From 8ab33508ae38cfb9f537063c6451f712059426d0 Mon Sep 17 00:00:00 2001 From: Thom Carlin Date: Wed, 10 Apr 2024 04:59:53 -0400 Subject: [PATCH] Add load public key test (#988) --- pkg/certificates/ca.go | 4 +- pkg/certificates/ca_test.go | 87 ++++++++++++++++++++++++++++++++++++ pkg/workceptor/workceptor.go | 2 +- 3 files changed, 90 insertions(+), 3 deletions(-) diff --git a/pkg/certificates/ca.go b/pkg/certificates/ca.go index ed4b60a6d..1469481f3 100644 --- a/pkg/certificates/ca.go +++ b/pkg/certificates/ca.go @@ -239,8 +239,8 @@ func LoadPrivateKey(filename string, osWrapper Oser) (*rsa.PrivateKey, error) { } // LoadPublicKey loads a single RSA public key from a file. -func LoadPublicKey(filename string) (*rsa.PublicKey, error) { - data, err := LoadFromPEMFile(filename, &OsWrapper{}) +func LoadPublicKey(filename string, osWrapper Oser) (*rsa.PublicKey, error) { + data, err := LoadFromPEMFile(filename, osWrapper) if err != nil { return nil, err } diff --git a/pkg/certificates/ca_test.go b/pkg/certificates/ca_test.go index 9a3ed4dff..738879ae0 100644 --- a/pkg/certificates/ca_test.go +++ b/pkg/certificates/ca_test.go @@ -1309,3 +1309,90 @@ func TestLoadPrivateKey(t *testing.T) { }) } } + +func TestLoadPublicKey(t *testing.T) { + type args struct { + filename string + } + + errorSettingUpTypeFormatString := "Error setting up %s: %v" + + positivePublicKeyFilename := "public_key_test_filename" + goodPublicKey, err := setupGoodPublicKey() + if err != nil { + t.Errorf(errorSettingUpTypeFormatString, "public key", err) + } + + negativeMultipleItemFilename := "negative_multiple_item_test" + multiplePublicKeys := setupGoodPublicKeyPEMData() + multiplePublicKeys = append(multiplePublicKeys, multiplePublicKeys[0]) + + negativeNoPublicKeyFilename := "negative_no_public_key_test" + noPublicKey := []byte{ + 0, 0, 0, 0, + } + + tests := []struct { + name string + args args + wantOserReadfileArg string + wantOserReadfileResult []byte + want *rsa.PublicKey + wantErr bool + }{ + { + name: "Positive Private Key", + args: args{ + filename: positivePublicKeyFilename, + }, + wantOserReadfileArg: positivePublicKeyFilename, + wantOserReadfileResult: setupGoodPublicKeyPEMData(), + want: goodPublicKey, + wantErr: false, + }, + { + name: "Negative multi item test", + args: args{ + filename: negativeMultipleItemFilename, + }, + wantOserReadfileArg: negativeMultipleItemFilename, + wantOserReadfileResult: multiplePublicKeys, + want: nil, + wantErr: true, + }, + { + name: "Negative no private key test", + args: args{ + filename: negativeNoPublicKeyFilename, + }, + wantOserReadfileArg: negativeNoPublicKeyFilename, + wantOserReadfileResult: noPublicKey, + want: nil, + wantErr: true, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + ctrl := gomock.NewController(t) + defer ctrl.Finish() + + o := mock_certificates.NewMockOser(ctrl) + o. + EXPECT(). + ReadFile(gomock.Eq(tt.wantOserReadfileArg)). + Return(tt.wantOserReadfileResult, nil). + Times(1) + + got, err := certificates.LoadPublicKey(tt.args.filename, o) + if (err != nil) != tt.wantErr { + t.Errorf("LoadPublicKey() error = %v, wantErr %v", err, tt.wantErr) + + return + } + if !reflect.DeepEqual(got, tt.want) { + t.Errorf("LoadPublicKey() = %v, want %v", got, tt.want) + } + }) + } +} diff --git a/pkg/workceptor/workceptor.go b/pkg/workceptor/workceptor.go index 9adb21cb0..80042dbdf 100644 --- a/pkg/workceptor/workceptor.go +++ b/pkg/workceptor/workceptor.go @@ -220,7 +220,7 @@ func (w *Workceptor) VerifySignature(signature string) error { if w.VerifyingKey == "" { return fmt.Errorf("could not verify signature: verifying key not specified") } - rsaPublicKey, err := certificates.LoadPublicKey(w.VerifyingKey) + rsaPublicKey, err := certificates.LoadPublicKey(w.VerifyingKey, &certificates.OsWrapper{}) if err != nil { return fmt.Errorf("could not load verifying key file: %s", err.Error()) }