From 7dcfbb82ddaf4efc10be61a0fa3200f667eb2b7d Mon Sep 17 00:00:00 2001 From: mittachaitu Date: Mon, 15 Nov 2021 21:03:40 +0530 Subject: [PATCH] This commit adds Unit test Signed-off-by: mittachaitu --- go.mod | 3 +- pkg/encrypt/rsa/private_key_test.go | 95 ++++++++++++++++++++++ pkg/sign/private_key_test.go | 86 ++++++++++++++++++++ pkg/sign/public_key_test.go | 117 ++++++++++++++++++++++++++++ tests/server/rest/service.go | 2 +- 5 files changed, 300 insertions(+), 3 deletions(-) create mode 100644 pkg/encrypt/rsa/private_key_test.go create mode 100644 pkg/sign/private_key_test.go create mode 100644 pkg/sign/public_key_test.go diff --git a/go.mod b/go.mod index 5113917..f9ed812 100644 --- a/go.mod +++ b/go.mod @@ -11,10 +11,9 @@ require ( github.com/onsi/gomega v1.7.0 github.com/openebs/api/v2 v2.3.0 github.com/pkg/errors v0.9.1 - golang.org/x/crypto v0.0.0-20210220033148-5ea612d1eb83 // indirect + golang.org/x/crypto v0.0.0-20210220033148-5ea612d1eb83 k8s.io/api v0.21.3 k8s.io/apimachinery v0.21.3 k8s.io/client-go v0.21.3 - k8s.io/klog v1.0.0 k8s.io/klog/v2 v2.10.0 ) diff --git a/pkg/encrypt/rsa/private_key_test.go b/pkg/encrypt/rsa/private_key_test.go new file mode 100644 index 0000000..68744c4 --- /dev/null +++ b/pkg/encrypt/rsa/private_key_test.go @@ -0,0 +1,95 @@ +/* +Copyright © 2021 The MayaData Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ +package rsa + +import ( + "crypto/rand" + "crypto/rsa" + "encoding/json" + "testing" + + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +func fakeCreateRSAKeys(size int) (*PrivateKey, *PublicKey, error) { + privateKey, err := rsa.GenerateKey(rand.Reader, size) + if err != nil { + return nil, nil, err + } + return &PrivateKey{PrivateKey: privateKey}, &PublicKey{PublicKey: &privateKey.PublicKey}, nil +} + +func TestSign(t *testing.T) { + privateKey, publicKey, err := fakeCreateRSAKeys(2048) + if err != nil { + t.Fatalf("failed to get test1 RSA keys error: %v", err) + } + mismatchedPrivateKey, _, err := fakeCreateRSAKeys(4096) + if err != nil { + t.Fatalf("failed to get test2 RSA keys error: %v", err) + } + tests := map[string]struct { + data interface{} + privateKey *PrivateKey + publicKey *PublicKey + isErrExpected bool + isUnsignErrExpected bool + }{ + "When valid data is given to sign": { + data: &corev1.PersistentVolume{ + ObjectMeta: metav1.ObjectMeta{Name: "pv1"}, + }, + privateKey: privateKey, + publicKey: publicKey, + }, + "When empty data is given to sign": { + privateKey: privateKey, + publicKey: publicKey, + isErrExpected: false, + }, + "When different public key is used to verify signing": { + data: &corev1.PersistentVolume{ + ObjectMeta: metav1.ObjectMeta{Name: "pv2"}, + }, + privateKey: mismatchedPrivateKey, + publicKey: publicKey, + isUnsignErrExpected: true, + }, + } + for name, test := range tests { + signedBytes, err := test.privateKey.Sign(test.data) + if err != nil && !test.isErrExpected { + t.Fatalf("%q test failed expected error not to occur but got error %v", name, err) + } + if err == nil && test.isErrExpected { + t.Fatalf("%q test failed expected error to occur", name) + } + if signedBytes != nil { + dataInBytes, err := json.Marshal(test.data) + if err != nil { + t.Fatalf("%q test failed while marshaling the data", name) + } + unsignErr := test.publicKey.Unsign(dataInBytes, signedBytes) + if unsignErr != nil && !test.isUnsignErrExpected { + t.Fatalf("%q test failed expected error not to occur while unsigning error %v", name, unsignErr) + } + if unsignErr == nil && test.isUnsignErrExpected { + t.Fatalf("%q test failed expected error to occur while unsigning", name) + } + } + } +} diff --git a/pkg/sign/private_key_test.go b/pkg/sign/private_key_test.go new file mode 100644 index 0000000..10a6e3f --- /dev/null +++ b/pkg/sign/private_key_test.go @@ -0,0 +1,86 @@ +/* +Copyright © 2021 The MayaData Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ +package sign + +import ( + "crypto/rand" + "crypto/rsa" + "crypto/x509" + "encoding/pem" + "io/ioutil" + "os" + "path/filepath" + "testing" +) + +func fakeCreateRSAPrivateKey(path string) (*rsa.PrivateKey, error) { + privateKey, err := rsa.GenerateKey(rand.Reader, 2048) + if err != nil { + return nil, err + } + if path != "" { + privDer := x509.MarshalPKCS1PrivateKey(privateKey) + privBlock := pem.Block{ + Type: "RSA PRIVATE KEY", + Headers: nil, + Bytes: privDer, + } + privKeyBytes := pem.EncodeToMemory(&privBlock) + err = ioutil.WriteFile(path, privKeyBytes, 0600) + if err != nil { + return nil, err + } + } + return privateKey, nil +} + +func TestLoadPrivateKeyFromPath(t *testing.T) { + testDir, err := os.MkdirTemp(os.TempDir(), "rsa-keys") + if err != nil { + t.Fatalf("failed to create temporary directory, error: %v", err) + } + tests := map[string]struct { + path string + isErrExpected bool + }{ + "When private key exist in RSA PEM format": { + path: func(path string) string { + _, err = fakeCreateRSAPrivateKey(path) + if err != nil { + t.Fatalf("failed to create RSA public key") + } + return path + }(filepath.Join(testDir, "valid_public_rsa")), + }, + "When invalid path is given to load private key": { + path: filepath.Join(testDir, "invalid_public_key"), + isErrExpected: true, + }, + "When path is empty to load private key": { + path: "", + }, + } + for name, test := range tests { + _, err := LoadPrivateKeyFromPath(test.path) + if err != nil && !test.isErrExpected { + t.Fatalf("%s test failed expected error not to occur but got error %v", name, err) + } + if err == nil && test.isErrExpected { + t.Fatalf("%s test failed expected error to occur", name) + } + } + os.RemoveAll(testDir) +} diff --git a/pkg/sign/public_key_test.go b/pkg/sign/public_key_test.go new file mode 100644 index 0000000..ea2e883 --- /dev/null +++ b/pkg/sign/public_key_test.go @@ -0,0 +1,117 @@ +/* +Copyright © 2021 The MayaData Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package sign + +import ( + "crypto/rand" + "crypto/rsa" + "crypto/x509" + "encoding/pem" + "io/ioutil" + "os" + "path/filepath" + "testing" + + "golang.org/x/crypto/ssh" +) + +func fakeCreateRSAPublicKey(path string) (*rsa.PublicKey, error) { + privateKey, err := rsa.GenerateKey(rand.Reader, 2048) + if err != nil { + return nil, err + } + if path != "" { + publicDer := x509.MarshalPKCS1PublicKey(&privateKey.PublicKey) + pubBlock := pem.Block{ + Type: "PUBLIC KEY", + Headers: nil, + Bytes: publicDer, + } + publicKeyBytes := pem.EncodeToMemory(&pubBlock) + err = ioutil.WriteFile(path, publicKeyBytes, 0600) + if err != nil { + return nil, err + } + } + return &privateKey.PublicKey, nil +} + +func fakeCreateSSHPublicKey(path string) error { + privateKey, err := rsa.GenerateKey(rand.Reader, 2048) + if err != nil { + return err + } + + publicRsaKey, err := ssh.NewPublicKey(&privateKey.PublicKey) + if err != nil { + return err + } + pubKeyBytes := ssh.MarshalAuthorizedKey(publicRsaKey) + err = ioutil.WriteFile(path, pubKeyBytes, 0600) + if err != nil { + return err + } + return nil +} + +func TestLoadPublicKeyFromPath(t *testing.T) { + testDir, err := os.MkdirTemp(os.TempDir(), "rsa-keys") + if err != nil { + t.Fatalf("failed to create temporary directory, error: %v", err) + } + tests := map[string]struct { + path string + isErrExpected bool + }{ + "When public key exist in RSA PEM format": { + path: func(path string) string { + _, err = fakeCreateRSAPublicKey(path) + if err != nil { + t.Fatalf("failed to create RSA public key") + } + return path + }(filepath.Join(testDir, "valid_public_rsa")), + }, + "When invalid path is given to load public key": { + path: filepath.Join(testDir, "invalid_public_key"), + isErrExpected: true, + }, + "When path is not provided": { + path: "", + }, + "When public key exist in SSH format": { + path: func(path string) string { + err = fakeCreateSSHPublicKey(path) + if err != nil { + t.Fatalf("failed to create SSH public key") + } + return path + }(filepath.Join(testDir, "valid_public_ssh_rsa")), + isErrExpected: true, + }, + } + for name, test := range tests { + _, err := LoadPublicKeyFromPath(test.path) + if err != nil && !test.isErrExpected { + t.Fatalf("%s test failed expected error not to occur but got error %v", name, err) + } + if err == nil && test.isErrExpected { + t.Fatalf("%s test failed expected error to occur", name) + } + } + os.RemoveAll(testDir) +} diff --git a/tests/server/rest/service.go b/tests/server/rest/service.go index 1c156bc..5506f08 100644 --- a/tests/server/rest/service.go +++ b/tests/server/rest/service.go @@ -24,7 +24,7 @@ import ( "github.com/mayadata-io/volume-events-exporter/tests/server" "github.com/pkg/errors" "k8s.io/client-go/kubernetes" - "k8s.io/klog" + "k8s.io/klog/v2" ) // Service implements the endpoints that are