|
|
@ -16,6 +16,9 @@ limitations under the License.
|
|
|
|
package provenance
|
|
|
|
package provenance
|
|
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
import (
|
|
|
|
|
|
|
|
"crypto"
|
|
|
|
|
|
|
|
"fmt"
|
|
|
|
|
|
|
|
"io"
|
|
|
|
"io/ioutil"
|
|
|
|
"io/ioutil"
|
|
|
|
"os"
|
|
|
|
"os"
|
|
|
|
"path/filepath"
|
|
|
|
"path/filepath"
|
|
|
@ -230,6 +233,36 @@ func TestClearSign(t *testing.T) {
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// failSigner always fails to sign and returns an error
|
|
|
|
|
|
|
|
type failSigner struct{}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
func (s failSigner) Public() crypto.PublicKey {
|
|
|
|
|
|
|
|
return nil
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
func (s failSigner) Sign(_ io.Reader, _ []byte, _ crypto.SignerOpts) ([]byte, error) {
|
|
|
|
|
|
|
|
return nil, fmt.Errorf("always fails")
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
func TestClearSignError(t *testing.T) {
|
|
|
|
|
|
|
|
signer, err := NewFromFiles(testKeyfile, testPubfile)
|
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
|
|
t.Fatal(err)
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// ensure that signing always fails
|
|
|
|
|
|
|
|
signer.Entity.PrivateKey.PrivateKey = failSigner{}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
sig, err := signer.ClearSign(testChartfile)
|
|
|
|
|
|
|
|
if err == nil {
|
|
|
|
|
|
|
|
t.Fatal("didn't get an error from ClearSign but expected one")
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if sig != "" {
|
|
|
|
|
|
|
|
t.Fatalf("expected an empty signature after failed ClearSign but got %q", sig)
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
func TestDecodeSignature(t *testing.T) {
|
|
|
|
func TestDecodeSignature(t *testing.T) {
|
|
|
|
// Unlike other tests, this does a round-trip test, ensuring that a signature
|
|
|
|
// Unlike other tests, this does a round-trip test, ensuring that a signature
|
|
|
|
// generated by the library can also be verified by the library.
|
|
|
|
// generated by the library can also be verified by the library.
|
|
|
|