156. dsaElGamalTestKeysHex,
  157. true,
  158. },
  159. }
  160. func TestEncryption(t *testing.T) {
  161. for i, test := range testEncryptionTests {
  162. kring, _ := ReadKeyRing(readerFromHex(test.keyRingHex))
  163. passphrase := []byte("passphrase")
  164. for _, entity := range kring {
  165. if entity.PrivateKey != nil && entity.PrivateKey.Encrypted {
  166. err := entity.PrivateKey.Decrypt(passphrase)
  167. if err != nil {
  168. t.Errorf("#%d: failed to decrypt key", i)
  169. }
  170. }
  171. for _, subkey := range entity.Subkeys {
  172. if subkey.PrivateKey != nil && subkey.PrivateKey.Encrypted {
  173. err := subkey.PrivateKey.Decrypt(passphrase)
  174. if err != nil {
  175. t.Errorf("#%d: failed to decrypt subkey", i)
  176. }
  177. }
  178. }
  179. }
  180. var signed *Entity
  181. if test.isSigned {
  182. signed = kring[0]
  183. }
  184. buf := new(bytes.Buffer)
  185. w, err := Encrypt(buf, kring[:1], signed, nil /* no hints */, nil)
  186. if err != nil {
  187. t.Errorf("#%d: error in Encrypt: %s", i, err)
  188. continue
  189. }
  190. const message = "testing"
  191. _, err = w.Write([]byte(message))
  192. if err != nil {
  193. t.Errorf("#%d: error writing plaintext: %s", i, err)
  194. continue
  195. }
  196. err = w.Close()
  197. if err != nil {
  198. t.Errorf("#%d: error closing WriteCloser: %s", i, err)
  199. continue
  200. }
  201. md, err := ReadMessage(buf, kring, nil /* no prompt */, nil)
  202. if err != nil {
  203. t.Errorf("#%d: error reading message: %s", i, err)
  204. continue
  205. }
  206. testTime, _ := time.Parse("2006-01-02", "2013-07-01")
  207. if test.isSigned {
  208. signKey, _ := kring[0].signingKey(testTime)
  209. expectedKeyId := signKey.PublicKey.KeyId
  210. if md.SignedByKeyId != expectedKeyId {
  211. t.Errorf("#%d: message signed by wrong key id, got: %v, want: %v", i, *md.SignedBy, expectedKeyId)
  212. }
  213. if md.SignedBy == nil {
  214. t.Errorf("#%d: failed to find the signing Entity", i)
  215. }
  216. }
  217. plaintext, err := ioutil.ReadAll(md.UnverifiedBody)
  218. if err != nil {
  219. t.Errorf("#%d: error reading encrypted contents: %s", i, err)
  220. continue
  221. }
  222. encryptKey, _ := kring[0].encryptionKey(testTime)
  223. expectedKeyId := encryptKey.PublicKey.KeyId
  224. if len(md.EncryptedToKeyIds) != 1 || md.EncryptedToKeyIds[0] != expectedKeyId {
  225. t.Errorf("#%d: expected message to be encrypted to %v, but got %#v", i, expectedKeyId, md.EncryptedToKeyIds)
  226. }
  227. if string(plaintext) != message {
  228. t.Errorf("#%d: got: %s, want: %s", i, string(plaintext), message)
  229. }
  230. if test.isSigned {
  231. if md.SignatureError != nil {
  232. t.Errorf("#%d: signature error: %s", i, md.SignatureError)
  233. }
  234. if md.Signature == nil {
  235. t.Error("signature missing")
  236. }
  237. }
  238. }
  239. }