Fix ecdsa signature verification test.

2021-01-28 11:38:21 -08:00 · 2021-01-28 11:38:21 -08:00 · 6c113542c8
commit 6c113542c8
parent 35bf9b787e
1 changed files with 19 additions and 19 deletions
--- a/kms/pkcs11/pkcs11_test.go
+++ b/kms/pkcs11/pkcs11_test.go
@ -392,6 +392,24 @@ func TestPKCS11_CreateSigner(t *testing.T) {
 	data := []byte("buggy-coheir-RUBRIC-rabbet-liberal-eaglet-khartoum-stagger")
 	setupSoftHSM2, setupYubiHSM2 := setupFuncs(t)
 	// VerifyASN1 verifies the ASN.1 encoded signature, sig, of hash using the
 	// public key, pub. Its return value records whether the signature is valid.
 	verifyASN1 := func(pub *ecdsa.PublicKey, hash, sig []byte) bool {
 		var (
 			r, s  = &big.Int{}, &big.Int{}
 			inner cryptobyte.String
 		)
 		input := cryptobyte.String(sig)
 		if !input.ReadASN1(&inner, asn1.SEQUENCE) ||
 			!input.Empty() ||
 			!inner.ReadASN1Integer(r) ||
 			!inner.ReadASN1Integer(s) ||
 			!inner.Empty() {
 			return false
 		}
 		return ecdsa.Verify(pub, hash, r, s)
 	}
 	type args struct {
 		req *apiv1.CreateSignerRequest
 	}
@ -481,7 +499,7 @@ func TestPKCS11_CreateSigner(t *testing.T) {
 					}
 				case apiv1.ECDSAWithSHA256, apiv1.ECDSAWithSHA384, apiv1.ECDSAWithSHA512:
 					pub := got.Public().(*ecdsa.PublicKey)
-					if !VerifyASN1(pub, digest, sig) {
+					if !verifyASN1(pub, digest, sig) {
 						t.Error("ecdsa.VerifyASN1() failed")
 					}
 				default:
@ -645,21 +663,3 @@ func TestPKCS11_StoreCertificate(t *testing.T) {
 		})
 	}
 }
 // VerifyASN1 verifies the ASN.1 encoded signature, sig, of hash using the
 // public key, pub. Its return value records whether the signature is valid.
 func VerifyASN1(pub *ecdsa.PublicKey, hash, sig []byte) bool {
 	var (
 		r, s  = &big.Int{}, &big.Int{}
 		inner cryptobyte.String
 	)
 	input := cryptobyte.String(sig)
 	if !input.ReadASN1(&inner, asn1.SEQUENCE) ||
 		input.Empty() ||
 		inner.ReadASN1Integer(r) ||
 		inner.ReadASN1Integer(s) ||
 		inner.Empty() {
 		return false
 	}
 	return ecdsa.Verify(pub, hash, r, s)
 }