github.com/mvdan/u-root-coreutils@v0.0.0-20230122170626-c2eef2898555/pkg/crypto/ed25519_test.go

github.com/mvdan/u-root-coreutils@v0.0.0-20230122170626-c2eef2898555/pkg/crypto/ed25519_test.go (about)

     1  // Copyright 2017-2021 the u-root Authors. All rights reserved
     2  // Use of this source code is governed by a BSD-style
     3  // license that can be found in the LICENSE file.
     4  
     5  package crypto
     6  
     7  import (
     8  	"os"
     9  	"path"
    10  	"testing"
    11  
    12  	"golang.org/x/crypto/ed25519"
    13  )
    14  
    15  const (
    16  	// publicKeyDERFile is a RSA public key in DER format
    17  	publicKeyDERFile string = "tests/public_key.der"
    18  	// publicKeyPEMFile is a RSA public key in PEM format
    19  	publicKeyPEMFile string = "tests/public_key.pem"
    20  	// privateKeyPEMFile is a RSA public key in PEM format
    21  	privateKeyPEMFile string = "tests/private_key.pem"
    22  	// testDataFile which should be verified by the good signature
    23  	testDataFile string = "tests/data"
    24  	// signatureGoodFile is a good signature of testDataFile
    25  	signatureGoodFile string = "tests/verify_rsa_pkcs15_sha256.signature"
    26  	// signatureBadFile is a bad signature which does not work with testDataFile
    27  	signatureBadFile string = "tests/verify_rsa_pkcs15_sha256.signature2"
    28  )
    29  
    30  // password is a PEM encrypted passphrase
    31  var password = []byte{'k', 'e', 'i', 'n', 's'}
    32  
    33  func TestLoadDERPublicKey(t *testing.T) {
    34  	if _, err := LoadPublicKeyFromFile(publicKeyDERFile); err == nil {
    35  		t.Errorf(`LoadPublicKeyFromFile(publicKeyDERFile) = _, %v, want not nil`, err)
    36  	}
    37  }
    38  
    39  func TestLoadPEMPublicKey(t *testing.T) {
    40  	if _, err := LoadPublicKeyFromFile(publicKeyPEMFile); err != nil {
    41  		t.Errorf(`LoadPublicKeyFromFile(publicKeyPEMFile) = _, %v, want nil`, err)
    42  	}
    43  }
    44  
    45  func TestLoadPEMPrivateKey(t *testing.T) {
    46  	if _, err := LoadPrivateKeyFromFile(privateKeyPEMFile, password); err != nil {
    47  		t.Errorf(`LoadPublicKeyFromFile(privateKeyPEMFile) = _, %v, want nil`, err)
    48  	}
    49  }
    50  
    51  func TestLoadBadPEMPrivateKey(t *testing.T) {
    52  	if _, err := LoadPrivateKeyFromFile(privateKeyPEMFile, []byte{}); err == nil {
    53  		t.Errorf(`LoadPrivateKeyFromFile(privateKeyPEMFile, []byte{}) = _, %v, want not nil`, err)
    54  	}
    55  }
    56  
    57  func TestSignVerifyData(t *testing.T) {
    58  	privateKey, err := LoadPrivateKeyFromFile(privateKeyPEMFile, password)
    59  	if err != nil {
    60  		t.Errorf(`LoadPrivateKeyFromFile(privateKeyPEMFile, password) = _, %v, want nil`, err)
    61  	}
    62  
    63  	publicKey, err := LoadPublicKeyFromFile(publicKeyPEMFile)
    64  	if err != nil {
    65  		t.Errorf(`LoadPublicKeyFromFile(publicKeyPEMFile) = _, %v, want nil`, err)
    66  	}
    67  
    68  	testData, err := os.ReadFile(testDataFile)
    69  	if err != nil {
    70  		t.Errorf(`os.ReadFile(testDataFile) = _, %v, want nil`, err)
    71  	}
    72  
    73  	signature := ed25519.Sign(privateKey, testData)
    74  	if verified := ed25519.Verify(publicKey, testData, signature); !verified {
    75  		t.Errorf(`ed25519.Verify(publicKey, testData, signature) = %t, want "true"`, verified)
    76  	}
    77  }
    78  
    79  func TestGoodSignature(t *testing.T) {
    80  	publicKey, err := LoadPublicKeyFromFile(publicKeyPEMFile)
    81  	if err != nil {
    82  		t.Errorf(`LoadPublicKeyFromFile(publicKeyPEMFile) = _, %v, want nil`, err)
    83  	}
    84  
    85  	testData, err := os.ReadFile(testDataFile)
    86  	if err != nil {
    87  		t.Errorf(`os.ReadFile(testDataFile) = _, %v, want nil`, err)
    88  	}
    89  
    90  	signatureGood, err := os.ReadFile(signatureGoodFile)
    91  	if err != nil {
    92  		t.Errorf(`os.ReadFile(signatureGoodFile) = _, %v, want nil`, err)
    93  	}
    94  
    95  	if verified := ed25519.Verify(publicKey, testData, signatureGood); !verified {
    96  		t.Errorf(`ed25519.Verify(publicKey, testData, signatureGood) = %t, want "true"`, verified)
    97  	}
    98  }
    99  
   100  func TestBadSignature(t *testing.T) {
   101  	publicKey, err := LoadPublicKeyFromFile(publicKeyPEMFile)
   102  	if err != nil {
   103  		t.Errorf(`LoadPublicKeyFromFile(publicKeyPEMFile) = _, %v, want nil`, err)
   104  	}
   105  
   106  	testData, err := os.ReadFile(testDataFile)
   107  	if err != nil {
   108  		t.Errorf(`os.ReadFile(testDataFile) = _, %v, want nil`, err)
   109  	}
   110  
   111  	signatureBad, err := os.ReadFile(signatureBadFile)
   112  	if err != nil {
   113  		t.Errorf(`os.ReadFile(signatureBadFile) = _, %v, want nil`, err)
   114  	}
   115  
   116  	if verified := ed25519.Verify(publicKey, testData, signatureBad); verified {
   117  		t.Errorf(`ed25519.Verify(publicKey, testData, signatureBad) = %t, want "false"`, verified)
   118  	}
   119  }
   120  
   121  func TestGenerateKeys(t *testing.T) {
   122  	tmpdir := t.TempDir()
   123  	if err := GeneratED25519Key(password, path.Join(tmpdir, "private_key.pem"), path.Join(tmpdir, "public_key.pem")); err != nil {
   124  		t.Errorf(`GeneratED25519Key(password, path.Join(tmpdir, "private_key.pem"), path.Join(tmpdir, "public_key.pem")) = %v, want nil`, err)
   125  	}
   126  }
   127  
   128  func TestGenerateUnprotectedKeys(t *testing.T) {
   129  	tmpdir := t.TempDir()
   130  	if err := GeneratED25519Key(nil, path.Join(tmpdir, "private_key.pem"), path.Join(tmpdir, "public_key.pem")); err != nil {
   131  		t.Errorf(`GeneratED25519Key(nil, path.Join(tmpdir, "private_key.pem"), path.Join(tmpdir, "public_key.pem")) = %v, want nil`, err)
   132  	}
   133  }