63 lines
2.1 KiB
Go
63 lines
2.1 KiB
Go
package privatekey
|
|
|
|
import (
|
|
"crypto/ecdsa"
|
|
"crypto/elliptic"
|
|
"crypto/rand"
|
|
"crypto/rsa"
|
|
"testing"
|
|
|
|
"github.com/letsencrypt/boulder/test"
|
|
)
|
|
|
|
func TestVerifyRSAKeyPair(t *testing.T) {
|
|
privKey1, err := rsa.GenerateKey(rand.Reader, 2048)
|
|
test.AssertNotError(t, err, "Failed while generating test key 1")
|
|
|
|
_, _, err = verify(privKey1)
|
|
test.AssertNotError(t, err, "Failed to verify valid key")
|
|
|
|
privKey2, err := rsa.GenerateKey(rand.Reader, 2048)
|
|
test.AssertNotError(t, err, "Failed while generating test key 2")
|
|
|
|
verifyHash, err := makeVerifyHash()
|
|
test.AssertNotError(t, err, "Failed to make verify hash: %s")
|
|
|
|
_, _, err = verifyRSA(privKey1, &privKey2.PublicKey, verifyHash)
|
|
test.AssertError(t, err, "Failed to detect invalid key pair")
|
|
}
|
|
|
|
func TestVerifyECDSAKeyPair(t *testing.T) {
|
|
privKey1, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
|
|
test.AssertNotError(t, err, "Failed while generating test key 1")
|
|
|
|
_, _, err = verify(privKey1)
|
|
test.AssertNotError(t, err, "Failed to verify valid key")
|
|
|
|
privKey2, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
|
|
test.AssertNotError(t, err, "Failed while generating test key 2")
|
|
|
|
verifyHash, err := makeVerifyHash()
|
|
test.AssertNotError(t, err, "Failed to make verify hash: %s")
|
|
|
|
_, _, err = verifyECDSA(privKey1, &privKey2.PublicKey, verifyHash)
|
|
test.AssertError(t, err, "Failed to detect invalid key pair")
|
|
}
|
|
|
|
func TestLoad(t *testing.T) {
|
|
signer, public, err := Load("../test/hierarchy/ee-e1.key.pem")
|
|
test.AssertNotError(t, err, "Failed to load a valid ECDSA key file")
|
|
test.AssertNotNil(t, signer, "Signer should not be Nil")
|
|
test.AssertNotNil(t, public, "Public should not be Nil")
|
|
|
|
signer, public, err = Load("../test/hierarchy/ee-r3.key.pem")
|
|
test.AssertNotError(t, err, "Failed to load a valid RSA key file")
|
|
test.AssertNotNil(t, signer, "Signer should not be Nil")
|
|
test.AssertNotNil(t, public, "Public should not be Nil")
|
|
|
|
signer, public, err = Load("../test/hierarchy/ee-e1.cert.pem")
|
|
test.AssertError(t, err, "Should have failed, file is a certificate")
|
|
test.AssertNil(t, signer, "Signer should be nil")
|
|
test.AssertNil(t, public, "Public should be nil")
|
|
}
|