mirror of
https://github.com/edgelesssys/constellation.git
synced 2025-01-22 13:21:07 -05:00
dd2da25ebe
* Add TDX validator * Add TDX issuer --------- Signed-off-by: Daniel Weiße <dw@edgeless.systems>
80 lines
2.0 KiB
Go
80 lines
2.0 KiB
Go
/*
|
|
Copyright (c) Edgeless Systems GmbH
|
|
|
|
SPDX-License-Identifier: AGPL-3.0-only
|
|
*/
|
|
|
|
package attestation
|
|
|
|
import (
|
|
"bytes"
|
|
"testing"
|
|
|
|
"github.com/edgelesssys/constellation/v2/internal/crypto/testvector"
|
|
"github.com/stretchr/testify/assert"
|
|
"github.com/stretchr/testify/require"
|
|
)
|
|
|
|
func TestDeriveClusterID(t *testing.T) {
|
|
require := require.New(t)
|
|
assert := assert.New(t)
|
|
|
|
testvector := testvector.HKDFClusterID
|
|
clusterID, err := DeriveClusterID(testvector.Secret, testvector.Salt)
|
|
require.NoError(err)
|
|
assert.Equal(testvector.Output, clusterID)
|
|
|
|
clusterIDdiff, err := DeriveClusterID(testvector.Secret, []byte("different-salt"))
|
|
require.NoError(err)
|
|
assert.NotEqual(clusterID, clusterIDdiff)
|
|
|
|
clusterIDdiff, err = DeriveClusterID([]byte("different-secret"), testvector.Salt)
|
|
require.NoError(err)
|
|
assert.NotEqual(clusterID, clusterIDdiff)
|
|
}
|
|
|
|
func TestCompareExtraData(t *testing.T) {
|
|
testCases := map[string]struct {
|
|
ExtraData1 []byte
|
|
ExtraData2 []byte
|
|
Expected bool
|
|
}{
|
|
"equal": {
|
|
ExtraData1: bytes.Repeat([]byte{0xAB}, 32),
|
|
ExtraData2: bytes.Repeat([]byte{0xAB}, 32),
|
|
Expected: true,
|
|
},
|
|
"unequal": {
|
|
ExtraData1: bytes.Repeat([]byte{0xAB}, 32),
|
|
ExtraData2: bytes.Repeat([]byte{0xCD}, 32),
|
|
Expected: false,
|
|
},
|
|
"unequal length": {
|
|
ExtraData1: bytes.Repeat([]byte{0xAB}, 32),
|
|
ExtraData2: bytes.Repeat([]byte{0xAB}, 64),
|
|
Expected: false,
|
|
},
|
|
"unequal length, padded with 0": {
|
|
ExtraData1: []byte{0xAB, 0xAB, 0xAB, 0xAB},
|
|
ExtraData2: []byte{0xAB, 0xAB, 0xAB, 0xAB, 0x00, 0x00, 0x00, 0x00},
|
|
Expected: true,
|
|
},
|
|
"unequal length, prefixed with 0": {
|
|
ExtraData1: []byte{0x00, 0x00, 0x00, 0x00, 0xAB, 0xAB, 0xAB, 0xAB},
|
|
ExtraData2: []byte{0xAB, 0xAB, 0xAB, 0xAB},
|
|
Expected: false,
|
|
},
|
|
}
|
|
|
|
for name, tc := range testCases {
|
|
t.Run(name, func(t *testing.T) {
|
|
assert := assert.New(t)
|
|
|
|
actual := CompareExtraData(tc.ExtraData1, tc.ExtraData2)
|
|
assert.Equal(tc.Expected, actual)
|
|
actual = CompareExtraData(tc.ExtraData2, tc.ExtraData1)
|
|
assert.Equal(tc.Expected, actual)
|
|
})
|
|
}
|
|
}
|