2019-12-04 20:38:33 +05:30
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
|
|
require 'spec_helper'
|
|
|
|
|
|
|
|
describe Gitlab::Email::Smime::Signer do
|
|
|
|
include SmimeHelper
|
|
|
|
|
2020-05-24 23:13:21 +05:30
|
|
|
let_it_be(:root_ca) { generate_root }
|
|
|
|
let_it_be(:intermediate_ca) { generate_intermediate(signer_ca: root_ca) }
|
2019-12-04 20:38:33 +05:30
|
|
|
|
2020-05-24 23:13:21 +05:30
|
|
|
context 'when using an intermediate CA' do
|
|
|
|
it 'signs data appropriately with SMIME' do
|
|
|
|
cert = generate_cert(signer_ca: intermediate_ca)
|
|
|
|
|
|
|
|
sign_and_verify('signed content', cert[:cert], cert[:key], root_ca[:cert], ca_certs: intermediate_ca[:cert])
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when not using an intermediate CA' do
|
|
|
|
it 'signs data appropriately with SMIME' do
|
|
|
|
cert = generate_cert(signer_ca: root_ca)
|
|
|
|
|
|
|
|
sign_and_verify('signed content', cert[:cert], cert[:key], root_ca[:cert])
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def sign_and_verify(data, cert, key, root_ca_cert, ca_certs: nil)
|
2019-12-04 20:38:33 +05:30
|
|
|
signed_content = described_class.sign(
|
2020-05-24 23:13:21 +05:30
|
|
|
cert: cert,
|
|
|
|
key: key,
|
|
|
|
ca_certs: ca_certs,
|
|
|
|
data: data)
|
|
|
|
|
2019-12-04 20:38:33 +05:30
|
|
|
expect(signed_content).not_to be_nil
|
|
|
|
|
|
|
|
p7enc = described_class.verify_signature(
|
2020-05-24 23:13:21 +05:30
|
|
|
ca_certs: root_ca_cert,
|
2019-12-04 20:38:33 +05:30
|
|
|
signed_data: signed_content)
|
|
|
|
|
|
|
|
expect(p7enc).not_to be_nil
|
2020-05-24 23:13:21 +05:30
|
|
|
expect(p7enc.data).to eq(data)
|
2019-12-04 20:38:33 +05:30
|
|
|
end
|
|
|
|
end
|