Ryan/droplet
1
0
Fork 0
mirror of https://github.com/Drop-OSS/droplet.git synced 2025-11-09 20:12:18 +10:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
droplet/__test__/trust.spec.mjs
DecDuck 1b35477b5c fix: move to js tests
2025-03-27 11:51:19 +11:00

123 lines
2.6 KiB
JavaScript
Raw Permalink Blame History

import test from "ava";
import {
generateRootCa,
generateClientCertificate,
verifyClientCertificate,
signNonce,
verifyNonce,
} from "../index.js";
import { randomUUID, sign } from "crypto";
test("generate ca", (t) => {
const [pub, priv] = generateRootCa();
t.pass();
});
test("generate ca & client certs", (t) => {
const [pub, priv] = generateRootCa();
const clientName = "My Test Client";
const [clientPub, clientPriv] = generateClientCertificate(
clientName,
clientName,
pub,
priv
);
t.pass();
});
test("trust chain", (t) => {
const [pub, priv] = generateRootCa();
const clientName = "My Test Client";
const [clientPub, clientPriv] = generateClientCertificate(
clientName,
clientName,
pub,
priv
);
const [invalidPub, invalidPriv] = generateRootCa();
const valid = verifyClientCertificate(clientPub, pub);
if (valid) return t.pass();
const invalid = verifyClientCertificate(invalidPub, pub);
if (!invalid) return t.pass();
return t.fail();
});
test("trust chain fails", (t) => {
const [rootPub, rootPriv] = generateRootCa();
const [clientPub, _priv] = generateClientCertificate(
"",
"",
rootPub,
rootPriv
);
const [otherRootPub, otherRootPriv] = generateRootCa();
const valid = verifyClientCertificate(clientPub, otherRootPub);
if (!valid) return t.pass();
t.fail("client certificate verifies non-related certificate");
});
test("nonce signing", (t) => {
const [pub, priv] = generateRootCa();
const [clientPub, clientPriv] = generateClientCertificate(
"test",
"test",
pub,
priv
);
const nonce = randomUUID();
const signature = signNonce(clientPriv, nonce);
return t.pass();
});
test("nonce signing, and verification", (t) => {
const [pub, priv] = generateRootCa();
const [clientPub, clientPriv] = generateClientCertificate(
"test",
"test",
pub,
priv
);
const nonce = randomUUID();
const signature = signNonce(clientPriv, nonce);
const valid = verifyNonce(clientPub, nonce, signature);
if (!valid) return t.fail("nonce does not verify correctly");
return t.pass();
});
test("nonce signing, fails verification", (t) => {
const [rootPub, rootPriv] = generateRootCa();
const [clientPub, clientPriv] = generateClientCertificate(
"test",
"test",
rootPub,
rootPriv
);
const [otherClientPub, otherClientPriv] = generateClientCertificate("test2", "test2", rootPub, rootPriv);
const nonce = randomUUID();
const signature = signNonce(clientPriv, nonce);
const valid = verifyNonce(otherClientPub, nonce, signature);
if(valid) return t.fail("succesfully verified an invalid nonce");
t.pass();
});
Reference in New Issue View Git Blame Copy Permalink