github.com/google/osv-scalibr@v0.4.1/veles/secrets/gcpsak/signature_test.go

github.com/google/osv-scalibr@v0.4.1/veles/secrets/gcpsak/signature_test.go (about)

     1  // Copyright 2025 Google LLC
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //      http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  package gcpsak_test
    16  
    17  import (
    18  	"testing"
    19  
    20  	"github.com/google/go-cmp/cmp"
    21  	"github.com/google/go-cmp/cmp/cmpopts"
    22  	"github.com/google/osv-scalibr/veles/secrets/gcpsak"
    23  )
    24  
    25  func TestSign(t *testing.T) {
    26  	want := exampleSignature
    27  	got := gcpsak.Sign(examplePrivateKey)
    28  	if diff := cmp.Diff(want, got, cmpopts.EquateEmpty()); diff != "" {
    29  		t.Errorf("Sign() diff (-want +got):\n%s", diff)
    30  	}
    31  }
    32  
    33  func TestValid(t *testing.T) {
    34  	valid, err := gcpsak.Valid(exampleSignature, exampleCertificate)
    35  	if err != nil {
    36  		t.Errorf("Valid() error: %v, want nil", err)
    37  	}
    38  	if !valid {
    39  		t.Error("Valid() = false, want true")
    40  	}
    41  }
    42  
    43  func TestSignature_roundtrip(t *testing.T) {
    44  	randKey, randCert := genKeyAndCert(t)
    45  	cases := []struct {
    46  		name string
    47  		key  string
    48  		cert string
    49  	}{
    50  		{
    51  			name: "constant_examples",
    52  			key:  examplePrivateKey,
    53  			cert: exampleCertificate,
    54  		},
    55  		{
    56  			name: "randomly_generated",
    57  			key:  randKey,
    58  			cert: randCert,
    59  		},
    60  	}
    61  	for _, tc := range cases {
    62  		t.Run(tc.name, func(t *testing.T) {
    63  			t.Parallel()
    64  			sig := gcpsak.Sign(tc.key)
    65  			if len(sig) == 0 {
    66  				t.Error("Sign() failed")
    67  			}
    68  			valid, err := gcpsak.Valid(sig, tc.cert)
    69  			if err != nil {
    70  				t.Errorf("Valid() error: %v, want nil", err)
    71  			}
    72  			if !valid {
    73  				t.Error("Valid() = false, want true")
    74  			}
    75  		})
    76  	}
    77  }