1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
|
require 'test_helper'
require 'nickserver/hkp/source'
require 'nickserver/adapters/celluloid_http'
class HkpTest < Minitest::Test
def setup
super
Celluloid.boot
end
def teardown
Celluloid.shutdown
super
end
def test_key_info_expired
fetch_key_info(:hkp_vindex_result, 'lemur@leap.se') do |keys|
assert_equal 1, keys.length, 'should find a single key'
assert_equal ['lemur@example.org', 'lemur@leap.se'].sort, keys.first.uids.sort, 'should find both uids'
assert_equal '0EE5BE979282D80B9F7540F1CCD2ED94D21739E9', keys.first.keyid
end
end
def test_key_info_multiple_valid_results
fetch_key_info :hkp_vindex_result, 'gazelle@leap.se' do |keys|
assert_equal 2, keys.length, 'should find two keys'
assert_equal ['gazelle@leap.se'], keys.first.uids
assert_equal '3790027A', keys.first.keyid
assert keys.last.uids.include? 'gazelle@leap.se'
end
end
def test_key_info_reject_keysize
fetch_key_info :hkp_vindex_result, 'frog@leap.se' do |keys|
assert_equal 1, keys.length, 'should find one key' # because short key gets ignored
assert_equal '00440025', keys.first.keyid
end
end
def test_key_info_not_found
uid = 'leaping_lemur@leap.se'
stub_sks_vindex_reponse(uid, status: 404)
assert_response_status_for_uid uid, 404
end
def test_no_matching_key_found
uid = 'leaping_lemur@leap.se'
stub_sks_vindex_reponse(uid, status: 200)
assert_response_status_for_uid uid, 404
end
def test_fetch_key
uid = 'cloudadmin@leap.se'
key_id = 'E818C478D3141282F7590D29D041EB11B1647490'
stub_sks_vindex_reponse(uid, body: file_content(:leap_vindex_result))
stub_sks_get_reponse(key_id, body: file_content(:leap_public_key))
assert_response_for_uid(uid) do |response|
content = JSON.parse response.content
assert_equal file_content(:leap_public_key), content['openpgp']
end
end
def test_fetch_key_not_found
uid = 'cloudadmin@leap.se'
key_id = 'E818C478D3141282F7590D29D041EB11B1647490'
stub_sks_vindex_reponse(uid, body: file_content(:leap_vindex_result))
stub_sks_get_reponse(key_id, status: 404)
assert_response_status_for_uid uid, 404
end
def test_fetch_key_too_short
uid = 'chiiph@leap.se'
stub_sks_vindex_reponse(uid, body: file_content(:short_key_vindex_result))
assert_response_status_for_uid uid, 500
end
#
# real network tests
# remember: must be run with REAL_NET=true
#
def test_key_info_real_network
real_network do
uid = 'elijah@riseup.net'
assert_key_info_for_uid uid do |keys|
assert_equal 1, keys.size
assert keys.first.keyid =~ /00440025$/
end
end
end
def test_tls_validation_with_real_network
hkp_url = 'https://keys.mayfirst.org/pks/lookup'
ca_file = file_path('mayfirst-ca.pem')
real_network do
config.stub(:hkp_url, hkp_url) do
config.stub(:hkp_ca_file, ca_file) do
#config.stub(:hkp_ca_file, file_path('autistici-ca.pem')) do
assert File.exist?(Nickserver::Config.hkp_ca_file)
uid = 'elijah@riseup.net'
assert_key_info_for_uid uid do |keys|
assert_equal 1, keys.size
assert keys.first.keyid =~ /00440025$/
end
end
end
end
end
protected
def assert_response_status_for_uid(uid, status)
assert_response_for_uid(uid) do |response|
assert_equal status, response.status
end
end
def assert_response_for_uid(uid, &block)
Nickserver::Hkp::Source.new(adapter).query uid do |response|
yield response
end
end
def assert_key_info_for_uid(uid, &block)
Nickserver::Hkp::Source.new(adapter).search uid do |status, keys|
assert_equal 200, status
yield keys
end
end
def adapter
Nickserver::Adapters::CelluloidHttp.new
end
def fetch_key_info(body_source, uid, &block)
stub_sks_vindex_reponse(uid, body: file_content(body_source))
assert_key_info_for_uid(uid, &block)
end
end
|
