signatures_test.go

Documentation: github.com/google/certificate-transparency-go

     1  // Copyright 2015 Google LLC. All Rights Reserved.
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //     http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  package ct
    16  
    17  import (
    18  	"crypto"
    19  	"crypto/dsa" //nolint:staticcheck
    20  	"crypto/ecdsa"
    21  	"crypto/elliptic"
    22  	"crypto/rand"
    23  	"crypto/rsa"
    24  	"encoding/hex"
    25  	mrand "math/rand"
    26  	"testing"
    27  
    28  	"github.com/google/certificate-transparency-go/tls"
    29  )
    30  
    31  const (
    32  	sigTestDERCertString = "308202ca30820233a003020102020102300d06092a864886f70d01010505003055310b300" +
    33  		"906035504061302474231243022060355040a131b4365727469666963617465205472616e" +
    34  		"73706172656e6379204341310e300c0603550408130557616c65733110300e06035504071" +
    35  		"3074572772057656e301e170d3132303630313030303030305a170d323230363031303030" +
    36  		"3030305a3052310b30090603550406130247423121301f060355040a13184365727469666" +
    37  		"963617465205472616e73706172656e6379310e300c0603550408130557616c6573311030" +
    38  		"0e060355040713074572772057656e30819f300d06092a864886f70d010101050003818d0" +
    39  		"030818902818100b8742267898b99ba6bfd6e6f7ada8e54337f58feb7227c46248437ba5f" +
    40  		"89b007cbe1ecb4545b38ed23fddbf6b9742cafb638157f68184776a1b38ab39318ddd7344" +
    41  		"89b4d750117cd83a220a7b52f295d1e18571469a581c23c68c57d973761d9787a091fb586" +
    42  		"4936b166535e21b427e3c6d690b2e91a87f36b7ec26f59ce53b50203010001a381ac3081a" +
    43  		"9301d0603551d0e041604141184e1187c87956dffc31dd0521ff564efbeae8d307d060355" +
    44  		"1d23047630748014a3b8d89ba2690dfb48bbbf87c1039ddce56256c6a159a4573055310b3" +
    45  		"00906035504061302474231243022060355040a131b436572746966696361746520547261" +
    46  		"6e73706172656e6379204341310e300c0603550408130557616c65733110300e060355040" +
    47  		"713074572772057656e82010030090603551d1304023000300d06092a864886f70d010105" +
    48  		"050003818100292ecf6e46c7a0bcd69051739277710385363341c0a9049637279707ae23c" +
    49  		"c5128a4bdea0d480ed0206b39e3a77a2b0c49b0271f4140ab75c1de57aba498e09459b479" +
    50  		"cf92a4d5d5dd5cbe3f0a11e25f04078df88fc388b61b867a8de46216c0e17c31fc7d8003e" +
    51  		"cc37be22292f84242ab87fb08bd4dfa3c1b9ce4d3ee6667da"
    52  
    53  	sigTestSCTTimestamp = 1348589665525
    54  
    55  	sigTestCertSCTSignatureEC = "0403" + "0048" +
    56  		"3046022100d3f7690e7ee80d9988a54a3821056393e9eb0c686ad67fbae3686c888fb1a3c" +
    57  		"e022100f9a51c6065bbba7ad7116a31bea1c31dbed6a921e1df02e4b403757fae3254ae"
    58  
    59  	sigTestEC256PublicKeyPEM = "-----BEGIN PUBLIC KEY-----\n" +
    60  		"MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAES0AfBkjr7b8b19p5Gk8plSAN16wW\n" +
    61  		"XZyhYsH6FMCEUK60t7pem/ckoPX8hupuaiJzJS0ZQ0SEoJGlFxkUFwft5g==\n" +
    62  		"-----END PUBLIC KEY-----\n"
    63  
    64  	sigTestEC256PublicKey2PEM = "-----BEGIN PUBLIC KEY-----\n" +
    65  		"MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEfahLEimAoz2t01p3uMziiLOl/fHT\n" +
    66  		"DM0YDOhBRuiBARsV4UvxG2LdNgoIGLrtCzWE0J5APC2em4JlvR8EEEFMoA==\n" +
    67  		"-----END PUBLIC KEY-----\n"
    68  
    69  	sigTestRSAPublicKeyPEM = "-----BEGIN PUBLIC KEY-----\n" +
    70  		"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxy7llbig9kL0wo5AyV1F\n" +
    71  		"hmJLvWTWxzAMwGdhG1h1CqQpaWutXGI9WKRDJSZ/9dr9vgvqdRX2QsnUdJbJ3cz5\n" +
    72  		"Z1ie/RdT/mSVO7ZEqvJS93PIHnquFZXxNnIerGnQ7guC+Zm9BlQ2DIhYpnvVRRVy\n" +
    73  		"D/D8KT92R7qOu3JACduoMrF1synknL8rb8lZvCej8tbhJ38yibMWTmkxsFS+a29X\n" +
    74  		"qk8pkhgwIwvUZqcMaqZo+4/iCuKLbVc85V98SvbcnmsX3gqeQnyRtxlctlclcbvH\n" +
    75  		"mJt5U+3yF1UtcuiyZf1gjcAqnOgvZZYzsodXi0KGV7NRQhTPvwH0C8In2qL+v4qW\n" +
    76  		"AQIDAQAB\n" +
    77  		"-----END PUBLIC KEY-----\n"
    78  
    79  	sigTestCertSCTSignatureRSA = "0401" + "0100" +
    80  		"6bc1fecfe9052036e31278cd7eded90d000b127f2b657831baf5ecb31ee3" +
    81  		"c17497abd9562df6319928a36df0ab1a1a917b3f4530e1ca0000ae6c4a0c" +
    82  		"0efada7df83beb95da8eea98f1a27c70afa1ccaa7a0245e1db785b1c0d9f" +
    83  		"ee307e926e14bed1eac0d01c34939e659360432a9552c02b89c3ef3c44aa" +
    84  		"22fc31f2444522975ee83989dd7af1ab05b91bbf0985ca4d04245b68a683" +
    85  		"01d300f0c976ce13d58618dad1b49c0ec5cdc4352016823fc88c479ef214" +
    86  		"76c5f19923af207dbb1b2cff72d4e1e5ee77dd420b85d0f9dcc30a0f617c" +
    87  		"2d3c916eb77f167323500d1b53dc4253321a106e441af343cf2f68630873" +
    88  		"abd43ca52629c586107eb7eb85f2c3ee"
    89  
    90  	sigTestCertSCTSignatureUnsupportedSignatureAlgorithm = "0402" + "0000"
    91  
    92  	sigTestCertSCTSignatureUnsupportedHashAlgorithm = "0303" + "0000"
    93  
    94  	// Some time in September 2012.
    95  	sigTestDefaultSTHTimestamp = 1348589667204
    96  
    97  	sigTestDefaultTreeSize = 42
    98  
    99  	// *Some* hash that we pretend is a valid root hash.
   100  	sigTestDefaultRootHash = "18041bd4665083001fba8c5411d2d748e8abbfdcdfd9218cb02b68a78e7d4c23"
   101  
   102  	sigTestDefaultSTHSignature = "0403" + "0048" +
   103  		"3046022100befd8060563763a5e49ba53e6443c13f7624fd6403178113736e16012aca983" +
   104  		"e022100f572568dbfe9a86490eb915c4ee16ad5ecd708fed35ed4e5cd1b2c3f087b4130"
   105  
   106  	sigTestKeyIDEC = "b69d879e3f2c4402556dcda2f6b2e02ff6b6df4789c53000e14f4b125ae847aa"
   107  )
   108  
   109  func mustDehex(t *testing.T, h string) []byte {
   110  	t.Helper()
   111  	r, err := hex.DecodeString(h)
   112  	if err != nil {
   113  		t.Fatalf("Failed to decode hex string (%s): %v", h, err)
   114  	}
   115  	return r
   116  }
   117  
   118  func sigTestSCTWithSignature(t *testing.T, sig, keyID string) SignedCertificateTimestamp {
   119  	t.Helper()
   120  	var ds DigitallySigned
   121  	if _, err := tls.Unmarshal(mustDehex(t, sig), &ds); err != nil {
   122  		t.Fatalf("Failed to unmarshal sigTestCertSCTSignatureEC: %v", err)
   123  	}
   124  	var id LogID
   125  	copy(id.KeyID[:], mustDehex(t, keyID))
   126  	return SignedCertificateTimestamp{
   127  		SCTVersion: V1,
   128  		LogID:      id,
   129  		Timestamp:  sigTestSCTTimestamp,
   130  		Signature:  ds,
   131  	}
   132  }
   133  
   134  func sigTestSCTEC(t *testing.T) SignedCertificateTimestamp {
   135  	t.Helper()
   136  	return sigTestSCTWithSignature(t, sigTestCertSCTSignatureEC, sigTestKeyIDEC)
   137  }
   138  
   139  func sigTestSCTRSA(t *testing.T) SignedCertificateTimestamp {
   140  	t.Helper()
   141  	return sigTestSCTWithSignature(t, sigTestCertSCTSignatureRSA, sigTestKeyIDEC)
   142  }
   143  
   144  func sigTestECPublicKey(t *testing.T) crypto.PublicKey {
   145  	t.Helper()
   146  	pk, _, _, err := PublicKeyFromPEM([]byte(sigTestEC256PublicKeyPEM))
   147  	if err != nil {
   148  		t.Fatalf("Failed to parse sigTestEC256PublicKey: %v", err)
   149  	}
   150  	return pk
   151  }
   152  
   153  func sigTestECPublicKey2(t *testing.T) crypto.PublicKey {
   154  	t.Helper()
   155  	pk, _, _, err := PublicKeyFromPEM([]byte(sigTestEC256PublicKey2PEM))
   156  	if err != nil {
   157  		t.Fatalf("Failed to parse sigTestEC256PublicKey2: %v", err)
   158  	}
   159  	return pk
   160  }
   161  
   162  func sigTestRSAPublicKey(t *testing.T) crypto.PublicKey {
   163  	t.Helper()
   164  	pk, _, _, err := PublicKeyFromPEM([]byte(sigTestRSAPublicKeyPEM))
   165  	if err != nil {
   166  		t.Fatalf("Failed to parse sigTestRSAPublicKey: %v", err)
   167  	}
   168  	return pk
   169  }
   170  
   171  func sigTestCertLogEntry(t *testing.T) LogEntry {
   172  	t.Helper()
   173  	return LogEntry{
   174  		Index: 0,
   175  		Leaf: MerkleTreeLeaf{
   176  			Version:  V1,
   177  			LeafType: TimestampedEntryLeafType,
   178  			TimestampedEntry: &TimestampedEntry{
   179  				Timestamp: sigTestSCTTimestamp,
   180  				EntryType: X509LogEntryType,
   181  				X509Entry: &ASN1Cert{Data: mustDehex(t, sigTestDERCertString)},
   182  			},
   183  		},
   184  	}
   185  }
   186  
   187  func sigTestDefaultSTH(t *testing.T) SignedTreeHead {
   188  	t.Helper()
   189  	var ds DigitallySigned
   190  	if _, err := tls.Unmarshal(mustDehex(t, sigTestDefaultSTHSignature), &ds); err != nil {
   191  		t.Fatalf("Failed to unmarshal sigTestCertSCTSignatureEC: %v", err)
   192  	}
   193  	var rootHash SHA256Hash
   194  	copy(rootHash[:], mustDehex(t, sigTestDefaultRootHash))
   195  	return SignedTreeHead{
   196  		Version:           V1,
   197  		Timestamp:         sigTestDefaultSTHTimestamp,
   198  		TreeSize:          sigTestDefaultTreeSize,
   199  		SHA256RootHash:    rootHash,
   200  		TreeHeadSignature: ds,
   201  	}
   202  }
   203  
   204  func mustCreateSignatureVerifier(t *testing.T, pk crypto.PublicKey) SignatureVerifier {
   205  	t.Helper()
   206  	sv, err := NewSignatureVerifier(pk)
   207  	if err != nil {
   208  		t.Fatalf("Failed to create SignatureVerifier: %v", err)
   209  	}
   210  	return *sv
   211  }
   212  
   213  func corruptByteAt(b []byte, pos int) {
   214  	b[pos] ^= byte(mrand.Intn(255) + 1)
   215  }
   216  
   217  func corruptBytes(b []byte) {
   218  	corruptByteAt(b, mrand.Intn(len(b)))
   219  }
   220  
   221  func expectVerifySCTToFail(t *testing.T, sv SignatureVerifier, sct SignedCertificateTimestamp, msg string) {
   222  	t.Helper()
   223  	if err := sv.VerifySCTSignature(sct, sigTestCertLogEntry(t)); err == nil {
   224  		t.Fatal(msg)
   225  	}
   226  }
   227  
   228  func TestVerifySCTSignatureEC(t *testing.T) {
   229  	v := mustCreateSignatureVerifier(t, sigTestECPublicKey(t))
   230  	if err := v.VerifySCTSignature(sigTestSCTEC(t), sigTestCertLogEntry(t)); err != nil {
   231  		t.Fatalf("Failed to verify signature on SCT: %v", err)
   232  	}
   233  
   234  }
   235  
   236  func TestVerifySCTSignatureRSA(t *testing.T) {
   237  	v := mustCreateSignatureVerifier(t, sigTestRSAPublicKey(t))
   238  	if err := v.VerifySCTSignature(sigTestSCTRSA(t), sigTestCertLogEntry(t)); err != nil {
   239  		t.Fatalf("Failed to verify signature on SCT: %v", err)
   240  	}
   241  
   242  }
   243  
   244  func TestVerifySCTSignatureFailsForMismatchedSignatureAlgorithm(t *testing.T) {
   245  	v := mustCreateSignatureVerifier(t, sigTestECPublicKey(t))
   246  	expectVerifySCTToFail(t, v, sigTestSCTRSA(t), "Successfully verified with mismatched signature algorithm")
   247  }
   248  
   249  func TestVerifySCTSignatureFailsForUnknownSignatureAlgorithm(t *testing.T) {
   250  	v := mustCreateSignatureVerifier(t, sigTestECPublicKey(t))
   251  	expectVerifySCTToFail(t, v, sigTestSCTWithSignature(t, sigTestCertSCTSignatureUnsupportedSignatureAlgorithm, sigTestKeyIDEC),
   252  		"Successfully verified signature with unsupported signature algorithm")
   253  }
   254  
   255  func TestVerifySCTSignatureFailsForUnknownHashAlgorithm(t *testing.T) {
   256  	v := mustCreateSignatureVerifier(t, sigTestECPublicKey(t))
   257  	expectVerifySCTToFail(t, v, sigTestSCTWithSignature(t, sigTestCertSCTSignatureUnsupportedHashAlgorithm, sigTestKeyIDEC),
   258  		"Successfully verified signature with unsupported hash algorithm")
   259  }
   260  
   261  func testVerifySCTSignatureFailsForIncorrectLeafBytes(t *testing.T, sct SignedCertificateTimestamp, sv SignatureVerifier) {
   262  	t.Helper()
   263  	entry := sigTestCertLogEntry(t)
   264  	for i := range entry.Leaf.TimestampedEntry.X509Entry.Data {
   265  		old := entry.Leaf.TimestampedEntry.X509Entry.Data[i]
   266  		corruptByteAt(entry.Leaf.TimestampedEntry.X509Entry.Data, i)
   267  		if err := sv.VerifySCTSignature(sct, entry); err == nil {
   268  			t.Fatalf("Incorrectly verified signature over corrupted leaf data, uncovered byte at %d?", i)
   269  		}
   270  		entry.Leaf.TimestampedEntry.X509Entry.Data[i] = old
   271  	}
   272  	// Ensure we were only corrupting one byte at a time, should be correct again now.
   273  	if err := sv.VerifySCTSignature(sct, entry); err != nil {
   274  		t.Fatalf("Input data appears to still be corrupt, bug? %v", err)
   275  	}
   276  }
   277  
   278  func testVerifySCTSignatureFailsForIncorrectSignature(t *testing.T, sct SignedCertificateTimestamp, sv SignatureVerifier) {
   279  	t.Helper()
   280  	corruptBytes(sct.Signature.Signature)
   281  	expectVerifySCTToFail(t, sv, sct, "Incorrectly verified corrupt signature")
   282  }
   283  
   284  func TestVerifySCTSignatureECFailsForIncorrectLeafBytes(t *testing.T) {
   285  	v := mustCreateSignatureVerifier(t, sigTestECPublicKey(t))
   286  	testVerifySCTSignatureFailsForIncorrectLeafBytes(t, sigTestSCTEC(t), v)
   287  }
   288  
   289  func TestVerifySCTSignatureECFailsForIncorrectTimestamp(t *testing.T) {
   290  	v := mustCreateSignatureVerifier(t, sigTestECPublicKey(t))
   291  	sct := sigTestSCTEC(t)
   292  	sct.Timestamp++
   293  	expectVerifySCTToFail(t, v, sct, "Incorrectly verified signature with incorrect SCT timestamp.")
   294  }
   295  
   296  func TestVerifySCTSignatureECFailsForIncorrectVersion(t *testing.T) {
   297  	v := mustCreateSignatureVerifier(t, sigTestECPublicKey(t))
   298  	sct := sigTestSCTEC(t)
   299  	sct.SCTVersion++
   300  	expectVerifySCTToFail(t, v, sct, "Incorrectly verified signature with incorrect SCT Version.")
   301  }
   302  
   303  func TestVerifySCTSignatureECFailsForIncorrectSignature(t *testing.T) {
   304  	v := mustCreateSignatureVerifier(t, sigTestECPublicKey(t))
   305  	testVerifySCTSignatureFailsForIncorrectSignature(t, sigTestSCTEC(t), v)
   306  }
   307  
   308  func TestVerifySCTSignatureRSAFailsForIncorrectLeafBytes(t *testing.T) {
   309  	v := mustCreateSignatureVerifier(t, sigTestRSAPublicKey(t))
   310  	testVerifySCTSignatureFailsForIncorrectLeafBytes(t, sigTestSCTRSA(t), v)
   311  }
   312  
   313  func TestVerifySCTSignatureRSAFailsForIncorrectSignature(t *testing.T) {
   314  	v := mustCreateSignatureVerifier(t, sigTestRSAPublicKey(t))
   315  	testVerifySCTSignatureFailsForIncorrectSignature(t, sigTestSCTRSA(t), v)
   316  }
   317  
   318  func TestVerifySCTSignatureFailsForSignatureCreatedWithDifferentAlgorithm(t *testing.T) {
   319  	v := mustCreateSignatureVerifier(t, sigTestRSAPublicKey(t))
   320  	testVerifySCTSignatureFailsForIncorrectSignature(t, sigTestSCTEC(t), v)
   321  }
   322  
   323  func TestVerifySCTSignatureFailsForSignatureCreatedWithDifferentKey(t *testing.T) {
   324  	v := mustCreateSignatureVerifier(t, sigTestECPublicKey2(t))
   325  	testVerifySCTSignatureFailsForIncorrectSignature(t, sigTestSCTEC(t), v)
   326  }
   327  
   328  func expectVerifySTHToPass(t *testing.T, v SignatureVerifier, sth SignedTreeHead) {
   329  	t.Helper()
   330  	if err := v.VerifySTHSignature(sth); err != nil {
   331  		t.Fatalf("Incorrectly failed to verify STH signature: %v", err)
   332  	}
   333  }
   334  
   335  func expectVerifySTHToFail(t *testing.T, v SignatureVerifier, sth SignedTreeHead) {
   336  	t.Helper()
   337  	if err := v.VerifySTHSignature(sth); err == nil {
   338  		t.Fatal("Incorrectly verified STH signature")
   339  	}
   340  }
   341  
   342  func TestVerifyValidSTH(t *testing.T) {
   343  	v := mustCreateSignatureVerifier(t, sigTestECPublicKey(t))
   344  	sth := sigTestDefaultSTH(t)
   345  	expectVerifySTHToPass(t, v, sth)
   346  }
   347  
   348  func TestVerifySTHCatchesCorruptSignature(t *testing.T) {
   349  	v := mustCreateSignatureVerifier(t, sigTestECPublicKey(t))
   350  	sth := sigTestDefaultSTH(t)
   351  	corruptBytes(sth.TreeHeadSignature.Signature)
   352  	expectVerifySTHToFail(t, v, sth)
   353  }
   354  
   355  func TestVerifySTHCatchesCorruptRootHash(t *testing.T) {
   356  	v := mustCreateSignatureVerifier(t, sigTestECPublicKey(t))
   357  	sth := sigTestDefaultSTH(t)
   358  	for i := range sth.SHA256RootHash {
   359  		old := sth.SHA256RootHash[i]
   360  		corruptByteAt(sth.SHA256RootHash[:], i)
   361  		expectVerifySTHToFail(t, v, sth)
   362  		sth.SHA256RootHash[i] = old
   363  	}
   364  	// ensure we were only testing one corrupt byte at a time - should be correct again now.
   365  	expectVerifySTHToPass(t, v, sth)
   366  }
   367  
   368  func TestVerifySTHCatchesCorruptTimestamp(t *testing.T) {
   369  	v := mustCreateSignatureVerifier(t, sigTestECPublicKey(t))
   370  	sth := sigTestDefaultSTH(t)
   371  	sth.Timestamp++
   372  	expectVerifySTHToFail(t, v, sth)
   373  }
   374  
   375  func TestVerifySTHCatchesCorruptVersion(t *testing.T) {
   376  	v := mustCreateSignatureVerifier(t, sigTestECPublicKey(t))
   377  	sth := sigTestDefaultSTH(t)
   378  	sth.Version++
   379  	expectVerifySTHToFail(t, v, sth)
   380  }
   381  
   382  func TestVerifySTHCatchesCorruptTreeSize(t *testing.T) {
   383  	v := mustCreateSignatureVerifier(t, sigTestECPublicKey(t))
   384  	sth := sigTestDefaultSTH(t)
   385  	sth.TreeSize++
   386  	expectVerifySTHToFail(t, v, sth)
   387  }
   388  
   389  func TestVerifySTHFailsToVerifyForKeyWithDifferentAlgorithm(t *testing.T) {
   390  	v := mustCreateSignatureVerifier(t, sigTestRSAPublicKey(t))
   391  	sth := sigTestDefaultSTH(t)
   392  	expectVerifySTHToFail(t, v, sth)
   393  }
   394  
   395  func TestVerifySTHFailsToVerifyForDifferentKey(t *testing.T) {
   396  	v := mustCreateSignatureVerifier(t, sigTestECPublicKey2(t))
   397  	sth := sigTestDefaultSTH(t)
   398  	expectVerifySTHToFail(t, v, sth)
   399  }
   400  
   401  func TestNewSignatureVerifierFailsWithUnsupportedKeyType(t *testing.T) {
   402  	var k dsa.PrivateKey
   403  	if err := dsa.GenerateParameters(&k.Parameters, rand.Reader, dsa.L1024N160); err != nil {
   404  		t.Fatalf("Failed to generate DSA key parameters: %v", err)
   405  	}
   406  	if err := dsa.GenerateKey(&k, rand.Reader); err != nil {
   407  		t.Fatalf("Failed to generate DSA key: %v", err)
   408  	}
   409  	if _, err := NewSignatureVerifier(k); err == nil {
   410  		t.Fatal("Creating a SignatureVerifier with a DSA key unexpectedly succeeded")
   411  	}
   412  }
   413  
   414  func TestNewSignatureVerifierFailsWithBadKeyParametersForEC(t *testing.T) {
   415  	k, err := ecdsa.GenerateKey(elliptic.P224(), rand.Reader)
   416  	if err != nil {
   417  		t.Fatalf("Failed to generate ECDSA key on P224: %v", err)
   418  	}
   419  	if _, err := NewSignatureVerifier(k); err == nil {
   420  		t.Fatal("Incorrectly created new SignatureVerifier with EC P224 key.")
   421  	}
   422  }
   423  
   424  func TestNewSignatureVerifierFailsWithBadKeyParametersForRSA(t *testing.T) {
   425  	k, err := rsa.GenerateKey(rand.Reader, 1024)
   426  	if err != nil {
   427  		t.Fatalf("Failed to generate 1024 bit RSA key: %v", err)
   428  	}
   429  	if _, err := NewSignatureVerifier(k); err == nil {
   430  		t.Fatal("Incorrectly created new SignatureVerifier with 1024 bit RSA key.")
   431  	}
   432  }
   433  
   434  func TestWillAllowNonCompliantECKeyWithOverride(t *testing.T) {
   435  	AllowVerificationWithNonCompliantKeys = true
   436  	k, err := ecdsa.GenerateKey(elliptic.P224(), rand.Reader)
   437  	if err != nil {
   438  		t.Fatalf("Failed to generate EC key on P224: %v", err)
   439  	}
   440  	if _, err := NewSignatureVerifier(k.Public()); err != nil {
   441  		t.Fatalf("Incorrectly disallowed P224 EC key with override set: %v", err)
   442  	}
   443  }
   444  
   445  func TestWillAllowNonCompliantRSAKeyWithOverride(t *testing.T) {
   446  	AllowVerificationWithNonCompliantKeys = true
   447  	k, err := rsa.GenerateKey(rand.Reader, 1024)
   448  	if err != nil {
   449  		t.Fatalf("Failed to generate 1024 bit RSA key: %v", err)
   450  	}
   451  	if _, err := NewSignatureVerifier(k.Public()); err != nil {
   452  		t.Fatalf("Incorrectly disallowed 1024 bit RSA key with override set: %v", err)
   453  	}
   454  }
   455
View as plain text