File: key_test.go

package info (click to toggle)
singularity-container 4.0.3%2Bds1-1
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 21,672 kB
  • sloc: asm: 3,857; sh: 2,125; ansic: 1,677; awk: 414; makefile: 110; python: 99
file content (146 lines) | stat: -rw-r--r-- 4,217 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
 
// Copyright (c) 2019, Sylabs Inc. All rights reserved.
// This software is licensed under a 3-clause BSD license. Please consult the
// LICENSE.md file distributed with the sources of this project regarding your
// rights to use or distribute this software.

package cryptkey

import (
	"fmt"
	"testing"

	"github.com/pkg/errors"
	"github.com/sylabs/singularity/v4/internal/pkg/test"
)

const (
	invalidPemPath = "nothing"
	testPassphrase = "test"
)

func TestNewPlaintextKey(t *testing.T) {
	test.DropPrivilege(t)
	defer test.ResetPrivilege(t)

	tests := []struct {
		name          string
		keyInfo       KeyInfo
		expectedError error
	}{
		{
			name:          "unknown format",
			keyInfo:       KeyInfo{Format: Unknown},
			expectedError: ErrUnsupportedKeyURI,
		},
		{
			name:          "passphrase",
			keyInfo:       KeyInfo{Format: Passphrase, Material: testPassphrase},
			expectedError: nil,
		},
		{
			name:          "invalid pem",
			keyInfo:       KeyInfo{Format: PEM, Path: invalidPemPath},
			expectedError: nil,
		},
	}

	for _, tt := range tests {
		t.Run(tt.name, func(t *testing.T) {
			_, err := NewPlaintextKey(tt.keyInfo)
			// We do not always use predefined errors so when dealing with errors, we compare the text associated
			// to the error.
			if (err != nil && tt.expectedError != nil && err.Error() != tt.expectedError.Error()) ||
				((err == nil || tt.expectedError == nil) && err != tt.expectedError) {
				t.Fatalf("test %s returned an unexpected error: %s vs. %s", tt.name, err, tt.expectedError)
			}
		})
	}
}

func TestEncryptKey(t *testing.T) {
	test.DropPrivilege(t)
	defer test.ResetPrivilege(t)

	tests := []struct {
		name          string
		keyInfo       KeyInfo
		plaintext     []byte
		expectedError error
	}{
		{
			name:          "unknown format",
			keyInfo:       KeyInfo{Format: Unknown},
			plaintext:     []byte(""),
			expectedError: ErrUnsupportedKeyURI,
		},
		{
			name:          "passphrase",
			keyInfo:       KeyInfo{Format: Passphrase, Material: testPassphrase},
			plaintext:     []byte(""),
			expectedError: nil,
		},
		{
			name:          "invalid pem",
			keyInfo:       KeyInfo{Format: PEM, Path: invalidPemPath},
			plaintext:     []byte(""),
			expectedError: errors.Wrap(fmt.Errorf("open nothing: no such file or directory"), "loading public key for key encryption"),
		},
	}

	for _, tt := range tests {
		t.Run(tt.name, func(t *testing.T) {
			_, err := EncryptKey(tt.keyInfo, tt.plaintext)
			// We do not always use predefined errors so when dealing with errors, we compare the text associated
			// to the error.
			if (err != nil && tt.expectedError != nil && err.Error() != tt.expectedError.Error()) ||
				((err == nil || tt.expectedError == nil) && err != tt.expectedError) {
				t.Fatalf("test %s returned an unexpected error: %s vs. %s", tt.name, err, tt.expectedError)
			}
		})
	}
}

func TestPlaintextKey(t *testing.T) {
	test.DropPrivilege(t)
	defer test.ResetPrivilege(t)

	// TestPlaintestKey reads a key from an image. Creating an image does not
	// fit with unit tests testing so we only test error cases here.
	const (
		noimage = ""
	)

	tests := []struct {
		name          string
		keyInfo       KeyInfo
		expectedError error
	}{
		{
			name:          "unknown format",
			keyInfo:       KeyInfo{Format: Unknown},
			expectedError: ErrUnsupportedKeyURI,
		},
		{
			name:          "passphrase",
			keyInfo:       KeyInfo{Format: Passphrase, Material: testPassphrase},
			expectedError: nil,
		},
		{
			name:          "invalid pem",
			keyInfo:       KeyInfo{Format: PEM, Path: invalidPemPath},
			expectedError: fmt.Errorf("could not load PEM private key: open nothing: no such file or directory"),
		},
	}

	for _, tt := range tests {
		t.Run(tt.name, func(t *testing.T) {
			_, err := PlaintextKey(tt.keyInfo, noimage)
			// We do not always use predefined errors so when dealing with errors, we compare the text associated
			// to the error.
			if (err != nil && tt.expectedError != nil && err.Error() != tt.expectedError.Error()) ||
				((err == nil || tt.expectedError == nil) && err != tt.expectedError) {
				t.Fatalf("test %s returned an unexpected error: %s vs. %s", tt.name, err, tt.expectedError)
			}
		})
	}
}