go_study/fabric-main/bccsp/sw/keyimport_test.go

209 lines
6.8 KiB
Go

/*
Copyright IBM Corp. 2017 All Rights Reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package sw
import (
"crypto/rand"
"crypto/rsa"
"crypto/x509"
"errors"
"reflect"
"testing"
mocks2 "github.com/hyperledger/fabric/bccsp/mocks"
"github.com/hyperledger/fabric/bccsp/sw/mocks"
"github.com/stretchr/testify/require"
)
func TestKeyImport(t *testing.T) {
t.Parallel()
expectedRaw := []byte{1, 2, 3}
expectedOpts := &mocks2.KeyDerivOpts{EphemeralValue: true}
expectetValue := &mocks2.MockKey{BytesValue: []byte{1, 2, 3, 4, 5}}
expectedErr := errors.New("Expected Error")
keyImporters := make(map[reflect.Type]KeyImporter)
keyImporters[reflect.TypeOf(&mocks2.KeyDerivOpts{})] = &mocks.KeyImporter{
RawArg: expectedRaw,
OptsArg: expectedOpts,
Value: expectetValue,
Err: expectedErr,
}
csp := CSP{KeyImporters: keyImporters}
value, err := csp.KeyImport(expectedRaw, expectedOpts)
require.Nil(t, value)
require.Contains(t, err.Error(), expectedErr.Error())
keyImporters = make(map[reflect.Type]KeyImporter)
keyImporters[reflect.TypeOf(&mocks2.KeyDerivOpts{})] = &mocks.KeyImporter{
RawArg: expectedRaw,
OptsArg: expectedOpts,
Value: expectetValue,
Err: nil,
}
csp = CSP{KeyImporters: keyImporters}
value, err = csp.KeyImport(expectedRaw, expectedOpts)
require.Equal(t, expectetValue, value)
require.Nil(t, err)
}
func TestAES256ImportKeyOptsKeyImporter(t *testing.T) {
t.Parallel()
ki := aes256ImportKeyOptsKeyImporter{}
_, err := ki.KeyImport("Hello World", &mocks2.KeyImportOpts{})
require.Error(t, err)
require.Contains(t, err.Error(), "Invalid raw material. Expected byte array.")
_, err = ki.KeyImport(nil, &mocks2.KeyImportOpts{})
require.Error(t, err)
require.Contains(t, err.Error(), "Invalid raw material. Expected byte array.")
_, err = ki.KeyImport([]byte(nil), &mocks2.KeyImportOpts{})
require.Error(t, err)
require.Contains(t, err.Error(), "Invalid raw material. It must not be nil.")
_, err = ki.KeyImport([]byte{0}, &mocks2.KeyImportOpts{})
require.Error(t, err)
require.Contains(t, err.Error(), "Invalid Key Length [")
}
func TestHMACImportKeyOptsKeyImporter(t *testing.T) {
t.Parallel()
ki := hmacImportKeyOptsKeyImporter{}
_, err := ki.KeyImport("Hello World", &mocks2.KeyImportOpts{})
require.Error(t, err)
require.Contains(t, err.Error(), "Invalid raw material. Expected byte array.")
_, err = ki.KeyImport(nil, &mocks2.KeyImportOpts{})
require.Error(t, err)
require.Contains(t, err.Error(), "Invalid raw material. Expected byte array.")
_, err = ki.KeyImport([]byte(nil), &mocks2.KeyImportOpts{})
require.Error(t, err)
require.Contains(t, err.Error(), "Invalid raw material. It must not be nil.")
}
func TestECDSAPKIXPublicKeyImportOptsKeyImporter(t *testing.T) {
t.Parallel()
ki := ecdsaPKIXPublicKeyImportOptsKeyImporter{}
_, err := ki.KeyImport("Hello World", &mocks2.KeyImportOpts{})
require.Error(t, err)
require.Contains(t, err.Error(), "Invalid raw material. Expected byte array.")
_, err = ki.KeyImport(nil, &mocks2.KeyImportOpts{})
require.Error(t, err)
require.Contains(t, err.Error(), "Invalid raw material. Expected byte array.")
_, err = ki.KeyImport([]byte(nil), &mocks2.KeyImportOpts{})
require.Error(t, err)
require.Contains(t, err.Error(), "Invalid raw. It must not be nil.")
_, err = ki.KeyImport([]byte{0}, &mocks2.KeyImportOpts{})
require.Error(t, err)
require.Contains(t, err.Error(), "Failed converting PKIX to ECDSA public key [")
k, err := rsa.GenerateKey(rand.Reader, 512)
require.NoError(t, err)
raw, err := x509.MarshalPKIXPublicKey(&k.PublicKey)
require.NoError(t, err)
_, err = ki.KeyImport(raw, &mocks2.KeyImportOpts{})
require.Error(t, err)
require.Contains(t, err.Error(), "Failed casting to ECDSA public key. Invalid raw material.")
}
func TestECDSAPrivateKeyImportOptsKeyImporter(t *testing.T) {
t.Parallel()
ki := ecdsaPrivateKeyImportOptsKeyImporter{}
_, err := ki.KeyImport("Hello World", &mocks2.KeyImportOpts{})
require.Error(t, err)
require.Contains(t, err.Error(), "Invalid raw material. Expected byte array.")
_, err = ki.KeyImport(nil, &mocks2.KeyImportOpts{})
require.Error(t, err)
require.Contains(t, err.Error(), "Invalid raw material. Expected byte array.")
_, err = ki.KeyImport([]byte(nil), &mocks2.KeyImportOpts{})
require.Error(t, err)
require.Contains(t, err.Error(), "Invalid raw. It must not be nil.")
_, err = ki.KeyImport([]byte{0}, &mocks2.KeyImportOpts{})
require.Error(t, err)
require.Contains(t, err.Error(), "Failed converting PKIX to ECDSA public key")
k, err := rsa.GenerateKey(rand.Reader, 512)
require.NoError(t, err)
raw := x509.MarshalPKCS1PrivateKey(k)
_, err = ki.KeyImport(raw, &mocks2.KeyImportOpts{})
require.Error(t, err)
require.Contains(t, err.Error(), "Failed casting to ECDSA private key. Invalid raw material.")
}
func TestECDSAGoPublicKeyImportOptsKeyImporter(t *testing.T) {
t.Parallel()
ki := ecdsaGoPublicKeyImportOptsKeyImporter{}
_, err := ki.KeyImport("Hello World", &mocks2.KeyImportOpts{})
require.Error(t, err)
require.Contains(t, err.Error(), "Invalid raw material. Expected *ecdsa.PublicKey.")
_, err = ki.KeyImport(nil, &mocks2.KeyImportOpts{})
require.Error(t, err)
require.Contains(t, err.Error(), "Invalid raw material. Expected *ecdsa.PublicKey.")
}
func TestX509PublicKeyImportOptsKeyImporter(t *testing.T) {
t.Parallel()
ki := x509PublicKeyImportOptsKeyImporter{}
_, err := ki.KeyImport("Hello World", &mocks2.KeyImportOpts{})
require.Error(t, err)
require.Contains(t, err.Error(), "Invalid raw material. Expected *x509.Certificate.")
_, err = ki.KeyImport(nil, &mocks2.KeyImportOpts{})
require.Error(t, err)
require.Contains(t, err.Error(), "Invalid raw material. Expected *x509.Certificate.")
cert := &x509.Certificate{}
cert.PublicKey = "Hello world"
_, err = ki.KeyImport(cert, &mocks2.KeyImportOpts{})
require.Error(t, err)
require.Contains(t, err.Error(), "Certificate's public key type not recognized. Supported keys: [ECDSA, RSA]")
}
func TestX509RSAKeyImport(t *testing.T) {
pk, err := rsa.GenerateKey(rand.Reader, 2048)
require.NoError(t, err, "key generation failed")
cert := &x509.Certificate{PublicKey: pk.Public()}
ki := x509PublicKeyImportOptsKeyImporter{}
key, err := ki.KeyImport(cert, nil)
require.NoError(t, err, "key import failed")
require.NotNil(t, key, "key must not be nil")
require.Equal(t, &rsaPublicKey{pubKey: &pk.PublicKey}, key)
}