Closed yogeshbdeshpande closed 1 year ago
Just to make it explicit, the test file in question is https://github.com/veraison/go-cose/blob/main/verifier_test.go
There are 3 key mismatch test cases: ecdsa key mismatch
, ed25519 key mismatch
, rsa key mismatch
One test that provides unexpected alg: unknown algorithm
And one more rsa key under minimum entropy
Looks like a low hanging fruit to increase integrity, @yogeshbdeshpande would you be willing to do a PR?
@ivarprudnikov I will make a change shortly!
Current Unit test (example : file verifier_test.go) TestNewVerifier ( )
Only checks whether the negative tests have returned an Error or not ? Then the test code compares it with a Boolean "WantErr" to understand that whether error was expected in the given test instance or not?
However the test code does not check the precise "error string" which maps to precise point in the code where the tests should return an error.
With this type of testing could lead to inaccurate results as code may return an error from incorrect part but the test may still indicate pass.