mirrors
/
gitea
espejo de https://github.com/go-gitea/gitea.git
Seguir 1
Destacar 0
Fork 0
Código Incidencias 0 Lanzamientos 211 Wiki Actividad
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5335 Commits
17 Ramas
Árbol: ff7424179e
Ramas Etiquetas
${ item.name }
Crear rama ${ searchTerm }
desde 'ff7424179e'
${ noResults }
gitea/models/gpg_key_test.go

gpg_key_test.go 7.2KB
Original Blame Histórico

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164 
  1. // Copyright 2017 The Gitea Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package models

  6. 

  7. import (

  8. 	"testing"

  9. 

  10. 	"github.com/stretchr/testify/assert"

  11. )

  12. 

  13. func TestCheckArmoredGPGKeyString(t *testing.T) {

  14. 	testGPGArmor := `-----BEGIN PGP PUBLIC KEY BLOCK-----

  15. 

  16. mQENBFh91QoBCADciaDd7aqegYkn4ZIG7J0p1CRwpqMGjxFroJEMg6M1ZiuEVTRv

  17. z49P4kcr1+98NvFmcNc+x5uJgvPCwr/N8ZW5nqBUs2yrklbFF4MeQomyZJJegP8m

  18. /dsRT3BwIT8YMUtJuCj0iqD9vuKYfjrztcMgC1sYwcE9E9OlA0pWBvUdU2i0TIB1

  19. vOq6slWGvHHa5l5gPfm09idlVxfH5+I+L1uIMx5ovbiVVU5x2f1AR1T18f0t2TVN

  20. 0agFTyuoYE1ATmvJHmMcsfgM1Gpd9hIlr9vlupT2kKTPoNzVzsJsOU6Ku/Lf/bac

  21. mF+TfSbRCtmG7dkYZ4metLj7zG/WkW8IvJARABEBAAG0HUFudG9pbmUgR0lSQVJE

  22. IDxzYXBrQHNhcGsuZnI+iQFUBBMBCAA+FiEEEIOwJg/1vpF1itJ4roJVuKDYKOQF

  23. Alh91QoCGwMFCQPCZwAFCwkIBwIGFQgJCgsCBBYCAwECHgECF4AACgkQroJVuKDY

  24. KORreggAlIkC2QjHP5tb7b0+LksB2JMXdY+UzZBcJxtNmvA7gNQaGvWRrhrbePpa

  25. MKDP+3A4BPDBsWFbbB7N56vQ5tROpmWbNKuFOVER4S1bj0JZV0E+xkDLqt9QwQtQ

  26. ojd7oIZJwDUwdud1PvCza2mjgBqqiFE+twbc3i9xjciCGspMniUul1eQYLxRJ0w+

  27. sbvSOUnujnq5ByMSz9ij00O6aiPfNQS5oB5AALfpjYZDvWAAljLVrtmlQJWZ6dZo

  28. T/YNwsW2dECPuti8+Nmu5FxPGDTXxdbnRaeJTQ3T6q1oUVAv7yTXBx5NXfXkMa5i

  29. iEayQIH8Joq5Ev5ja/lRGQQhArMQ2bkBDQRYfdUKAQgAv7B3coLSrOQbuTZSlgWE

  30. QeT+7DWbmqE1LAQA1pQPcUPXLBUVd60amZJxF9nzUYcY83ylDi0gUNJS+DJGOXpT

  31. pzX2IOuOMGbtUSeKwg5s9O4SUO7f2yCc3RGaegER5zgESxelmOXG+b/hoNt7JbdU

  32. JtxcnLr91Jw2PBO/Xf0ZKJ01CQG2Yzdrrj6jnrHyx94seHy0i6xH1o0OuvfVMLfN

  33. /Vbb/ZHh6ym2wHNqRX62b0VAbchcJXX/MEehXGknKTkO6dDUd+mhRgWMf9ZGRFWx

  34. ag4qALimkf1FXtAyD0vxFYeyoWUQzrOvUsm2BxIN/986R08fhkBQnp5nz07mrU02

  35. cQARAQABiQE8BBgBCAAmFiEEEIOwJg/1vpF1itJ4roJVuKDYKOQFAlh91QoCGwwF

  36. CQPCZwAACgkQroJVuKDYKOT32wf/UZqMdPn5OhyhffFzjQx7wolrf92WkF2JkxtH

  37. 6c3Htjlt/p5RhtKEeErSrNAxB4pqB7dznHaJXiOdWEZtRVXXjlNHjrokGTesqtKk

  38. lHWtK62/MuyLdr+FdCl68F3ewuT2iu/MDv+D4HPqA47zma9xVgZ9ZNwJOpv3fCOo

  39. RfY66UjGEnfgYifgtI5S84/mp2jaSc9UNvlZB6RSf8cfbJUL74kS2lq+xzSlf0yP

  40. Av844q/BfRuVsJsK1NDNG09LC30B0l3LKBqlrRmRTUMHtgchdX2dY+p7GPOoSzlR

  41. MkM/fdpyc2hY7Dl/+qFmN5MG5yGmMpQcX+RNNR222ibNC1D3wg==

  42. =i9b7

  43. -----END PGP PUBLIC KEY BLOCK-----`

  44. 

  45. 	key, err := checkArmoredGPGKeyString(testGPGArmor)

  46. 	assert.Nil(t, err, "Could not parse a valid GPG armored key", key)

  47. 	//TODO verify value of key

  48. }

  49. 

  50. func TestExtractSignature(t *testing.T) {

  51. 	testGPGArmor := `-----BEGIN PGP PUBLIC KEY BLOCK-----

  52. 

  53. mQENBFh91QoBCADciaDd7aqegYkn4ZIG7J0p1CRwpqMGjxFroJEMg6M1ZiuEVTRv

  54. z49P4kcr1+98NvFmcNc+x5uJgvPCwr/N8ZW5nqBUs2yrklbFF4MeQomyZJJegP8m

  55. /dsRT3BwIT8YMUtJuCj0iqD9vuKYfjrztcMgC1sYwcE9E9OlA0pWBvUdU2i0TIB1

  56. vOq6slWGvHHa5l5gPfm09idlVxfH5+I+L1uIMx5ovbiVVU5x2f1AR1T18f0t2TVN

  57. 0agFTyuoYE1ATmvJHmMcsfgM1Gpd9hIlr9vlupT2kKTPoNzVzsJsOU6Ku/Lf/bac

  58. mF+TfSbRCtmG7dkYZ4metLj7zG/WkW8IvJARABEBAAG0HUFudG9pbmUgR0lSQVJE

  59. IDxzYXBrQHNhcGsuZnI+iQFUBBMBCAA+FiEEEIOwJg/1vpF1itJ4roJVuKDYKOQF

  60. Alh91QoCGwMFCQPCZwAFCwkIBwIGFQgJCgsCBBYCAwECHgECF4AACgkQroJVuKDY

  61. KORreggAlIkC2QjHP5tb7b0+LksB2JMXdY+UzZBcJxtNmvA7gNQaGvWRrhrbePpa

  62. MKDP+3A4BPDBsWFbbB7N56vQ5tROpmWbNKuFOVER4S1bj0JZV0E+xkDLqt9QwQtQ

  63. ojd7oIZJwDUwdud1PvCza2mjgBqqiFE+twbc3i9xjciCGspMniUul1eQYLxRJ0w+

  64. sbvSOUnujnq5ByMSz9ij00O6aiPfNQS5oB5AALfpjYZDvWAAljLVrtmlQJWZ6dZo

  65. T/YNwsW2dECPuti8+Nmu5FxPGDTXxdbnRaeJTQ3T6q1oUVAv7yTXBx5NXfXkMa5i

  66. iEayQIH8Joq5Ev5ja/lRGQQhArMQ2bkBDQRYfdUKAQgAv7B3coLSrOQbuTZSlgWE

  67. QeT+7DWbmqE1LAQA1pQPcUPXLBUVd60amZJxF9nzUYcY83ylDi0gUNJS+DJGOXpT

  68. pzX2IOuOMGbtUSeKwg5s9O4SUO7f2yCc3RGaegER5zgESxelmOXG+b/hoNt7JbdU

  69. JtxcnLr91Jw2PBO/Xf0ZKJ01CQG2Yzdrrj6jnrHyx94seHy0i6xH1o0OuvfVMLfN

  70. /Vbb/ZHh6ym2wHNqRX62b0VAbchcJXX/MEehXGknKTkO6dDUd+mhRgWMf9ZGRFWx

  71. ag4qALimkf1FXtAyD0vxFYeyoWUQzrOvUsm2BxIN/986R08fhkBQnp5nz07mrU02

  72. cQARAQABiQE8BBgBCAAmFiEEEIOwJg/1vpF1itJ4roJVuKDYKOQFAlh91QoCGwwF

  73. CQPCZwAACgkQroJVuKDYKOT32wf/UZqMdPn5OhyhffFzjQx7wolrf92WkF2JkxtH

  74. 6c3Htjlt/p5RhtKEeErSrNAxB4pqB7dznHaJXiOdWEZtRVXXjlNHjrokGTesqtKk

  75. lHWtK62/MuyLdr+FdCl68F3ewuT2iu/MDv+D4HPqA47zma9xVgZ9ZNwJOpv3fCOo

  76. RfY66UjGEnfgYifgtI5S84/mp2jaSc9UNvlZB6RSf8cfbJUL74kS2lq+xzSlf0yP

  77. Av844q/BfRuVsJsK1NDNG09LC30B0l3LKBqlrRmRTUMHtgchdX2dY+p7GPOoSzlR

  78. MkM/fdpyc2hY7Dl/+qFmN5MG5yGmMpQcX+RNNR222ibNC1D3wg==

  79. =i9b7

  80. -----END PGP PUBLIC KEY BLOCK-----`

  81. 	ekey, err := checkArmoredGPGKeyString(testGPGArmor)

  82. 	assert.Nil(t, err, "Could not parse a valid GPG armored key", ekey)

  83. 

  84. 	pubkey := ekey.PrimaryKey

  85. 	content, err := base64EncPubKey(pubkey)

  86. 	assert.Nil(t, err, "Could not base64 encode a valid PublicKey content", ekey)

  87. 

  88. 	key := &GPGKey{

  89. 		KeyID:             pubkey.KeyIdString(),

  90. 		Content:           content,

  91. 		Created:           pubkey.CreationTime,

  92. 		CanSign:           pubkey.CanSign(),

  93. 		CanEncryptComms:   pubkey.PubKeyAlgo.CanEncrypt(),

  94. 		CanEncryptStorage: pubkey.PubKeyAlgo.CanEncrypt(),

  95. 		CanCertify:        pubkey.PubKeyAlgo.CanSign(),

  96. 	}

  97. 

  98. 	cannotsignkey := &GPGKey{

  99. 		KeyID:             pubkey.KeyIdString(),

  100. 		Content:           content,

  101. 		Created:           pubkey.CreationTime,

  102. 		CanSign:           false,

  103. 		CanEncryptComms:   false,

  104. 		CanEncryptStorage: false,

  105. 		CanCertify:        false,

  106. 	}

  107. 

  108. 	testGoodSigArmor := `-----BEGIN PGP SIGNATURE-----

  109. 

  110. iQEzBAABCAAdFiEEEIOwJg/1vpF1itJ4roJVuKDYKOQFAljAiQIACgkQroJVuKDY

  111. KORvCgf6A/Ehh0r7QbO2tFEghT+/Ab+bN7jRN3zP9ed6/q/ophYmkrU0NibtbJH9

  112. AwFVdHxCmj78SdiRjaTKyevklXw34nvMftmvnOI4lBNUdw6KWl25/n/7wN0l2oZW

  113. rW3UawYpZgodXiLTYarfEimkDQmT67ArScjRA6lLbkEYKO0VdwDu+Z6yBUH3GWtm

  114. 45RkXpnsF6AXUfuD7YxnfyyDE1A7g7zj4vVYUAfWukJjqow/LsCUgETETJOqj9q3

  115. 52/oQDs04fVkIEtCDulcY+K/fKlukBPJf9WceNDEqiENUzN/Z1y0E+tJ07cSy4bk

  116. yIJb+d0OAaG8bxloO7nJq4Res1Qa8Q==

  117. =puvG

  118. -----END PGP SIGNATURE-----`

  119. 	testGoodPayload := `tree 56ae8d2799882b20381fc11659db06c16c68c61a

  120. parent c7870c39e4e6b247235ca005797703ec4254613f

  121. author Antoine GIRARD <sapk@sapk.fr> 1489012989 +0100

  122. committer Antoine GIRARD <sapk@sapk.fr> 1489012989 +0100

  123. 

  124. Goog GPG

  125. `

  126. 

  127. 	testBadSigArmor := `-----BEGIN PGP SIGNATURE-----

  128. 

  129. iQEzBAABCAAdFiEE5yr4rn9ulbdMxJFiPYI/ySNrtNkFAljAiYkACgkQPYI/ySNr

  130. tNmDdQf+NXhVRiOGt0GucpjJCGrOnK/qqVUmQyRUfrqzVUdb/1/Ws84V5/wE547I

  131. 6z3oxeBKFsJa1CtIlxYaUyVhYnDzQtphJzub+Aw3UG0E2ywiE+N7RCa1Ufl7pPxJ

  132. U0SD6gvNaeTDQV/Wctu8v8DkCtEd3N8cMCDWhvy/FQEDztVtzm8hMe0Vdm0ozEH6

  133. P0W93sDNkLC5/qpWDN44sFlYDstW5VhMrnF0r/ohfaK2kpYHhkPk7WtOoHSUwQSg

  134. c4gfhjvXIQrWFnII1Kr5jFGlmgNSR02qpb31VGkMzSnBhWVf2OaHS/kI49QHJakq

  135. AhVDEnoYLCgoDGg9c3p1Ll2452/c6Q==

  136. =uoGV

  137. -----END PGP SIGNATURE-----`

  138. 	testBadPayload := `tree 3074ff04951956a974e8b02d57733b0766f7cf6c

  139. parent fd3577542f7ad1554c7c7c0eb86bb57a1324ad91

  140. author Antoine GIRARD <sapk@sapk.fr> 1489013107 +0100

  141. committer Antoine GIRARD <sapk@sapk.fr> 1489013107 +0100

  142. 

  143. Unknown GPG key with good email

  144. `

  145. 	//Reading Sign

  146. 	goodSig, err := extractSignature(testGoodSigArmor)

  147. 	assert.Nil(t, err, "Could not parse a valid GPG armored signature", testGoodSigArmor)

  148. 	badSig, err := extractSignature(testBadSigArmor)

  149. 	assert.Nil(t, err, "Could not parse a valid GPG armored signature", testBadSigArmor)

  150. 

  151. 	//Generating hash of commit

  152. 	goodHash, err := populateHash(goodSig.Hash, []byte(testGoodPayload))

  153. 	assert.Nil(t, err, "Could not generate a valid hash of payload", testGoodPayload)

  154. 	badHash, err := populateHash(badSig.Hash, []byte(testBadPayload))

  155. 	assert.Nil(t, err, "Could not generate a valid hash of payload", testBadPayload)

  156. 

  157. 	//Verify

  158. 	err = verifySign(goodSig, goodHash, key)

  159. 	assert.Nil(t, err, "Could not validate a good signature")

  160. 	err = verifySign(badSig, badHash, key)

  161. 	assert.NotNil(t, err, "Validate a bad signature")

  162. 	err = verifySign(goodSig, goodHash, cannotsignkey)

  163. 	assert.NotNil(t, err, "Validate a bad signature with a kay that can not sign")

  164. }