func TestSecretKeys(t *testing.T) {
tc := SetupEngineTest(t, "secretkeys")
defer tc.Cleanup()
u := CreateAndSignupFakeUser(tc, "sk")
ctx := &Context{
LogUI: tc.G.UI.GetLogUI(),
SecretUI: u.NewSecretUI(),
}
// Get the secret keys.
e := NewSecretKeysEngine(tc.G)
err := RunEngine(e, ctx)
if err != nil {
t.Fatal(err)
}
signing := e.Result().Signing
// Now we want to check that the keys we got actually belong to the user.
// Below we just do this check with the signing key, since it's easier to
// derive the public key.
// Build the signing keypair. To do this, we exploit the fact that a NaCl
// public signing key is the last 32 bytes of the private signing key.
var public libkb.NaclSigningKeyPublic
copy(public[:], signing[32:])
pair := libkb.NaclSigningKeyPair{
Public: public,
}
// Check the signing keypair's KID is in the user's KeyFamily.
testUser, err := libkb.LoadUser(libkb.LoadUserArg{
Name: u.Username,
})
if err != nil {
t.Fatal(err)
}
if found := testUser.GetKeyFamily().AllKIDs[pair.GetKID()]; !found {
t.Fatalf("Failed to find %s in the user's key family.", pair.GetKID().String())
}
}
