SignerTest.php 6.6 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205
  1. <?php
  2. declare(strict_types=1);
  3. /**
  4. * @copyright 2016, Roeland Jago Douma <roeland@famdouma.nl>
  5. *
  6. * @author Roeland Jago Douma <roeland@famdouma.nl>
  7. *
  8. * @license GNU AGPL version 3 or any later version
  9. *
  10. * This program is free software: you can redistribute it and/or modify
  11. * it under the terms of the GNU Affero General Public License as
  12. * published by the Free Software Foundation, either version 3 of the
  13. * License, or (at your option) any later version.
  14. *
  15. * This program is distributed in the hope that it will be useful,
  16. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  17. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  18. * GNU Affero General Public License for more details.
  19. *
  20. * You should have received a copy of the GNU Affero General Public License
  21. * along with this program. If not, see <http://www.gnu.org/licenses/>.
  22. *
  23. */
  24. namespace Test\Security\IdentityProof;
  25. use OC\Security\IdentityProof\Key;
  26. use OC\Security\IdentityProof\Manager;
  27. use OC\Security\IdentityProof\Signer;
  28. use OCP\AppFramework\Utility\ITimeFactory;
  29. use OCP\IUser;
  30. use OCP\IUserManager;
  31. use Test\TestCase;
  32. class SignerTest extends TestCase {
  33. /** @var string */
  34. private $private = '-----BEGIN PRIVATE KEY-----
  35. MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDImc6QvHBjBIoo
  36. w9nnywiPNESleUuFJ2yQ3Gd/3w2BkblojlUAJAsUd/bQokjOH9d+7nqyzgSiXjRl
  37. iwKagY6NjcNEEq0X5KOMNwx6uEbtq3+7pA7H2JefNrnAuD+Fhp3Hyo3h1cse6hAq
  38. 6Zr8haCiSdFBfelLnx/X3gPgCzgl6GnvSmiqPEPFGng822dlW2RW+IIUv4y2LoIH
  39. 2PKZpxottxtFGIpcKSSHGUfNWya7Ih4E6RBgOrpyu4hrkikl4Xdh4RVgAf/GH54F
  40. gQi/AFeRS6llXJhep3lZOtLnFdYNPKFz1i/UvBoyUv8lrsvNa76HIgSMmGQKON4i
  41. QO0P/OaBAgMBAAECggEAdrtCnjxKsPDQ7Yvuf9mWeVxQfTir0GYjRiKOSAs3rUcZ
  42. XJ9SBEFRJY5T0e0b9pS2MfTpPsfdylTD4o5CvjyMqZAM0U/Uj93OR4GVq1VC9g2a
  43. Du/tp6+1HpF/pGfpgRjKbqSfEdo+3U9gvmWCTJCzIRtb9c2WtiG68UQBOyyo0RYQ
  44. F2b4az2BEOa7mATgwwGfdhV4VTQ18+iQKtfVoguw0bi1khDA0t+o8phhhmBHlOOi
  45. lpV5uSnJB7H3s6B01xf1dA44y57bcFNKL4THQv9dlazL2R2DhgxmADWXGPyJs0YM
  46. mhRSB25pEcFvLu//e0fHpO+kmZ+MPsey5blH3D92+QKBgQDzmlYIWSvNWXejKMdH
  47. QGVQmrG9nExld3LhNERONhh4FaxoXOqVZgLqAAUaSMHawYzfYjRaLuW16UTYh0XC
  48. hs2ISE5Oc4abDc6obNs2Xalrxp9stmD/Ti+/aSQifm2SoIeIH2lcPYob5yh/bfqh
  49. AP/Uk9ZdDSnHcsGm6wzhCmS1UwKBgQDSzz0ogjtsmPa14jIHrHZluzbfbqOgaeQi
  50. 5WZPPbuEqdS37kaDznt4goDLOywqWUGrmBtBPi2hOqGF0K7qzUvlM0mlvedvjH1l
  51. 4JByb6gXwGoZPnnzTCfDx86gKB1+rWzVbo236dHi1oirZ52voKu57TqC8My5MTzW
  52. YFgi872GWwKBgQCkxLd8XhQqiWFKksJ3hy8AHiIqxhVGbEzf1qJ85EoYr1A2JuLk
  53. umMuM2VAKgY1GMVYMuyGM0JckLNoYdblhJhwnbeZiLp7FhO6CCcd1qxJoccjmRhy
  54. l0fkiBFQ44Lpsnr5r4VsRpOr2+agipsDW9Guz3Am8EhaB1zEsie773O+0QKBgFb/
  55. W3fqNufcQIRTMt5j2ACnwD95A2HiEVotXYl6KnbXN4god0VR4zaadNhqNRHNAAL2
  56. pNjJ9j7BWYNF2cngq1+NSOlzc51fVyjCAhqX5cDXkXGVjPJRDWAIh0clBvcOTwnN
  57. tAKgJhP9AS3rdvHR1szGEA2VnocWwMqfu//AowhdAoGACYwuBjfUWc21jcT5yeLZ
  58. ahLp+ImQsKDE0swhmk4uesbLLPRfyvpLca98XbBMuS1iLrVUY3mEfIV7ltaBajE0
  59. l3eB7suqch3WUzH1RMWzwpuUMWV/A8qjPbIrd2QYUFYxJsU88lBqRg92rPnri6Ec
  60. kC6HCb+CXsMRD7yp8KrrYnw=
  61. -----END PRIVATE KEY-----';
  62. /** @var string */
  63. private $public = '-----BEGIN PUBLIC KEY-----
  64. MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJnOkLxwYwSKKMPZ58sI
  65. jzREpXlLhSdskNxnf98NgZG5aI5VACQLFHf20KJIzh/Xfu56ss4Eol40ZYsCmoGO
  66. jY3DRBKtF+SjjDcMerhG7at/u6QOx9iXnza5wLg/hYadx8qN4dXLHuoQKuma/IWg
  67. oknRQX3pS58f194D4As4Jehp70poqjxDxRp4PNtnZVtkVviCFL+Mti6CB9jymaca
  68. LbcbRRiKXCkkhxlHzVsmuyIeBOkQYDq6cruIa5IpJeF3YeEVYAH/xh+eBYEIvwBX
  69. kUupZVyYXqd5WTrS5xXWDTyhc9Yv1LwaMlL/Ja7LzWu+hyIEjJhkCjjeIkDtD/zm
  70. gQIDAQAB
  71. -----END PUBLIC KEY-----';
  72. /** @var Key */
  73. private $key;
  74. /** @var Manager|\PHPUnit\Framework\MockObject\MockObject */
  75. private $keyManager;
  76. /** @var ITimeFactory|\PHPUnit\Framework\MockObject\MockObject */
  77. private $timeFactory;
  78. /** @var IUserManager|\PHPUnit\Framework\MockObject\MockObject */
  79. private $userManager;
  80. /** @var Signer */
  81. private $signer;
  82. protected function setUp(): void {
  83. parent::setUp();
  84. $this->key = new Key($this->public, $this->private);
  85. $this->keyManager = $this->createMock(Manager::class);
  86. $this->timeFactory = $this->createMock(ITimeFactory::class);
  87. $this->userManager = $this->createMock(IUserManager::class);
  88. $this->signer = new Signer(
  89. $this->keyManager,
  90. $this->timeFactory,
  91. $this->userManager
  92. );
  93. }
  94. public function testSign() {
  95. $user = $this->createMock(IUser::class);
  96. $user->method('getCloudId')
  97. ->willReturn('foo@example.com');
  98. $this->timeFactory->method('getTime')
  99. ->willReturn(42);
  100. $this->keyManager->method('getKey')
  101. ->with($this->equalTo($user))
  102. ->willReturn($this->key);
  103. $data = [
  104. 'foo' => 'bar',
  105. 'abc' => 'def',
  106. 'xyz' => 123,
  107. ];
  108. $expects = [
  109. 'message' => [
  110. 'data' => $data,
  111. 'type' => 'myType',
  112. 'signer' => 'foo@example.com',
  113. 'timestamp' => 42,
  114. ],
  115. 'signature' => 'E1fNdoWMX1QmSyKv+S3FtOgLe9niYGQFWOKGaMLxc2h7s3V++EIqJvw/NCLBfrUowzWkTzhkjfbHaf88Hz34WAn4sAwXYAO8cnboQs6SClKRzQ/nvbtLgd2wm9RQ8UTOM7wR6C7HpIn4qqJ4BTQ1bAwYAiJ2GoK+W8wC0o0Gpub2906j3JJ4cbc9lufd5ohWKCev8Ubem/EEKaRIZA7qHh+Q1MKXTaJQJlCjTMe5PyGy0fsmtVxsPls3/Fkd9sVeHEHSYHzOiF6ttlxWou4TdRbq3WSEVpt1DOOvkKI9w2+zBJ7IPH8CnVpXcdIzWDctUygZKzNMUQnweDOOziEdUw=='
  116. ];
  117. $result = $this->signer->sign('myType', $data, $user);
  118. $this->assertEquals($expects, $result);
  119. }
  120. public function testVerifyValid() {
  121. $data = [
  122. 'message' => [
  123. 'data' => [
  124. 'foo' => 'bar',
  125. 'abc' => 'def',
  126. 'xyz' => 123,
  127. ],
  128. 'type' => 'myType',
  129. 'signer' => 'foo@example.com',
  130. 'timestamp' => 42,
  131. ],
  132. 'signature' => 'E1fNdoWMX1QmSyKv+S3FtOgLe9niYGQFWOKGaMLxc2h7s3V++EIqJvw/NCLBfrUowzWkTzhkjfbHaf88Hz34WAn4sAwXYAO8cnboQs6SClKRzQ/nvbtLgd2wm9RQ8UTOM7wR6C7HpIn4qqJ4BTQ1bAwYAiJ2GoK+W8wC0o0Gpub2906j3JJ4cbc9lufd5ohWKCev8Ubem/EEKaRIZA7qHh+Q1MKXTaJQJlCjTMe5PyGy0fsmtVxsPls3/Fkd9sVeHEHSYHzOiF6ttlxWou4TdRbq3WSEVpt1DOOvkKI9w2+zBJ7IPH8CnVpXcdIzWDctUygZKzNMUQnweDOOziEdUw=='
  133. ];
  134. $user = $this->createMock(IUser::class);
  135. $this->keyManager->method('getKey')
  136. ->with($this->equalTo($user))
  137. ->willReturn($this->key);
  138. $this->userManager->method('get')
  139. ->with('foo')
  140. ->willReturn($user);
  141. $this->assertTrue($this->signer->verify($data));
  142. }
  143. public function testVerifyInvalid() {
  144. $data = [
  145. 'message' => [
  146. 'data' => [
  147. 'foo' => 'bar',
  148. 'abc' => 'def',
  149. 'xyz' => 123,
  150. ],
  151. 'type' => 'myType',
  152. 'signer' => 'foo@example.com',
  153. 'timestamp' => 42,
  154. ],
  155. 'signature' => 'Invalid sig'
  156. ];
  157. $user = $this->createMock(IUser::class);
  158. $this->keyManager->method('getKey')
  159. ->with($this->equalTo($user))
  160. ->willReturn($this->key);
  161. $this->userManager->method('get')
  162. ->with('foo')
  163. ->willReturn($user);
  164. $this->assertFalse($this->signer->verify($data));
  165. }
  166. public function testVerifyInvalidData() {
  167. $data = [
  168. ];
  169. $this->assertFalse($this->signer->verify($data));
  170. }
  171. }