Skip to content

Commit

Permalink
Fix OC test
Browse files Browse the repository at this point in the history
  • Loading branch information
@gmacf
gmacf committed Nov 1, 2023
1 parent c65bde1 commit df0f211
Showing 1 changed file with 9 additions and 34 deletions.
43 changes: 9 additions & 34 deletions common/owner_certificate/owner_certificate_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,56 +16,31 @@ package ownercertificate

import (
"crypto/x509"
"encoding/pem"
"testing"

_ "embed"
)

var (
//go:embed testdata/oc_pub.pem
ocPub []byte
//go:embed testdata/pdc_pub.pem
pdcPub []byte
//go:embed testdata/oc_priv.pem
ocPriv []byte
artifacts "github.com/openconfig/bootz/testdata"
)

// Tests that the CMS structure can be created and that it can be verified with a PDC.
func TestGenerateAndVerify(t *testing.T) {
block, _ := pem.Decode(ocPub)
if block == nil {
t.Fatalf("error decoding OC certificate")
}
ownerCert, err := x509.ParseCertificate(block.Bytes)
pdc, pdcPrivateKey, err := artifacts.NewCertificateAuthority("Pinned Domain Cert", "Google", "localhost")
if err != nil {
t.Fatal(err)
t.Fatalf("NewCertificateAuthority(): %v", err)
}
block, _ = pem.Decode(ocPriv)
if block == nil {
t.Fatalf("error decoding OC private key")
}
ownerCertPrivateKey, err := x509.ParsePKCS1PrivateKey(block.Bytes)
oc, ocPrivateKey, err := artifacts.NewSignedCertificate("Owner Certificate", "Google", "localhost", pdc, pdcPrivateKey)
if err != nil {
t.Fatal(err)
}
block, _ = pem.Decode(pdcPub)
if block == nil {
t.Fatalf("error decoding PDC certificate")
t.Fatalf("NewSignedCertificate(): %v", err)
}
pdcCert, err := x509.ParseCertificate(block.Bytes)
cms, err := GenerateCMS(oc, ocPrivateKey)
if err != nil {
t.Fatal(err)
}
cms, err := GenerateCMS(ownerCert, ownerCertPrivateKey)
if err != nil {
t.Fatalf("error generating CMS: %v", err)
t.Fatalf("GenerateCMS(): %v", err)
}
pdcPool := x509.NewCertPool()
pdcPool.AddCert(pdcCert)
pdcPool.AddCert(pdc)
_, err = Verify(cms, pdcPool)
if err != nil {
t.Fatalf("error verifying OC: %v", err)
t.Fatalf("Verify(): %v", err)
}

}

0 comments on commit df0f211

Please sign in to comment.