;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2013, 2014 Ludovic Courtès ;;; ;;; This file is part of GNU Guix. ;;; ;;; GNU Guix is free software; you can redistribute it and/or modify it ;;; under the terms of the GNU General Public License as published by ;;; the Free Software Foundation; either version 3 of the License, or (at ;;; your option) any later version. ;;; ;;; GNU Guix is distributed in the hope that it will be useful, but ;;; WITHOUT ANY WARRANTY; without even the implied warranty of ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ;;; GNU General Public License for more details. ;;; ;;; You should have received a copy of the GNU General Public License ;;; along with GNU Guix. If not, see . (define-module (test-pki) #:use-module (guix pki) #:use-module (gcrypt pk-crypto) #:use-module (gcrypt hash) #:use-module (rnrs io ports) #:use-module (srfi srfi-64)) ;; Test the (guix pki) module
aboutsummaryrefslogtreecommitdiff

A4B54DFA60A7079F160A9F618C0148AD9#) (q #00FFA8BE7005AAB7401B0926CD9D6AC30BC9BE7D12C8737C9438498A999F56BE9F5EA98B4D7F5364BEB6D550A5AEDDE34C1EC152C9DAF61A97FDE71740C73BAA3D#) (u #00FD4050EF4F31B41EC81C28E18D205DFFB3C188F15D8BBA300E30AD8B5C4D3E392EFE10269FC115A538B19F4025973AB09B6650A7FF97DA833FB726F3D8819319#))))")) (test-begin "pki") (test-assert "current-acl" (not (not (member (canonical-sexp->sexp %public-key) (map canonical-sexp->sexp (acl->public-keys (current-acl))))))) (test-assert "authorized-key? public-key current-acl" (authorized-key? %public-key)) (test-assert "authorized-key? public-key empty-acl" (not (authorized-key? %public-key (public-keys->acl '())))) (test-assert "authorized-key? public-key singleton" (authorized-key? %public-key (public-keys->acl (list %public-key)))) (test-assert "signature-case valid-signature" (let* ((hash (sha256 #vu8(1 2 3))) (data (bytevector->hash-data hash #:key-type (key-type %public-key))) (sig (signature-sexp data %secret-key %public-key))) (signature-case (sig hash (public-keys->acl (list %public-key))) (valid-signature #t) (else #f)))) (test-eq "signature-case invalid-signature" 'i (let* ((hash (sha256 #vu8(1 2 3))) (data (bytevector->hash-data hash #:key-type (key-type %public-key))) (sig (signature-sexp data %alternate-secret-key %public-key))) (signature-case (sig hash (public-keys->acl (list %public-key))) (valid-signature 'v) (invalid-signature 'i) (hash-mismatch 'm) (unauthorized-key 'u) (corrupt-signature 'c)))) (test-eq "signature-case hash-mismatch" 'm (let* ((hash (sha256 #vu8(1 2 3))) (data (bytevector->hash-data hash #:key-type (key-type %public-key))) (sig (signature-sexp data %secret-key %public-key))) (signature-case (sig (sha256 #vu8()) (public-keys->acl (list %public-key))) (valid-signature 'v) (invalid-signature 'i) (hash-mismatch 'm) (unauthorized-key 'u) (corrupt-signature 'c)))) (test-eq "signature-case unauthorized-key" 'u (let* ((hash (sha256 #vu8(1 2 3))) (data (bytevector->hash-data hash #:key-type (key-type %public-key))) (sig (signature-sexp data %secret-key %public-key))) (signature-case (sig hash (public-keys->acl '())) (valid-signature 'v) (invalid-signature 'i) (hash-mismatch 'm) (unauthorized-key 'u) (corrupt-signature 'c)))) (test-eq "signature-case corrupt-signature" 'c (let* ((hash (sha256 #vu8(1 2 3))) (sig (string->canonical-sexp "(w tf)"))) (signature-case (sig hash (public-keys->acl (list %public-key))) (valid-signature 'v) (invalid-signature 'i) (hash-mismatch 'm) (unauthorized-key 'u) (corrupt-signature 'c)))) (test-end)