Extract common function used in tests
This commit is contained in:
parent
829530ae90
commit
498549c95c
1 changed files with 43 additions and 55 deletions
|
@ -49,6 +49,23 @@ func (m *mockClient) TLSDial(network, addr string, tlsConfig *tls.Config) (*tls.
|
||||||
return m.tlsDial(network, addr, tlsConfig)
|
return m.tlsDial(network, addr, tlsConfig)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func mustAttestationProvisioner(t *testing.T, roots []byte) Provisioner {
|
||||||
|
t.Helper()
|
||||||
|
|
||||||
|
prov := &provisioner.ACME{
|
||||||
|
Type: "ACME",
|
||||||
|
Name: "acme",
|
||||||
|
Challenges: []provisioner.ACMEChallenge{provisioner.DEVICE_ATTEST_01},
|
||||||
|
AttestationRoots: roots,
|
||||||
|
}
|
||||||
|
if err := prov.Init(provisioner.Config{
|
||||||
|
Claims: config.GlobalProvisionerClaims,
|
||||||
|
}); err != nil {
|
||||||
|
t.Fatal(err)
|
||||||
|
}
|
||||||
|
return prov
|
||||||
|
}
|
||||||
|
|
||||||
func Test_storeError(t *testing.T) {
|
func Test_storeError(t *testing.T) {
|
||||||
type test struct {
|
type test struct {
|
||||||
ch *Challenge
|
ch *Challenge
|
||||||
|
@ -2410,21 +2427,6 @@ func Test_http01ChallengeHost(t *testing.T) {
|
||||||
}
|
}
|
||||||
|
|
||||||
func Test_doAppleAttestationFormat(t *testing.T) {
|
func Test_doAppleAttestationFormat(t *testing.T) {
|
||||||
makeProvisioner := func(roots []byte) Provisioner {
|
|
||||||
prov := &provisioner.ACME{
|
|
||||||
Type: "ACME",
|
|
||||||
Name: "acme",
|
|
||||||
Challenges: []provisioner.ACMEChallenge{provisioner.DEVICE_ATTEST_01},
|
|
||||||
AttestationRoots: roots,
|
|
||||||
}
|
|
||||||
if err := prov.Init(provisioner.Config{
|
|
||||||
Claims: config.GlobalProvisionerClaims,
|
|
||||||
}); err != nil {
|
|
||||||
t.Fatal(err)
|
|
||||||
}
|
|
||||||
return prov
|
|
||||||
}
|
|
||||||
|
|
||||||
ctx := context.Background()
|
ctx := context.Background()
|
||||||
ca, err := minica.New()
|
ca, err := minica.New()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -2461,7 +2463,7 @@ func Test_doAppleAttestationFormat(t *testing.T) {
|
||||||
want *appleAttestationData
|
want *appleAttestationData
|
||||||
wantErr bool
|
wantErr bool
|
||||||
}{
|
}{
|
||||||
{"ok", args{ctx, makeProvisioner(caRoot), &Challenge{}, &AttestationObject{
|
{"ok", args{ctx, mustAttestationProvisioner(t, caRoot), &Challenge{}, &AttestationObject{
|
||||||
Format: "apple",
|
Format: "apple",
|
||||||
AttStatement: map[string]interface{}{
|
AttStatement: map[string]interface{}{
|
||||||
"x5c": []interface{}{leaf.Raw, ca.Intermediate.Raw},
|
"x5c": []interface{}{leaf.Raw, ca.Intermediate.Raw},
|
||||||
|
@ -2473,49 +2475,49 @@ func Test_doAppleAttestationFormat(t *testing.T) {
|
||||||
SEPVersion: "16.0",
|
SEPVersion: "16.0",
|
||||||
Certificate: leaf,
|
Certificate: leaf,
|
||||||
}, false},
|
}, false},
|
||||||
{"fail apple issuer", args{ctx, makeProvisioner(nil), &Challenge{}, &AttestationObject{
|
{"fail apple issuer", args{ctx, mustAttestationProvisioner(t, nil), &Challenge{}, &AttestationObject{
|
||||||
Format: "apple",
|
Format: "apple",
|
||||||
AttStatement: map[string]interface{}{
|
AttStatement: map[string]interface{}{
|
||||||
"x5c": []interface{}{leaf.Raw, ca.Intermediate.Raw},
|
"x5c": []interface{}{leaf.Raw, ca.Intermediate.Raw},
|
||||||
},
|
},
|
||||||
}}, nil, true},
|
}}, nil, true},
|
||||||
{"fail missing x5c", args{ctx, makeProvisioner(caRoot), &Challenge{}, &AttestationObject{
|
{"fail missing x5c", args{ctx, mustAttestationProvisioner(t, caRoot), &Challenge{}, &AttestationObject{
|
||||||
Format: "apple",
|
Format: "apple",
|
||||||
AttStatement: map[string]interface{}{
|
AttStatement: map[string]interface{}{
|
||||||
"foo": "bar",
|
"foo": "bar",
|
||||||
},
|
},
|
||||||
}}, nil, true},
|
}}, nil, true},
|
||||||
{"fail empty issuer", args{ctx, makeProvisioner(caRoot), &Challenge{}, &AttestationObject{
|
{"fail empty issuer", args{ctx, mustAttestationProvisioner(t, caRoot), &Challenge{}, &AttestationObject{
|
||||||
Format: "apple",
|
Format: "apple",
|
||||||
AttStatement: map[string]interface{}{
|
AttStatement: map[string]interface{}{
|
||||||
"x5c": []interface{}{},
|
"x5c": []interface{}{},
|
||||||
},
|
},
|
||||||
}}, nil, true},
|
}}, nil, true},
|
||||||
{"fail leaf type", args{ctx, makeProvisioner(caRoot), &Challenge{}, &AttestationObject{
|
{"fail leaf type", args{ctx, mustAttestationProvisioner(t, caRoot), &Challenge{}, &AttestationObject{
|
||||||
Format: "apple",
|
Format: "apple",
|
||||||
AttStatement: map[string]interface{}{
|
AttStatement: map[string]interface{}{
|
||||||
"x5c": []interface{}{"leaf", ca.Intermediate.Raw},
|
"x5c": []interface{}{"leaf", ca.Intermediate.Raw},
|
||||||
},
|
},
|
||||||
}}, nil, true},
|
}}, nil, true},
|
||||||
{"fail leaf parse", args{ctx, makeProvisioner(caRoot), &Challenge{}, &AttestationObject{
|
{"fail leaf parse", args{ctx, mustAttestationProvisioner(t, caRoot), &Challenge{}, &AttestationObject{
|
||||||
Format: "apple",
|
Format: "apple",
|
||||||
AttStatement: map[string]interface{}{
|
AttStatement: map[string]interface{}{
|
||||||
"x5c": []interface{}{leaf.Raw[:100], ca.Intermediate.Raw},
|
"x5c": []interface{}{leaf.Raw[:100], ca.Intermediate.Raw},
|
||||||
},
|
},
|
||||||
}}, nil, true},
|
}}, nil, true},
|
||||||
{"fail intermediate type", args{ctx, makeProvisioner(caRoot), &Challenge{}, &AttestationObject{
|
{"fail intermediate type", args{ctx, mustAttestationProvisioner(t, caRoot), &Challenge{}, &AttestationObject{
|
||||||
Format: "apple",
|
Format: "apple",
|
||||||
AttStatement: map[string]interface{}{
|
AttStatement: map[string]interface{}{
|
||||||
"x5c": []interface{}{leaf.Raw, "intermediate"},
|
"x5c": []interface{}{leaf.Raw, "intermediate"},
|
||||||
},
|
},
|
||||||
}}, nil, true},
|
}}, nil, true},
|
||||||
{"fail intermediate parse", args{ctx, makeProvisioner(caRoot), &Challenge{}, &AttestationObject{
|
{"fail intermediate parse", args{ctx, mustAttestationProvisioner(t, caRoot), &Challenge{}, &AttestationObject{
|
||||||
Format: "apple",
|
Format: "apple",
|
||||||
AttStatement: map[string]interface{}{
|
AttStatement: map[string]interface{}{
|
||||||
"x5c": []interface{}{leaf.Raw, ca.Intermediate.Raw[:100]},
|
"x5c": []interface{}{leaf.Raw, ca.Intermediate.Raw[:100]},
|
||||||
},
|
},
|
||||||
}}, nil, true},
|
}}, nil, true},
|
||||||
{"fail verify", args{ctx, makeProvisioner(caRoot), &Challenge{}, &AttestationObject{
|
{"fail verify", args{ctx, mustAttestationProvisioner(t, caRoot), &Challenge{}, &AttestationObject{
|
||||||
Format: "apple",
|
Format: "apple",
|
||||||
AttStatement: map[string]interface{}{
|
AttStatement: map[string]interface{}{
|
||||||
"x5c": []interface{}{leaf.Raw},
|
"x5c": []interface{}{leaf.Raw},
|
||||||
|
@ -2544,20 +2546,6 @@ func Test_doStepAttestationFormat(t *testing.T) {
|
||||||
}
|
}
|
||||||
caRoot := pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: ca.Root.Raw})
|
caRoot := pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: ca.Root.Raw})
|
||||||
|
|
||||||
makeProvisioner := func(roots []byte) Provisioner {
|
|
||||||
prov := &provisioner.ACME{
|
|
||||||
Type: "ACME",
|
|
||||||
Name: "acme",
|
|
||||||
Challenges: []provisioner.ACMEChallenge{provisioner.DEVICE_ATTEST_01},
|
|
||||||
AttestationRoots: roots,
|
|
||||||
}
|
|
||||||
if err := prov.Init(provisioner.Config{
|
|
||||||
Claims: config.GlobalProvisionerClaims,
|
|
||||||
}); err != nil {
|
|
||||||
t.Fatal(err)
|
|
||||||
}
|
|
||||||
return prov
|
|
||||||
}
|
|
||||||
makeLeaf := func(signer crypto.Signer, serialNumber []byte) *x509.Certificate {
|
makeLeaf := func(signer crypto.Signer, serialNumber []byte) *x509.Certificate {
|
||||||
leaf, err := ca.Sign(&x509.Certificate{
|
leaf, err := ca.Sign(&x509.Certificate{
|
||||||
Subject: pkix.Name{CommonName: "attestation cert"},
|
Subject: pkix.Name{CommonName: "attestation cert"},
|
||||||
|
@ -2633,7 +2621,7 @@ func Test_doStepAttestationFormat(t *testing.T) {
|
||||||
want *stepAttestationData
|
want *stepAttestationData
|
||||||
wantErr bool
|
wantErr bool
|
||||||
}{
|
}{
|
||||||
{"ok", args{ctx, makeProvisioner(caRoot), &Challenge{Token: "token"}, jwk, &AttestationObject{
|
{"ok", args{ctx, mustAttestationProvisioner(t, caRoot), &Challenge{Token: "token"}, jwk, &AttestationObject{
|
||||||
Format: "step",
|
Format: "step",
|
||||||
AttStatement: map[string]interface{}{
|
AttStatement: map[string]interface{}{
|
||||||
"x5c": []interface{}{leaf.Raw, ca.Intermediate.Raw},
|
"x5c": []interface{}{leaf.Raw, ca.Intermediate.Raw},
|
||||||
|
@ -2644,7 +2632,7 @@ func Test_doStepAttestationFormat(t *testing.T) {
|
||||||
SerialNumber: "1234",
|
SerialNumber: "1234",
|
||||||
Certificate: leaf,
|
Certificate: leaf,
|
||||||
}, false},
|
}, false},
|
||||||
{"fail yubico issuer", args{ctx, makeProvisioner(nil), &Challenge{Token: "token"}, jwk, &AttestationObject{
|
{"fail yubico issuer", args{ctx, mustAttestationProvisioner(t, nil), &Challenge{Token: "token"}, jwk, &AttestationObject{
|
||||||
Format: "step",
|
Format: "step",
|
||||||
AttStatement: map[string]interface{}{
|
AttStatement: map[string]interface{}{
|
||||||
"x5c": []interface{}{leaf.Raw, ca.Intermediate.Raw},
|
"x5c": []interface{}{leaf.Raw, ca.Intermediate.Raw},
|
||||||
|
@ -2652,7 +2640,7 @@ func Test_doStepAttestationFormat(t *testing.T) {
|
||||||
"sig": cborSig,
|
"sig": cborSig,
|
||||||
},
|
},
|
||||||
}}, nil, true},
|
}}, nil, true},
|
||||||
{"fail x5c type", args{ctx, makeProvisioner(caRoot), &Challenge{Token: "token"}, jwk, &AttestationObject{
|
{"fail x5c type", args{ctx, mustAttestationProvisioner(t, caRoot), &Challenge{Token: "token"}, jwk, &AttestationObject{
|
||||||
Format: "step",
|
Format: "step",
|
||||||
AttStatement: map[string]interface{}{
|
AttStatement: map[string]interface{}{
|
||||||
"x5c": [][]byte{leaf.Raw, ca.Intermediate.Raw},
|
"x5c": [][]byte{leaf.Raw, ca.Intermediate.Raw},
|
||||||
|
@ -2660,7 +2648,7 @@ func Test_doStepAttestationFormat(t *testing.T) {
|
||||||
"sig": cborSig,
|
"sig": cborSig,
|
||||||
},
|
},
|
||||||
}}, nil, true},
|
}}, nil, true},
|
||||||
{"fail x5c empty", args{ctx, makeProvisioner(caRoot), &Challenge{Token: "token"}, jwk, &AttestationObject{
|
{"fail x5c empty", args{ctx, mustAttestationProvisioner(t, caRoot), &Challenge{Token: "token"}, jwk, &AttestationObject{
|
||||||
Format: "step",
|
Format: "step",
|
||||||
AttStatement: map[string]interface{}{
|
AttStatement: map[string]interface{}{
|
||||||
"x5c": []interface{}{},
|
"x5c": []interface{}{},
|
||||||
|
@ -2668,7 +2656,7 @@ func Test_doStepAttestationFormat(t *testing.T) {
|
||||||
"sig": cborSig,
|
"sig": cborSig,
|
||||||
},
|
},
|
||||||
}}, nil, true},
|
}}, nil, true},
|
||||||
{"fail leaf type", args{ctx, makeProvisioner(caRoot), &Challenge{Token: "token"}, jwk, &AttestationObject{
|
{"fail leaf type", args{ctx, mustAttestationProvisioner(t, caRoot), &Challenge{Token: "token"}, jwk, &AttestationObject{
|
||||||
Format: "step",
|
Format: "step",
|
||||||
AttStatement: map[string]interface{}{
|
AttStatement: map[string]interface{}{
|
||||||
"x5c": []interface{}{"leaf", ca.Intermediate.Raw},
|
"x5c": []interface{}{"leaf", ca.Intermediate.Raw},
|
||||||
|
@ -2676,7 +2664,7 @@ func Test_doStepAttestationFormat(t *testing.T) {
|
||||||
"sig": cborSig,
|
"sig": cborSig,
|
||||||
},
|
},
|
||||||
}}, nil, true},
|
}}, nil, true},
|
||||||
{"fail leaf parse", args{ctx, makeProvisioner(caRoot), &Challenge{Token: "token"}, jwk, &AttestationObject{
|
{"fail leaf parse", args{ctx, mustAttestationProvisioner(t, caRoot), &Challenge{Token: "token"}, jwk, &AttestationObject{
|
||||||
Format: "step",
|
Format: "step",
|
||||||
AttStatement: map[string]interface{}{
|
AttStatement: map[string]interface{}{
|
||||||
"x5c": []interface{}{leaf.Raw[:100], ca.Intermediate.Raw},
|
"x5c": []interface{}{leaf.Raw[:100], ca.Intermediate.Raw},
|
||||||
|
@ -2684,7 +2672,7 @@ func Test_doStepAttestationFormat(t *testing.T) {
|
||||||
"sig": cborSig,
|
"sig": cborSig,
|
||||||
},
|
},
|
||||||
}}, nil, true},
|
}}, nil, true},
|
||||||
{"fail intermediate type", args{ctx, makeProvisioner(caRoot), &Challenge{Token: "token"}, jwk, &AttestationObject{
|
{"fail intermediate type", args{ctx, mustAttestationProvisioner(t, caRoot), &Challenge{Token: "token"}, jwk, &AttestationObject{
|
||||||
Format: "step",
|
Format: "step",
|
||||||
AttStatement: map[string]interface{}{
|
AttStatement: map[string]interface{}{
|
||||||
"x5c": []interface{}{leaf.Raw, "intermediate"},
|
"x5c": []interface{}{leaf.Raw, "intermediate"},
|
||||||
|
@ -2692,7 +2680,7 @@ func Test_doStepAttestationFormat(t *testing.T) {
|
||||||
"sig": cborSig,
|
"sig": cborSig,
|
||||||
},
|
},
|
||||||
}}, nil, true},
|
}}, nil, true},
|
||||||
{"fail intermediate parse", args{ctx, makeProvisioner(caRoot), &Challenge{Token: "token"}, jwk, &AttestationObject{
|
{"fail intermediate parse", args{ctx, mustAttestationProvisioner(t, caRoot), &Challenge{Token: "token"}, jwk, &AttestationObject{
|
||||||
Format: "step",
|
Format: "step",
|
||||||
AttStatement: map[string]interface{}{
|
AttStatement: map[string]interface{}{
|
||||||
"x5c": []interface{}{leaf.Raw, ca.Intermediate.Raw[:100]},
|
"x5c": []interface{}{leaf.Raw, ca.Intermediate.Raw[:100]},
|
||||||
|
@ -2700,7 +2688,7 @@ func Test_doStepAttestationFormat(t *testing.T) {
|
||||||
"sig": cborSig,
|
"sig": cborSig,
|
||||||
},
|
},
|
||||||
}}, nil, true},
|
}}, nil, true},
|
||||||
{"fail verify", args{ctx, makeProvisioner(caRoot), &Challenge{Token: "token"}, jwk, &AttestationObject{
|
{"fail verify", args{ctx, mustAttestationProvisioner(t, caRoot), &Challenge{Token: "token"}, jwk, &AttestationObject{
|
||||||
Format: "step",
|
Format: "step",
|
||||||
AttStatement: map[string]interface{}{
|
AttStatement: map[string]interface{}{
|
||||||
"x5c": []interface{}{leaf.Raw},
|
"x5c": []interface{}{leaf.Raw},
|
||||||
|
@ -2708,7 +2696,7 @@ func Test_doStepAttestationFormat(t *testing.T) {
|
||||||
"sig": cborSig,
|
"sig": cborSig,
|
||||||
},
|
},
|
||||||
}}, nil, true},
|
}}, nil, true},
|
||||||
{"fail sig type", args{ctx, makeProvisioner(caRoot), &Challenge{Token: "token"}, jwk, &AttestationObject{
|
{"fail sig type", args{ctx, mustAttestationProvisioner(t, caRoot), &Challenge{Token: "token"}, jwk, &AttestationObject{
|
||||||
Format: "step",
|
Format: "step",
|
||||||
AttStatement: map[string]interface{}{
|
AttStatement: map[string]interface{}{
|
||||||
"x5c": []interface{}{leaf.Raw, ca.Intermediate.Raw},
|
"x5c": []interface{}{leaf.Raw, ca.Intermediate.Raw},
|
||||||
|
@ -2716,7 +2704,7 @@ func Test_doStepAttestationFormat(t *testing.T) {
|
||||||
"sig": string(cborSig),
|
"sig": string(cborSig),
|
||||||
},
|
},
|
||||||
}}, nil, true},
|
}}, nil, true},
|
||||||
{"fail sig unmarshal", args{ctx, makeProvisioner(caRoot), &Challenge{Token: "token"}, jwk, &AttestationObject{
|
{"fail sig unmarshal", args{ctx, mustAttestationProvisioner(t, caRoot), &Challenge{Token: "token"}, jwk, &AttestationObject{
|
||||||
Format: "step",
|
Format: "step",
|
||||||
AttStatement: map[string]interface{}{
|
AttStatement: map[string]interface{}{
|
||||||
"x5c": []interface{}{leaf.Raw, ca.Intermediate.Raw},
|
"x5c": []interface{}{leaf.Raw, ca.Intermediate.Raw},
|
||||||
|
@ -2724,7 +2712,7 @@ func Test_doStepAttestationFormat(t *testing.T) {
|
||||||
"sig": []byte("bad-sig"),
|
"sig": []byte("bad-sig"),
|
||||||
},
|
},
|
||||||
}}, nil, true},
|
}}, nil, true},
|
||||||
{"fail keyAuthorization", args{ctx, makeProvisioner(caRoot), &Challenge{Token: "token"}, &jose.JSONWebKey{Key: []byte("not an asymmetric key")}, &AttestationObject{
|
{"fail keyAuthorization", args{ctx, mustAttestationProvisioner(t, caRoot), &Challenge{Token: "token"}, &jose.JSONWebKey{Key: []byte("not an asymmetric key")}, &AttestationObject{
|
||||||
Format: "step",
|
Format: "step",
|
||||||
AttStatement: map[string]interface{}{
|
AttStatement: map[string]interface{}{
|
||||||
"x5c": []interface{}{leaf.Raw, ca.Intermediate.Raw},
|
"x5c": []interface{}{leaf.Raw, ca.Intermediate.Raw},
|
||||||
|
@ -2732,7 +2720,7 @@ func Test_doStepAttestationFormat(t *testing.T) {
|
||||||
"sig": cborSig,
|
"sig": cborSig,
|
||||||
},
|
},
|
||||||
}}, nil, true},
|
}}, nil, true},
|
||||||
{"fail sig verify P-256", args{ctx, makeProvisioner(caRoot), &Challenge{Token: "token"}, jwk, &AttestationObject{
|
{"fail sig verify P-256", args{ctx, mustAttestationProvisioner(t, caRoot), &Challenge{Token: "token"}, jwk, &AttestationObject{
|
||||||
Format: "step",
|
Format: "step",
|
||||||
AttStatement: map[string]interface{}{
|
AttStatement: map[string]interface{}{
|
||||||
"x5c": []interface{}{leaf.Raw, ca.Intermediate.Raw},
|
"x5c": []interface{}{leaf.Raw, ca.Intermediate.Raw},
|
||||||
|
@ -2740,7 +2728,7 @@ func Test_doStepAttestationFormat(t *testing.T) {
|
||||||
"sig": otherCBORSig,
|
"sig": otherCBORSig,
|
||||||
},
|
},
|
||||||
}}, nil, true},
|
}}, nil, true},
|
||||||
{"fail sig verify P-384", args{ctx, makeProvisioner(caRoot), &Challenge{Token: "token"}, jwk, &AttestationObject{
|
{"fail sig verify P-384", args{ctx, mustAttestationProvisioner(t, caRoot), &Challenge{Token: "token"}, jwk, &AttestationObject{
|
||||||
Format: "step",
|
Format: "step",
|
||||||
AttStatement: map[string]interface{}{
|
AttStatement: map[string]interface{}{
|
||||||
"x5c": []interface{}{makeLeaf(mustSigner("EC", "P-384", 0), serialNumber).Raw, ca.Intermediate.Raw},
|
"x5c": []interface{}{makeLeaf(mustSigner("EC", "P-384", 0), serialNumber).Raw, ca.Intermediate.Raw},
|
||||||
|
@ -2748,7 +2736,7 @@ func Test_doStepAttestationFormat(t *testing.T) {
|
||||||
"sig": cborSig,
|
"sig": cborSig,
|
||||||
},
|
},
|
||||||
}}, nil, true},
|
}}, nil, true},
|
||||||
{"fail sig verify RSA", args{ctx, makeProvisioner(caRoot), &Challenge{Token: "token"}, jwk, &AttestationObject{
|
{"fail sig verify RSA", args{ctx, mustAttestationProvisioner(t, caRoot), &Challenge{Token: "token"}, jwk, &AttestationObject{
|
||||||
Format: "step",
|
Format: "step",
|
||||||
AttStatement: map[string]interface{}{
|
AttStatement: map[string]interface{}{
|
||||||
"x5c": []interface{}{makeLeaf(mustSigner("RSA", "", 2048), serialNumber).Raw, ca.Intermediate.Raw},
|
"x5c": []interface{}{makeLeaf(mustSigner("RSA", "", 2048), serialNumber).Raw, ca.Intermediate.Raw},
|
||||||
|
@ -2756,7 +2744,7 @@ func Test_doStepAttestationFormat(t *testing.T) {
|
||||||
"sig": cborSig,
|
"sig": cborSig,
|
||||||
},
|
},
|
||||||
}}, nil, true},
|
}}, nil, true},
|
||||||
{"fail sig verify Ed25519", args{ctx, makeProvisioner(caRoot), &Challenge{Token: "token"}, jwk, &AttestationObject{
|
{"fail sig verify Ed25519", args{ctx, mustAttestationProvisioner(t, caRoot), &Challenge{Token: "token"}, jwk, &AttestationObject{
|
||||||
Format: "step",
|
Format: "step",
|
||||||
AttStatement: map[string]interface{}{
|
AttStatement: map[string]interface{}{
|
||||||
"x5c": []interface{}{makeLeaf(mustSigner("OKP", "Ed25519", 0), serialNumber).Raw, ca.Intermediate.Raw},
|
"x5c": []interface{}{makeLeaf(mustSigner("OKP", "Ed25519", 0), serialNumber).Raw, ca.Intermediate.Raw},
|
||||||
|
@ -2764,7 +2752,7 @@ func Test_doStepAttestationFormat(t *testing.T) {
|
||||||
"sig": cborSig,
|
"sig": cborSig,
|
||||||
},
|
},
|
||||||
}}, nil, true},
|
}}, nil, true},
|
||||||
{"fail unmarshal serial number", args{ctx, makeProvisioner(caRoot), &Challenge{Token: "token"}, jwk, &AttestationObject{
|
{"fail unmarshal serial number", args{ctx, mustAttestationProvisioner(t, caRoot), &Challenge{Token: "token"}, jwk, &AttestationObject{
|
||||||
Format: "step",
|
Format: "step",
|
||||||
AttStatement: map[string]interface{}{
|
AttStatement: map[string]interface{}{
|
||||||
"x5c": []interface{}{makeLeaf(signer, []byte("bad-serial")).Raw, ca.Intermediate.Raw},
|
"x5c": []interface{}{makeLeaf(signer, []byte("bad-serial")).Raw, ca.Intermediate.Raw},
|
||||||
|
|
Loading…
Reference in a new issue