File: file_test.go

package info (click to toggle)
golang-github-sigstore-timestamp-authority 1.2.3-2
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 824 kB
  • sloc: makefile: 113; sh: 42
file content (98 lines) | stat: -rw-r--r-- 2,555 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
 
// Copyright 2022 The Sigstore Authors.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//     http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

package signer

import (
	"crypto"
	"crypto/ecdsa"
	"crypto/ed25519"
	"crypto/elliptic"
	"crypto/rand"
	"crypto/rsa"
	"encoding/pem"
	"os"
	"path/filepath"
	"testing"

	"go.step.sm/crypto/pemutil"
)

func TestNewFileSigner(t *testing.T) {
	td := t.TempDir()

	password := "password1!"

	_, ed25519Key, _ := ed25519.GenerateKey(rand.Reader)
	pemED25519, _ := pemutil.Serialize(ed25519Key, pemutil.WithPassword([]byte(password)))
	ed25519KeyFile := filepath.Join(td, "ed25519-key.pem")
	if err := os.WriteFile(ed25519KeyFile, pem.EncodeToMemory(pemED25519), 0644); err != nil {
		t.Fatal(err)
	}

	ecdsaKey, _ := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
	pemECDSA, _ := pemutil.Serialize(ecdsaKey, pemutil.WithPassword([]byte(password)))
	ecdsaKeyFile := filepath.Join(td, "ecdsa-key.pem")
	if err := os.WriteFile(ecdsaKeyFile, pem.EncodeToMemory(pemECDSA), 0644); err != nil {
		t.Fatal(err)
	}

	rsaKey, _ := rsa.GenerateKey(rand.Reader, 4096)
	pemRSA, _ := pemutil.Serialize(rsaKey, pemutil.WithPassword([]byte(password)))
	rsaKeyFile := filepath.Join(td, "rsa-key.pem")
	if err := os.WriteFile(rsaKeyFile, pem.EncodeToMemory(pemRSA), 0644); err != nil {
		t.Fatal(err)
	}

	tests := []struct {
		name    string
		keyPath string
		keyPass string
		wantErr bool
	}{
		{
			name:    "valid ECDSA",
			keyPath: ecdsaKeyFile,
			keyPass: password,
			wantErr: false,
		},
		{
			name:    "valid RSA",
			keyPath: rsaKeyFile,
			keyPass: password,
			wantErr: false,
		},
		{
			name:    "valid ed25519",
			keyPath: ed25519KeyFile,
			keyPass: password,
			wantErr: false,
		},
		{
			name:    "invalid password",
			keyPath: ecdsaKeyFile,
			keyPass: "123",
			wantErr: true,
		},
	}
	for _, tc := range tests {
		t.Run(tc.name, func(t *testing.T) {
			tc := tc
			_, err := NewFileSigner(tc.keyPath, tc.keyPass, crypto.SHA256)
			if tc.wantErr != (err != nil) {
				t.Errorf("NewFileSigner() expected %t, got err %s", tc.wantErr, err)
			}
		})
	}
}