[77] Improve test suite for RSAEncrypter/Decrypter

.gitignore

@@ -101,3 +101,4 @@ fastlane/test_output
 
 .idea/
 sonar-reports/
+/JOSESwift.xcworkspace/xcshareddata

Tests/CryptoTestCase.swift

@@ -25,11 +25,14 @@ import XCTest
 
 class CryptoTestCase: XCTestCase {
     let message = "The true sign of intelligence is not knowledge but imagination."
-    let privateKey2048Tag = "com.airsidemobile.JOSESwift.testPrivateKey2048"
+    let privateKeyAlice2048Tag = "com.airsidemobile.JOSESwift.testprivateKeyAlice2048"
+    let privateKeyBob2048Tag = "com.airsidemobile.JOSESwift.testprivateKeyBob2048"
     let privateKey4096Tag = "com.airsidemobile.JOSESwift.testPrivateKey4096"
 
-    var privateKey2048: SecKey?
-    var publicKey2048: SecKey?
+    var privateKeyAlice2048: SecKey?
+    var privateKeyBob2048: SecKey?
+    var publicKeyAlice2048: SecKey?
+    var publicKeyBob2048: SecKey?
 
     var privateKey4096: SecKey?
     var publicKey4096: SecKey?
@@ -42,7 +45,8 @@ class CryptoTestCase: XCTestCase {
         v_TA
         """
 
-    var publicKey2048Data: Data!
+    var publicKeyAlice2048Data: Data!
+    var publicKeyBob2048Data: Data!
     var publicKey4096Data: Data!
 
     // Generated by OpenSSL for `publicKey` (without leading 0x00).
@@ -127,17 +131,26 @@ class CryptoTestCase: XCTestCase {
         if
             let path = Bundle(for: type(of: self)).path(forResource: "TestKey", ofType: "plist"),
             let keyDict = NSDictionary(contentsOfFile: path),
-            let keyData2048 = Data(base64Encoded: keyDict[privateKey2048Tag] as! String),
+            let keyDataAlice2048 = Data(base64Encoded: keyDict[privateKeyAlice2048Tag] as! String),
+            let keyDataBob2048 = Data(base64Encoded: keyDict[privateKeyBob2048Tag] as! String),
             let keyData4096 = Data(base64Encoded: keyDict[privateKey4096Tag] as! String)
         {
 
-            // 2048
+            // 2048 - Alice
 
-            let keyPair2048 = setupSecKeyPair(size: 2048, data: keyData2048, tag: privateKey2048Tag)!
+            let keyPairAlice2048 = setupSecKeyPair(size: 2048, data: keyDataAlice2048, tag: privateKeyAlice2048Tag)!
 
-            privateKey2048 = keyPair2048.privateKey
-            publicKey2048 = keyPair2048.publicKey
-            publicKey2048Data = SecKeyCopyExternalRepresentation(publicKey2048!, nil)! as Data
+            privateKeyAlice2048 = keyPairAlice2048.privateKey
+            publicKeyAlice2048 = keyPairAlice2048.publicKey
+            publicKeyAlice2048Data = SecKeyCopyExternalRepresentation(publicKeyAlice2048!, nil)! as Data
+
+            // 2048 - Bob
+
+            let keyPairBob2048 = setupSecKeyPair(size: 2048, data: keyDataBob2048, tag: privateKeyBob2048Tag)!
+
+            privateKeyBob2048 = keyPairBob2048.privateKey
+            publicKeyBob2048 = keyPairBob2048.publicKey
+            publicKeyBob2048Data = SecKeyCopyExternalRepresentation(publicKeyBob2048!, nil)! as Data
 
             // 4096
 

Tests/DataRSAPublicKeyTests.swift

@@ -27,14 +27,14 @@ import XCTest
 class DataRSAPublicKeyTests: CryptoTestCase {
 
     func testLeadingZeroDropped() {
-        let components = try! publicKey2048Data.rsaPublicKeyComponents()
+        let components = try! publicKeyAlice2048Data.rsaPublicKeyComponents()
 
-        XCTAssertEqual(try! [UInt8](publicKey2048Data).read(.sequence).read(.integer).first!, 0x00)
+        XCTAssertEqual(try! [UInt8](publicKeyAlice2048Data).read(.sequence).read(.integer).first!, 0x00)
         XCTAssertNotEqual([UInt8](components.modulus).first!, 0x00)
     }
 
-    func testPublicKey2048Modulus() {
-        let components = try? publicKey2048Data.rsaPublicKeyComponents()
+    func testpublicKeyAlice2048Modulus() {
+        let components = try? publicKeyAlice2048Data.rsaPublicKeyComponents()
 
         XCTAssertNotNil(components)
 
@@ -43,8 +43,8 @@ class DataRSAPublicKeyTests: CryptoTestCase {
         XCTAssertEqual(modulus, expectedModulus2048Data)
     }
 
-    func testPublicKey2048Exponent() {
-        let components = try? publicKey2048Data.rsaPublicKeyComponents()
+    func testpublicKeyAlice2048Exponent() {
+        let components = try? publicKeyAlice2048Data.rsaPublicKeyComponents()
 
         XCTAssertNotNil(components)
 
@@ -77,7 +77,7 @@ class DataRSAPublicKeyTests: CryptoTestCase {
         let components = (expectedModulus2048Data, expectedExponentData)
         let data = try! Data.representing(rsaPublicKeyComponents: components)
 
-        let expectedData = publicKey2048Data
+        let expectedData = publicKeyAlice2048Data
 
         XCTAssertEqual(data, expectedData)
     }

Tests/JWETests.swift

@@ -37,27 +37,27 @@ class JWETests: CryptoTestCase {
     func testJWERoundtrip() {
         let header = JWEHeader(algorithm: .RSA1_5, encryptionAlgorithm: .A256CBCHS512)
         let payload = Payload(message.data(using: .utf8)!)
-        let encrypter = Encrypter(keyEncryptionAlgorithm: .RSA1_5, keyEncryptionKey: publicKey2048!, contentEncyptionAlgorithm: .A256CBCHS512)!
+        let encrypter = Encrypter(keyEncryptionAlgorithm: .RSA1_5, keyEncryptionKey: publicKeyAlice2048!, contentEncyptionAlgorithm: .A256CBCHS512)!
         let jweEnc = try! JWE(header: header, payload: payload, encrypter: encrypter)
 
         let jweDec = try! JWE(compactSerialization: jweEnc.compactSerializedData)
-        let decryptedPayload = try! jweDec.decrypt(with: privateKey2048!)
+        let decryptedPayload = try! jweDec.decrypt(with: privateKeyAlice2048!)
 
         XCTAssertEqual(message.data(using: .utf8)!, decryptedPayload.data())
     }
 
     func testDecrypt() {
         let compactSerializedJWE = "eyJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIn0.Od5AMgOHu6rcEYWkX7w_x_wnMlM5JfZaszCC4xtLGYU9d0BnPm95UWUrgShStGH6LHMxpGdru6gXpdxfhhrji12vUIzmkbyNW5M9wjx2t0e4pzzBSYxgOzFoa3jT9a0PcZfyqHIeTrcrTHtpSJ_CIDiZ3MIeqA7hjuRqu2YcTAE0v5TPLhHDVRBptkOggA5SL2-gRuUuYoWdanMw_JTHK4utXQZoSY1LTdub_Fh5ez1RqOouc3an5Hx6ImzyJS_cbO_l9xHpHjE7in6SeV9bAZTaYEaGnjGKEVaGQ7JiwtTA5rDfVQ5RHSn6blB2Hh5Am7mKzssYu9JjUmr3T-ez_g.M6QnlRxQQ5YS2rF4-wwT3g.4GAtq6fJWJt249SEuK5P_3xJGNYP_e_rhz0PVg9QnJXiRl030ggI9GGs3E_0pEPBs9_WJ3E60qQVoXTIMbJXSQ.bQc-W1Ph_0_3kX570pT8gjDlGyiK3kF8PlHiT7GWfMo"
         let jwe = try! JWE(compactSerialization: compactSerializedJWE)
-        let payloadString = String(data: (try! jwe.decrypt(with: privateKey2048!)).data(), encoding: .utf8)!
+        let payloadString = String(data: (try! jwe.decrypt(with: privateKeyAlice2048!)).data(), encoding: .utf8)!
 
         XCTAssertEqual(payloadString, "The true sign of intelligence is not knowledge but imagination.")
     }
 
     func testDecryptFails() {
         let header = JWEHeader(algorithm: .RSA1_5, encryptionAlgorithm: .A256CBCHS512)
         let payload = Payload(message.data(using: .utf8)!)
-        let encrypter = Encrypter(keyEncryptionAlgorithm: .RSA1_5, keyEncryptionKey: publicKey2048!, contentEncyptionAlgorithm: .A256CBCHS512)!
+        let encrypter = Encrypter(keyEncryptionAlgorithm: .RSA1_5, keyEncryptionKey: publicKeyAlice2048!, contentEncyptionAlgorithm: .A256CBCHS512)!
         let jweEnc = try! JWE(header: header, payload: payload, encrypter: encrypter)
 
         let attributes: [String: Any] = [
@@ -66,7 +66,7 @@ class JWETests: CryptoTestCase {
             kSecAttrKeySizeInBits as String: 2048,
             kSecPrivateKeyAttrs as String: [
                 kSecAttrIsPermanent as String: false,
-                kSecAttrApplicationTag as String: privateKey2048Tag
+                kSecAttrApplicationTag as String: privateKeyAlice2048Tag
             ]
         ]
 

Tests/JWKRSAEncodingTests.swift

@@ -27,7 +27,7 @@ import XCTest
 class JWKRSAEncodingTests: CryptoTestCase {
 
     func testPublicKeyEncoding() {
-        let jwk = try! RSAPublicKey(publicKey: publicKey2048!, additionalParameters: [
+        let jwk = try! RSAPublicKey(publicKey: publicKeyAlice2048!, additionalParameters: [
             "alg": "RS256",
             "kid": "2011-04-29"
         ])
@@ -47,7 +47,7 @@ class JWKRSAEncodingTests: CryptoTestCase {
     }
 
     func testEncodingPublicKeyWithUnregisteredParameter() {
-        let jwk = try! RSAPublicKey(publicKey: publicKey2048!, additionalParameters: [
+        let jwk = try! RSAPublicKey(publicKey: publicKeyAlice2048!, additionalParameters: [
             "alg": "RS256",
             "kid": "2011-04-29",
             "breeze": "through"

Tests/JWKRSAKeysTests.swift

@@ -27,7 +27,7 @@ import XCTest
 class JWKRSAKeysTests: CryptoTestCase {
 
     func testMergingDuplicateAdditionalParametersInPublicKey() {
-        let jwk = try! RSAPublicKey(publicKey: publicKey2048!, additionalParameters: [
+        let jwk = try! RSAPublicKey(publicKey: publicKeyAlice2048!, additionalParameters: [
             "kty": "wrongKty"
         ])
 
@@ -81,7 +81,7 @@ class JWKRSAKeysTests: CryptoTestCase {
     }
 
     func testPublicKeyKeyTypeIsPresent() {
-        let jwk = try! RSAPublicKey(publicKey: publicKey2048!)
+        let jwk = try! RSAPublicKey(publicKey: publicKeyAlice2048!)
 
         XCTAssertEqual(jwk.keyType, .RSA)
         XCTAssertEqual(jwk[JWKParameter.keyType.rawValue] ?? "", JWKKeyType.RSA.rawValue)
@@ -97,15 +97,15 @@ class JWKRSAKeysTests: CryptoTestCase {
     }
 
     func testSettingAndGettingAdditionalParameter() {
-        let jwk = try! RSAPublicKey(publicKey: publicKey2048!, additionalParameters: [
+        let jwk = try! RSAPublicKey(publicKey: publicKeyAlice2048!, additionalParameters: [
             "kid": "new on the block"
             ])
 
         XCTAssertEqual(jwk["kid"] ?? "", "new on the block")
     }
 
     func testPublicKeyAllParametersArePresentInDict() {
-        let jwk = try! RSAPublicKey(publicKey: publicKey2048!, additionalParameters: [
+        let jwk = try! RSAPublicKey(publicKey: publicKeyAlice2048!, additionalParameters: [
             "kid": "new on the block",
             "use": "test"
         ])

Tests/JWKtoJSONTests.swift

@@ -27,7 +27,7 @@ import XCTest
 class JWKtoJSONTests: CryptoTestCase {
 
     func testJSONString() {
-        let jwk = try! RSAPublicKey(publicKey: publicKey2048!, additionalParameters: [
+        let jwk = try! RSAPublicKey(publicKey: publicKeyAlice2048!, additionalParameters: [
             "alg": "RS256",
             "kid": "2011-04-29"
         ])
@@ -48,7 +48,7 @@ class JWKtoJSONTests: CryptoTestCase {
     }
 
     func testJSONData() {
-        let jwk = try! RSAPublicKey(publicKey: publicKey2048!, additionalParameters: [
+        let jwk = try! RSAPublicKey(publicKey: publicKeyAlice2048!, additionalParameters: [
             "alg": "RS256",
             "kid": "2011-04-29"
         ])

Tests/JWSTests.swift

@@ -34,26 +34,26 @@ class JWSTests: CryptoTestCase {
     }
 
     func testSignAndSerialize() {
-        guard publicKey2048 != nil, privateKey2048 != nil else {
+        guard publicKeyAlice2048 != nil, privateKeyAlice2048 != nil else {
             XCTFail()
             return
         }
 
         let header = JWSHeader(algorithm: .RS512)
         let payload = Payload(message.data(using: .utf8)!)
-        let signer = Signer(signingAlgorithm: .RS512, privateKey: privateKey2048!)!
+        let signer = Signer(signingAlgorithm: .RS512, privateKey: privateKeyAlice2048!)!
         let jws = try! JWS(header: header, payload: payload, signer: signer)
         let compactSerializedJWS = jws.compactSerializedString
 
         XCTAssertEqual(compactSerializedJWS, compactSerializedJWSConst)
 
         let secondJWS = try! JWS(compactSerialization: compactSerializedJWS)
 
-        XCTAssertTrue(secondJWS.isValid(for: publicKey2048!))
+        XCTAssertTrue(secondJWS.isValid(for: publicKeyAlice2048!))
     }
 
     func testDeserializeFromCompactSerialization() {
-        guard privateKey2048 != nil else {
+        guard privateKeyAlice2048 != nil else {
             XCTFail()
             return
         }
@@ -62,7 +62,7 @@ class JWSTests: CryptoTestCase {
         XCTAssertEqual(String(data: jws.header.data(), encoding: .utf8), "{\"alg\":\"RS512\"}")
         XCTAssertEqual(String(data: jws.payload.data(), encoding: .utf8), "The true sign of intelligence is not knowledge but imagination.")
 
-        let signer = Signer(signingAlgorithm: .RS512, privateKey: privateKey2048!)!
+        let signer = Signer(signingAlgorithm: .RS512, privateKey: privateKeyAlice2048!)!
         let signature = try! signer.sign(header: JWSHeader(algorithm: .RS512), payload: Payload(message.data(using: .utf8)!))
         XCTAssertEqual(jws.signature.data(), signature)
     }

Tests/JWSValidationTests.swift

@@ -29,7 +29,7 @@ class JWSValidationTests: CryptoTestCase {
     func testIsValid() {
         let jws = try! JWS(compactSerialization: compactSerializedJWSConst)
 
-        XCTAssertTrue(jws.isValid(for: publicKey2048!))
+        XCTAssertTrue(jws.isValid(for: publicKeyAlice2048!))
     }
 
     func testIsValidIsFalseForInvalidAlg() {
@@ -38,7 +38,7 @@ class JWSValidationTests: CryptoTestCase {
 
         let jws = try! JWS(compactSerialization: malformedSerialization)
 
-        XCTAssertFalse(jws.isValid(for: publicKey2048!))
+        XCTAssertFalse(jws.isValid(for: publicKeyAlice2048!))
     }
 
     func testIsValidIsFalseForWrongSignature() {
@@ -47,7 +47,7 @@ class JWSValidationTests: CryptoTestCase {
 
         let jws = try! JWS(compactSerialization: malformedSerialization)
 
-        XCTAssertFalse(jws.isValid(for: publicKey2048!))
+        XCTAssertFalse(jws.isValid(for: publicKeyAlice2048!))
     }
 
     func testIsValidIsFalseForWrongKey() {
@@ -59,13 +59,13 @@ class JWSValidationTests: CryptoTestCase {
     func testValidatesDoesNotThrowForValidSignature() {
         let jws = try! JWS(compactSerialization: compactSerializedJWSConst)
 
-        XCTAssertNoThrow(try jws.validate(with: publicKey2048!))
+        XCTAssertNoThrow(try jws.validate(with: publicKeyAlice2048!))
     }
 
     func testValidatesReturnsJWS() {
         let jws = try! JWS(compactSerialization: compactSerializedJWSConst)
 
-        let validatedJWS = try! jws.validate(with: publicKey2048!)
+        let validatedJWS = try! jws.validate(with: publicKeyAlice2048!)
 
         XCTAssertEqual(validatedJWS.compactSerializedString, compactSerializedJWSConst)
     }
@@ -76,7 +76,7 @@ class JWSValidationTests: CryptoTestCase {
 
         let jws = try! JWS(compactSerialization: malformedSerialization)
 
-        XCTAssertThrowsError(try jws.validate(with: publicKey2048!))
+        XCTAssertThrowsError(try jws.validate(with: publicKeyAlice2048!))
     }
 
     func testValidatesThrowsForWrongSignature() {
@@ -85,7 +85,7 @@ class JWSValidationTests: CryptoTestCase {
 
         let jws = try! JWS(compactSerialization: malformedSerialization)
 
-        XCTAssertThrowsError(try jws.validate(with: publicKey2048!))
+        XCTAssertThrowsError(try jws.validate(with: publicKeyAlice2048!))
     }
 
     func testValidatesThrowsForWrongKey() {