...

Source file src/github.com/theupdateframework/go-tuf/pkg/keys/deprecated_ecdsa_test.go

Documentation: github.com/theupdateframework/go-tuf/pkg/keys

     1  package keys
     2  
     3  import (
     4  	"crypto"
     5  	"crypto/ecdsa"
     6  	"crypto/elliptic"
     7  	"crypto/rand"
     8  	"crypto/sha256"
     9  	"encoding/json"
    10  	"errors"
    11  
    12  	"github.com/theupdateframework/go-tuf/data"
    13  	. "gopkg.in/check.v1"
    14  )
    15  
    16  type DeprecatedECDSASuite struct{}
    17  
    18  var _ = Suite(DeprecatedECDSASuite{})
    19  
    20  type deprecatedEcdsaSigner struct {
    21  	*ecdsa.PrivateKey
    22  }
    23  
    24  type deprecatedEcdsaPublic struct {
    25  	PublicKey data.HexBytes `json:"public"`
    26  }
    27  
    28  func (s deprecatedEcdsaSigner) PublicData() *data.PublicKey {
    29  	pub := s.Public().(*ecdsa.PublicKey)
    30  	keyValBytes, _ := json.Marshal(deprecatedEcdsaPublic{
    31  		PublicKey: elliptic.Marshal(pub.Curve, pub.X, pub.Y)})
    32  	return &data.PublicKey{
    33  		Type:       data.KeyTypeECDSA_SHA2_P256,
    34  		Scheme:     data.KeySchemeECDSA_SHA2_P256,
    35  		Algorithms: data.HashAlgorithms,
    36  		Value:      keyValBytes,
    37  	}
    38  }
    39  
    40  func (s deprecatedEcdsaSigner) SignMessage(message []byte) ([]byte, error) {
    41  	hash := sha256.Sum256(message)
    42  	return s.PrivateKey.Sign(rand.Reader, hash[:], crypto.SHA256)
    43  }
    44  
    45  func (s deprecatedEcdsaSigner) ContainsID(id string) bool {
    46  	return s.PublicData().ContainsID(id)
    47  }
    48  
    49  func (deprecatedEcdsaSigner) MarshalPrivateKey() (*data.PrivateKey, error) {
    50  	return nil, errors.New("not implemented for test")
    51  }
    52  
    53  func (deprecatedEcdsaSigner) UnmarshalPrivateKey(key *data.PrivateKey) error {
    54  	return errors.New("not implemented for test")
    55  }
    56  
    57  func generatedDeprecatedSigner() (*deprecatedEcdsaSigner, error) {
    58  	privkey, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
    59  	if err != nil {
    60  		return nil, err
    61  	}
    62  	return &deprecatedEcdsaSigner{privkey}, nil
    63  }
    64  
    65  func (DeprecatedECDSASuite) TestSignVerifyDeprecatedFormat(c *C) {
    66  	// Create an ecdsa key with a deprecated format.
    67  	signer, err := generatedDeprecatedSigner()
    68  	c.Assert(err, IsNil)
    69  	msg := []byte("foo")
    70  	sig, err := signer.SignMessage(msg)
    71  	c.Assert(err, IsNil)
    72  
    73  	pub := signer.PublicKey
    74  
    75  	keyValBytes, err := json.Marshal(&deprecatedP256Verifier{PublicKey: elliptic.Marshal(pub.Curve, pub.X, pub.Y)})
    76  	c.Assert(err, IsNil)
    77  	publicData := &data.PublicKey{
    78  		Type:       data.KeyTypeECDSA_SHA2_P256,
    79  		Scheme:     data.KeySchemeECDSA_SHA2_P256,
    80  		Algorithms: data.HashAlgorithms,
    81  		Value:      keyValBytes,
    82  	}
    83  
    84  	deprecatedEcdsa := NewDeprecatedEcdsaVerifier()
    85  	err = deprecatedEcdsa.UnmarshalPublicKey(publicData)
    86  	c.Assert(err, IsNil)
    87  	c.Assert(deprecatedEcdsa.Verify(msg, sig), IsNil)
    88  }
    89  
    90  func (DeprecatedECDSASuite) TestECDSAVerifyMismatchMessage(c *C) {
    91  	signer, err := generatedDeprecatedSigner()
    92  	c.Assert(err, IsNil)
    93  	msg := []byte("foo")
    94  	sig, err := signer.SignMessage(msg)
    95  	c.Assert(err, IsNil)
    96  	publicData := signer.PublicData()
    97  	deprecatedEcdsa := NewDeprecatedEcdsaVerifier()
    98  	err = deprecatedEcdsa.UnmarshalPublicKey(publicData)
    99  	c.Assert(err, IsNil)
   100  	c.Assert(deprecatedEcdsa.Verify([]byte("notfoo"), sig), ErrorMatches, "tuf: deprecated ecdsa signature verification failed")
   101  }
   102  
   103  func (DeprecatedECDSASuite) TestECDSAVerifyMismatchPubKey(c *C) {
   104  	signer, err := generatedDeprecatedSigner()
   105  	c.Assert(err, IsNil)
   106  	msg := []byte("foo")
   107  	sig, err := signer.SignMessage(msg)
   108  	c.Assert(err, IsNil)
   109  
   110  	signerNew, err := generatedDeprecatedSigner()
   111  	c.Assert(err, IsNil)
   112  	deprecatedEcdsa := NewDeprecatedEcdsaVerifier()
   113  	err = deprecatedEcdsa.UnmarshalPublicKey(signerNew.PublicData())
   114  	c.Assert(err, IsNil)
   115  	c.Assert(deprecatedEcdsa.Verify([]byte("notfoo"), sig), ErrorMatches, "tuf: deprecated ecdsa signature verification failed")
   116  }
   117  
   118  func (DeprecatedECDSASuite) TestMarshalUnmarshalPublicKey(c *C) {
   119  	signer, err := generatedDeprecatedSigner()
   120  	c.Assert(err, IsNil)
   121  
   122  	pub := signer.PublicData()
   123  
   124  	deprecatedEcdsa := NewDeprecatedEcdsaVerifier()
   125  	err = deprecatedEcdsa.UnmarshalPublicKey(pub)
   126  	c.Assert(err, IsNil)
   127  
   128  	c.Assert(deprecatedEcdsa.MarshalPublicKey(), DeepEquals, pub)
   129  }
   130  

View as plain text