func (s *signSuite) TestSignJSONWithBodyAndRevision(c *C) {
statement := exampleJSON(map[string]interface{}{
"body": "BODY",
"revision": "11",
})
opts := signtool.Options{
KeyID: s.testKeyID,
Statement: statement,
}
assertText, err := signtool.Sign(&opts, s.keypairMgr)
c.Assert(err, IsNil)
a, err := asserts.Decode(assertText)
c.Assert(err, IsNil)
c.Check(a.Type(), Equals, asserts.ModelType)
c.Check(a.Revision(), Equals, 11)
expectedHeaders := expectedModelHeaders(a)
expectedHeaders["revision"] = "11"
expectedHeaders["body-length"] = "4"
c.Check(a.Headers(), DeepEquals, expectedHeaders)
c.Check(a.Body(), DeepEquals, []byte("BODY"))
}
func (x *cmdSign) Execute(args []string) error {
if len(args) > 0 {
return ErrExtraArgs
}
statement, err := ioutil.ReadAll(Stdin)
if err != nil {
return fmt.Errorf(i18n.G("cannot read assertion input: %v"), err)
}
keypairMgr := asserts.NewGPGKeypairManager()
privKey, err := keypairMgr.GetByName(x.KeyName)
if err != nil {
return err
}
signOpts := signtool.Options{
KeyID: privKey.PublicKey().ID(),
Statement: statement,
}
encodedAssert, err := signtool.Sign(&signOpts, keypairMgr)
if err != nil {
return err
}
_, err = Stdout.Write(encodedAssert)
if err != nil {
return err
}
return nil
}
func (s *signSuite) TestSignErrors(c *C) {
opts := signtool.Options{
KeyID: s.testKeyID,
}
emptyList := []interface{}{}
tests := []struct {
expError string
brokenStatement []byte
}{
{`cannot parse the assertion input as JSON:.*`,
[]byte("\x00"),
},
{`invalid assertion type: what`,
exampleJSON(map[string]interface{}{"type": "what"}),
},
{`assertion type must be a string, not: \[\]`,
exampleJSON(map[string]interface{}{"type": emptyList}),
},
{`missing assertion type header`,
exampleJSON(map[string]interface{}{"type": nil}),
},
{"revision should be positive: -10",
exampleJSON(map[string]interface{}{"revision": "-10"})},
{`"authority-id" header is mandatory`,
exampleJSON(map[string]interface{}{"authority-id": nil})},
{`body if specified must be a string`,
exampleJSON(map[string]interface{}{"body": emptyList})},
}
for _, t := range tests {
fresh := opts
fresh.Statement = t.brokenStatement
_, err := signtool.Sign(&fresh, s.keypairMgr)
c.Check(err, ErrorMatches, t.expError)
}
}
func (s *signSuite) TestSignJSON(c *C) {
opts := signtool.Options{
KeyID: s.testKeyID,
Statement: exampleJSON(nil),
}
assertText, err := signtool.Sign(&opts, s.keypairMgr)
c.Assert(err, IsNil)
a, err := asserts.Decode(assertText)
c.Assert(err, IsNil)
c.Check(a.Type(), Equals, asserts.ModelType)
c.Check(a.Revision(), Equals, 0)
expectedHeaders := expectedModelHeaders(a)
c.Check(a.Headers(), DeepEquals, expectedHeaders)
for n, v := range a.Headers() {
c.Check(v, DeepEquals, expectedHeaders[n], Commentf(n))
}
c.Check(a.Body(), IsNil)
}