blob: 9e9c3a98bf5f797d21d5a123b7e05df15b942cb8 [file] [log] [blame]
// Copyright 2015 The Vanadium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
package util
import (
"bytes"
"crypto/rand"
"testing"
"v.io/v23/vom"
"v.io/x/ref/test/testutil"
)
func TestMacaroon(t *testing.T) {
principal := testutil.NewPrincipal("correct")
incorrectPrincipal := testutil.NewPrincipal("incorrect")
input := randBytes(t)
m, err := NewMacaroon(principal, input)
if err != nil {
t.Errorf("NewMacaroon failed: %v", err)
}
// Test incorrect key.
decoded, err := m.Decode(incorrectPrincipal)
if err == nil {
t.Errorf("m.Decode should have failed")
}
if decoded != nil {
t.Errorf("decoded value should be nil when decode fails")
}
// Test correct key.
if decoded, err = m.Decode(principal); err != nil {
t.Errorf("m.Decode should have succeeded")
}
if !bytes.Equal(decoded, input) {
t.Errorf("decoded value should equal input")
}
}
func TestBadMacaroon(t *testing.T) {
p := testutil.NewPrincipal("correct")
mValid, err := NewMacaroon(p, []byte("Hello"))
if err != nil {
t.Fatalf("NewMacaroon failed: %v", err)
}
// Modify the data, but keep the Signature.
raw, _ := b64decode(string(mValid))
var msg MacaroonMessage
if err := vom.Decode(raw, &msg); err != nil {
t.Fatalf("vom.Decode failed: %v", err)
}
msg.Data = []byte("World")
v, err := vom.Encode(msg)
if err != nil {
t.Fatalf("vom.Encode failed: %v", err)
}
mBadData := Macaroon(b64encode(v))
// Restore data, but change the Signature.
msg.Data = []byte("Hello")
msg.Sig.R[0] += 1
if v, err = vom.Encode(msg); err != nil {
t.Fatalf("vom.Encode failed: %v", err)
}
mBadSig := Macaroon(b64encode(v))
tests := []Macaroon{
mValid, // valid
mValid + "!!!", // invalid base64
mValid[:5], // truncated
mBadData, // modified data
mBadSig, // modified signature
"", // zero value
}
// Make sure that "valid" is indeed valid!
if data, err := tests[0].Decode(p); err != nil || data == nil {
t.Fatalf("Bad test data: Got (%v, %v), want (<non-empty>, nil)", data, err)
}
// And all others are not:
for idx, test := range tests[1:] {
if _, err := test.Decode(p); err == nil {
t.Errorf("Should have failed to decode invalid macaroon #%d", idx)
}
}
}
func randBytes(t *testing.T) []byte {
b := make([]byte, 16)
if _, err := rand.Read(b); err != nil {
t.Fatalf("bytes creation failed: %v", err)
}
return b
}