Changeset 45356 for branches/5.2/tests/phpunit/tests/file.php
- Timestamp:
- 05/17/2019 05:48:23 PM (6 years ago)
- Location:
- branches/5.2
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/5.2
-
branches/5.2/tests/phpunit/tests/file.php
r42343 r45356 184 184 } 185 185 186 /** 187 * @ticket 47186 188 */ 189 function test_file_signature_functions_as_expected() { 190 $file = wp_tempnam(); 191 file_put_contents( $file, 'WordPress' ); 192 193 // The signature of 'WordPress' after SHA384 hashing, for verification against the key within self::filter_trust_plus85Tq_key(). 194 $expected_signature = 'PmNv0b1ziwJAsVhjdpjd4+PQZidZWSlBm5b+GbbwE9m9HVKDFhEyvyRTHkRYOLypB8P2YvbW7CoOMZqGh8mEAA=='; 195 196 add_filter( 'wp_trusted_keys', array( $this, 'filter_trust_plus85Tq_key' ) ); 197 198 // Measure how long the call takes. 199 $timer_start = microtime( 1 ); 200 $verify = verify_file_signature( $file, $expected_signature, 'WordPress' ); 201 $timer_end = microtime( 1 ); 202 $time_taken = ( $timer_end - $timer_start ); 203 204 unlink( $file ); 205 remove_filter( 'wp_trusted_keys', array( $this, 'filter_trust_plus85Tq_key' ) ); 206 207 // verify_file_signature() should intentionally never take more than 10s to run. 208 $this->assertLessThan( 10, $time_taken, 'verify_file_signature() took longer than 10 seconds.' ); 209 210 // Check to see if the system parameters prevent signature verifications. 211 if ( is_wp_error( $verify ) && 'signature_verification_unsupported' == $verify->get_error_code() ) { 212 $this->markTestSkipped( 'This system does not support Signature Verification.' ); 213 } 214 215 $this->assertNotWPError( $verify ); 216 $this->assertTrue( $verify ); 217 } 218 219 /** 220 * @ticket 47186 221 */ 222 function test_file_signature_expected_failure() { 223 $file = wp_tempnam(); 224 file_put_contents( $file, 'WordPress' ); 225 226 // Test an invalid signature. 227 $expected_signature = base64_encode( str_repeat( 'A', SODIUM_CRYPTO_SIGN_PUBLICKEYBYTES ) ); 228 $verify = verify_file_signature( $file, $expected_signature, 'WordPress' ); 229 unlink( $file ); 230 231 if ( is_wp_error( $verify ) && 'signature_verification_unsupported' == $verify->get_error_code() ) { 232 $this->markTestSkipped( 'This system does not support Signature Verification.' ); 233 } 234 235 $this->assertWPError( $verify ); 236 $this->assertEquals( 'signature_verification_failed', $verify->get_error_code() ); 237 } 238 239 function filter_trust_plus85Tq_key( $keys ) { 240 // A static once-off key used to verify verify_file_signature() works as expected. 241 $keys[] = '+85TqMhxQVAYVW4BSCVkJQvZH4q7z8I9lePbvngvf7A='; 242 243 return $keys; 244 } 186 245 }
Note: See TracChangeset
for help on using the changeset viewer.