From 42ded6231cadf565f76fa353182acecbe82792ef Mon Sep 17 00:00:00 2001 From: Diogo Monica Date: Mon, 20 Jul 2015 13:29:26 -0700 Subject: [PATCH] Converted tests to testify and EC generation Signed-off-by: Diogo Monica --- client/client_root_validation_test.go | 5 +- trustmanager/keyfilestore_test.go | 214 +++++++------------------- 2 files changed, 63 insertions(+), 156 deletions(-) diff --git a/client/client_root_validation_test.go b/client/client_root_validation_test.go index 68612fb863..8aa3511d4c 100644 --- a/client/client_root_validation_test.go +++ b/client/client_root_validation_test.go @@ -36,7 +36,10 @@ const signedRSARootTemplate = `{"signed":{"_type":"Root","consistent_snapshot":f // We test this with both an RSA and ECDSA root key func TestValidateRoot(t *testing.T) { logrus.SetLevel(logrus.DebugLevel) - validateRootSuccessfully(t, data.RSAKey) + validateRootSuccessfully(t, data.ECDSAKey) + if !testing.Short() { + validateRootSuccessfully(t, data.RSAKey) + } } func validateRootSuccessfully(t *testing.T, rootType data.KeyAlgorithm) { diff --git a/trustmanager/keyfilestore_test.go b/trustmanager/keyfilestore_test.go index 9eae4e96ca..4312edc285 100644 --- a/trustmanager/keyfilestore_test.go +++ b/trustmanager/keyfilestore_test.go @@ -1,15 +1,14 @@ package trustmanager import ( - "bytes" "crypto/rand" "errors" - "github.com/docker/notary/Godeps/_workspace/src/github.com/stretchr/testify/assert" "io/ioutil" "os" "path/filepath" - "strings" "testing" + + "github.com/docker/notary/Godeps/_workspace/src/github.com/stretchr/testify/assert" ) var passphraseRetriever = func(keyID string, alias string, createNew bool, numAttempts int) (string, bool, error) { @@ -27,9 +26,7 @@ func TestAddKey(t *testing.T) { // Temporary directory where test files will be created tempBaseDir, err := ioutil.TempDir("", "notary-test-") - if err != nil { - t.Fatalf("failed to create a temporary directory: %v", err) - } + assert.NoError(t, err, "failed to create a temporary directory") defer os.RemoveAll(tempBaseDir) // Since we're generating this manually we need to add the extension '.' @@ -37,30 +34,19 @@ func TestAddKey(t *testing.T) { // Create our store store, err := NewKeyFileStore(tempBaseDir, passphraseRetriever) - if err != nil { - t.Fatalf("failed to create new key filestore: %v", err) - } + assert.NoError(t, err, "failed to create new key filestore") - privKey, err := GenerateRSAKey(rand.Reader, 512) - if err != nil { - t.Fatalf("could not generate private key: %v", err) - } + privKey, err := GenerateECDSAKey(rand.Reader) + assert.NoError(t, err, "could not generate private key") // Call the AddKey function err = store.AddKey(testName, "root", privKey) - if err != nil { - t.Fatalf("failed to add file to store: %v", err) - } + assert.NoError(t, err, "failed to add key to store") // Check to see if file exists b, err := ioutil.ReadFile(expectedFilePath) - if err != nil { - t.Fatalf("expected file not found: %v", err) - } - - if !strings.Contains(string(b), "-----BEGIN RSA PRIVATE KEY-----") { - t.Fatalf("expected private key content in the file: %s", expectedFilePath) - } + assert.NoError(t, err, "expected file not found") + assert.Contains(t, string(b), "-----BEGIN EC PRIVATE KEY-----") } func TestGet(t *testing.T) { @@ -101,39 +87,27 @@ EMl3eFOJXjIch/wIesRSN+2dGOsl7neercjMh1i9RvpCwHDx/E0= // Temporary directory where test files will be created tempBaseDir, err := ioutil.TempDir("", "notary-test-") - if err != nil { - t.Fatalf("failed to create a temporary directory: %v", err) - } + assert.NoError(t, err, "failed to create a temporary directory") defer os.RemoveAll(tempBaseDir) // Since we're generating this manually we need to add the extension '.' filePath := filepath.Join(tempBaseDir, testName+"_"+testAlias+"."+testExt) os.MkdirAll(filepath.Dir(filePath), perms) - if err = ioutil.WriteFile(filePath, testData, perms); err != nil { - t.Fatalf("Failed to write test file: %v", err) - } + err = ioutil.WriteFile(filePath, testData, perms) + assert.NoError(t, err, "failed to write test file") // Create our store store, err := NewKeyFileStore(tempBaseDir, emptyPassphraseRetriever) - if err != nil { - t.Fatalf("failed to create new key filestore: %v", err) - } + assert.NoError(t, err, "failed to create new key filestore") // Call the GetKey function privKey, _, err := store.GetKey(testName) - if err != nil { - t.Fatalf("failed to get file from store: %v", err) - } + assert.NoError(t, err, "failed to get key from store") pemPrivKey, err := KeyToPEM(privKey) - if err != nil { - t.Fatalf("failed to convert key to PEM: %v", err) - } - - if !bytes.Equal(testData, pemPrivKey) { - t.Fatalf("unexpected content in the file: %s", filePath) - } + assert.NoError(t, err, "failed to convert key to PEM") + assert.Equal(t, testData, pemPrivKey) } func TestAddGetKeyMemStore(t *testing.T) { @@ -143,31 +117,20 @@ func TestAddGetKeyMemStore(t *testing.T) { // Create our store store := NewKeyMemoryStore(passphraseRetriever) - privKey, err := GenerateRSAKey(rand.Reader, 512) - if err != nil { - t.Fatalf("could not generate private key: %v", err) - } + privKey, err := GenerateECDSAKey(rand.Reader) + assert.NoError(t, err, "could not generate private key") // Call the AddKey function err = store.AddKey(testName, testAlias, privKey) - if err != nil { - t.Fatalf("failed to add file to store: %v", err) - } + assert.NoError(t, err, "failed to add key to store") // Check to see if file exists retrievedKey, retrievedAlias, err := store.GetKey(testName) - if err != nil { - t.Fatalf("failed to get key from store: %v", err) - } + assert.NoError(t, err, "failed to get key from store") - if retrievedAlias != testAlias { - t.Fatalf("retrievedAlias differs getAlias") - } - - if !bytes.Equal(retrievedKey.Public(), privKey.Public()) || - !bytes.Equal(retrievedKey.Private(), privKey.Private()) { - t.Fatalf("key contents differs after add/get") - } + assert.Equal(t, retrievedAlias, testAlias) + assert.Equal(t, retrievedKey.Public(), privKey.Public()) + assert.Equal(t, retrievedKey.Private(), privKey.Private()) } func TestGetDecryptedWithTamperedCipherText(t *testing.T) { testExt := "key" @@ -175,49 +138,38 @@ func TestGetDecryptedWithTamperedCipherText(t *testing.T) { // Temporary directory where test files will be created tempBaseDir, err := ioutil.TempDir("", "notary-test-") - if err != nil { - t.Fatalf("failed to create a temporary directory: %v", err) - } + assert.NoError(t, err, "failed to create a temporary directory") defer os.RemoveAll(tempBaseDir) // Create our FileStore store, err := NewKeyFileStore(tempBaseDir, passphraseRetriever) - if err != nil { - t.Fatalf("failed to create new key filestore: %v", err) - } + assert.NoError(t, err, "failed to create new key filestore") // Generate a new Private Key - privKey, err := GenerateRSAKey(rand.Reader, 512) - if err != nil { - t.Fatalf("could not generate private key: %v", err) - } + privKey, err := GenerateECDSAKey(rand.Reader) + assert.NoError(t, err, "could not generate private key") // Call the AddEncryptedKey function err = store.AddKey(privKey.ID(), testAlias, privKey) - if err != nil { - t.Fatalf("failed to add file to store: %v", err) - } + assert.NoError(t, err, "failed to add key to store") // Since we're generating this manually we need to add the extension '.' expectedFilePath := filepath.Join(tempBaseDir, privKey.ID()+"_"+testAlias+"."+testExt) // Get file description, open file fp, err := os.OpenFile(expectedFilePath, os.O_WRONLY, 0600) - if err != nil { - t.Fatalf("expected file not found: %v", err) - } + assert.NoError(t, err, "expected file not found") // Tamper the file fp.WriteAt([]byte("a"), int64(1)) // Recreate the KeyFileStore to avoid caching store, err = NewKeyFileStore(tempBaseDir, passphraseRetriever) + assert.NoError(t, err, "failed to create new key filestore") // Try to decrypt the file _, _, err = store.GetKey(privKey.ID()) - if err == nil { - t.Fatalf("expected error while decrypting the content due to invalid cipher text") - } + assert.Error(t, err, "expected error while decrypting the content due to invalid cipher text") } func TestGetDecryptedWithInvalidPassphrase(t *testing.T) { @@ -236,21 +188,15 @@ func TestGetDecryptedWithInvalidPassphrase(t *testing.T) { // Temporary directory where test files will be created tempBaseDir, err := ioutil.TempDir("", "notary-test-") - if err != nil { - t.Fatalf("failed to create a temporary directory: %v", err) - } + assert.NoError(t, err, "failed to create a temporary directory") defer os.RemoveAll(tempBaseDir) // Test with KeyFileStore fileStore, err := NewKeyFileStore(tempBaseDir, invalidPassphraseRetriever) - if err != nil { - t.Fatalf("failed to create new key filestore: %v", err) - } + assert.NoError(t, err, "failed to create new key filestore") newFileStore, err := NewKeyFileStore(tempBaseDir, invalidPassphraseRetriever) - if err != nil { - t.Fatalf("failed to create new key filestore: %v", err) - } + assert.NoError(t, err, "failed to create new key filestore") testGetDecryptedWithInvalidPassphrase(t, fileStore, newFileStore) @@ -269,21 +215,15 @@ func TestGetDecryptedWithConsistentlyInvalidPassphrase(t *testing.T) { // Temporary directory where test files will be created tempBaseDir, err := ioutil.TempDir("", "notary-test-") - if err != nil { - t.Fatalf("failed to create a temporary directory: %v", err) - } + assert.NoError(t, err, "failed to create a temporary directory") defer os.RemoveAll(tempBaseDir) // Test with KeyFileStore fileStore, err := NewKeyFileStore(tempBaseDir, consistentlyInvalidPassphraseRetriever) - if err != nil { - t.Fatalf("failed to create new key filestore: %v", err) - } + assert.NoError(t, err, "failed to create new key filestore") newFileStore, err := NewKeyFileStore(tempBaseDir, consistentlyInvalidPassphraseRetriever) - if err != nil { - t.Fatalf("failed to create new key filestore: %v", err) - } + assert.NoError(t, err, "failed to create new key filestore") testGetDecryptedWithInvalidPassphrase(t, fileStore, newFileStore) @@ -297,22 +237,16 @@ func testGetDecryptedWithInvalidPassphrase(t *testing.T, store KeyStore, newStor testAlias := "root" // Generate a new random RSA Key - privKey, err := GenerateRSAKey(rand.Reader, 512) - if err != nil { - t.Fatalf("could not generate private key: %v", err) - } + privKey, err := GenerateECDSAKey(rand.Reader) + assert.NoError(t, err, "could not generate private key") // Call the AddKey function err = store.AddKey(privKey.ID(), testAlias, privKey) - if err != nil { - t.Fatalf("failed to add file to store: %v", err) - } + assert.NoError(t, err, "failed to add key to store") // Try to decrypt the file with an invalid passphrase _, _, err = newStore.GetKey(privKey.ID()) - if err == nil { - t.Fatalf("expected error while decrypting the content due to invalid passphrase") - } + assert.Error(t, err, "expected error while decrypting the content due to invalid passphrase") } func TestRemoveKey(t *testing.T) { @@ -322,9 +256,7 @@ func TestRemoveKey(t *testing.T) { // Temporary directory where test files will be created tempBaseDir, err := ioutil.TempDir("", "notary-test-") - if err != nil { - t.Fatalf("failed to create a temporary directory: %v", err) - } + assert.NoError(t, err, "failed to create a temporary directory") defer os.RemoveAll(tempBaseDir) // Since we're generating this manually we need to add the extension '.' @@ -332,38 +264,26 @@ func TestRemoveKey(t *testing.T) { // Create our store store, err := NewKeyFileStore(tempBaseDir, passphraseRetriever) - if err != nil { - t.Fatalf("failed to create new key filestore: %v", err) - } + assert.NoError(t, err, "failed to create new key filestore") - privKey, err := GenerateRSAKey(rand.Reader, 512) - if err != nil { - t.Fatalf("could not generate private key: %v", err) - } + privKey, err := GenerateECDSAKey(rand.Reader) + assert.NoError(t, err, "could not generate private key") // Call the AddKey function err = store.AddKey(testName, testAlias, privKey) - if err != nil { - t.Fatalf("failed to add file to store: %v", err) - } + assert.NoError(t, err, "failed to add key to store") // Check to see if file exists _, err = ioutil.ReadFile(expectedFilePath) - if err != nil { - t.Fatalf("expected file not found: %v", err) - } + assert.NoError(t, err, "expected file not found") // Call remove key err = store.RemoveKey(testName) - if err != nil { - t.Fatalf("unable to remove key: %v", err) - } + assert.NoError(t, err, "unable to remove key") // Check to see if file still exists _, err = ioutil.ReadFile(expectedFilePath) - if err == nil { - t.Fatalf("file should not exist %s", expectedFilePath) - } + assert.Error(t, err, "file should not exist") } func TestKeysAreCached(t *testing.T) { @@ -372,9 +292,7 @@ func TestKeysAreCached(t *testing.T) { // Temporary directory where test files will be created tempBaseDir, err := ioutil.TempDir("", "notary-test-") - if err != nil { - t.Fatalf("failed to create a temporary directory: %v", err) - } + assert.NoError(t, err, "failed to create a temporary directory") defer os.RemoveAll(tempBaseDir) var countingPassphraseRetriever PassphraseRetriever @@ -387,28 +305,20 @@ func TestKeysAreCached(t *testing.T) { // Create our store store, err := NewKeyFileStore(tempBaseDir, countingPassphraseRetriever) - if err != nil { - t.Fatalf("failed to create new key filestore: %v", err) - } + assert.NoError(t, err, "failed to create new key filestore") - privKey, err := GenerateRSAKey(rand.Reader, 512) - if err != nil { - t.Fatalf("could not generate private key: %v", err) - } + privKey, err := GenerateECDSAKey(rand.Reader) + assert.NoError(t, err, "could not generate private key") // Call the AddKey function err = store.AddKey(testName, testAlias, privKey) - if err != nil { - t.Fatalf("failed to add file to store: %v", err) - } + assert.NoError(t, err, "failed to add key to store") assert.Equal(t, 1, numTimesCalled, "numTimesCalled should have been 1") // Call the AddKey function privKey2, _, err := store.GetKey(testName) - if err != nil { - t.Fatalf("failed to add file to store: %v", err) - } + assert.NoError(t, err, "failed to add key to store") assert.Equal(t, privKey.Public(), privKey2.Public(), "cachedPrivKey should be the same as the added privKey") assert.Equal(t, privKey.Private(), privKey2.Private(), "cachedPrivKey should be the same as the added privKey") @@ -416,15 +326,11 @@ func TestKeysAreCached(t *testing.T) { // Create a new store store2, err := NewKeyFileStore(tempBaseDir, countingPassphraseRetriever) - if err != nil { - t.Fatalf("failed to create new key filestore: %v", err) - } + assert.NoError(t, err, "failed to create new key filestore") - // Call the AddKey function + // Call the GetKey function privKey3, _, err := store2.GetKey(testName) - if err != nil { - t.Fatalf("failed to add file to store: %v", err) - } + assert.NoError(t, err, "failed to get key from store") assert.Equal(t, privKey2.Private(), privKey3.Private(), "privkey from store1 should be the same as privkey from store2") assert.Equal(t, privKey2.Public(), privKey3.Public(), "privkey from store1 should be the same as privkey from store2") @@ -433,9 +339,7 @@ func TestKeysAreCached(t *testing.T) { // Call the GetKey function a bunch of times for i := 0; i < 10; i++ { _, _, err := store2.GetKey(testName) - if err != nil { - t.Fatalf("failed to add file to store: %v", err) - } + assert.NoError(t, err, "failed to get key from store") } assert.Equal(t, 2, numTimesCalled, "numTimesCalled should be 2 -- no additional call to passphraseRetriever") }