f9248c21d4
* Satellite verification on storage node * fix formatting * fix formatting * rename SignatureAuth to SignedMessage * fixes after review * fix linter errors * improve errors handling * remove SignedMessageProvider * fix liter errors * params changed to authorization, signed message in audit, minor fixes * fix formatting
81 lines
2.1 KiB
Go
81 lines
2.1 KiB
Go
// Copyright (C) 2018 Storj Labs, Inc.
|
|
// See LICENSE for copying information.
|
|
|
|
package auth
|
|
|
|
import (
|
|
"context"
|
|
"crypto/ecdsa"
|
|
"testing"
|
|
|
|
"github.com/gtank/cryptopasta"
|
|
"github.com/stretchr/testify/assert"
|
|
|
|
"storj.io/storj/pkg/provider"
|
|
)
|
|
|
|
func TestGenerateSignature(t *testing.T) {
|
|
ctx := context.Background()
|
|
ca, err := provider.NewCA(ctx, 12, 4)
|
|
assert.NoError(t, err)
|
|
identity, err := ca.NewIdentity()
|
|
assert.NoError(t, err)
|
|
|
|
k, ok := identity.Leaf.PublicKey.(*ecdsa.PublicKey)
|
|
assert.Equal(t, true, ok)
|
|
|
|
for _, tt := range []struct {
|
|
data []byte
|
|
verified bool
|
|
}{
|
|
{identity.ID.Bytes(), true},
|
|
{[]byte("non verifiable data"), false},
|
|
} {
|
|
signature, err := GenerateSignature(identity)
|
|
assert.NoError(t, err)
|
|
|
|
verified := cryptopasta.Verify(tt.data, signature, k)
|
|
assert.Equal(t, tt.verified, verified)
|
|
}
|
|
}
|
|
|
|
func TestSignedMessageVerifier(t *testing.T) {
|
|
ctx := context.Background()
|
|
ca, err := provider.NewCA(ctx, 12, 4)
|
|
assert.NoError(t, err)
|
|
identity, err := ca.NewIdentity()
|
|
assert.NoError(t, err)
|
|
|
|
signature, err := GenerateSignature(identity)
|
|
assert.NoError(t, err)
|
|
|
|
peerIdentity := &provider.PeerIdentity{ID: identity.ID, Leaf: identity.Leaf}
|
|
signedMessage, err := NewSignedMessage(signature, peerIdentity)
|
|
assert.NoError(t, err)
|
|
|
|
for _, tt := range []struct {
|
|
signature []byte
|
|
data []byte
|
|
publicKey []byte
|
|
errString string
|
|
}{
|
|
{signedMessage.Signature, signedMessage.Data, signedMessage.PublicKey, ""},
|
|
{nil, signedMessage.Data, signedMessage.PublicKey, "auth error: missing signature for verification"},
|
|
{signedMessage.Signature, nil, signedMessage.PublicKey, "auth error: missing data for verification"},
|
|
{signedMessage.Signature, signedMessage.Data, nil, "auth error: missing public key for verification"},
|
|
|
|
{signedMessage.Signature, []byte("malformed data"), signedMessage.PublicKey, "auth error: failed to verify message"},
|
|
} {
|
|
signedMessage.Signature = tt.signature
|
|
signedMessage.Data = tt.data
|
|
signedMessage.PublicKey = tt.publicKey
|
|
|
|
err := NewSignedMessageVerifier()(signedMessage)
|
|
if tt.errString != "" {
|
|
assert.EqualError(t, err, tt.errString)
|
|
} else {
|
|
assert.NoError(t, err)
|
|
}
|
|
}
|
|
}
|