...

Source file src/github.com/theupdateframework/go-tuf/pkg/keys/rsa_test.go

Documentation: github.com/theupdateframework/go-tuf/pkg/keys

     1  package keys
     2  
     3  import (
     4  	"crypto/rand"
     5  	"encoding/hex"
     6  	"encoding/json"
     7  	"errors"
     8  	"io"
     9  
    10  	"github.com/theupdateframework/go-tuf/data"
    11  	. "gopkg.in/check.v1"
    12  )
    13  
    14  type RsaSuite struct{}
    15  
    16  var _ = Suite(&RsaSuite{})
    17  
    18  func (RsaSuite) TestSignVerify(c *C) {
    19  	signer, err := GenerateRsaKey()
    20  	c.Assert(err, IsNil)
    21  	msg := []byte("foo")
    22  	sig, err := signer.SignMessage(msg)
    23  	c.Assert(err, IsNil)
    24  	publicData := signer.PublicData()
    25  	pubKey, err := GetVerifier(publicData)
    26  	c.Assert(err, IsNil)
    27  	c.Assert(pubKey.Verify(msg, sig), IsNil)
    28  }
    29  
    30  func (RsaSuite) TestRSAVerifyMismatchMessage(c *C) {
    31  	signer, err := GenerateRsaKey()
    32  	c.Assert(err, IsNil)
    33  	msg := []byte("foo")
    34  	sig, err := signer.SignMessage(msg)
    35  	c.Assert(err, IsNil)
    36  	publicData := signer.PublicData()
    37  	pubKey, err := GetVerifier(publicData)
    38  	c.Assert(err, IsNil)
    39  	c.Assert(pubKey.Verify([]byte("notfoo"), sig), ErrorMatches, "crypto/rsa: verification error")
    40  }
    41  
    42  func (RsaSuite) TestRSAVerifyMismatchPubKey(c *C) {
    43  	signer, err := GenerateRsaKey()
    44  	c.Assert(err, IsNil)
    45  	msg := []byte("foo")
    46  	sig, err := signer.SignMessage(msg)
    47  	c.Assert(err, IsNil)
    48  
    49  	signerNew, err := GenerateRsaKey()
    50  	c.Assert(err, IsNil)
    51  
    52  	pubKey, err := GetVerifier(signerNew.PublicData())
    53  	c.Assert(err, IsNil)
    54  	c.Assert(pubKey.Verify([]byte("notfoo"), sig), ErrorMatches, "crypto/rsa: verification error")
    55  }
    56  
    57  func (RsaSuite) TestMarshalUnmarshalPublicKey(c *C) {
    58  	signer, err := GenerateRsaKey()
    59  	c.Assert(err, IsNil)
    60  	publicData := signer.PublicData()
    61  	pubKey, err := GetVerifier(publicData)
    62  	c.Assert(err, IsNil)
    63  	c.Assert(pubKey.MarshalPublicKey(), DeepEquals, publicData)
    64  }
    65  
    66  func (RsaSuite) TestMarshalUnmarshalPrivateKey(c *C) {
    67  	signer, err := GenerateRsaKey()
    68  	c.Assert(err, IsNil)
    69  	privateData, err := signer.MarshalPrivateKey()
    70  	c.Assert(err, IsNil)
    71  	c.Assert(privateData.Type, Equals, data.KeyTypeRSASSA_PSS_SHA256)
    72  	c.Assert(privateData.Scheme, Equals, data.KeySchemeRSASSA_PSS_SHA256)
    73  	c.Assert(privateData.Algorithms, DeepEquals, data.HashAlgorithms)
    74  	s, err := GetSigner(privateData)
    75  	c.Assert(err, IsNil)
    76  	c.Assert(s, DeepEquals, signer)
    77  }
    78  
    79  func (ECDSASuite) TestUnmarshalRSA_Invalid(c *C) {
    80  	badKeyValue, err := json.Marshal(true)
    81  	c.Assert(err, IsNil)
    82  
    83  	badKey := &data.PublicKey{
    84  		Type:       data.KeyTypeECDSA_SHA2_P256,
    85  		Scheme:     data.KeySchemeECDSA_SHA2_P256,
    86  		Algorithms: data.HashAlgorithms,
    87  		Value:      badKeyValue,
    88  	}
    89  	verifier := NewEcdsaVerifier()
    90  	c.Assert(verifier.UnmarshalPublicKey(badKey), ErrorMatches, "json: cannot unmarshal.*")
    91  }
    92  
    93  func (ECDSASuite) TestUnmarshalRSAPublicKey(c *C) {
    94  	priv, err := GenerateRsaKey()
    95  	c.Assert(err, IsNil)
    96  
    97  	signer := &rsaSigner{priv.PrivateKey}
    98  	goodKey := signer.PublicData()
    99  
   100  	verifier := NewRsaVerifier()
   101  	c.Assert(verifier.UnmarshalPublicKey(goodKey), IsNil)
   102  }
   103  
   104  func (ECDSASuite) TestUnmarshalRSA_TooLongContent(c *C) {
   105  	randomSeed := make([]byte, MaxJSONKeySize)
   106  	_, err := io.ReadFull(rand.Reader, randomSeed)
   107  	c.Assert(err, IsNil)
   108  
   109  	tooLongPayload, err := json.Marshal(
   110  		&ed25519Verifier{
   111  			PublicKey: data.HexBytes(hex.EncodeToString(randomSeed)),
   112  		},
   113  	)
   114  	c.Assert(err, IsNil)
   115  
   116  	badKey := &data.PublicKey{
   117  		Type:       data.KeyTypeECDSA_SHA2_P256,
   118  		Scheme:     data.KeySchemeECDSA_SHA2_P256,
   119  		Algorithms: data.HashAlgorithms,
   120  		Value:      tooLongPayload,
   121  	}
   122  	verifier := NewRsaVerifier()
   123  	err = verifier.UnmarshalPublicKey(badKey)
   124  	c.Assert(errors.Is(err, io.ErrUnexpectedEOF), Equals, true)
   125  }
   126  

View as plain text