centersl/docker-docs
1
0
Fork 0
mirror of https://github.com/docker/docs.git synced 2026-04-12 06:19:22 +07:00
Code Issues Packages Projects Releases Wiki Activity

Unit test for verifying invalid key ID

Browse Source 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
This commit is contained in:
Riyaz Faizullabhoy
2016-04-11 17:28:14 -07:00
parent 7fe11bd102
commit f7f8a961b5
2 changed files with 20 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
tuf/signed/verify.go
View File

@@ -127,7 +127,7 @@ func VerifySignatures(s *data.Signed, roleData data.BaseRole) error {
}
// Check that the signature key ID actually matches the content ID of the key
if key.ID() != sig.KeyID {
return ErrInvalidKeyType{}
return ErrInvalidKeyID{}
}
if err := VerifySignature(msg, sig, key); err != nil {
logrus.Debugf("continuing b/c %s", err.Error())

19
tuf/signed/verify_test.go
View File

@@ -64,6 +64,25 @@ func TestMoreThanEnoughSigs(t *testing.T) {
require.NoError(t, err)
}
func TestValidSigWithIncorrectKeyID(t *testing.T) {
cs := NewEd25519()
k1, err := cs.Create("root", "", data.ED25519Key)
require.NoError(t, err)
roleWithKeys := data.BaseRole{Name: "root", Keys: data.Keys{"invalidIDA": k1}, Threshold: 1}
meta := &data.SignedCommon{Type: "Root", Version: 1, Expires: data.DefaultExpires("root")}
b, err := json.MarshalCanonical(meta)
require.NoError(t, err)
s := &data.Signed{Signed: (*json.RawMessage)(&b)}
Sign(cs, s, k1)
require.Equal(t, 1, len(s.Signatures))
s.Signatures[0].KeyID = "invalidIDA"
err = Verify(s, roleWithKeys, 1)
require.Error(t, err)
require.IsType(t, ErrInvalidKeyID{}, err)
}
func TestDuplicateSigs(t *testing.T) {
cs := NewEd25519()
k, err := cs.Create("root", "", data.ED25519Key)