1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
|
package types
import (
"bytes"
"strings"
"testing"
"crypto/ed25519"
)
// TestNamespaceString checks that the String() function prints the right
// format, and that the body is printed without a nil-pointer panic.
func TestNamespaceString(t *testing.T) {
wantPrefix := map[NamespaceFormat]string{
NamespaceFormatReserved: "Format(reserved)",
NamespaceFormatEd25519V1: "Format(ed25519_v1): &{Namespace",
NamespaceFormat(1<<16 - 1): "unknown Namespace: unknown NamespaceFormat: 65535",
}
tests := append(test_cases_namespace(t), testCaseSerialize{
description: "valid: unknown Namespace",
item: Namespace{
Format: NamespaceFormat(1<<16 - 1),
},
})
for _, table := range tests {
namespace, ok := table.item.(Namespace)
if !ok {
t.Fatalf("must cast to Namespace in test %q", table.description)
}
prefix, ok := wantPrefix[namespace.Format]
if !ok {
t.Fatalf("must have prefix for StFormat %v in test %q", namespace.Format, table.description)
}
if got, want := namespace.String(), prefix; !strings.HasPrefix(got, want) {
t.Errorf("got %q but wanted prefix %q in test %q", got, want, table.description)
}
}
}
func TestFingerprint(t *testing.T) {
for _, table := range []struct {
description string
namespace *Namespace
wantErr bool
wantFpr [NamespaceFingerprintSize]byte
}{
{
description: "invalid: no fingerprint for type",
namespace: &Namespace{
Format: NamespaceFormatReserved,
},
wantErr: true,
},
{
description: "valid: ed25519_v1",
namespace: mustInitNamespaceEd25519V1(t, 0xaf),
wantFpr: func() (ret [NamespaceFingerprintSize]byte) {
for i, _ := range ret {
ret[i] = 0xaf
}
return
}(),
},
} {
fpr, err := table.namespace.Fingerprint()
if got, want := err != nil, table.wantErr; got != want {
t.Errorf("got error %v but wanted %v in test %q: %v", got, want, table.description, err)
}
if err != nil {
continue
}
if got, want := *fpr, table.wantFpr; !bytes.Equal(got[:], want[:]) {
t.Errorf("got fpr %v but wanted %v in test %q", got, want, table.description)
}
}
}
func TestVerify(t *testing.T) {
var tests []testCaseNamespace
tests = append(tests, test_cases_verify(t)...)
tests = append(tests, test_cases_verify_ed25519v1(t)...)
for _, table := range tests {
err := table.namespace.Verify(table.msg, table.sig)
if got, want := err != nil, table.wantErr; got != want {
t.Errorf("got error=%v but wanted %v in test %q: %v", got, want, table.description, err)
}
}
}
func TestNewNamespaceEd25519V1(t *testing.T) {
size := 32 // verification key size
for _, table := range []struct {
description string
vk []byte
wantErr bool
}{
{
description: "invalid",
vk: make([]byte, size+1),
wantErr: true,
},
{
description: "valid",
vk: make([]byte, size),
},
} {
n, err := NewNamespaceEd25519V1(table.vk)
if got, want := err != nil, table.wantErr; got != want {
t.Errorf("got error %v but wanted %v in test %q: %v", got, want, table.description, err)
}
if err != nil {
continue
}
if got, want := n.Format, NamespaceFormatEd25519V1; got != want {
t.Errorf("got namespace format %v but wanted %v in test %q", got, want, table.description)
continue
}
if got, want := n.Ed25519V1.Namespace[:], table.vk; !bytes.Equal(got, want) {
t.Errorf("got namespace %X but wanted %X in test %q", got, want, table.description)
}
}
}
// testCaseNamespace is a common test case used for Namespace.Verify() tests
type testCaseNamespace struct {
description string
namespace *Namespace
msg, sig []byte
wantErr bool
}
// test_cases_verify returns basic namespace.Verify() tests
func test_cases_verify(t *testing.T) []testCaseNamespace {
return []testCaseNamespace{
{
description: "test_cases_verify: invalid: unsupported namespace",
namespace: &Namespace{Format: NamespaceFormatReserved},
msg: []byte("msg"),
sig: []byte("sig"),
wantErr: true,
},
}
}
// test_cases_verify_ed25519v1 returns ed25519_v1 Namespace.Verify() tests
func test_cases_verify_ed25519v1(t *testing.T) []testCaseNamespace {
testEd25519Sk := [64]byte{230, 122, 195, 152, 194, 195, 147, 153, 80, 120, 153, 79, 102, 27, 52, 187, 136, 218, 150, 234, 107, 9, 167, 4, 92, 21, 11, 113, 42, 29, 129, 69, 75, 60, 249, 150, 229, 93, 75, 32, 103, 126, 244, 37, 53, 182, 68, 82, 249, 109, 49, 94, 10, 19, 146, 244, 58, 191, 169, 107, 78, 37, 45, 210}
testEd25519Vk := [32]byte{75, 60, 249, 150, 229, 93, 75, 32, 103, 126, 244, 37, 53, 182, 68, 82, 249, 109, 49, 94, 10, 19, 146, 244, 58, 191, 169, 107, 78, 37, 45, 210}
return []testCaseNamespace{
{
description: "test_cases_verify_ed25519v1: invalid: sk signed message, but vk is not for sk",
namespace: &Namespace{
Format: NamespaceFormatEd25519V1,
Ed25519V1: &Ed25519V1{
Namespace: [32]byte{},
},
},
msg: []byte("message"),
sig: ed25519.Sign(ed25519.PrivateKey(testEd25519Sk[:]), []byte("message")),
wantErr: true,
},
{
description: "test_cases_verify_ed25519v1: invalid: vk is for sk, but sk did not sign message",
namespace: &Namespace{
Format: NamespaceFormatEd25519V1,
Ed25519V1: &Ed25519V1{
Namespace: testEd25519Vk,
},
},
msg: []byte("some message"),
sig: ed25519.Sign(ed25519.PrivateKey(testEd25519Sk[:]), []byte("another message")),
wantErr: true,
},
{
description: "test_cases_verify_ed25519v1: valid",
namespace: &Namespace{
Format: NamespaceFormatEd25519V1,
Ed25519V1: &Ed25519V1{
Namespace: testEd25519Vk,
},
},
msg: []byte("message"),
sig: ed25519.Sign(ed25519.PrivateKey(testEd25519Sk[:]), []byte("message")),
},
}
}
func mustInitNamespaceEd25519V1(t *testing.T, initByte byte) *Namespace {
t.Helper()
buf := make([]byte, 32)
for i := 0; i < len(buf); i++ {
buf[i] = initByte
}
ns, err := NewNamespaceEd25519V1(buf)
if err != nil {
t.Fatalf("must make Ed25519v1 namespace: %v", err)
}
return ns
}
|