From 4a3dbddaffa30ce64a7942f275386cd4f7fcea11 Mon Sep 17 00:00:00 2001 From: theexiile1305 Date: Thu, 17 Oct 2024 15:56:45 +0200 Subject: [PATCH] chore: formatting and using another types as deprecated ones --- msg.go | 42 +++++++++++++++++++++-- msg_test.go | 68 +++++++++++++++++++------------------ msgwriter_test.go | 4 +-- pkcs7.go | 14 ++++---- pkcs7_test.go | 43 +++++++++++++++++------- smime.go | 86 ++++++++++++++++++++++++++++------------------- smime_test.go | 65 ++++++++++++++++++++++++++++++----- 7 files changed, 224 insertions(+), 98 deletions(-) diff --git a/msg.go b/msg.go index 60f758f..7f5bbd9 100644 --- a/msg.go +++ b/msg.go @@ -7,7 +7,9 @@ package mail import ( "bytes" "context" + "crypto/ecdsa" "crypto/rsa" + "crypto/tls" "crypto/x509" "embed" "errors" @@ -338,9 +340,9 @@ func WithNoDefaultUserAgent() MsgOption { } } -// SignWithSMime configures the Msg to be signed with S/MIME -func (m *Msg) SignWithSMime(privateKey *rsa.PrivateKey, certificate *x509.Certificate, intermediateCertificate *x509.Certificate) error { - sMime, err := newSMime(privateKey, certificate, intermediateCertificate) +// SignWithSMimeRSA configures the Msg to be signed with S/MIME +func (m *Msg) SignWithSMimeRSA(privateKey *rsa.PrivateKey, certificate *x509.Certificate, intermediateCertificate *x509.Certificate) error { + sMime, err := newSMimeWithRSA(privateKey, certificate, intermediateCertificate) if err != nil { return err } @@ -348,6 +350,40 @@ func (m *Msg) SignWithSMime(privateKey *rsa.PrivateKey, certificate *x509.Certif return nil } +// SignWithSMimeECDSA configures the Msg to be signed with S/MIME +func (m *Msg) SignWithSMimeECDSA(privateKey *ecdsa.PrivateKey, certificate *x509.Certificate, intermediateCertificate *x509.Certificate) error { + sMime, err := newSMimeWithECDSA(privateKey, certificate, intermediateCertificate) + if err != nil { + return err + } + m.sMime = sMime + return nil +} + +// SignWithTLSCertificate signs the Msg with the provided *tls.certificate. +func (m *Msg) SignWithTLSCertificate(keyPairTlS *tls.Certificate) error { + intermediateCertificate, err := x509.ParseCertificate(keyPairTlS.Certificate[1]) + if err != nil { + return fmt.Errorf("failed to parse intermediate certificate: %w", err) + } + + switch keyPairTlS.PrivateKey.(type) { + case *rsa.PrivateKey: + if intermediateCertificate == nil { + return m.SignWithSMimeRSA(keyPairTlS.PrivateKey.(*rsa.PrivateKey), keyPairTlS.Leaf, nil) + } + return m.SignWithSMimeRSA(keyPairTlS.PrivateKey.(*rsa.PrivateKey), keyPairTlS.Leaf, intermediateCertificate) + + case *ecdsa.PrivateKey: + if intermediateCertificate == nil { + return m.SignWithSMimeECDSA(keyPairTlS.PrivateKey.(*ecdsa.PrivateKey), keyPairTlS.Leaf, nil) + } + return m.SignWithSMimeECDSA(keyPairTlS.PrivateKey.(*ecdsa.PrivateKey), keyPairTlS.Leaf, intermediateCertificate) + default: + return fmt.Errorf("unsupported private key type: %T", keyPairTlS.PrivateKey) + } +} + // This method allows you to specify a character set for the email message. The charset is // important for ensuring that the content of the message is correctly interpreted by // mail clients. Common charset values include UTF-8, ISO-8859-1, and others. If a charset diff --git a/msg_test.go b/msg_test.go index 7842cda..2aeab91 100644 --- a/msg_test.go +++ b/msg_test.go @@ -1909,14 +1909,14 @@ func TestMsg_hasAlt(t *testing.T) { // TestMsg_hasAlt tests the hasAlt() method of the Msg with active S/MIME func TestMsg_hasAltWithSMime(t *testing.T) { - privateKey, certificate, intermediateCertificate, err := getDummyCryptoMaterial() + privateKey, certificate, intermediateCertificate, err := getDummyRSACryptoMaterial() if err != nil { t.Errorf("failed to laod dummy crypto material. Cause: %v", err) } m := NewMsg() m.SetBodyString(TypeTextPlain, "Plain") m.AddAlternativeString(TypeTextHTML, "HTML") - if err := m.SignWithSMime(privateKey, certificate, intermediateCertificate); err != nil { + if err := m.SignWithSMimeRSA(privateKey, certificate, intermediateCertificate); err != nil { t.Errorf("failed to init smime configuration") } if m.hasAlt() { @@ -1926,12 +1926,12 @@ func TestMsg_hasAltWithSMime(t *testing.T) { // TestMsg_hasSMime tests the hasSMime() method of the Msg func TestMsg_hasSMime(t *testing.T) { - privateKey, certificate, intermediateCertificate, err := getDummyCryptoMaterial() + privateKey, certificate, intermediateCertificate, err := getDummyRSACryptoMaterial() if err != nil { t.Errorf("failed to laod dummy crypto material. Cause: %v", err) } m := NewMsg() - if err := m.SignWithSMime(privateKey, certificate, intermediateCertificate); err != nil { + if err := m.SignWithSMimeRSA(privateKey, certificate, intermediateCertificate); err != nil { t.Errorf("failed to init smime configuration") } m.SetBodyString(TypeTextPlain, "Plain") @@ -2009,7 +2009,7 @@ func TestMsg_WriteToSkipMiddleware(t *testing.T) { // TestMsg_WriteToWithSMIME tests the WriteTo() method of the Msg func TestMsg_WriteToWithSMIME(t *testing.T) { - privateKey, certificate, intermediateCertificate, err := getDummyCryptoMaterial() + privateKey, certificate, intermediateCertificate, err := getDummyRSACryptoMaterial() if err != nil { t.Errorf("failed to laod dummy crypto material. Cause: %v", err) } @@ -2017,7 +2017,7 @@ func TestMsg_WriteToWithSMIME(t *testing.T) { m := NewMsg() m.Subject("This is a test") m.SetBodyString(TypeTextPlain, "Plain") - if err := m.SignWithSMime(privateKey, certificate, intermediateCertificate); err != nil { + if err := m.SignWithSMimeRSA(privateKey, certificate, intermediateCertificate); err != nil { t.Errorf("failed to init smime configuration") } @@ -3343,17 +3343,35 @@ func TestNewMsgWithNoDefaultUserAgent(t *testing.T) { } } -// TestSignWithSMime_ValidKeyPair tests WithSMimeSinging with given key pair -func TestSignWithSMime_ValidKeyPair(t *testing.T) { - privateKey, certificate, intermediateCertificate, err := getDummyCryptoMaterial() +// TestSignWithSMime_ValidRSAKeyPair tests WithSMimeSinging with given rsa key pair +func TestSignWithSMime_ValidRSAKeyPair(t *testing.T) { + privateKey, certificate, intermediateCertificate, err := getDummyRSACryptoMaterial() if err != nil { t.Errorf("failed to laod dummy crypto material. Cause: %v", err) } m := NewMsg() - if err := m.SignWithSMime(privateKey, certificate, intermediateCertificate); err != nil { + if err := m.SignWithSMimeRSA(privateKey, certificate, intermediateCertificate); err != nil { t.Errorf("failed to set sMime. Cause: %v", err) } - if m.sMime.privateKey == nil { + if m.sMime.privateKey.rsa == nil { + t.Errorf("WithSMimeSinging() - no private key is given") + } + if m.sMime.certificate == nil { + t.Errorf("WithSMimeSinging() - no certificate is given") + } +} + +// TestSignWithSMime_ValidRSAKeyPair tests WithSMimeSinging with given ecdsa key pair +func TestSignWithSMime_ValidECDSAKeyPair(t *testing.T) { + privateKey, certificate, intermediateCertificate, err := getDummyECDSACryptoMaterial() + if err != nil { + t.Errorf("failed to laod dummy crypto material. Cause: %v", err) + } + m := NewMsg() + if err := m.SignWithSMimeECDSA(privateKey, certificate, intermediateCertificate); err != nil { + t.Errorf("failed to set sMime. Cause: %v", err) + } + if m.sMime.privateKey.rsa == nil { t.Errorf("WithSMimeSinging() - no private key is given") } if m.sMime.certificate == nil { @@ -3365,7 +3383,7 @@ func TestSignWithSMime_ValidKeyPair(t *testing.T) { func TestSignWithSMime_InvalidPrivateKey(t *testing.T) { m := NewMsg() - err := m.SignWithSMime(nil, nil, nil) + err := m.SignWithSMimeRSA(nil, nil, nil) if !errors.Is(err, ErrInvalidPrivateKey) { t.Errorf("failed to pre-check SignWithSMime method values correctly: %s", err) } @@ -3373,32 +3391,18 @@ func TestSignWithSMime_InvalidPrivateKey(t *testing.T) { // TestSignWithSMime_InvalidCertificate tests WithSMimeSinging with given invalid certificate func TestSignWithSMime_InvalidCertificate(t *testing.T) { - privateKey, _, _, err := getDummyCryptoMaterial() + privateKey, _, _, err := getDummyRSACryptoMaterial() if err != nil { t.Errorf("failed to laod dummy crypto material. Cause: %v", err) } m := NewMsg() - err = m.SignWithSMime(privateKey, nil, nil) + err = m.SignWithSMimeRSA(privateKey, nil, nil) if !errors.Is(err, ErrInvalidCertificate) { t.Errorf("failed to pre-check SignWithSMime method values correctly: %s", err) } } -// TestSignWithSMime_InvalidIntermediateCertificate tests WithSMimeSinging with given invalid intermediate certificate -func TestSignWithSMime_InvalidIntermediateCertificate(t *testing.T) { - privateKey, certificate, _, err := getDummyCryptoMaterial() - if err != nil { - t.Errorf("failed to laod dummy crypto material. Cause: %v", err) - } - m := NewMsg() - - err = m.SignWithSMime(privateKey, certificate, nil) - if !errors.Is(err, ErrInvalidIntermediateCertificate) { - t.Errorf("failed to pre-check SignWithSMime method values correctly: %s", err) - } -} - // Fuzzing tests func FuzzMsg_Subject(f *testing.F) { f.Add("Testsubject") @@ -3429,12 +3433,12 @@ func FuzzMsg_From(f *testing.F) { // TestMsg_createSignaturePart tests the Msg.createSignaturePart method func TestMsg_createSignaturePart(t *testing.T) { - privateKey, certificate, intermediateCertificate, err := getDummyCryptoMaterial() + privateKey, certificate, intermediateCertificate, err := getDummyRSACryptoMaterial() if err != nil { t.Errorf("failed to laod dummy crypto material. Cause: %v", err) } m := NewMsg() - if err := m.SignWithSMime(privateKey, certificate, intermediateCertificate); err != nil { + if err := m.SignWithSMimeRSA(privateKey, certificate, intermediateCertificate); err != nil { t.Errorf("failed to init smime configuration") } body := []byte("This is the body") @@ -3459,14 +3463,14 @@ func TestMsg_createSignaturePart(t *testing.T) { // TestMsg_signMessage tests the Msg.signMessage method func TestMsg_signMessage(t *testing.T) { - privateKey, certificate, intermediateCertificate, err := getDummyCryptoMaterial() + privateKey, certificate, intermediateCertificate, err := getDummyRSACryptoMaterial() if err != nil { t.Errorf("failed to laod dummy crypto material. Cause: %v", err) } body := []byte("This is the body") m := NewMsg() m.SetBodyString(TypeTextPlain, string(body)) - if err := m.SignWithSMime(privateKey, certificate, intermediateCertificate); err != nil { + if err := m.SignWithSMimeRSA(privateKey, certificate, intermediateCertificate); err != nil { t.Errorf("failed to init smime configuration") } msg, err := m.signMessage(m) diff --git a/msgwriter_test.go b/msgwriter_test.go index 6e36c4b..0379cd7 100644 --- a/msgwriter_test.go +++ b/msgwriter_test.go @@ -157,13 +157,13 @@ func TestMsgWriter_writeMsg_PGP(t *testing.T) { // TestMsgWriter_writeMsg_SMime tests the writeMsg method of the msgWriter with S/MIME types set func TestMsgWriter_writeMsg_SMime(t *testing.T) { - privateKey, certificate, intermediateCertificate, err := getDummyCryptoMaterial() + privateKey, certificate, intermediateCertificate, err := getDummyRSACryptoMaterial() if err != nil { t.Errorf("failed to laod dummy crypto material. Cause: %v", err) } m := NewMsg() - if err := m.SignWithSMime(privateKey, certificate, intermediateCertificate); err != nil { + if err := m.SignWithSMimeRSA(privateKey, certificate, intermediateCertificate); err != nil { t.Errorf("failed to init smime configuration") } _ = m.From(`"Toni Tester" `) diff --git a/pkcs7.go b/pkcs7.go index 6522bb6..f16b54f 100644 --- a/pkcs7.go +++ b/pkcs7.go @@ -25,7 +25,7 @@ import ( type PKCS7 struct { Content []byte Certificates []*x509.Certificate - CRLs []pkix.CertificateList + CRLs []x509.RevocationList Signers []signerInfo raw interface{} } @@ -47,9 +47,9 @@ type signedData struct { Version int `asn1:"default:1"` DigestAlgorithmIdentifiers []pkix.AlgorithmIdentifier `asn1:"set"` ContentInfo contentInfo - Certificates rawCertificates `asn1:"optional,tag:0"` - CRLs []pkix.CertificateList `asn1:"optional,tag:1"` - SignerInfos []signerInfo `asn1:"set"` + Certificates rawCertificates `asn1:"optional,tag:0"` + CRLs []x509.RevocationList `asn1:"optional,tag:1"` + SignerInfos []signerInfo `asn1:"set"` } type rawCertificates struct { @@ -110,7 +110,9 @@ func marshalAttributes(attrs []attribute) ([]byte, error) { // Remove the leading sequence octets var raw asn1.RawValue - asn1.Unmarshal(encodedAttributes, &raw) + if _, err := asn1.Unmarshal(encodedAttributes, &raw); err != nil { + return nil, err + } return raw.Bytes, nil } @@ -377,7 +379,7 @@ func marshalCertificates(certs []*x509.Certificate) rawCertificates { // RawContent, we have to encode it into the RawContent. If its missing, // then `asn1.Marshal()` will strip out the certificate wrapper instead. func marshalCertificateBytes(certs []byte) (rawCertificates, error) { - var val = asn1.RawValue{Bytes: certs, Class: 2, Tag: 0, IsCompound: true} + val := asn1.RawValue{Bytes: certs, Class: 2, Tag: 0, IsCompound: true} b, err := asn1.Marshal(val) if err != nil { return rawCertificates{}, err diff --git a/pkcs7_test.go b/pkcs7_test.go index fa79faf..7a65644 100644 --- a/pkcs7_test.go +++ b/pkcs7_test.go @@ -12,7 +12,6 @@ import ( "crypto/x509/pkix" "encoding/pem" "fmt" - "io/ioutil" "math/big" "os" "os/exec" @@ -75,33 +74,53 @@ func TestOpenSSLVerifyDetachedSignature(t *testing.T) { } // write the root cert to a temp file - tmpRootCertFile, err := ioutil.TempFile("", "pkcs7TestRootCA") + tmpRootCertFile, err := os.CreateTemp("", "pkcs7TestRootCA") if err != nil { t.Fatal(err) } - defer os.Remove(tmpRootCertFile.Name()) // clean up - fd, err := os.OpenFile(tmpRootCertFile.Name(), os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0755) + defer func(name string) { + if err := os.Remove(name); err != nil { + t.Fatalf("Cannot write root cert: %s", err) + } + }(tmpRootCertFile.Name()) // clean up + fd, err := os.OpenFile(tmpRootCertFile.Name(), os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0o755) if err != nil { t.Fatal(err) } - pem.Encode(fd, &pem.Block{Type: "CERTIFICATE", Bytes: rootCert.Certificate.Raw}) - fd.Close() + if err := pem.Encode(fd, &pem.Block{Type: "CERTIFICATE", Bytes: rootCert.Certificate.Raw}); err != nil { + t.Fatalf("Cannot write root cert: %s", err) + } + if err := fd.Close(); err != nil { + t.Fatalf("Cannot write root cert: %s", err) + } // write the signature to a temp file - tmpSignatureFile, err := ioutil.TempFile("", "pkcs7Signature") + tmpSignatureFile, err := os.CreateTemp("", "pkcs7Signature") if err != nil { t.Fatal(err) } - defer os.Remove(tmpSignatureFile.Name()) // clean up - ioutil.WriteFile(tmpSignatureFile.Name(), signed, 0755) + defer func(name string) { + if err := os.Remove(name); err != nil { + t.Fatalf("Cannot write signature: %s", err) + } + }(tmpSignatureFile.Name()) // clean up + if err := os.WriteFile(tmpSignatureFile.Name(), signed, 0o755); err != nil { + t.Fatalf("Cannot write signature: %s", err) + } // write the content to a temp file - tmpContentFile, err := ioutil.TempFile("", "pkcs7Content") + tmpContentFile, err := os.CreateTemp("", "pkcs7Content") if err != nil { t.Fatal(err) } - defer os.Remove(tmpContentFile.Name()) // clean up - ioutil.WriteFile(tmpContentFile.Name(), content, 0755) + defer func(name string) { + if err := os.Remove(name); err != nil { + t.Fatalf("Cannot write content: %s", err) + } + }(tmpContentFile.Name()) // clean up + if err := os.WriteFile(tmpContentFile.Name(), content, 0o755); err != nil { + t.Fatalf("Cannot write content: %s", err) + } // call openssl to verify the signature on the content using the root opensslCMD := exec.Command("openssl", "smime", "-verify", diff --git a/smime.go b/smime.go index 405a5c1..da09713 100644 --- a/smime.go +++ b/smime.go @@ -6,14 +6,14 @@ package mail import ( "bytes" + "crypto" + "crypto/ecdsa" "crypto/rsa" "crypto/x509" "encoding/pem" "errors" "fmt" "strings" - - "go.mozilla.org/pkcs7" ) var ( @@ -22,35 +22,34 @@ var ( // ErrInvalidCertificate should be used if the certificate is invalid ErrInvalidCertificate = errors.New("invalid certificate") - - // ErrInvalidIntermediateCertificate should be used if the intermediate certificate is invalid - ErrInvalidIntermediateCertificate = errors.New("invalid intermediate certificate") - - // ErrCouldNotInitialize should be used if the signed data could not initialize - ErrCouldNotInitialize = errors.New("could not initialize signed data") - - // ErrCouldNotAddSigner should be used if the signer could not be added - ErrCouldNotAddSigner = errors.New("could not add signer message") - - // ErrCouldNotFinishSigning should be used if the signing could not be finished - ErrCouldNotFinishSigning = errors.New("could not finish signing") - - // ErrCouldNoEncodeToPEM should be used if the signature could not be encoded to PEM - ErrCouldNoEncodeToPEM = errors.New("could not encode to PEM") ) +// privateKeyHolder is the representation of a private key +type privateKeyHolder struct { + ecdsa *ecdsa.PrivateKey + rsa *rsa.PrivateKey +} + +// get returns the private key of the privateKeyHolder +func (p privateKeyHolder) get() crypto.PrivateKey { + if p.ecdsa != nil { + return p.ecdsa + } + return p.rsa +} + // SMime is used to sign messages with S/MIME type SMime struct { - privateKey *rsa.PrivateKey + privateKey privateKeyHolder certificate *x509.Certificate intermediateCertificate *x509.Certificate } -// NewSMime construct a new instance of SMime with provided parameters +// newSMimeWithRSA construct a new instance of SMime with provided parameters // privateKey as *rsa.PrivateKey // certificate as *x509.Certificate -// intermediateCertificate as *x509.Certificate -func newSMime(privateKey *rsa.PrivateKey, certificate *x509.Certificate, intermediateCertificate *x509.Certificate) (*SMime, error) { +// intermediateCertificate (optional) as *x509.Certificate +func newSMimeWithRSA(privateKey *rsa.PrivateKey, certificate *x509.Certificate, intermediateCertificate *x509.Certificate) (*SMime, error) { if privateKey == nil { return nil, ErrInvalidPrivateKey } @@ -59,12 +58,28 @@ func newSMime(privateKey *rsa.PrivateKey, certificate *x509.Certificate, interme return nil, ErrInvalidCertificate } - if intermediateCertificate == nil { - return nil, ErrInvalidIntermediateCertificate + return &SMime{ + privateKey: privateKeyHolder{rsa: privateKey}, + certificate: certificate, + intermediateCertificate: intermediateCertificate, + }, nil +} + +// newSMimeWithECDSA construct a new instance of SMime with provided parameters +// privateKey as *ecdsa.PrivateKey +// certificate as *x509.Certificate +// intermediateCertificate (optional) as *x509.Certificate +func newSMimeWithECDSA(privateKey *ecdsa.PrivateKey, certificate *x509.Certificate, intermediateCertificate *x509.Certificate) (*SMime, error) { + if privateKey == nil { + return nil, ErrInvalidPrivateKey + } + + if certificate == nil { + return nil, ErrInvalidCertificate } return &SMime{ - privateKey: privateKey, + privateKey: privateKeyHolder{ecdsa: privateKey}, certificate: certificate, intermediateCertificate: intermediateCertificate, }, nil @@ -75,26 +90,29 @@ func (sm *SMime) signMessage(message string) (*string, error) { lines := parseLines([]byte(message)) toBeSigned := lines.bytesFromLines([]byte("\r\n")) - signedData, err := pkcs7.NewSignedData(toBeSigned) - signedData.SetDigestAlgorithm(pkcs7.OIDDigestAlgorithmSHA256) - if err != nil { - return nil, ErrCouldNotInitialize + signedData, err := newSignedData(toBeSigned) + if err != nil || signedData == nil { + return nil, fmt.Errorf("could not initialize signed data: %w", err) } - if err = signedData.AddSignerChain(sm.certificate, sm.privateKey, []*x509.Certificate{sm.intermediateCertificate}, pkcs7.SignerInfoConfig{}); err != nil { - return nil, ErrCouldNotAddSigner + if err = signedData.addSigner(sm.certificate, sm.privateKey.get(), SignerInfoConfig{}); err != nil { + return nil, fmt.Errorf("could not add signer message: %w", err) } - signedData.Detach() + if sm.intermediateCertificate != nil { + signedData.addCertificate(sm.intermediateCertificate) + } - signatureDER, err := signedData.Finish() + signedData.detach() + + signatureDER, err := signedData.finish() if err != nil { - return nil, ErrCouldNotFinishSigning + return nil, fmt.Errorf("could not finish signing: %w", err) } pemMsg, err := encodeToPEM(signatureDER) if err != nil { - return nil, ErrCouldNoEncodeToPEM + return nil, fmt.Errorf("could not encode to PEM: %w", err) } return pemMsg, nil diff --git a/smime_test.go b/smime_test.go index 9c5b121..d6fae44 100644 --- a/smime_test.go +++ b/smime_test.go @@ -6,25 +6,72 @@ package mail import ( "bytes" + "crypto/ecdsa" + "crypto/rsa" "encoding/base64" "fmt" "strings" "testing" ) -// TestNewSMime tests the newSMime method -func TestNewSMime(t *testing.T) { - privateKey, certificate, intermediateCertificate, err := getDummyCryptoMaterial() +func TestGet_RSA(t *testing.T) { + p := privateKeyHolder{ + ecdsa: nil, + rsa: &rsa.PrivateKey{}, + } + + if p.get() == nil { + t.Errorf("get() did not return the correct private key") + } +} + +func TestGet_ECDSA(t *testing.T) { + p := privateKeyHolder{ + ecdsa: &ecdsa.PrivateKey{}, + rsa: nil, + } + + if p.get() == nil { + t.Errorf("get() did not return the correct private key") + } +} + +// TestNewSMimeWithRSA tests the newSMime method with RSA crypto material +func TestNewSMimeWithRSA(t *testing.T) { + privateKey, certificate, intermediateCertificate, err := getDummyRSACryptoMaterial() if err != nil { t.Errorf("Error getting dummy crypto material: %s", err) } - sMime, err := newSMime(privateKey, certificate, intermediateCertificate) + sMime, err := newSMimeWithRSA(privateKey, certificate, intermediateCertificate) if err != nil { t.Errorf("Error creating new SMime from keyPair: %s", err) } - if sMime.privateKey != privateKey { + if sMime.privateKey.rsa != privateKey { + t.Errorf("NewSMime() did not return the same private key") + } + if sMime.certificate != certificate { + t.Errorf("NewSMime() did not return the same certificate") + } + if sMime.intermediateCertificate != intermediateCertificate { + t.Errorf("NewSMime() did not return the same intermedidate certificate") + } +} + +// TestNewSMimeWithECDSA tests the newSMime method with ECDSA crypto material +func TestNewSMimeWithECDSA(t *testing.T) { + privateKey, certificate, intermediateCertificate, err := getDummyECDSACryptoMaterial() + if err != nil { + t.Errorf("Error getting dummy crypto material: %s", err) + } + + sMime, err := newSMimeWithECDSA(privateKey, certificate, intermediateCertificate) + if err != nil { + t.Errorf("Error creating new SMime from keyPair: %s", err) + } + + if sMime.privateKey.ecdsa != privateKey { t.Errorf("NewSMime() did not return the same private key") } if sMime.certificate != certificate { @@ -37,12 +84,12 @@ func TestNewSMime(t *testing.T) { // TestSign tests the sign method func TestSign(t *testing.T) { - privateKey, certificate, intermediateCertificate, err := getDummyCryptoMaterial() + privateKey, certificate, intermediateCertificate, err := getDummyRSACryptoMaterial() if err != nil { t.Errorf("Error getting dummy crypto material: %s", err) } - sMime, err := newSMime(privateKey, certificate, intermediateCertificate) + sMime, err := newSMimeWithRSA(privateKey, certificate, intermediateCertificate) if err != nil { t.Errorf("Error creating new SMime from keyPair: %s", err) } @@ -60,12 +107,12 @@ func TestSign(t *testing.T) { // TestPrepareMessage tests the createMessage method func TestPrepareMessage(t *testing.T) { - privateKey, certificate, intermediateCertificate, err := getDummyCryptoMaterial() + privateKey, certificate, intermediateCertificate, err := getDummyRSACryptoMaterial() if err != nil { t.Errorf("Error getting dummy crypto material: %s", err) } - sMime, err := newSMime(privateKey, certificate, intermediateCertificate) + sMime, err := newSMimeWithRSA(privateKey, certificate, intermediateCertificate) if err != nil { t.Errorf("Error creating new SMime from keyPair: %s", err) }