-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
setter/getter interfaces for key attestation (#33)
* setter/getter interfaces for key attestation Fix #30 Signed-off-by: Thomas Fossati <[email protected]> * better document the types returned by GetKeyAttestation Signed-off-by: Thomas Fossati <[email protected]> --------- Signed-off-by: Thomas Fossati <[email protected]>
- Loading branch information
1 parent
263a891
commit e82a194
Showing
3 changed files
with
172 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,91 @@ | ||
// Copyright 2023 Contributors to the Veraison project. | ||
// SPDX-License-Identifier: Apache-2.0 | ||
|
||
package ear | ||
|
||
import ( | ||
"crypto/ecdsa" | ||
"crypto/elliptic" | ||
"testing" | ||
|
||
"github.com/stretchr/testify/assert" | ||
"github.com/stretchr/testify/require" | ||
) | ||
|
||
func TestAppraisalExtensions_SetGetKeyAttestation_ok(t *testing.T) { | ||
expected := AppraisalExtensions{ | ||
VeraisonKeyAttestation: &map[string]interface{}{ | ||
"akpub": "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEaxfR8uEsQkf4vOblY6RA8ncDfYEt6zOg9KE5RdiYwpZP40Li_hp_m47n60p8D54WK84zV2sxXs7LtkBoN79R9Q", | ||
}, | ||
} | ||
|
||
kp, err := ecdsa.GenerateKey(elliptic.P256(), new(zeroSource)) | ||
require.NoError(t, err) | ||
tv := kp.Public() | ||
|
||
actual := AppraisalExtensions{} | ||
|
||
err = actual.SetKeyAttestation(tv) | ||
assert.NoError(t, err) | ||
assert.Equal(t, expected, actual) | ||
|
||
pub, err := actual.GetKeyAttestation() | ||
assert.NoError(t, err) | ||
assert.Equal(t, tv, pub) | ||
} | ||
|
||
func TestAppraisalExtensions_SetKeyAttestation_fail_unsupported_key_type(t *testing.T) { | ||
tv := "MFkwWwYHKo" | ||
|
||
actual := AppraisalExtensions{} | ||
err := actual.SetKeyAttestation(tv) | ||
assert.EqualError(t, err, "unsupported type for public key: string") | ||
} | ||
|
||
func TestAppraisalExtensions_GetKeyAttestation_fail_no_claim(t *testing.T) { | ||
tv := AppraisalExtensions{} | ||
|
||
_, err := tv.GetKeyAttestation() | ||
assert.EqualError(t, err, `"ear.veraison.key-attestation" claim not found`) | ||
} | ||
|
||
func TestAppraisalExtensions_GetKeyAttestation_fail_akpub_missing(t *testing.T) { | ||
tv := AppraisalExtensions{ | ||
VeraisonKeyAttestation: &map[string]interface{}{}, | ||
} | ||
|
||
_, err := tv.GetKeyAttestation() | ||
assert.EqualError(t, err, `"akpub" claim not found in "ear.veraison.key-attestation"`) | ||
} | ||
|
||
func TestAppraisalExtensions_GetKeyAttestation_fail_akpub_truncated(t *testing.T) { | ||
tv := AppraisalExtensions{ | ||
VeraisonKeyAttestation: &map[string]interface{}{ | ||
"akpub": "MFkwEwYHKo", | ||
}, | ||
} | ||
|
||
_, err := tv.GetKeyAttestation() | ||
assert.EqualError(t, err, `parsing "akpub" failed: asn1: syntax error: data truncated`) | ||
} | ||
|
||
func TestAppraisalExtensions_GetKeyAttestation_fail_akpub_not_a_string(t *testing.T) { | ||
tv := AppraisalExtensions{ | ||
VeraisonKeyAttestation: &map[string]interface{}{ | ||
"akpub": 141245, | ||
}, | ||
} | ||
|
||
_, err := tv.GetKeyAttestation() | ||
assert.EqualError(t, err, `"ear.veraison.key-attestation" malformed: "akpub" must be string`) | ||
} | ||
|
||
func TestAppraisalExtensions_GetKeyAttestation_fail_akpub_no_b64url(t *testing.T) { | ||
tv := AppraisalExtensions{ | ||
VeraisonKeyAttestation: &map[string]interface{}{ | ||
"akpub": "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEaxfR8uEsQkf4vOblY6RA8ncDfYEt6zOg9KE5RdiYwpZP40Li/hp/m47n60p8D54WK84zV2sxXs7LtkBoN79R9Q==", | ||
}, | ||
} | ||
_, err := tv.GetKeyAttestation() | ||
assert.EqualError(t, err, `"ear.veraison.key-attestation" malformed: decoding "akpub": illegal base64 data at input byte 84`) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
// Copyright 2023 Contributors to the Veraison project. | ||
// SPDX-License-Identifier: Apache-2.0 | ||
|
||
package ear | ||
|
||
// zeroSource is an io.Reader that returns an unlimited number of zero bytes. | ||
type zeroSource struct{} | ||
|
||
func (zeroSource) Read(b []byte) (n int, err error) { | ||
for i := range b { | ||
b[i] = 0 | ||
} | ||
|
||
return len(b), nil | ||
} |