clearsign_test.go 6.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210
  1. // Copyright 2012 The Go Authors. All rights reserved.
  2. // Use of this source code is governed by a BSD-style
  3. // license that can be found in the LICENSE file.
  4. package clearsign
  5. import (
  6. "bytes"
  7. "golang.org/x/crypto/openpgp"
  8. "testing"
  9. )
  10. func testParse(t *testing.T, input []byte, expected, expectedPlaintext string) {
  11. b, rest := Decode(input)
  12. if b == nil {
  13. t.Fatal("failed to decode clearsign message")
  14. }
  15. if !bytes.Equal(rest, []byte("trailing")) {
  16. t.Errorf("unexpected remaining bytes returned: %s", string(rest))
  17. }
  18. if b.ArmoredSignature.Type != "PGP SIGNATURE" {
  19. t.Errorf("bad armor type, got:%s, want:PGP SIGNATURE", b.ArmoredSignature.Type)
  20. }
  21. if !bytes.Equal(b.Bytes, []byte(expected)) {
  22. t.Errorf("bad body, got:%x want:%x", b.Bytes, expected)
  23. }
  24. if !bytes.Equal(b.Plaintext, []byte(expectedPlaintext)) {
  25. t.Errorf("bad plaintext, got:%x want:%x", b.Plaintext, expectedPlaintext)
  26. }
  27. keyring, err := openpgp.ReadArmoredKeyRing(bytes.NewBufferString(signingKey))
  28. if err != nil {
  29. t.Errorf("failed to parse public key: %s", err)
  30. }
  31. if _, err := openpgp.CheckDetachedSignature(keyring, bytes.NewBuffer(b.Bytes), b.ArmoredSignature.Body); err != nil {
  32. t.Errorf("failed to check signature: %s", err)
  33. }
  34. }
  35. func TestParse(t *testing.T) {
  36. testParse(t, clearsignInput, "Hello world\r\nline 2", "Hello world\nline 2\n")
  37. testParse(t, clearsignInput2, "\r\n\r\n(This message has a couple of blank lines at the start and end.)\r\n\r\n", "\n\n(This message has a couple of blank lines at the start and end.)\n\n\n")
  38. }
  39. func TestParseInvalid(t *testing.T) {
  40. if b, _ := Decode(clearsignInput3); b != nil {
  41. t.Fatal("decoded a bad clearsigned message without any error")
  42. }
  43. }
  44. func TestParseWithNoNewlineAtEnd(t *testing.T) {
  45. input := clearsignInput
  46. input = input[:len(input)-len("trailing")-1]
  47. b, rest := Decode(input)
  48. if b == nil {
  49. t.Fatal("failed to decode clearsign message")
  50. }
  51. if len(rest) > 0 {
  52. t.Errorf("unexpected remaining bytes returned: %s", string(rest))
  53. }
  54. }
  55. var signingTests = []struct {
  56. in, signed, plaintext string
  57. }{
  58. {"", "", ""},
  59. {"a", "a", "a\n"},
  60. {"a\n", "a", "a\n"},
  61. {"-a\n", "-a", "-a\n"},
  62. {"--a\nb", "--a\r\nb", "--a\nb\n"},
  63. // leading whitespace
  64. {" a\n", " a", " a\n"},
  65. {" a\n", " a", " a\n"},
  66. // trailing whitespace (should be stripped)
  67. {"a \n", "a", "a\n"},
  68. {"a ", "a", "a\n"},
  69. // whitespace-only lines (should be stripped)
  70. {" \n", "", "\n"},
  71. {" ", "", "\n"},
  72. {"a\n \n \nb\n", "a\r\n\r\n\r\nb", "a\n\n\nb\n"},
  73. }
  74. func TestSigning(t *testing.T) {
  75. keyring, err := openpgp.ReadArmoredKeyRing(bytes.NewBufferString(signingKey))
  76. if err != nil {
  77. t.Errorf("failed to parse public key: %s", err)
  78. }
  79. for i, test := range signingTests {
  80. var buf bytes.Buffer
  81. plaintext, err := Encode(&buf, keyring[0].PrivateKey, nil)
  82. if err != nil {
  83. t.Errorf("#%d: error from Encode: %s", i, err)
  84. continue
  85. }
  86. if _, err := plaintext.Write([]byte(test.in)); err != nil {
  87. t.Errorf("#%d: error from Write: %s", i, err)
  88. continue
  89. }
  90. if err := plaintext.Close(); err != nil {
  91. t.Fatalf("#%d: error from Close: %s", i, err)
  92. continue
  93. }
  94. b, _ := Decode(buf.Bytes())
  95. if b == nil {
  96. t.Errorf("#%d: failed to decode clearsign message", i)
  97. continue
  98. }
  99. if !bytes.Equal(b.Bytes, []byte(test.signed)) {
  100. t.Errorf("#%d: bad result, got:%x, want:%x", i, b.Bytes, test.signed)
  101. continue
  102. }
  103. if !bytes.Equal(b.Plaintext, []byte(test.plaintext)) {
  104. t.Errorf("#%d: bad result, got:%x, want:%x", i, b.Plaintext, test.plaintext)
  105. continue
  106. }
  107. if _, err := openpgp.CheckDetachedSignature(keyring, bytes.NewBuffer(b.Bytes), b.ArmoredSignature.Body); err != nil {
  108. t.Errorf("#%d: failed to check signature: %s", i, err)
  109. }
  110. }
  111. }
  112. var clearsignInput = []byte(`
  113. ;lasjlkfdsa
  114. -----BEGIN PGP SIGNED MESSAGE-----
  115. Hash: SHA1
  116. Hello world
  117. line 2
  118. -----BEGIN PGP SIGNATURE-----
  119. Version: GnuPG v1.4.10 (GNU/Linux)
  120. iJwEAQECAAYFAk8kMuEACgkQO9o98PRieSpMsAQAhmY/vwmNpflrPgmfWsYhk5O8
  121. pjnBUzZwqTDoDeINjZEoPDSpQAHGhjFjgaDx/Gj4fAl0dM4D0wuUEBb6QOrwflog
  122. 2A2k9kfSOMOtk0IH/H5VuFN1Mie9L/erYXjTQIptv9t9J7NoRBMU0QOOaFU0JaO9
  123. MyTpno24AjIAGb+mH1U=
  124. =hIJ6
  125. -----END PGP SIGNATURE-----
  126. trailing`)
  127. var clearsignInput2 = []byte(`
  128. asdlfkjasdlkfjsadf
  129. -----BEGIN PGP SIGNED MESSAGE-----
  130. Hash: SHA256
  131. (This message has a couple of blank lines at the start and end.)
  132. -----BEGIN PGP SIGNATURE-----
  133. Version: GnuPG v1.4.11 (GNU/Linux)
  134. iJwEAQEIAAYFAlPpSREACgkQO9o98PRieSpZTAP+M8QUoCt/7Rf3YbXPcdzIL32v
  135. pt1I+cMNeopzfLy0u4ioEFi8s5VkwpL1AFmirvgViCwlf82inoRxzZRiW05JQ5LI
  136. ESEzeCoy2LIdRCQ2hcrG8pIUPzUO4TqO5D/dMbdHwNH4h5nNmGJUAEG6FpURlPm+
  137. qZg6BaTvOxepqOxnhVU=
  138. =e+C6
  139. -----END PGP SIGNATURE-----
  140. trailing`)
  141. var clearsignInput3 = []byte(`
  142. -----BEGIN PGP SIGNED MESSAGE-----
  143. Hash: SHA256
  144. (This message was truncated.)
  145. `)
  146. var signingKey = `-----BEGIN PGP PRIVATE KEY BLOCK-----
  147. Version: GnuPG v1.4.10 (GNU/Linux)
  148. lQHYBE2rFNoBBADFwqWQIW/DSqcB4yCQqnAFTJ27qS5AnB46ccAdw3u4Greeu3Bp
  149. idpoHdjULy7zSKlwR1EA873dO/k/e11Ml3dlAFUinWeejWaK2ugFP6JjiieSsrKn
  150. vWNicdCS4HTWn0X4sjl0ZiAygw6GNhqEQ3cpLeL0g8E9hnYzJKQ0LWJa0QARAQAB
  151. AAP/TB81EIo2VYNmTq0pK1ZXwUpxCrvAAIG3hwKjEzHcbQznsjNvPUihZ+NZQ6+X
  152. 0HCfPAdPkGDCLCb6NavcSW+iNnLTrdDnSI6+3BbIONqWWdRDYJhqZCkqmG6zqSfL
  153. IdkJgCw94taUg5BWP/AAeQrhzjChvpMQTVKQL5mnuZbUCeMCAN5qrYMP2S9iKdnk
  154. VANIFj7656ARKt/nf4CBzxcpHTyB8+d2CtPDKCmlJP6vL8t58Jmih+kHJMvC0dzn
  155. gr5f5+sCAOOe5gt9e0am7AvQWhdbHVfJU0TQJx+m2OiCJAqGTB1nvtBLHdJnfdC9
  156. TnXXQ6ZXibqLyBies/xeY2sCKL5qtTMCAKnX9+9d/5yQxRyrQUHt1NYhaXZnJbHx
  157. q4ytu0eWz+5i68IYUSK69jJ1NWPM0T6SkqpB3KCAIv68VFm9PxqG1KmhSrQIVGVz
  158. dCBLZXmIuAQTAQIAIgUCTasU2gIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AA
  159. CgkQO9o98PRieSoLhgQAkLEZex02Qt7vGhZzMwuN0R22w3VwyYyjBx+fM3JFETy1
  160. ut4xcLJoJfIaF5ZS38UplgakHG0FQ+b49i8dMij0aZmDqGxrew1m4kBfjXw9B/v+
  161. eIqpODryb6cOSwyQFH0lQkXC040pjq9YqDsO5w0WYNXYKDnzRV0p4H1pweo2VDid
  162. AdgETasU2gEEAN46UPeWRqKHvA99arOxee38fBt2CI08iiWyI8T3J6ivtFGixSqV
  163. bRcPxYO/qLpVe5l84Nb3X71GfVXlc9hyv7CD6tcowL59hg1E/DC5ydI8K8iEpUmK
  164. /UnHdIY5h8/kqgGxkY/T/hgp5fRQgW1ZoZxLajVlMRZ8W4tFtT0DeA+JABEBAAEA
  165. A/0bE1jaaZKj6ndqcw86jd+QtD1SF+Cf21CWRNeLKnUds4FRRvclzTyUMuWPkUeX
  166. TaNNsUOFqBsf6QQ2oHUBBK4VCHffHCW4ZEX2cd6umz7mpHW6XzN4DECEzOVksXtc
  167. lUC1j4UB91DC/RNQqwX1IV2QLSwssVotPMPqhOi0ZLNY7wIA3n7DWKInxYZZ4K+6
  168. rQ+POsz6brEoRHwr8x6XlHenq1Oki855pSa1yXIARoTrSJkBtn5oI+f8AzrnN0BN
  169. oyeQAwIA/7E++3HDi5aweWrViiul9cd3rcsS0dEnksPhvS0ozCJiHsq/6GFmy7J8
  170. QSHZPteedBnZyNp5jR+H7cIfVN3KgwH/Skq4PsuPhDq5TKK6i8Pc1WW8MA6DXTdU
  171. nLkX7RGmMwjC0DBf7KWAlPjFaONAX3a8ndnz//fy1q7u2l9AZwrj1qa1iJ8EGAEC
  172. AAkFAk2rFNoCGwwACgkQO9o98PRieSo2/QP/WTzr4ioINVsvN1akKuekmEMI3LAp
  173. BfHwatufxxP1U+3Si/6YIk7kuPB9Hs+pRqCXzbvPRrI8NHZBmc8qIGthishdCYad
  174. AHcVnXjtxrULkQFGbGvhKURLvS9WnzD/m1K2zzwxzkPTzT9/Yf06O6Mal5AdugPL
  175. VrM0m72/jnpKo04=
  176. =zNCn
  177. -----END PGP PRIVATE KEY BLOCK-----
  178. `