xref: /aosp_15_r20/external/tink/go/signature/signature_key_templates_test.go (revision e7b1675dde1b92d52ec075b0a92829627f2c52a5) 
1// Copyright 2018 Google LLC
2//
3// Licensed under the Apache License, Version 2.0 (the "License");
4// you may not use this file except in compliance with the License.
5// You may obtain a copy of the License at
6//
7//      http://www.apache.org/licenses/LICENSE-2.0
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12// See the License for the specific language governing permissions and
13// limitations under the License.
14//
15////////////////////////////////////////////////////////////////////////////////
16
17package signature_test
18
19import (
20	"fmt"
21	"testing"
22
23	"github.com/google/tink/go/keyset"
24	"github.com/google/tink/go/signature"
25	tinkpb "github.com/google/tink/go/proto/tink_go_proto"
26)
27
28func TestKeyTemplates(t *testing.T) {
29	var testCases = []struct {
30		name     string
31		template *tinkpb.KeyTemplate
32	}{
33		{name: "ECDSA_P256",
34			template: signature.ECDSAP256KeyTemplate()},
35		{name: "ECDSA_P384_SHA384",
36			template: signature.ECDSAP384SHA384KeyTemplate()},
37		{name: "ECDSA_P384_SHA512",
38			template: signature.ECDSAP384SHA512KeyTemplate()},
39		{name: "ECDSA_P521",
40			template: signature.ECDSAP521KeyTemplate()},
41		{name: "ECDSA_P256_RAW",
42			template: signature.ECDSAP256RawKeyTemplate()},
43		{name: "ECDSA_P256_NO_PREFIX",
44			template: signature.ECDSAP256KeyWithoutPrefixTemplate()},
45		{name: "ECDSA_P384_NO_PREFIX",
46			template: signature.ECDSAP384KeyWithoutPrefixTemplate()},
47		{name: "ECDSA_P384_SHA384_NO_PREFIX",
48			template: signature.ECDSAP384SHA384KeyWithoutPrefixTemplate()},
49		{name: "ECDSA_P521_NO_PREFIX",
50			template: signature.ECDSAP521KeyWithoutPrefixTemplate()},
51		{name: "RSA_SSA_PKCS1_3072_SHA256_F4",
52			template: signature.RSA_SSA_PKCS1_3072_SHA256_F4_Key_Template()},
53		{name: "RSA_SSA_PKCS1_3072_SHA256_F4_RAW",
54			template: signature.RSA_SSA_PKCS1_3072_SHA256_F4_RAW_Key_Template()},
55		{name: "RSA_SSA_PKCS1_4096_SHA512_F4",
56			template: signature.RSA_SSA_PKCS1_4096_SHA512_F4_Key_Template()},
57		{name: "RSA_SSA_PKCS1_4096_SHA512_F4_RAW",
58			template: signature.RSA_SSA_PKCS1_4096_SHA512_F4_RAW_Key_Template()},
59		{name: "RSA_SSA_PSS_3072_SHA256_32_F4",
60			template: signature.RSA_SSA_PSS_3072_SHA256_32_F4_Key_Template()},
61		{name: "RSA_SSA_PSS_3072_SHA256_32_F4_RAW",
62			template: signature.RSA_SSA_PSS_3072_SHA256_32_F4_Raw_Key_Template()},
63		{name: "RSA_SSA_PSS_4096_SHA512_64_F4",
64			template: signature.RSA_SSA_PSS_4096_SHA512_64_F4_Key_Template()},
65		{name: "RSA_SSA_PSS_4096_SHA512_64_F4_RAW",
66			template: signature.RSA_SSA_PSS_4096_SHA512_64_F4_Raw_Key_Template()},
67	}
68	for _, tc := range testCases {
69		t.Run(tc.name, func(t *testing.T) {
70			if err := testSignVerify(tc.template); err != nil {
71				t.Error(err)
72			}
73		})
74	}
75}
76
77func testSignVerify(template *tinkpb.KeyTemplate) error {
78	privateHandle, err := keyset.NewHandle(template)
79	if err != nil {
80		return fmt.Errorf("keyset.NewHandle(tc.template) failed: %s", err)
81	}
82	signer, err := signature.NewSigner(privateHandle)
83	if err != nil {
84		return fmt.Errorf("signature.NewSigner(privateHandle) failed: %s", err)
85	}
86	publicHandle, err := privateHandle.Public()
87	if err != nil {
88		return fmt.Errorf("privateHandle.Public() failed: %s", err)
89	}
90	verifier, err := signature.NewVerifier(publicHandle)
91	if err != nil {
92		return fmt.Errorf("signature.NewVerifier(publicHandle) failed: %s", err)
93	}
94
95	var testInputs = []struct {
96		message1 []byte
97		message2 []byte
98	}{
99		{
100			message1: []byte("this data needs to be signed"),
101			message2: []byte("this data needs to be signed"),
102		}, {
103			message1: []byte(""),
104			message2: []byte(""),
105		}, {
106			message1: []byte(""),
107			message2: nil,
108		}, {
109			message1: nil,
110			message2: []byte(""),
111		}, {
112			message1: nil,
113			message2: nil,
114		},
115	}
116	for _, ti := range testInputs {
117		sig, err := signer.Sign(ti.message1)
118		if err != nil {
119			return fmt.Errorf("signer.Sign(ti.message1) failed: %s", err)
120		}
121		if err := verifier.Verify(sig, ti.message2); err != nil {
122			return fmt.Errorf("verifier.Verify(sig, ti.message2) failed: %s", err)
123		}
124	}
125	return nil
126}
127