github.com/letsencrypt/trillian@v1.1.2-0.20180615153820-ae375a99d36a/crypto/verifier_test.go

github.com/letsencrypt/trillian@v1.1.2-0.20180615153820-ae375a99d36a/crypto/verifier_test.go (about)

     1  // Copyright 2017 Google Inc. All Rights Reserved.
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //     http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  package crypto
    16  
    17  import (
    18  	"crypto"
    19  	"testing"
    20  
    21  	"github.com/google/trillian/crypto/keys/pem"
    22  	"github.com/google/trillian/testonly"
    23  )
    24  
    25  const (
    26  	// openssl ecparam -name prime256v1 -genkey -out p256-key.pem
    27  	privPEM = `-----BEGIN EC PRIVATE KEY-----
    28  MHcCAQEEIGbhE2+z8d5lHzb0gmkS78d86gm5gHUtXCpXveFbK3pcoAoGCCqGSM49
    29  AwEHoUQDQgAEUxX42oxJ5voiNfbjoz8UgsGqh1bD1NXK9m8VivPmQSoYUdVFgNav
    30  csFaQhohkiCEthY51Ga6Xa+ggn+eTZtf9Q==
    31  -----END EC PRIVATE KEY-----`
    32  )
    33  
    34  func TestSignVerify(t *testing.T) {
    35  	for _, test := range []struct {
    36  		name          string
    37  		pem           string
    38  		password      string
    39  		skipSigning   bool
    40  		wantVerifyErr bool
    41  	}{
    42  		{
    43  			name:     "ECDSA key",
    44  			pem:      privPEM,
    45  			password: "",
    46  		},
    47  		{
    48  			name:     "Demo key",
    49  			pem:      testonly.DemoPrivateKey,
    50  			password: testonly.DemoPrivateKeyPass,
    51  		},
    52  		{
    53  			name:          "Nil signature",
    54  			pem:           testonly.DemoPrivateKey,
    55  			password:      testonly.DemoPrivateKeyPass,
    56  			skipSigning:   true,
    57  			wantVerifyErr: true,
    58  		},
    59  	} {
    60  
    61  		key, err := pem.UnmarshalPrivateKey(test.pem, test.password)
    62  		if err != nil {
    63  			t.Errorf("%s: LoadPrivateKey(_, %q)=%v, want nil", test.name, test.password, err)
    64  			continue
    65  		}
    66  
    67  		// Sign and Verify.
    68  		msg := []byte("foo")
    69  		var signature []byte
    70  		if !test.skipSigning {
    71  			signature, err = NewSigner(0, key, crypto.SHA256).Sign(msg)
    72  			if err != nil {
    73  				t.Errorf("%s: Sign()=(_,%v), want (_,nil)", test.name, err)
    74  				continue
    75  			}
    76  		}
    77  
    78  		err = Verify(key.Public(), crypto.SHA256, msg, signature)
    79  		if gotErr := err != nil; gotErr != test.wantVerifyErr {
    80  			t.Errorf("%s: Verify(,,)=%v, want err? %t", test.name, err, test.wantVerifyErr)
    81  		}
    82  	}
    83  }