github.com/u-root/u-root@v7.0.1-0.20200915234505-ad7babab0a8e+incompatible/pkg/crypto/ed25519_test.go (about)

     1  // Copyright 2017-2019 the u-root Authors. All rights reserved
     2  // Use of this source code is governed by a BSD-style
     3  // license that can be found in the LICENSE file.
     4  
     5  package crypto
     6  
     7  import (
     8  	"io/ioutil"
     9  	"testing"
    10  
    11  	"github.com/stretchr/testify/require"
    12  	"golang.org/x/crypto/ed25519"
    13  )
    14  
    15  const (
    16  	// publicKeyDERFile is a RSA public key in DER format
    17  	publicKeyDERFile string = "tests/public_key.der"
    18  	// publicKeyPEMFile is a RSA public key in PEM format
    19  	publicKeyPEMFile string = "tests/public_key.pem"
    20  	// privateKeyPEMFile is a RSA public key in PEM format
    21  	privateKeyPEMFile string = "tests/private_key.pem"
    22  	// publicKeyPEMFile2 is a RSA public key in PEM format
    23  	publicKeyPEMFile2 string = "tests/public_key2.pem"
    24  	// privateKeyPEMFile2 is a RSA public key in PEM format
    25  	privateKeyPEMFile2 string = "tests/private_key2.pem"
    26  	// testDataFile which should be verified by the good signature
    27  	testDataFile string = "tests/data"
    28  	// signatureGoodFile is a good signature of testDataFile
    29  	signatureGoodFile string = "tests/verify_rsa_pkcs15_sha256.signature"
    30  	// signatureBadFile is a bad signature which does not work with testDataFile
    31  	signatureBadFile string = "tests/verify_rsa_pkcs15_sha256.signature2"
    32  )
    33  
    34  var (
    35  	// password is a PEM encrypted passphrase
    36  	password = []byte{'k', 'e', 'i', 'n', 's'}
    37  )
    38  
    39  func TestLoadDERPublicKey(t *testing.T) {
    40  	_, err := LoadPublicKeyFromFile(publicKeyDERFile)
    41  	require.Error(t, err)
    42  }
    43  
    44  func TestLoadPEMPublicKey(t *testing.T) {
    45  	_, err := LoadPublicKeyFromFile(publicKeyPEMFile)
    46  	require.NoError(t, err)
    47  }
    48  
    49  func TestLoadPEMPrivateKey(t *testing.T) {
    50  	_, err := LoadPrivateKeyFromFile(privateKeyPEMFile, password)
    51  	require.NoError(t, err)
    52  }
    53  
    54  func TestLoadBadPEMPrivateKey(t *testing.T) {
    55  	_, err := LoadPrivateKeyFromFile(privateKeyPEMFile, []byte{})
    56  	require.Error(t, err)
    57  }
    58  
    59  func TestSignVerifyData(t *testing.T) {
    60  	privateKey, err := LoadPrivateKeyFromFile(privateKeyPEMFile, password)
    61  	require.NoError(t, err)
    62  
    63  	publicKey, err := LoadPublicKeyFromFile(publicKeyPEMFile)
    64  	require.NoError(t, err)
    65  
    66  	testData, err := ioutil.ReadFile(testDataFile)
    67  	require.NoError(t, err)
    68  
    69  	signature := ed25519.Sign(privateKey, testData)
    70  	verified := ed25519.Verify(publicKey, testData, signature)
    71  	require.Equal(t, true, verified)
    72  }
    73  
    74  func TestGoodSignature(t *testing.T) {
    75  	publicKey, err := LoadPublicKeyFromFile(publicKeyPEMFile)
    76  	require.NoError(t, err)
    77  
    78  	testData, err := ioutil.ReadFile(testDataFile)
    79  	require.NoError(t, err)
    80  
    81  	signatureGood, err := ioutil.ReadFile(signatureGoodFile)
    82  	require.NoError(t, err)
    83  
    84  	verified := ed25519.Verify(publicKey, testData, signatureGood)
    85  	require.Equal(t, true, verified)
    86  }
    87  
    88  func TestBadSignature(t *testing.T) {
    89  	publicKey, err := LoadPublicKeyFromFile(publicKeyPEMFile)
    90  	require.NoError(t, err)
    91  
    92  	testData, err := ioutil.ReadFile(testDataFile)
    93  	require.NoError(t, err)
    94  
    95  	signatureBad, err := ioutil.ReadFile(signatureBadFile)
    96  	require.NoError(t, err)
    97  
    98  	verified := ed25519.Verify(publicKey, testData, signatureBad)
    99  	require.Equal(t, false, verified)
   100  }
   101  
   102  func TestGenerateKeys(t *testing.T) {
   103  	err := GeneratED25519Key(password, privateKeyPEMFile2, publicKeyPEMFile2)
   104  	require.NoError(t, err)
   105  }
   106  
   107  func TestGenerateUnprotectedKeys(t *testing.T) {
   108  	err := GeneratED25519Key(nil, privateKeyPEMFile2, publicKeyPEMFile2)
   109  	require.NoError(t, err)
   110  }