constellation/internal/attestation/attestation_test.go

/*
Copyright (c) Edgeless Systems GmbH

SPDX-License-Identifier: AGPL-3.0-only
*/

package attestation

import (
	"bytes"
	"testing"

	"github.com/edgelesssys/constellation/v2/internal/crypto/testvector"
	"github.com/stretchr/testify/assert"
	"github.com/stretchr/testify/require"
)

func TestDeriveClusterID(t *testing.T) {
	require := require.New(t)
	assert := assert.New(t)

	testvector := testvector.HKDFClusterID
	clusterID, err := DeriveClusterID(testvector.Secret, testvector.Salt)
	require.NoError(err)
	assert.Equal(testvector.Output, clusterID)

	clusterIDdiff, err := DeriveClusterID(testvector.Secret, []byte("different-salt"))
	require.NoError(err)
	assert.NotEqual(clusterID, clusterIDdiff)

	clusterIDdiff, err = DeriveClusterID([]byte("different-secret"), testvector.Salt)
	require.NoError(err)
	assert.NotEqual(clusterID, clusterIDdiff)
}

func TestCompareExtraData(t *testing.T) {
	testCases := map[string]struct {
		ExtraData1 []byte
		ExtraData2 []byte
		Expected   bool
	}{
		"equal": {
			ExtraData1: bytes.Repeat([]byte{0xAB}, 32),
			ExtraData2: bytes.Repeat([]byte{0xAB}, 32),
			Expected:   true,
		},
		"unequal": {
			ExtraData1: bytes.Repeat([]byte{0xAB}, 32),
			ExtraData2: bytes.Repeat([]byte{0xCD}, 32),
			Expected:   false,
		},
		"unequal length": {
			ExtraData1: bytes.Repeat([]byte{0xAB}, 32),
			ExtraData2: bytes.Repeat([]byte{0xAB}, 64),
			Expected:   false,
		},
		"unequal length, padded with 0": {
			ExtraData1: []byte{0xAB, 0xAB, 0xAB, 0xAB},
			ExtraData2: []byte{0xAB, 0xAB, 0xAB, 0xAB, 0x00, 0x00, 0x00, 0x00},
			Expected:   true,
		},
		"unequal length, prefixed with 0": {
			ExtraData1: []byte{0x00, 0x00, 0x00, 0x00, 0xAB, 0xAB, 0xAB, 0xAB},
			ExtraData2: []byte{0xAB, 0xAB, 0xAB, 0xAB},
			Expected:   false,
		},
	}

	for name, tc := range testCases {
		t.Run(name, func(t *testing.T) {
			assert := assert.New(t)

			actual := CompareExtraData(tc.ExtraData1, tc.ExtraData2)
			assert.Equal(tc.Expected, actual)
			actual = CompareExtraData(tc.ExtraData2, tc.ExtraData1)
			assert.Equal(tc.Expected, actual)
		})
	}
}