189 lines
4.8 KiB
Go
189 lines
4.8 KiB
Go
package varsig_test
|
|
|
|
import (
|
|
"encoding/hex"
|
|
"errors"
|
|
"io"
|
|
"testing"
|
|
|
|
"github.com/stretchr/testify/assert"
|
|
"github.com/stretchr/testify/require"
|
|
|
|
"github.com/ucan-wg/go-varsig"
|
|
)
|
|
|
|
func TestDecode(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
t.Run("passes - section 3 example", func(t *testing.T) {
|
|
t.Skip()
|
|
t.Parallel()
|
|
data, err := hex.DecodeString("34ed01ae3784f03f9ee1163382fa6efa73b0c31ecf58c899c836709303ba4621d1e6df20e09aaa568914290b7ea124f5b38e70b9b69c7de0d216880eac885edd41c302")
|
|
require.NoError(t, err)
|
|
|
|
// TODO
|
|
|
|
vs, err := varsig.Decode(data)
|
|
require.ErrorIs(t, err, varsig.ErrNotYetImplemented)
|
|
assert.Equal(t, nil, vs)
|
|
})
|
|
|
|
t.Run("fails - no data (empty prefix)", func(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
vs, err := varsig.Decode([]byte{})
|
|
require.ErrorIs(t, err, io.EOF)
|
|
require.ErrorIs(t, err, varsig.ErrBadPrefix)
|
|
assert.Nil(t, vs)
|
|
})
|
|
|
|
t.Run("fails - wrong prefix", func(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
data, err := hex.DecodeString("42")
|
|
require.NoError(t, err)
|
|
|
|
vs, err := varsig.Decode(data)
|
|
require.ErrorIs(t, err, varsig.ErrBadPrefix)
|
|
assert.Nil(t, vs)
|
|
})
|
|
|
|
t.Run("fails - unsupported version", func(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
data, err := hex.DecodeString("3402")
|
|
require.NoError(t, err)
|
|
|
|
vs, err := varsig.Decode(data)
|
|
require.ErrorIs(t, err, varsig.ErrUnsupportedVersion)
|
|
assert.Nil(t, vs)
|
|
})
|
|
|
|
t.Run("fails - unknown signature algorithm - v0", func(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
data, err := hex.DecodeString("3464")
|
|
require.NoError(t, err)
|
|
|
|
vs, err := varsig.Decode(data)
|
|
require.ErrorIs(t, err, varsig.ErrUnknownDiscriminator)
|
|
assert.Nil(t, vs)
|
|
})
|
|
|
|
t.Run("fails - unknown signature algorithm - v1", func(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
data, err := hex.DecodeString("340164")
|
|
require.NoError(t, err)
|
|
|
|
vs, err := varsig.Decode(data)
|
|
require.ErrorIs(t, err, varsig.ErrUnknownDiscriminator)
|
|
assert.Nil(t, vs)
|
|
})
|
|
|
|
// The tests below this point require the RSAVarsig implementation
|
|
// in order to test the private varsig.decodePayEncAndSig method.
|
|
|
|
const (
|
|
rsaHex = "8524"
|
|
sha256Hex = "12"
|
|
keyLen = "8002"
|
|
rsaBaseV0 = "34" + rsaHex + sha256Hex + keyLen
|
|
rsaBaseV1 = "3401" + rsaHex + sha256Hex + keyLen
|
|
)
|
|
|
|
t.Run("passes - v1", func(t *testing.T) {
|
|
t.Parallel()
|
|
data, err := hex.DecodeString(rsaBaseV1 + "5f")
|
|
require.NoError(t, err)
|
|
|
|
vs, err := varsig.Decode(data)
|
|
require.NoError(t, err)
|
|
assert.NotNil(t, vs)
|
|
})
|
|
|
|
t.Run("fails - truncated varsig (no payload encoding)", func(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
data, err := hex.DecodeString(rsaBaseV1)
|
|
require.NoError(t, err)
|
|
|
|
vs, err := varsig.Decode(data)
|
|
require.ErrorIs(t, err, varsig.ErrUnsupportedPayloadEncoding)
|
|
require.ErrorIs(t, err, io.EOF)
|
|
assert.Nil(t, vs)
|
|
})
|
|
|
|
t.Run("fails - unsupported payload encoding", func(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
data, err := hex.DecodeString(rsaBaseV1 + "42") // 0x42 is not a valid payload encoding
|
|
require.NoError(t, err)
|
|
|
|
vs, err := varsig.Decode(data)
|
|
require.ErrorIs(t, err, varsig.ErrUnsupportedPayloadEncoding)
|
|
assert.Nil(t, vs)
|
|
})
|
|
|
|
t.Run("fails - unexpected signature length - v0", func(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
data, err := hex.DecodeString(rsaBaseV0 + "5f" + "42") // 0x42 is only a single byte - 256 bytes are expected
|
|
require.NoError(t, err)
|
|
|
|
vs, err := varsig.Decode(data)
|
|
require.ErrorIs(t, err, varsig.ErrUnexpectedSignatureSize)
|
|
assert.Nil(t, vs)
|
|
})
|
|
|
|
t.Run("fails - unexpected signature present - v1", func(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
data, err := hex.DecodeString(rsaBaseV1 + "5f" + "42") // 0x42 is only a single byte - 256 bytes are expected
|
|
require.NoError(t, err)
|
|
|
|
vs, err := varsig.Decode(data)
|
|
require.ErrorIs(t, err, varsig.ErrUnexpectedSignaturePresent)
|
|
assert.Nil(t, vs)
|
|
})
|
|
|
|
t.Run("passes with error - v0", func(t *testing.T) {
|
|
t.Parallel()
|
|
data, err := hex.DecodeString(rsaBaseV0 + "5f")
|
|
require.NoError(t, err)
|
|
|
|
vs, err := varsig.Decode(data)
|
|
require.ErrorIs(t, err, varsig.ErrMissingSignature)
|
|
assert.NotNil(t, vs) // varsig is still returned with just "header"
|
|
})
|
|
}
|
|
|
|
func mustVarsig[T varsig.Varsig](t *testing.T) func(*T, error) *T {
|
|
t.Helper()
|
|
|
|
return func(v *T, err error) *T {
|
|
if err != nil && ((*v).Version() != varsig.Version0 || !errors.Is(err, varsig.ErrMissingSignature)) {
|
|
t.Error(err)
|
|
}
|
|
|
|
return v
|
|
}
|
|
}
|
|
|
|
func roundTrip[T varsig.Varsig](t *testing.T, in T, expEncHex string) T {
|
|
data := in.Encode()
|
|
assert.Equal(t, expEncHex, hex.EncodeToString(data))
|
|
|
|
out, err := varsig.Decode(in.Encode())
|
|
if err != nil && (out.Version() != varsig.Version0 || !errors.Is(err, varsig.ErrMissingSignature)) {
|
|
t.Fail()
|
|
}
|
|
|
|
assert.Equal(t, in.Version(), out.Version())
|
|
assert.Equal(t, in.Discriminator(), out.Discriminator())
|
|
assert.Equal(t, in.PayloadEncoding(), out.PayloadEncoding())
|
|
assert.Equal(t, in.Signature(), out.Signature())
|
|
|
|
return out.(T)
|
|
}
|