mirror of
https://github.com/tahoe-lafs/tahoe-lafs.git
synced 2025-02-05 10:39:54 +00:00
reject a bunch of invalid signatures
This commit is contained in:
meejah
parent
bfd45d3a01
commit
5d4253be3e
@ -15,6 +15,11 @@ from ..uri import (
|
|||||||
MDMFDirectoryURI,
|
MDMFDirectoryURI,
|
||||||
)
|
)
|
||||||
|
|
||||||
|
from allmydata.util.base32 import (
|
||||||
|
b2a,
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
def write_capabilities():
|
def write_capabilities():
|
||||||
"""
|
"""
|
||||||
Build ``IURI`` providers representing all kinds of write capabilities.
|
Build ``IURI`` providers representing all kinds of write capabilities.
|
||||||
@ -109,3 +114,13 @@ def dir2_mdmf_capabilities():
|
|||||||
MDMFDirectoryURI,
|
MDMFDirectoryURI,
|
||||||
mdmf_capabilities(),
|
mdmf_capabilities(),
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
|
def base32text():
|
||||||
|
"""
|
||||||
|
Build text()s that are valid base32
|
||||||
|
"""
|
||||||
|
return builds(
|
||||||
|
b2a,
|
||||||
|
binary(),
|
||||||
|
)
|
||||||
|
|||||||
@ -7,6 +7,8 @@ from twisted.python.filepath import (
|
|||||||
FilePath,
|
FilePath,
|
||||||
)
|
)
|
||||||
|
|
||||||
|
from hypothesis import given
|
||||||
|
|
||||||
from allmydata.node import (
|
from allmydata.node import (
|
||||||
config_from_string,
|
config_from_string,
|
||||||
)
|
)
|
||||||
@ -26,6 +28,9 @@ from allmydata.grid_manager import (
|
|||||||
parse_grid_manager_certificate,
|
parse_grid_manager_certificate,
|
||||||
create_grid_manager_verifier,
|
create_grid_manager_verifier,
|
||||||
)
|
)
|
||||||
|
from allmydata.test.strategies import (
|
||||||
|
base32text,
|
||||||
|
)
|
||||||
|
|
||||||
from .common import SyncTestCase
|
from .common import SyncTestCase
|
||||||
|
|
||||||
@ -292,3 +297,35 @@ class GridManagerVerifier(SyncTestCase):
|
|||||||
)
|
)
|
||||||
|
|
||||||
self.assertTrue(verify())
|
self.assertTrue(verify())
|
||||||
|
|
||||||
|
|
||||||
|
class GridManagerVerifier(SyncTestCase):
|
||||||
|
"""
|
||||||
|
Invalid certificate rejection tests
|
||||||
|
"""
|
||||||
|
|
||||||
|
def setUp(self):
|
||||||
|
self.gm = create_grid_manager()
|
||||||
|
self.priv0, self.pub0 = ed25519.create_signing_keypair()
|
||||||
|
self.gm.add_storage_server("test0", self.pub0)
|
||||||
|
self.cert0 = self.gm.sign("test0", timedelta(seconds=86400))
|
||||||
|
return super(GridManagerVerifier, self).setUp()
|
||||||
|
|
||||||
|
@given(
|
||||||
|
base32text(),
|
||||||
|
)
|
||||||
|
def test_validate_cert_invalid(self, invalid_signature):
|
||||||
|
"""
|
||||||
|
An incorrect signature is rejected
|
||||||
|
"""
|
||||||
|
# make signature invalid
|
||||||
|
self.cert0["signature"] = invalid_signature
|
||||||
|
|
||||||
|
verify = create_grid_manager_verifier(
|
||||||
|
[self.gm._public_key],
|
||||||
|
[self.cert0],
|
||||||
|
ed25519.string_from_verifying_key(self.pub0),
|
||||||
|
bad_cert = lambda key, cert: None,
|
||||||
|
)
|
||||||
|
|
||||||
|
self.assertFalse(verify())
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user