github.com/hechain20/hechain@v0.0.0-20220316014945-b544036ba106/bccsp/factory/pkcs11factory_test.go

github.com/hechain20/hechain@v0.0.0-20220316014945-b544036ba106/bccsp/factory/pkcs11factory_test.go (about)

     1  //go:build pkcs11
     2  // +build pkcs11
     3  
     4  /*
     5  Copyright hechain. All Rights Reserved.
     6  
     7  SPDX-License-Identifier: Apache-2.0
     8  */
     9  
    10  package factory
    11  
    12  import (
    13  	"crypto/sha256"
    14  	"encoding/hex"
    15  	"testing"
    16  
    17  	"github.com/hechain20/hechain/bccsp/pkcs11"
    18  	"github.com/stretchr/testify/require"
    19  )
    20  
    21  func TestPKCS11FactoryName(t *testing.T) {
    22  	f := &PKCS11Factory{}
    23  	require.Equal(t, f.Name(), PKCS11BasedFactoryName)
    24  }
    25  
    26  func TestPKCS11FactoryGetInvalidArgs(t *testing.T) {
    27  	f := &PKCS11Factory{}
    28  
    29  	_, err := f.Get(nil)
    30  	require.Error(t, err, "Invalid config. It must not be nil.")
    31  
    32  	_, err = f.Get(&FactoryOpts{})
    33  	require.Error(t, err, "Invalid config. It must not be nil.")
    34  
    35  	opts := &FactoryOpts{
    36  		PKCS11: &pkcs11.PKCS11Opts{},
    37  	}
    38  	_, err = f.Get(opts)
    39  	require.Error(t, err, "CSP:500 - Failed initializing configuration at [0,]")
    40  }
    41  
    42  func TestPKCS11FactoryGet(t *testing.T) {
    43  	f := &PKCS11Factory{}
    44  
    45  	opts := &FactoryOpts{
    46  		PKCS11: defaultOptions(),
    47  	}
    48  	csp, err := f.Get(opts)
    49  	require.NoError(t, err)
    50  	require.NotNil(t, csp)
    51  }
    52  
    53  func TestPKCS11FactoryGetEmptyKeyStorePath(t *testing.T) {
    54  	f := &PKCS11Factory{}
    55  	lib, pin, label := pkcs11.FindPKCS11Lib()
    56  
    57  	opts := &FactoryOpts{
    58  		PKCS11: &pkcs11.PKCS11Opts{
    59  			Security: 256,
    60  			Hash:     "SHA2",
    61  			Library:  lib,
    62  			Pin:      pin,
    63  			Label:    label,
    64  		},
    65  	}
    66  	csp, err := f.Get(opts)
    67  	require.NoError(t, err)
    68  	require.NotNil(t, csp)
    69  
    70  	opts = &FactoryOpts{
    71  		PKCS11: &pkcs11.PKCS11Opts{
    72  			Security: 256,
    73  			Hash:     "SHA2",
    74  			Library:  lib,
    75  			Pin:      pin,
    76  			Label:    label,
    77  		},
    78  	}
    79  	csp, err = f.Get(opts)
    80  	require.NoError(t, err)
    81  	require.NotNil(t, csp)
    82  }
    83  
    84  func TestSKIMapper(t *testing.T) {
    85  	inputSKI := sha256.New().Sum([]byte("some-ski"))
    86  	tests := []struct {
    87  		name     string
    88  		altID    string
    89  		keyIDs   map[string]string
    90  		expected []byte
    91  	}{
    92  		{name: "DefaultBehavior", expected: inputSKI},
    93  		{name: "AltIDOnly", altID: "alternate-ID", expected: []byte("alternate-ID")},
    94  		{name: "MapEntry", keyIDs: map[string]string{hex.EncodeToString(inputSKI): "mapped-id"}, expected: []byte("mapped-id")},
    95  		{name: "AltIDAsDefault", altID: "alternate-ID", keyIDs: map[string]string{"another-ski": "another-id"}, expected: []byte("alternate-ID")},
    96  	}
    97  	for _, tt := range tests {
    98  		t.Run(tt.name, func(t *testing.T) {
    99  			options := defaultOptions()
   100  			options.AltID = tt.altID
   101  			for k, v := range tt.keyIDs {
   102  				options.KeyIDs = append(options.KeyIDs, pkcs11.KeyIDMapping{SKI: k, ID: v})
   103  			}
   104  
   105  			mapper := skiMapper(*options)
   106  			result := mapper(inputSKI)
   107  			require.Equal(t, tt.expected, result, "got %x, want %x", result, tt.expected)
   108  		})
   109  	}
   110  }
   111  
   112  func defaultOptions() *pkcs11.PKCS11Opts {
   113  	lib, pin, label := pkcs11.FindPKCS11Lib()
   114  	return &pkcs11.PKCS11Opts{
   115  		Security: 256,
   116  		Hash:     "SHA2",
   117  		Library:  lib,
   118  		Pin:      pin,
   119  		Label:    label,
   120  	}
   121  }