-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathkey_test.go
134 lines (114 loc) · 2.87 KB
/
key_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
package pcert
import (
"crypto/ecdsa"
"crypto/ed25519"
"crypto/elliptic"
"crypto/rsa"
"crypto/x509"
"strings"
"testing"
)
func TestGenerateKey_default(t *testing.T) {
priv, pub, err := GenerateKey(KeyOptions{})
if err != nil {
t.Fatal("failed to create key", err)
}
_, ok := priv.(*ecdsa.PrivateKey)
if !ok {
t.Error("private key is not of type ecdsa.PrivateKey")
}
ecdsaPub, ok := pub.(*ecdsa.PublicKey)
if !ok {
t.Error("public key is not of type ecdsa.PublicKey")
}
want := elliptic.P256().Params().Name
got := ecdsaPub.Params().Name
if got != want {
t.Errorf("curve not set to default curve: got=%s want=%s", got, want)
}
}
func TestGenerateKey_ecdsaInvalid(t *testing.T) {
_, _, err := GenerateKey(KeyOptions{x509.ECDSA, 123})
if err == nil {
t.Fatal("generate key did not fail with invalid key size")
}
if !strings.Contains(err.Error(), "invalid size") {
t.Fatalf("error string does not contain invalid size: '%s'", err.Error())
}
}
func TestGenerateKey_ecdsa(t *testing.T) {
tests := []struct {
size int
expectedName string
}{
{0, elliptic.P256().Params().Name},
{224, elliptic.P224().Params().Name},
{256, elliptic.P256().Params().Name},
{384, elliptic.P384().Params().Name},
{521, elliptic.P521().Params().Name},
}
for _, test := range tests {
priv, pub, err := GenerateKey(KeyOptions{x509.ECDSA, test.size})
if err != nil {
t.Error("failed to create key", err)
continue
}
_, ok := priv.(*ecdsa.PrivateKey)
if !ok {
t.Error("private key is not of type ecdsa.PrivateKey")
}
ecdsaPub, ok := pub.(*ecdsa.PublicKey)
if !ok {
t.Error("public key is not of type ecdsa.PublicKey")
}
want := test.expectedName
got := ecdsaPub.Params().Name
if got != want {
t.Errorf("curve not set to default curve: got=%s want=%s", got, want)
}
}
}
func TestGenerateKey_rsa(t *testing.T) {
tests := []struct {
inputSize int
expectedKeySize int
}{
{0, defaultRSAKeySize},
{1024, 1024},
{4096, 4096},
}
for _, test := range tests {
priv, pub, err := GenerateKey(KeyOptions{x509.RSA, test.inputSize})
if err != nil {
t.Error("failed to create key", err)
continue
}
rsaPriv, ok := priv.(*rsa.PrivateKey)
if !ok {
t.Error("private key is not of type rsa.PrivateKey")
}
_, ok = pub.(*rsa.PublicKey)
if !ok {
t.Error("public key is not of type rsa.PublicKey")
}
got := rsaPriv.N.BitLen()
want := test.expectedKeySize
if got != want {
t.Errorf("wrong key size: got=%d want=%d", got, want)
}
}
}
func TestGenerateKey_ed25519(t *testing.T) {
priv, pub, err := GenerateKey(KeyOptions{x509.Ed25519, 0})
if err != nil {
t.Fatal("failed to create key", err)
}
_, ok := priv.(ed25519.PrivateKey)
if !ok {
t.Error("private key is not of type ed25519.PrivateKey")
}
_, ok = pub.(ed25519.PublicKey)
if !ok {
t.Error("public key is not of type ed25519.PublicKey")
}
}