github.com/lzy4123/fabric@v2.1.1+incompatible/bccsp/idemix/handlers/signer_test.go (about) 1 /* 2 Copyright IBM Corp. All Rights Reserved. 3 4 SPDX-License-Identifier: Apache-2.0 5 */ 6 package handlers_test 7 8 import ( 9 "errors" 10 11 "github.com/hyperledger/fabric/bccsp" 12 "github.com/hyperledger/fabric/bccsp/idemix/handlers" 13 "github.com/hyperledger/fabric/bccsp/idemix/handlers/mock" 14 . "github.com/onsi/ginkgo" 15 . "github.com/onsi/gomega" 16 ) 17 18 var _ = Describe("Signature", func() { 19 20 Describe("when creating a signature", func() { 21 22 var ( 23 Signer *handlers.Signer 24 fakeSignatureScheme *mock.SignatureScheme 25 nymSK bccsp.Key 26 ) 27 28 BeforeEach(func() { 29 fakeSignatureScheme = &mock.SignatureScheme{} 30 Signer = &handlers.Signer{SignatureScheme: fakeSignatureScheme} 31 32 var err error 33 sk := &mock.Big{} 34 sk.BytesReturns([]byte{1, 2, 3, 4}, nil) 35 nymSK, err = handlers.NewNymSecretKey(sk, nil, false) 36 Expect(err).NotTo(HaveOccurred()) 37 }) 38 39 Context("and the underlying cryptographic algorithm succeed", func() { 40 var ( 41 fakeSignature []byte 42 ) 43 BeforeEach(func() { 44 fakeSignature = []byte("fake signature") 45 fakeSignatureScheme.SignReturns(fakeSignature, nil) 46 }) 47 48 It("returns no error and a signature", func() { 49 signature, err := Signer.Sign( 50 handlers.NewUserSecretKey(nil, false), 51 []byte("a digest"), 52 &bccsp.IdemixSignerOpts{ 53 Nym: nymSK, 54 IssuerPK: handlers.NewIssuerPublicKey(nil), 55 }, 56 ) 57 Expect(err).NotTo(HaveOccurred()) 58 Expect(signature).To(BeEquivalentTo(fakeSignature)) 59 60 }) 61 }) 62 63 Context("and the underlying cryptographic algorithm fails", func() { 64 BeforeEach(func() { 65 fakeSignatureScheme.SignReturns(nil, errors.New("sign error")) 66 }) 67 68 It("returns an error", func() { 69 signature, err := Signer.Sign( 70 handlers.NewUserSecretKey(nil, false), 71 []byte("a digest"), 72 &bccsp.IdemixSignerOpts{ 73 Nym: nymSK, 74 IssuerPK: handlers.NewIssuerPublicKey(nil), 75 }, 76 ) 77 Expect(err).To(MatchError("sign error")) 78 Expect(signature).To(BeNil()) 79 }) 80 }) 81 82 Context("and the parameters are not well formed", func() { 83 84 Context("and the user secret key is nil", func() { 85 It("returns error", func() { 86 signature, err := Signer.Sign( 87 nil, 88 []byte("a digest"), 89 &bccsp.IdemixSignerOpts{ 90 Nym: nymSK, 91 IssuerPK: handlers.NewIssuerPublicKey(nil), 92 }, 93 ) 94 Expect(err).To(MatchError("invalid key, expected *userSecretKey")) 95 Expect(signature).To(BeNil()) 96 }) 97 }) 98 99 Context("and the user secret key is not of type *userSecretKey", func() { 100 It("returns error", func() { 101 signature, err := Signer.Sign( 102 handlers.NewIssuerPublicKey(nil), 103 []byte("a digest"), 104 &bccsp.IdemixSignerOpts{ 105 Nym: nymSK, 106 IssuerPK: handlers.NewIssuerPublicKey(nil), 107 }, 108 ) 109 Expect(err).To(MatchError("invalid key, expected *userSecretKey")) 110 Expect(signature).To(BeNil()) 111 }) 112 }) 113 114 Context("and the option is nil", func() { 115 It("returns error", func() { 116 signature, err := Signer.Sign( 117 handlers.NewUserSecretKey(nil, false), 118 []byte("a digest"), 119 nil, 120 ) 121 Expect(err).To(MatchError("invalid options, expected *IdemixSignerOpts")) 122 Expect(signature).To(BeNil()) 123 }) 124 }) 125 126 Context("and the option is not of type *IdemixSignerOpts", func() { 127 It("returns error", func() { 128 signature, err := Signer.Sign( 129 handlers.NewUserSecretKey(nil, false), 130 []byte("a digest"), 131 &bccsp.IdemixCRISignerOpts{}, 132 ) 133 Expect(err).To(MatchError("invalid options, expected *IdemixSignerOpts")) 134 Expect(signature).To(BeNil()) 135 }) 136 }) 137 138 Context("and the nym is nil", func() { 139 It("returns error", func() { 140 signature, err := Signer.Sign( 141 handlers.NewUserSecretKey(nil, false), 142 []byte("a digest"), 143 &bccsp.IdemixSignerOpts{ 144 IssuerPK: handlers.NewIssuerPublicKey(nil), 145 }, 146 ) 147 Expect(err).To(MatchError("invalid options, missing nym key")) 148 Expect(signature).To(BeNil()) 149 }) 150 }) 151 152 Context("and the nym is not of type *nymSecretKey", func() { 153 It("returns error", func() { 154 signature, err := Signer.Sign( 155 handlers.NewUserSecretKey(nil, false), 156 []byte("a digest"), 157 &bccsp.IdemixSignerOpts{ 158 Nym: handlers.NewIssuerPublicKey(nil), 159 IssuerPK: handlers.NewIssuerPublicKey(nil), 160 }, 161 ) 162 Expect(err).To(MatchError("invalid nym key, expected *nymSecretKey")) 163 Expect(signature).To(BeNil()) 164 }) 165 }) 166 167 Context("and the IssuerPk is nil", func() { 168 It("returns error", func() { 169 signature, err := Signer.Sign( 170 handlers.NewUserSecretKey(nil, false), 171 []byte("a digest"), 172 &bccsp.IdemixSignerOpts{ 173 Nym: nymSK, 174 }, 175 ) 176 Expect(err).To(MatchError("invalid options, missing issuer public key")) 177 Expect(signature).To(BeNil()) 178 }) 179 }) 180 181 Context("and the IssuerPk is not of type *issuerPublicKey", func() { 182 It("returns error", func() { 183 signature, err := Signer.Sign( 184 handlers.NewUserSecretKey(nil, false), 185 []byte("a digest"), 186 &bccsp.IdemixSignerOpts{ 187 Nym: nymSK, 188 IssuerPK: handlers.NewUserSecretKey(nil, false), 189 }, 190 ) 191 Expect(err).To(MatchError("invalid issuer public key, expected *issuerPublicKey")) 192 Expect(signature).To(BeNil()) 193 }) 194 }) 195 }) 196 }) 197 198 Describe("when verifying a signature", func() { 199 200 var ( 201 Verifier *handlers.Verifier 202 fakeSignatureScheme *mock.SignatureScheme 203 ) 204 205 BeforeEach(func() { 206 fakeSignatureScheme = &mock.SignatureScheme{} 207 Verifier = &handlers.Verifier{SignatureScheme: fakeSignatureScheme} 208 }) 209 210 Context("and the underlying cryptographic algorithm succeed", func() { 211 BeforeEach(func() { 212 fakeSignatureScheme.VerifyReturns(nil) 213 }) 214 215 It("returns no error and valid signature", func() { 216 valid, err := Verifier.Verify( 217 handlers.NewIssuerPublicKey(nil), 218 []byte("a signature"), 219 []byte("a digest"), 220 &bccsp.IdemixSignerOpts{ 221 RevocationPublicKey: handlers.NewRevocationPublicKey(nil), 222 }, 223 ) 224 Expect(err).NotTo(HaveOccurred()) 225 Expect(valid).To(BeTrue()) 226 }) 227 }) 228 229 Context("and the underlying cryptographic algorithm fails", func() { 230 BeforeEach(func() { 231 fakeSignatureScheme.VerifyReturns(errors.New("verify error")) 232 }) 233 234 It("returns an error", func() { 235 valid, err := Verifier.Verify( 236 handlers.NewIssuerPublicKey(nil), 237 []byte("a signature"), 238 []byte("a digest"), 239 &bccsp.IdemixSignerOpts{ 240 RevocationPublicKey: handlers.NewRevocationPublicKey(nil), 241 }, 242 ) 243 Expect(err).To(MatchError("verify error")) 244 Expect(valid).To(BeFalse()) 245 }) 246 }) 247 248 Context("and the parameters are not well formed", func() { 249 250 Context("and the issuer public key is nil", func() { 251 It("returns error", func() { 252 valid, err := Verifier.Verify( 253 nil, 254 []byte("fake signature"), 255 nil, 256 &bccsp.IdemixSignerOpts{IssuerPK: handlers.NewIssuerPublicKey(nil)}, 257 ) 258 Expect(err).To(MatchError("invalid key, expected *issuerPublicKey")) 259 Expect(valid).To(BeFalse()) 260 }) 261 }) 262 263 Context("and the issuer public key is not of type *issuerPublicKey", func() { 264 It("returns error", func() { 265 valid, err := Verifier.Verify( 266 handlers.NewUserSecretKey(nil, false), 267 []byte("fake signature"), 268 nil, 269 &bccsp.IdemixSignerOpts{IssuerPK: handlers.NewIssuerPublicKey(nil)}, 270 ) 271 Expect(err).To(MatchError("invalid key, expected *issuerPublicKey")) 272 Expect(valid).To(BeFalse()) 273 }) 274 }) 275 276 Context("and the signature is empty", func() { 277 It("returns error", func() { 278 valid, err := Verifier.Verify( 279 handlers.NewIssuerPublicKey(nil), 280 nil, 281 []byte("a digest"), 282 &bccsp.IdemixSignerOpts{ 283 RevocationPublicKey: handlers.NewRevocationPublicKey(nil), 284 }, 285 ) 286 Expect(err).To(MatchError("invalid signature, it must not be empty")) 287 Expect(valid).To(BeFalse()) 288 }) 289 }) 290 291 Context("and the option is empty", func() { 292 It("returns error", func() { 293 valid, err := Verifier.Verify( 294 handlers.NewIssuerPublicKey(nil), 295 []byte("a signature"), 296 []byte("a digest"), 297 nil, 298 ) 299 Expect(err).To(MatchError("invalid options, expected *IdemixSignerOpts")) 300 Expect(valid).To(BeFalse()) 301 }) 302 }) 303 304 Context("and the option is not of type *IdemixSignerOpts", func() { 305 It("returns error", func() { 306 valid, err := Verifier.Verify( 307 handlers.NewIssuerPublicKey(nil), 308 []byte("a signature"), 309 []byte("a digest"), 310 &bccsp.IdemixCredentialRequestSignerOpts{}, 311 ) 312 Expect(err).To(MatchError("invalid options, expected *IdemixSignerOpts")) 313 Expect(valid).To(BeFalse()) 314 }) 315 }) 316 317 Context("and the option's revocation public key is empty", func() { 318 It("returns error", func() { 319 valid, err := Verifier.Verify( 320 handlers.NewIssuerPublicKey(nil), 321 []byte("fake signature"), 322 nil, 323 &bccsp.IdemixSignerOpts{}, 324 ) 325 Expect(err).To(MatchError("invalid options, expected *revocationPublicKey")) 326 Expect(valid).To(BeFalse()) 327 }) 328 }) 329 330 Context("and the option's revocation public key is not of type *revocationPublicKey", func() { 331 It("returns error", func() { 332 valid, err := Verifier.Verify( 333 handlers.NewIssuerPublicKey(nil), 334 []byte("fake signature"), 335 nil, 336 &bccsp.IdemixSignerOpts{RevocationPublicKey: handlers.NewUserSecretKey(nil, false)}, 337 ) 338 Expect(err).To(MatchError("invalid options, expected *revocationPublicKey")) 339 Expect(valid).To(BeFalse()) 340 }) 341 }) 342 }) 343 }) 344 })