示例#1
0
func (s *signSuite) TestSignJSONWithBodyAndRevision(c *C) {
	statement := exampleJSON(map[string]interface{}{
		"body":     "BODY",
		"revision": "11",
	})
	opts := signtool.Options{
		KeyID: s.testKeyID,

		Statement: statement,
	}

	assertText, err := signtool.Sign(&opts, s.keypairMgr)
	c.Assert(err, IsNil)

	a, err := asserts.Decode(assertText)
	c.Assert(err, IsNil)

	c.Check(a.Type(), Equals, asserts.ModelType)
	c.Check(a.Revision(), Equals, 11)

	expectedHeaders := expectedModelHeaders(a)
	expectedHeaders["revision"] = "11"
	expectedHeaders["body-length"] = "4"

	c.Check(a.Headers(), DeepEquals, expectedHeaders)

	c.Check(a.Body(), DeepEquals, []byte("BODY"))
}
示例#2
0
func (x *cmdSign) Execute(args []string) error {
	if len(args) > 0 {
		return ErrExtraArgs
	}

	statement, err := ioutil.ReadAll(Stdin)
	if err != nil {
		return fmt.Errorf(i18n.G("cannot read assertion input: %v"), err)
	}

	keypairMgr := asserts.NewGPGKeypairManager()
	privKey, err := keypairMgr.GetByName(x.KeyName)
	if err != nil {
		return err
	}

	signOpts := signtool.Options{
		KeyID:     privKey.PublicKey().ID(),
		Statement: statement,
	}

	encodedAssert, err := signtool.Sign(&signOpts, keypairMgr)
	if err != nil {
		return err
	}

	_, err = Stdout.Write(encodedAssert)
	if err != nil {
		return err
	}
	return nil
}
示例#3
0
func (s *signSuite) TestSignErrors(c *C) {
	opts := signtool.Options{
		KeyID: s.testKeyID,
	}

	emptyList := []interface{}{}

	tests := []struct {
		expError        string
		brokenStatement []byte
	}{
		{`cannot parse the assertion input as JSON:.*`,
			[]byte("\x00"),
		},
		{`invalid assertion type: what`,
			exampleJSON(map[string]interface{}{"type": "what"}),
		},
		{`assertion type must be a string, not: \[\]`,
			exampleJSON(map[string]interface{}{"type": emptyList}),
		},
		{`missing assertion type header`,
			exampleJSON(map[string]interface{}{"type": nil}),
		},
		{"revision should be positive: -10",
			exampleJSON(map[string]interface{}{"revision": "-10"})},
		{`"authority-id" header is mandatory`,
			exampleJSON(map[string]interface{}{"authority-id": nil})},
		{`body if specified must be a string`,
			exampleJSON(map[string]interface{}{"body": emptyList})},
	}

	for _, t := range tests {
		fresh := opts

		fresh.Statement = t.brokenStatement

		_, err := signtool.Sign(&fresh, s.keypairMgr)
		c.Check(err, ErrorMatches, t.expError)
	}
}
示例#4
0
func (s *signSuite) TestSignJSON(c *C) {
	opts := signtool.Options{
		KeyID: s.testKeyID,

		Statement: exampleJSON(nil),
	}

	assertText, err := signtool.Sign(&opts, s.keypairMgr)
	c.Assert(err, IsNil)

	a, err := asserts.Decode(assertText)
	c.Assert(err, IsNil)

	c.Check(a.Type(), Equals, asserts.ModelType)
	c.Check(a.Revision(), Equals, 0)
	expectedHeaders := expectedModelHeaders(a)
	c.Check(a.Headers(), DeepEquals, expectedHeaders)

	for n, v := range a.Headers() {
		c.Check(v, DeepEquals, expectedHeaders[n], Commentf(n))
	}

	c.Check(a.Body(), IsNil)
}