9722c3bf68
* test commit * delete test commit * signing plugin - changes for review * Initial commit : beckn Signing Plugin Module * Added verification plugin post review discussion with leads below changes are made 1. Commented out the signature expiration validation code for both the signing and verification plugins. will update it based on the confirmation. * Create signing_plugin_test.go Added Test Cases for Signing Plugin * Signing and Verification Plugin Added signing plugin and verification plugin with the unit test cases, achieving the following code coverage Signing Plugin : 91.9% Verification Plugin : 92.3% * Added plugin.go to handle the dynamic loading and usage of the plugin implementation * Update the code to meet the linting standards * Added Test Cases for plugin.go 1.Added test cases for plugin.go for both signer and verifier. 2.Added new Function Close to release the resources (mock implementation) 3.Fixed camelCase Issue. * Updated the code coverage for signing plugin Raised code coverage from 85 to 92 for signing plugin * Changes for review Comments 1. updated directory names from Signer to signer 2. Updated Verifier plugin to take header value 3. Updated the config to use a pointer in the signing plugin * Updated directory name for signer and verifier * Removed the Duplicate directories Signer and Verifier * Updated the code to pass the timestamp as a parameter for the signing plugin * Updates on the review comments * Update on the Review Comments * Test commit for code coverage * Update on the review Comments 1. Renaming of NewSigner to New 2. Removed of .so files. 3. Removed external libraries. * Test commit for code coverage * udpate as per the golint standards * update on the code review comments 1. Rename of Validator to Verifier 2. Removed as a pointer for plugins 3. comment updated for Signer * Test Commit for the code coverage * test commit for code coverage * test commit for code coverage * test commit for code coverage * updated code on review comments * update on review comments * update on review comments --------- Co-authored-by: mohit3367 <mohitkatare4@gmail.com>
154 lines
4.6 KiB
Go
154 lines
4.6 KiB
Go
package verifier
|
|
|
|
import (
|
|
"context"
|
|
"crypto/ed25519"
|
|
"encoding/base64"
|
|
"strconv"
|
|
"testing"
|
|
"time"
|
|
)
|
|
|
|
// generateTestKeyPair generates a new ED25519 key pair for testing.
|
|
func generateTestKeyPair() (string, string) {
|
|
publicKey, privateKey, _ := ed25519.GenerateKey(nil)
|
|
return base64.StdEncoding.EncodeToString(privateKey), base64.StdEncoding.EncodeToString(publicKey)
|
|
}
|
|
|
|
// signTestData creates a valid signature for test cases.
|
|
func signTestData(privateKeyBase64 string, body []byte, createdAt, expiresAt int64) string {
|
|
privateKeyBytes, _ := base64.StdEncoding.DecodeString(privateKeyBase64)
|
|
privateKey := ed25519.PrivateKey(privateKeyBytes)
|
|
|
|
signingString := hash(body, createdAt, expiresAt)
|
|
signature := ed25519.Sign(privateKey, []byte(signingString))
|
|
|
|
return base64.StdEncoding.EncodeToString(signature)
|
|
}
|
|
|
|
// TestVerifySuccessCases tests all valid signature verification cases.
|
|
func TestVerifySuccess(t *testing.T) {
|
|
privateKeyBase64, publicKeyBase64 := generateTestKeyPair()
|
|
|
|
tests := []struct {
|
|
name string
|
|
body []byte
|
|
createdAt int64
|
|
expiresAt int64
|
|
}{
|
|
{
|
|
name: "Valid Signature",
|
|
body: []byte("Test Payload"),
|
|
createdAt: time.Now().Unix(),
|
|
expiresAt: time.Now().Unix() + 3600,
|
|
},
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
signature := signTestData(privateKeyBase64, tt.body, tt.createdAt, tt.expiresAt)
|
|
header := `Signature created="` + strconv.FormatInt(tt.createdAt, 10) +
|
|
`", expires="` + strconv.FormatInt(tt.expiresAt, 10) +
|
|
`", signature="` + signature + `"`
|
|
|
|
verifier, close, _ := New(context.Background(), &Config{})
|
|
valid, err := verifier.Verify(context.Background(), tt.body, []byte(header), publicKeyBase64)
|
|
|
|
if err != nil {
|
|
t.Fatalf("Expected no error, but got: %v", err)
|
|
}
|
|
if !valid {
|
|
t.Fatal("Expected signature verification to succeed")
|
|
}
|
|
if close != nil {
|
|
if err := close(); err != nil {
|
|
t.Fatalf("Test %q failed: cleanup function returned an error: %v", tt.name, err)
|
|
}
|
|
}
|
|
})
|
|
}
|
|
}
|
|
|
|
// TestVerifyFailureCases tests all invalid signature verification cases.
|
|
func TestVerifyFailure(t *testing.T) {
|
|
privateKeyBase64, publicKeyBase64 := generateTestKeyPair()
|
|
_, wrongPublicKeyBase64 := generateTestKeyPair()
|
|
|
|
tests := []struct {
|
|
name string
|
|
body []byte
|
|
header string
|
|
pubKey string
|
|
}{
|
|
{
|
|
name: "Missing Authorization Header",
|
|
body: []byte("Test Payload"),
|
|
header: "",
|
|
pubKey: publicKeyBase64,
|
|
},
|
|
{
|
|
name: "Malformed Header",
|
|
body: []byte("Test Payload"),
|
|
header: `InvalidSignature created="wrong"`,
|
|
pubKey: publicKeyBase64,
|
|
},
|
|
{
|
|
name: "Invalid Base64 Signature",
|
|
body: []byte("Test Payload"),
|
|
header: `Signature created="` + strconv.FormatInt(time.Now().Unix(), 10) +
|
|
`", expires="` + strconv.FormatInt(time.Now().Unix()+3600, 10) +
|
|
`", signature="!!INVALIDBASE64!!"`,
|
|
pubKey: publicKeyBase64,
|
|
},
|
|
{
|
|
name: "Expired Signature",
|
|
body: []byte("Test Payload"),
|
|
header: `Signature created="` + strconv.FormatInt(time.Now().Unix()-7200, 10) +
|
|
`", expires="` + strconv.FormatInt(time.Now().Unix()-3600, 10) +
|
|
`", signature="` + signTestData(privateKeyBase64, []byte("Test Payload"), time.Now().Unix()-7200, time.Now().Unix()-3600) + `"`,
|
|
pubKey: publicKeyBase64,
|
|
},
|
|
{
|
|
name: "Invalid Public Key",
|
|
body: []byte("Test Payload"),
|
|
header: `Signature created="` + strconv.FormatInt(time.Now().Unix(), 10) +
|
|
`", expires="` + strconv.FormatInt(time.Now().Unix()+3600, 10) +
|
|
`", signature="` + signTestData(privateKeyBase64, []byte("Test Payload"), time.Now().Unix(), time.Now().Unix()+3600) + `"`,
|
|
pubKey: wrongPublicKeyBase64,
|
|
},
|
|
{
|
|
name: "Invalid Expires Timestamp",
|
|
body: []byte("Test Payload"),
|
|
header: `Signature created="` + strconv.FormatInt(time.Now().Unix(), 10) +
|
|
`", expires="invalid_timestamp"`,
|
|
pubKey: publicKeyBase64,
|
|
},
|
|
{
|
|
name: "Signature Missing in Headers",
|
|
body: []byte("Test Payload"),
|
|
header: `Signature created="` + strconv.FormatInt(time.Now().Unix(), 10) +
|
|
`", expires="` + strconv.FormatInt(time.Now().Unix()+3600, 10) + `"`,
|
|
pubKey: publicKeyBase64,
|
|
},
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
verifier, close, _ := New(context.Background(), &Config{})
|
|
valid, err := verifier.Verify(context.Background(), tt.body, []byte(tt.header), tt.pubKey)
|
|
|
|
if err == nil {
|
|
t.Fatal("Expected an error but got none")
|
|
}
|
|
if valid {
|
|
t.Fatal("Expected verification to fail")
|
|
}
|
|
if close != nil {
|
|
if err := close(); err != nil {
|
|
t.Fatalf("Test %q failed: cleanup function returned an error: %v", tt.name, err)
|
|
}
|
|
}
|
|
})
|
|
}
|
|
}
|