github.com/u-root/u-root@v7.0.1-0.20200915234505-ad7babab0a8e+incompatible/pkg/crypto/ed25519_test.go (about) 1 // Copyright 2017-2019 the u-root Authors. All rights reserved 2 // Use of this source code is governed by a BSD-style 3 // license that can be found in the LICENSE file. 4 5 package crypto 6 7 import ( 8 "io/ioutil" 9 "testing" 10 11 "github.com/stretchr/testify/require" 12 "golang.org/x/crypto/ed25519" 13 ) 14 15 const ( 16 // publicKeyDERFile is a RSA public key in DER format 17 publicKeyDERFile string = "tests/public_key.der" 18 // publicKeyPEMFile is a RSA public key in PEM format 19 publicKeyPEMFile string = "tests/public_key.pem" 20 // privateKeyPEMFile is a RSA public key in PEM format 21 privateKeyPEMFile string = "tests/private_key.pem" 22 // publicKeyPEMFile2 is a RSA public key in PEM format 23 publicKeyPEMFile2 string = "tests/public_key2.pem" 24 // privateKeyPEMFile2 is a RSA public key in PEM format 25 privateKeyPEMFile2 string = "tests/private_key2.pem" 26 // testDataFile which should be verified by the good signature 27 testDataFile string = "tests/data" 28 // signatureGoodFile is a good signature of testDataFile 29 signatureGoodFile string = "tests/verify_rsa_pkcs15_sha256.signature" 30 // signatureBadFile is a bad signature which does not work with testDataFile 31 signatureBadFile string = "tests/verify_rsa_pkcs15_sha256.signature2" 32 ) 33 34 var ( 35 // password is a PEM encrypted passphrase 36 password = []byte{'k', 'e', 'i', 'n', 's'} 37 ) 38 39 func TestLoadDERPublicKey(t *testing.T) { 40 _, err := LoadPublicKeyFromFile(publicKeyDERFile) 41 require.Error(t, err) 42 } 43 44 func TestLoadPEMPublicKey(t *testing.T) { 45 _, err := LoadPublicKeyFromFile(publicKeyPEMFile) 46 require.NoError(t, err) 47 } 48 49 func TestLoadPEMPrivateKey(t *testing.T) { 50 _, err := LoadPrivateKeyFromFile(privateKeyPEMFile, password) 51 require.NoError(t, err) 52 } 53 54 func TestLoadBadPEMPrivateKey(t *testing.T) { 55 _, err := LoadPrivateKeyFromFile(privateKeyPEMFile, []byte{}) 56 require.Error(t, err) 57 } 58 59 func TestSignVerifyData(t *testing.T) { 60 privateKey, err := LoadPrivateKeyFromFile(privateKeyPEMFile, password) 61 require.NoError(t, err) 62 63 publicKey, err := LoadPublicKeyFromFile(publicKeyPEMFile) 64 require.NoError(t, err) 65 66 testData, err := ioutil.ReadFile(testDataFile) 67 require.NoError(t, err) 68 69 signature := ed25519.Sign(privateKey, testData) 70 verified := ed25519.Verify(publicKey, testData, signature) 71 require.Equal(t, true, verified) 72 } 73 74 func TestGoodSignature(t *testing.T) { 75 publicKey, err := LoadPublicKeyFromFile(publicKeyPEMFile) 76 require.NoError(t, err) 77 78 testData, err := ioutil.ReadFile(testDataFile) 79 require.NoError(t, err) 80 81 signatureGood, err := ioutil.ReadFile(signatureGoodFile) 82 require.NoError(t, err) 83 84 verified := ed25519.Verify(publicKey, testData, signatureGood) 85 require.Equal(t, true, verified) 86 } 87 88 func TestBadSignature(t *testing.T) { 89 publicKey, err := LoadPublicKeyFromFile(publicKeyPEMFile) 90 require.NoError(t, err) 91 92 testData, err := ioutil.ReadFile(testDataFile) 93 require.NoError(t, err) 94 95 signatureBad, err := ioutil.ReadFile(signatureBadFile) 96 require.NoError(t, err) 97 98 verified := ed25519.Verify(publicKey, testData, signatureBad) 99 require.Equal(t, false, verified) 100 } 101 102 func TestGenerateKeys(t *testing.T) { 103 err := GeneratED25519Key(password, privateKeyPEMFile2, publicKeyPEMFile2) 104 require.NoError(t, err) 105 } 106 107 func TestGenerateUnprotectedKeys(t *testing.T) { 108 err := GeneratED25519Key(nil, privateKeyPEMFile2, publicKeyPEMFile2) 109 require.NoError(t, err) 110 }