1 package privatekey
2
3 import (
4 "crypto/ecdsa"
5 "crypto/elliptic"
6 "crypto/rand"
7 "crypto/rsa"
8 "testing"
9
10 "github.com/letsencrypt/boulder/test"
11 )
12
13 func TestVerifyRSAKeyPair(t *testing.T) {
14 privKey1, err := rsa.GenerateKey(rand.Reader, 2048)
15 test.AssertNotError(t, err, "Failed while generating test key 1")
16
17 _, _, err = verify(privKey1)
18 test.AssertNotError(t, err, "Failed to verify valid key")
19
20 privKey2, err := rsa.GenerateKey(rand.Reader, 2048)
21 test.AssertNotError(t, err, "Failed while generating test key 2")
22
23 verifyHash, err := makeVerifyHash()
24 test.AssertNotError(t, err, "Failed to make verify hash: %s")
25
26 _, _, err = verifyRSA(privKey1, &privKey2.PublicKey, verifyHash)
27 test.AssertError(t, err, "Failed to detect invalid key pair")
28 }
29
30 func TestVerifyECDSAKeyPair(t *testing.T) {
31 privKey1, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
32 test.AssertNotError(t, err, "Failed while generating test key 1")
33
34 _, _, err = verify(privKey1)
35 test.AssertNotError(t, err, "Failed to verify valid key")
36
37 privKey2, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
38 test.AssertNotError(t, err, "Failed while generating test key 2")
39
40 verifyHash, err := makeVerifyHash()
41 test.AssertNotError(t, err, "Failed to make verify hash: %s")
42
43 _, _, err = verifyECDSA(privKey1, &privKey2.PublicKey, verifyHash)
44 test.AssertError(t, err, "Failed to detect invalid key pair")
45 }
46
47 func TestLoad(t *testing.T) {
48 signer, public, err := Load("../test/hierarchy/ee-e1.key.pem")
49 test.AssertNotError(t, err, "Failed to load a valid ECDSA key file")
50 test.AssertNotNil(t, signer, "Signer should not be Nil")
51 test.AssertNotNil(t, public, "Public should not be Nil")
52
53 signer, public, err = Load("../test/hierarchy/ee-r3.key.pem")
54 test.AssertNotError(t, err, "Failed to load a valid RSA key file")
55 test.AssertNotNil(t, signer, "Signer should not be Nil")
56 test.AssertNotNil(t, public, "Public should not be Nil")
57
58 signer, public, err = Load("../test/hierarchy/ee-e1.cert.pem")
59 test.AssertError(t, err, "Should have failed, file is a certificate")
60 test.AssertNil(t, signer, "Signer should be nil")
61 test.AssertNil(t, public, "Public should be nil")
62 }
63
View as plain text