forgejo/modules/util/keypair_test.go

// Copyright 2021 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT

package util

import (
	"crypto"
	"crypto/rand"
	"crypto/rsa"
	"crypto/sha256"
	"crypto/x509"
	"encoding/pem"
	"regexp"
	"testing"

	"github.com/stretchr/testify/assert"
)

func TestKeygen(t *testing.T) {
	priv, pub, err := GenerateKeyPair(2048)
	assert.NoError(t, err)

	assert.NotEmpty(t, priv)
	assert.NotEmpty(t, pub)

	assert.Regexp(t, regexp.MustCompile("^-----BEGIN RSA PRIVATE KEY-----.*"), priv)
	assert.Regexp(t, regexp.MustCompile("^-----BEGIN PUBLIC KEY-----.*"), pub)
}

func TestSignUsingKeys(t *testing.T) {
	priv, pub, err := GenerateKeyPair(2048)
	assert.NoError(t, err)

	privPem, _ := pem.Decode([]byte(priv))
	if privPem == nil || privPem.Type != "RSA PRIVATE KEY" {
		t.Fatal("key is wrong type")
	}

	privParsed, err := x509.ParsePKCS1PrivateKey(privPem.Bytes)
	assert.NoError(t, err)

	pubPem, _ := pem.Decode([]byte(pub))
	if pubPem == nil || pubPem.Type != "PUBLIC KEY" {
		t.Fatal("key failed to decode")
	}

	pubParsed, err := x509.ParsePKIXPublicKey(pubPem.Bytes)
	assert.NoError(t, err)

	// Sign
	msg := "activity pub is great!"
	h := sha256.New()
	h.Write([]byte(msg))
	d := h.Sum(nil)
	sig, err := rsa.SignPKCS1v15(rand.Reader, privParsed, crypto.SHA256, d)
	assert.NoError(t, err)

	// Verify
	err = rsa.VerifyPKCS1v15(pubParsed.(*rsa.PublicKey), crypto.SHA256, d, sig)
	assert.NoError(t, err)
}
Create pub/priv keypair for federation (#17071) * add logic for creating pub/priv keypair for federation * Apply suggestions from code review Co-authored-by: delvh <dev.lh@web.de> * make fmt * Update modules/activitypub/keypair.go Co-authored-by: delvh <dev.lh@web.de> * add tests * fix revert * more tests * Apply suggestions from code review Co-authored-by: delvh <dev.lh@web.de> * make fmt Co-authored-by: delvh <dev.lh@web.de> Co-authored-by: 6543 <6543@obermui.de> 2021-09-28 21:19:22 +02:00			`// Copyright 2021 The Gitea Authors. All rights reserved.`
Implement FSFE REUSE for golang files (#21840) Change all license headers to comply with REUSE specification. Fix #16132 Co-authored-by: flynnnnnnnnnn <flynnnnnnnnnn@github> Co-authored-by: John Olheiser <john.olheiser@gmail.com> 2022-11-27 19:20:29 +01:00			`// SPDX-License-Identifier: MIT`
Create pub/priv keypair for federation (#17071) * add logic for creating pub/priv keypair for federation * Apply suggestions from code review Co-authored-by: delvh <dev.lh@web.de> * make fmt * Update modules/activitypub/keypair.go Co-authored-by: delvh <dev.lh@web.de> * add tests * fix revert * more tests * Apply suggestions from code review Co-authored-by: delvh <dev.lh@web.de> * make fmt Co-authored-by: delvh <dev.lh@web.de> Co-authored-by: 6543 <6543@obermui.de> 2021-09-28 21:19:22 +02:00
Add Chef package registry (#22554) This PR implements a [Chef registry](https://chef.io/) to manage cookbooks. This package type was a bit complicated because Chef uses RSA signed requests as authentication with the registry. ![grafik](https://user-images.githubusercontent.com/1666336/213747995-46819fd8-c3d6-45a2-afd4-a4c3c8505a4a.png) ![grafik](https://user-images.githubusercontent.com/1666336/213748145-d01c9e81-d4dd-41e3-a3cc-8241862c3166.png) Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> 2023-02-06 02:49:21 +01:00			`package util`
Create pub/priv keypair for federation (#17071) * add logic for creating pub/priv keypair for federation * Apply suggestions from code review Co-authored-by: delvh <dev.lh@web.de> * make fmt * Update modules/activitypub/keypair.go Co-authored-by: delvh <dev.lh@web.de> * add tests * fix revert * more tests * Apply suggestions from code review Co-authored-by: delvh <dev.lh@web.de> * make fmt Co-authored-by: delvh <dev.lh@web.de> Co-authored-by: 6543 <6543@obermui.de> 2021-09-28 21:19:22 +02:00
			`import (`
			`"crypto"`
			`"crypto/rand"`
			`"crypto/rsa"`
[v1.21] [GITEA] Drop sha256-simd in favor of stdlib - In Go 1.21 the crypto/sha256 [got a massive improvement](https://go.dev/doc/go1.21#crypto/sha256) by utilizing the SHA instructions for AMD64 CPUs, which sha256-simd already was doing. The performance is now on par and I think it's preferable to use the standard library rather than a package when possible. ``` cpu: AMD Ryzen 5 3600X 6-Core Processor │ simd.txt │ go.txt │ │ sec/op │ sec/op vs base │ Hash/8Bytes-12 63.25n ± 1% 73.38n ± 1% +16.02% (p=0.002 n=6) Hash/64Bytes-12 98.73n ± 1% 105.30n ± 1% +6.65% (p=0.002 n=6) Hash/1K-12 567.2n ± 1% 572.8n ± 1% +0.99% (p=0.002 n=6) Hash/8K-12 4.062µ ± 1% 4.062µ ± 1% ~ (p=0.396 n=6) Hash/1M-12 512.1µ ± 0% 510.6µ ± 1% ~ (p=0.485 n=6) Hash/5M-12 2.556m ± 1% 2.564m ± 0% ~ (p=0.093 n=6) Hash/10M-12 5.112m ± 0% 5.127m ± 0% ~ (p=0.093 n=6) geomean 13.82µ 14.27µ +3.28% │ simd.txt │ go.txt │ │ B/s │ B/s vs base │ Hash/8Bytes-12 120.6Mi ± 1% 104.0Mi ± 1% -13.81% (p=0.002 n=6) Hash/64Bytes-12 618.2Mi ± 1% 579.8Mi ± 1% -6.22% (p=0.002 n=6) Hash/1K-12 1.682Gi ± 1% 1.665Gi ± 1% -0.98% (p=0.002 n=6) Hash/8K-12 1.878Gi ± 1% 1.878Gi ± 1% ~ (p=0.310 n=6) Hash/1M-12 1.907Gi ± 0% 1.913Gi ± 1% ~ (p=0.485 n=6) Hash/5M-12 1.911Gi ± 1% 1.904Gi ± 0% ~ (p=0.093 n=6) Hash/10M-12 1.910Gi ± 0% 1.905Gi ± 0% ~ (p=0.093 n=6) geomean 1.066Gi 1.032Gi -3.18% ``` (cherry picked from commit abd94ff5b59c86e793fd9bf12187ea6cfd1f3fa1) (cherry picked from commit 15e81637abf70576a564cf9eecaa9640228afb5b) Conflicts: go.mod https://codeberg.org/forgejo/forgejo/pulls/1581 (cherry picked from commit 5caea2d75aeac78fb306f58a3cf7809d5b70c7f2) (cherry picked from commit 08da542cce2c1571cedd4183268a903ab581d2e3) 2023-09-30 00:45:31 +02:00			`"crypto/sha256"`
Create pub/priv keypair for federation (#17071) * add logic for creating pub/priv keypair for federation * Apply suggestions from code review Co-authored-by: delvh <dev.lh@web.de> * make fmt * Update modules/activitypub/keypair.go Co-authored-by: delvh <dev.lh@web.de> * add tests * fix revert * more tests * Apply suggestions from code review Co-authored-by: delvh <dev.lh@web.de> * make fmt Co-authored-by: delvh <dev.lh@web.de> Co-authored-by: 6543 <6543@obermui.de> 2021-09-28 21:19:22 +02:00			`"crypto/x509"`
			`"encoding/pem"`
			`"regexp"`
			`"testing"`

			`"github.com/stretchr/testify/assert"`
			`)`

			`func TestKeygen(t *testing.T) {`
Add Chef package registry (#22554) This PR implements a [Chef registry](https://chef.io/) to manage cookbooks. This package type was a bit complicated because Chef uses RSA signed requests as authentication with the registry. ![grafik](https://user-images.githubusercontent.com/1666336/213747995-46819fd8-c3d6-45a2-afd4-a4c3c8505a4a.png) ![grafik](https://user-images.githubusercontent.com/1666336/213748145-d01c9e81-d4dd-41e3-a3cc-8241862c3166.png) Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> 2023-02-06 02:49:21 +01:00			`priv, pub, err := GenerateKeyPair(2048)`
Create pub/priv keypair for federation (#17071) * add logic for creating pub/priv keypair for federation * Apply suggestions from code review Co-authored-by: delvh <dev.lh@web.de> * make fmt * Update modules/activitypub/keypair.go Co-authored-by: delvh <dev.lh@web.de> * add tests * fix revert * more tests * Apply suggestions from code review Co-authored-by: delvh <dev.lh@web.de> * make fmt Co-authored-by: delvh <dev.lh@web.de> Co-authored-by: 6543 <6543@obermui.de> 2021-09-28 21:19:22 +02:00			`assert.NoError(t, err)`

			`assert.NotEmpty(t, priv)`
			`assert.NotEmpty(t, pub)`

			`assert.Regexp(t, regexp.MustCompile("^-----BEGIN RSA PRIVATE KEY-----.*"), priv)`
			`assert.Regexp(t, regexp.MustCompile("^-----BEGIN PUBLIC KEY-----.*"), pub)`
			`}`

			`func TestSignUsingKeys(t *testing.T) {`
Add Chef package registry (#22554) This PR implements a [Chef registry](https://chef.io/) to manage cookbooks. This package type was a bit complicated because Chef uses RSA signed requests as authentication with the registry. ![grafik](https://user-images.githubusercontent.com/1666336/213747995-46819fd8-c3d6-45a2-afd4-a4c3c8505a4a.png) ![grafik](https://user-images.githubusercontent.com/1666336/213748145-d01c9e81-d4dd-41e3-a3cc-8241862c3166.png) Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> 2023-02-06 02:49:21 +01:00			`priv, pub, err := GenerateKeyPair(2048)`
Create pub/priv keypair for federation (#17071) * add logic for creating pub/priv keypair for federation * Apply suggestions from code review Co-authored-by: delvh <dev.lh@web.de> * make fmt * Update modules/activitypub/keypair.go Co-authored-by: delvh <dev.lh@web.de> * add tests * fix revert * more tests * Apply suggestions from code review Co-authored-by: delvh <dev.lh@web.de> * make fmt Co-authored-by: delvh <dev.lh@web.de> Co-authored-by: 6543 <6543@obermui.de> 2021-09-28 21:19:22 +02:00			`assert.NoError(t, err)`

			`privPem, _ := pem.Decode([]byte(priv))`
			`if privPem == nil \|\| privPem.Type != "RSA PRIVATE KEY" {`
			`t.Fatal("key is wrong type")`
			`}`

			`privParsed, err := x509.ParsePKCS1PrivateKey(privPem.Bytes)`
			`assert.NoError(t, err)`

			`pubPem, _ := pem.Decode([]byte(pub))`
			`if pubPem == nil \|\| pubPem.Type != "PUBLIC KEY" {`
			`t.Fatal("key failed to decode")`
			`}`

			`pubParsed, err := x509.ParsePKIXPublicKey(pubPem.Bytes)`
			`assert.NoError(t, err)`

			`// Sign`
			`msg := "activity pub is great!"`
			`h := sha256.New()`
			`h.Write([]byte(msg))`
			`d := h.Sum(nil)`
			`sig, err := rsa.SignPKCS1v15(rand.Reader, privParsed, crypto.SHA256, d)`
			`assert.NoError(t, err)`

			`// Verify`
			`err = rsa.VerifyPKCS1v15(pubParsed.(*rsa.PublicKey), crypto.SHA256, d, sig)`
			`assert.NoError(t, err)`
			`}`