func (gkms *gpgKeypairMgrSuite) TestUseInSigningFailure(c *C) {
mockGPG := func(prev asserts.GPGRunner, input []byte, args ...string) ([]byte, error) {
if args[1] == "--list-secret-keys" || args[1] == "--export" {
return prev(input, args...)
}
n := len(args)
c.Assert(args[n-1], Equals, "--detach-sign")
return nil, fmt.Errorf("boom")
}
restore := asserts.MockRunGPG(mockGPG)
defer restore()
signDB, err := asserts.OpenDatabase(&asserts.DatabaseConfig{
KeypairManager: gkms.keypairMgr,
})
c.Assert(err, IsNil)
headers := map[string]interface{}{
"authority-id": "dev1-id",
"snap-sha3-384": blobSHA3_384,
"snap-id": "snap-id-1",
"grade": "devel",
"snap-size": "1025",
"timestamp": time.Now().Format(time.RFC3339),
}
_, err = signDB.Sign(asserts.SnapBuildType, headers, nil, assertstest.DevKeyID)
c.Check(err, ErrorMatches, "cannot sign assertion: cannot sign using GPG: boom")
}
func (gkms *gpgKeypairMgrSuite) TestGetNotUnique(c *C) {
mockGPG := func(prev asserts.GPGRunner, input []byte, args ...string) ([]byte, error) {
if args[1] == "--list-secret-keys" {
return prev(input, args...)
}
c.Assert(args[1], Equals, "--export")
pk1, err := rsa.GenerateKey(rand.Reader, 512)
c.Assert(err, IsNil)
pk2, err := rsa.GenerateKey(rand.Reader, 512)
c.Assert(err, IsNil)
buf := new(bytes.Buffer)
err = packet.NewRSAPublicKey(time.Now(), &pk1.PublicKey).Serialize(buf)
c.Assert(err, IsNil)
err = packet.NewRSAPublicKey(time.Now(), &pk2.PublicKey).Serialize(buf)
c.Assert(err, IsNil)
return buf.Bytes(), nil
}
restore := asserts.MockRunGPG(mockGPG)
defer restore()
_, err := gkms.keypairMgr.Get(assertstest.DevKeyID)
c.Check(err, ErrorMatches, `cannot load GPG public key with fingerprint "[A-F0-9]+": cannot select exported public key, found many`)
}
func (gkms *gpgKeypairMgrSuite) TestUseInSigningBrokenSignature(c *C) {
_, rsaPrivKey := assertstest.ReadPrivKey(assertstest.DevKey)
pgpPrivKey := packet.NewRSAPrivateKey(time.Unix(1, 0), rsaPrivKey)
var breakSig func(sig *packet.Signature, cont []byte) []byte
mockGPG := func(prev asserts.GPGRunner, input []byte, args ...string) ([]byte, error) {
if args[1] == "--list-secret-keys" || args[1] == "--export" {
return prev(input, args...)
}
n := len(args)
c.Assert(args[n-1], Equals, "--detach-sign")
sig := new(packet.Signature)
sig.PubKeyAlgo = packet.PubKeyAlgoRSA
sig.Hash = crypto.SHA512
sig.CreationTime = time.Now()
// poking to break the signature
cont := breakSig(sig, input)
h := sig.Hash.New()
h.Write([]byte(cont))
err := sig.Sign(h, pgpPrivKey, nil)
c.Assert(err, IsNil)
buf := new(bytes.Buffer)
sig.Serialize(buf)
return buf.Bytes(), nil
}
restore := asserts.MockRunGPG(mockGPG)
defer restore()
signDB, err := asserts.OpenDatabase(&asserts.DatabaseConfig{
KeypairManager: gkms.keypairMgr,
})
c.Assert(err, IsNil)
headers := map[string]interface{}{
"authority-id": "dev1-id",
"snap-sha3-384": blobSHA3_384,
"snap-id": "snap-id-1",
"grade": "devel",
"snap-size": "1025",
"timestamp": time.Now().Format(time.RFC3339),
}
tests := []struct {
breakSig func(*packet.Signature, []byte) []byte
expectedErr string
}{
{func(sig *packet.Signature, cont []byte) []byte {
sig.Hash = crypto.SHA1
return cont
}, "cannot sign assertion: bad GPG produced signature: expected SHA512 digest"},
{func(sig *packet.Signature, cont []byte) []byte {
return cont[:5]
}, "cannot sign assertion: bad GPG produced signature: it does not verify:.*"},
}
for _, t := range tests {
breakSig = t.breakSig
_, err = signDB.Sign(asserts.SnapBuildType, headers, nil, assertstest.DevKeyID)
c.Check(err, ErrorMatches, t.expectedErr)
}
}
