forked from hashicorp/go-kms-wrapping
-
Notifications
You must be signed in to change notification settings - Fork 0
/
testing.go
79 lines (74 loc) · 2.07 KB
/
testing.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
package crypto
import (
"context"
"crypto/ed25519"
"crypto/hmac"
"crypto/sha256"
"encoding/base64"
"io"
"testing"
wrapping "github.com/hxfs/go-kms-wrapping/v2"
"github.com/mr-tron/base58"
"github.com/stretchr/testify/require"
"golang.org/x/crypto/blake2b"
)
// TestWithEd25519 produces test hmac sha256 using a derived Ed25519 key
func TestWithEd25519(t *testing.T, data []byte, w wrapping.Wrapper, opt ...wrapping.Option) string {
t.Helper()
require := require.New(t)
reader, err := NewDerivedReader(context.Background(), w, 32, opt...)
require.NoError(err)
edKey, _, err := ed25519.GenerateKey(reader)
require.NoError(err)
var key [32]byte
n := copy(key[:], edKey)
require.Equal(n, 32)
return TestHmacSha256(t, key[:], data, opt...)
}
// TestWithBlake2b produces a test hmac sha256 using derived blake2b. Supported
// options: WithPrk
func TestWithBlake2b(t *testing.T, data []byte, w wrapping.Wrapper, opt ...wrapping.Option) string {
t.Helper()
require := require.New(t)
require.NotNil(data)
require.NotNil(w)
opts, err := getOpts(opt...)
require.NoError(err)
var key [32]byte
switch {
case opts.withPrk != nil:
key = blake2b.Sum256(opts.withPrk)
default:
reader, err := NewDerivedReader(context.Background(), w, 32, opt...)
require.NoError(err)
readerKey := make([]byte, 32)
n, err := io.ReadFull(reader, readerKey)
require.NoError(err)
require.Equal(n, 32)
key = blake2b.Sum256(readerKey)
}
return TestHmacSha256(t, key[:], data, opt...)
}
// TestHmacSha256 produces a test hmac sha256
func TestHmacSha256(t *testing.T, key, data []byte, opt ...wrapping.Option) string {
t.Helper()
require := require.New(t)
mac := hmac.New(sha256.New, key)
_, _ = mac.Write(data)
hmac := mac.Sum(nil)
var hmacString string
opts, err := getOpts(opt...)
require.NoError(err)
switch {
case opts.withBase64Encoding:
hmacString = base64.RawURLEncoding.EncodeToString(hmac)
case opts.withBase58Encoding:
hmacString = base58.Encode(hmac)
default:
hmacString = string(hmac)
}
if opts.withPrefix != "" {
return opts.withPrefix + hmacString
}
return hmacString
}