github.com/letsencrypt/boulder@v0.20251208.0/privatekey/privatekey_test.go

github.com/letsencrypt/boulder@v0.20251208.0/privatekey/privatekey_test.go (about)

     1  package privatekey
     2  
     3  import (
     4  	"crypto/ecdsa"
     5  	"crypto/elliptic"
     6  	"crypto/rand"
     7  	"crypto/rsa"
     8  	"testing"
     9  
    10  	"github.com/letsencrypt/boulder/test"
    11  )
    12  
    13  func TestVerifyRSAKeyPair(t *testing.T) {
    14  	privKey1, err := rsa.GenerateKey(rand.Reader, 2048)
    15  	test.AssertNotError(t, err, "Failed while generating test key 1")
    16  
    17  	_, _, err = verify(privKey1)
    18  	test.AssertNotError(t, err, "Failed to verify valid key")
    19  
    20  	privKey2, err := rsa.GenerateKey(rand.Reader, 2048)
    21  	test.AssertNotError(t, err, "Failed while generating test key 2")
    22  
    23  	verifyHash, err := makeVerifyHash()
    24  	test.AssertNotError(t, err, "Failed to make verify hash: %s")
    25  
    26  	_, _, err = verifyRSA(privKey1, &privKey2.PublicKey, verifyHash)
    27  	test.AssertError(t, err, "Failed to detect invalid key pair")
    28  }
    29  
    30  func TestVerifyECDSAKeyPair(t *testing.T) {
    31  	privKey1, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
    32  	test.AssertNotError(t, err, "Failed while generating test key 1")
    33  
    34  	_, _, err = verify(privKey1)
    35  	test.AssertNotError(t, err, "Failed to verify valid key")
    36  
    37  	privKey2, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
    38  	test.AssertNotError(t, err, "Failed while generating test key 2")
    39  
    40  	verifyHash, err := makeVerifyHash()
    41  	test.AssertNotError(t, err, "Failed to make verify hash: %s")
    42  
    43  	_, _, err = verifyECDSA(privKey1, &privKey2.PublicKey, verifyHash)
    44  	test.AssertError(t, err, "Failed to detect invalid key pair")
    45  }
    46  
    47  func TestLoad(t *testing.T) {
    48  	signer, public, err := Load("../test/hierarchy/ee-e1.key.pem")
    49  	test.AssertNotError(t, err, "Failed to load a valid ECDSA key file")
    50  	test.AssertNotNil(t, signer, "Signer should not be Nil")
    51  	test.AssertNotNil(t, public, "Public should not be Nil")
    52  
    53  	signer, public, err = Load("../test/hierarchy/ee-r3.key.pem")
    54  	test.AssertNotError(t, err, "Failed to load a valid RSA key file")
    55  	test.AssertNotNil(t, signer, "Signer should not be Nil")
    56  	test.AssertNotNil(t, public, "Public should not be Nil")
    57  
    58  	signer, public, err = Load("../test/hierarchy/ee-e1.cert.pem")
    59  	test.AssertError(t, err, "Should have failed, file is a certificate")
    60  	test.AssertNil(t, signer, "Signer should be nil")
    61  	test.AssertNil(t, public, "Public should be nil")
    62  }