go/signature/ed25519_signer_key_manager_test.go - platform/external/tink - Git at Google

 // Copyright 2018 Google LLC
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 //      http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
 //
 ////////////////////////////////////////////////////////////////////////////////

 package signature_test

 import (
 	"bytes"
 	"crypto/ed25519"
 	"encoding/hex"
 	"fmt"
 	"testing"

 	"github.com/google/go-cmp/cmp"
 	"google.golang.org/protobuf/proto"
 	"github.com/google/tink/go/core/registry"
 	"github.com/google/tink/go/internal/internalregistry"
 	"github.com/google/tink/go/signature/subtle"
 	"github.com/google/tink/go/subtle/random"
 	"github.com/google/tink/go/testutil"
 	ed25519pb "github.com/google/tink/go/proto/ed25519_go_proto"
 	tinkpb "github.com/google/tink/go/proto/tink_go_proto"
 )

 func TestED25519SignerGetPrimitiveBasic(t *testing.T) {
 	km, err := registry.GetKeyManager(testutil.ED25519SignerTypeURL)
 	if err != nil {
 		t.Errorf("cannot obtain ED25519Signer key manager: %s", err)
 	}
 	pvtKey := testutil.NewED25519PrivateKey()
 	serializedKey, _ := proto.Marshal(pvtKey)
 	tmp, err := km.Primitive(serializedKey)
 	if err != nil {
 		t.Errorf("unexpect error in test case: %s ", err)
 	}
 	var s = tmp.(*subtle.ED25519Signer)

 	kmPub, err := registry.GetKeyManager(testutil.ED25519VerifierTypeURL)
 	if err != nil {
 		t.Errorf("cannot obtain ED25519Signer key manager: %s", err)
 	}
 	pubKey := pvtKey.PublicKey
 	serializedKey, _ = proto.Marshal(pubKey)
 	tmp, err = kmPub.Primitive(serializedKey)
 	if err != nil {
 		t.Errorf("unexpect error in test case: %s ", err)
 	}
 	var v = tmp.(*subtle.ED25519Verifier)

 	data := random.GetRandomBytes(1281)
 	signature, err := s.Sign(data)
 	if err != nil {
 		t.Errorf("unexpected error when signing: %s", err)
 	}

 	if err := v.Verify(signature, data); err != nil {
 		t.Errorf("unexpected error when verifying signature: %s", err)
 	}

 }

 func TestED25519SignGetPrimitiveWithInvalidInput(t *testing.T) {
 	// invalid params
 	km, err := registry.GetKeyManager(testutil.ED25519SignerTypeURL)
 	if err != nil {
 		t.Errorf("cannot obtain ED25519Signer key manager: %s", err)
 	}

 	// invalid version
 	key := testutil.NewED25519PrivateKey()
 	key.Version = testutil.ED25519SignerKeyVersion + 1
 	serializedKey, _ := proto.Marshal(key)
 	if _, err := km.Primitive(serializedKey); err == nil {
 		t.Errorf("expect an error when version is invalid")
 	}
 	// nil input
 	if _, err := km.Primitive(nil); err == nil {
 		t.Errorf("expect an error when input is nil")
 	}
 	if _, err := km.Primitive([]byte{}); err == nil {
 		t.Errorf("expect an error when input is empty slice")
 	}
 }

 func TestED25519SignNewKeyBasic(t *testing.T) {
 	km, err := registry.GetKeyManager(testutil.ED25519SignerTypeURL)
 	if err != nil {
 		t.Errorf("cannot obtain ED25519Signer key manager: %s", err)
 	}
 	serializedFormat, _ := proto.Marshal(testutil.NewED25519PrivateKey())
 	tmp, err := km.NewKey(serializedFormat)
 	if err != nil {
 		t.Errorf("unexpected error: %s", err)
 	}
 	key := tmp.(*ed25519pb.Ed25519PrivateKey)
 	if err := validateED25519PrivateKey(key); err != nil {
 		t.Errorf("invalid private key in test case: %s", err)
 	}
 }

 func TestED25519PublicKeyDataBasic(t *testing.T) {
 	km, err := registry.GetKeyManager(testutil.ED25519SignerTypeURL)
 	if err != nil {
 		t.Errorf("cannot obtain ED25519Signer key manager: %s", err)
 	}
 	pkm, ok := km.(registry.PrivateKeyManager)
 	if !ok {
 		t.Errorf("cannot obtain private key manager")
 	}

 	key := testutil.NewED25519PrivateKey()
 	serializedKey, _ := proto.Marshal(key)

 	pubKeyData, err := pkm.PublicKeyData(serializedKey)
 	if err != nil {
 		t.Errorf("unexpect error in test case: %s ", err)
 	}
 	if pubKeyData.TypeUrl != testutil.ED25519VerifierTypeURL {
 		t.Errorf("incorrect type url: %s", pubKeyData.TypeUrl)
 	}
 	if pubKeyData.KeyMaterialType != tinkpb.KeyData_ASYMMETRIC_PUBLIC {
 		t.Errorf("incorrect key material type: %d", pubKeyData.KeyMaterialType)
 	}
 	pubKey := new(ed25519pb.Ed25519PublicKey)
 	if err = proto.Unmarshal(pubKeyData.Value, pubKey); err != nil {
 		t.Errorf("invalid public key: %s", err)
 	}
 }

 func TestED25519PublicKeyDataWithInvalidInput(t *testing.T) {
 	km, err := registry.GetKeyManager(testutil.ED25519SignerTypeURL)
 	if err != nil {
 		t.Errorf("cannot obtain ED25519Signer key manager: %s", err)
 	}
 	pkm, ok := km.(registry.PrivateKeyManager)
 	if !ok {
 		t.Errorf("cannot obtain private key manager")
 	}
 	// modified key
 	key := testutil.NewED25519PrivateKey()
 	serializedKey, _ := proto.Marshal(key)
 	serializedKey[0] = 0
 	if _, err := pkm.PublicKeyData(serializedKey); err == nil {
 		t.Errorf("expect an error when input is a modified serialized key")
 	}
 	// invalid with a single byte
 	if _, err := pkm.PublicKeyData([]byte{42}); err == nil {
 		t.Errorf("expect an error when input is an empty slice")
 	}
 }

 func TestED25519KeyMaterialType(t *testing.T) {
 	km, err := registry.GetKeyManager(testutil.ED25519SignerTypeURL)
 	if err != nil {
 		t.Fatalf("registry.GetKeyManager(%q) err = %v, want nil", testutil.ED25519SignerTypeURL, err)
 	}
 	keyManager, ok := km.(internalregistry.DerivableKeyManager)
 	if !ok {
 		t.Fatalf("key manager is not DerivableKeyManager")
 	}
 	if got, want := keyManager.KeyMaterialType(), tinkpb.KeyData_ASYMMETRIC_PRIVATE; got != want {
 		t.Errorf("KeyMaterialType() = %v, want %v", got, want)
 	}
 }

 func TestED25519DeriveKey(t *testing.T) {
 	km, err := registry.GetKeyManager(testutil.ED25519SignerTypeURL)
 	if err != nil {
 		t.Fatalf("registry.GetKeyManager(%q) err = %v, want nil", testutil.ED25519SignerTypeURL, err)
 	}
 	keyManager, ok := km.(internalregistry.DerivableKeyManager)
 	if !ok {
 		t.Fatalf("key manager is not DerivableKeyManager")
 	}
 	keyFormat, err := proto.Marshal(&ed25519pb.Ed25519KeyFormat{Version: testutil.ED25519SignerKeyVersion})
 	if err != nil {
 		t.Fatalf("proto.Marshal() err = %v, want nil", err)
 	}
 	for _, test := range []struct {
 		name      string
 		keyFormat []byte
 	}{
 		{
 			// nil unmarshals to an empty proto, which implies version = 0.
 			name:      "nil",
 			keyFormat: nil,
 		},
 		{
 			// An empty proto implies version = 0.
 			name:      "empty",
 			keyFormat: []byte{},
 		},
 		{
 			name:      "specified",
 			keyFormat: keyFormat,
 		},
 	} {
 		t.Run(test.name, func(t *testing.T) {
 			rand := random.GetRandomBytes(ed25519.SeedSize)
 			buf := &bytes.Buffer{}
 			buf.Write(rand) // never returns a non-nil error
 			k, err := keyManager.DeriveKey(test.keyFormat, buf)
 			if err != nil {
 				t.Fatalf("keyManager.DeriveKey() err = %v, want nil", err)
 			}
 			key := k.(*ed25519pb.Ed25519PrivateKey)
 			if got, want := len(key.KeyValue), ed25519.SeedSize; got != want {
 				t.Errorf("private key length = %d, want %d", got, want)
 			}
 			if diff := cmp.Diff(key.KeyValue, rand[:ed25519.SeedSize]); diff != "" {
 				t.Errorf("incorrect derived private key: diff = %v", diff)
 			}
 			if got, want := len(key.PublicKey.KeyValue), ed25519.PublicKeySize; got != want {
 				t.Errorf("public key length = %d, want %d", got, want)
 			}
 			if diff := cmp.Diff(key.PublicKey.KeyValue, []byte(ed25519.NewKeyFromSeed(rand))[32:]); diff != "" {
 				t.Errorf("incorrect derived public key: diff = %v", diff)
 			}
 		})
 	}
 }

 func TestED25519DeriveKeyFailsWithInvalidKeyFormats(t *testing.T) {
 	km, err := registry.GetKeyManager(testutil.ED25519SignerTypeURL)
 	if err != nil {
 		t.Fatalf("registry.GetKeyManager(%q) err = %v, want nil", testutil.ED25519SignerTypeURL, err)
 	}
 	keyManager, ok := km.(internalregistry.DerivableKeyManager)
 	if !ok {
 		t.Fatalf("key manager is not DerivableKeyManager")
 	}
 	invalidVersion, err := proto.Marshal(&ed25519pb.Ed25519KeyFormat{Version: 10})
 	if err != nil {
 		t.Fatalf("proto.Marshal() err = %v, want nil", err)
 	}
 	// Proto messages start with a VarInt, which always ends with a byte with the
 	// MSB unset, so 0x80 is invalid.
 	invalidSerialization, err := hex.DecodeString("80")
 	if err != nil {
 		t.Errorf("hex.DecodeString() err = %v, want nil", err)
 	}
 	for _, test := range []struct {
 		name      string
 		keyFormat []byte
 	}{
 		{
 			name:      "invalid version",
 			keyFormat: invalidVersion,
 		},
 		{
 			name:      "invalid serialization",
 			keyFormat: invalidSerialization,
 		},
 	} {
 		t.Run(test.name, func(t *testing.T) {
 			buf := bytes.NewBuffer(random.GetRandomBytes(ed25519.SeedSize))
 			if _, err := keyManager.DeriveKey(test.keyFormat, buf); err == nil {
 				t.Errorf("keyManager.DeriveKey() err = nil, want non-nil")
 			}
 		})
 	}
 }

 func TestED25519DeriveKeyFailsWithInsufficientRandomness(t *testing.T) {
 	km, err := registry.GetKeyManager(testutil.ED25519SignerTypeURL)
 	if err != nil {
 		t.Fatalf("registry.GetKeyManager(%q) err = %v, want nil", testutil.ED25519SignerTypeURL, err)
 	}
 	keyManager, ok := km.(internalregistry.DerivableKeyManager)
 	if !ok {
 		t.Fatalf("key manager is not DerivableKeyManager")
 	}
 	keyFormat, err := proto.Marshal(&ed25519pb.Ed25519KeyFormat{Version: 0})
 	if err != nil {
 		t.Fatalf("proto.Marshal() err = %v, want nil", err)
 	}
 	{
 		buf := bytes.NewBuffer(random.GetRandomBytes(ed25519.SeedSize))
 		if _, err := keyManager.DeriveKey(keyFormat, buf); err != nil {
 			t.Errorf("keyManager.DeriveKey() err = %v, want nil", err)
 		}
 	}
 	{
 		insufficientBuf := bytes.NewBuffer(random.GetRandomBytes(ed25519.SeedSize - 1))
 		if _, err := keyManager.DeriveKey(keyFormat, insufficientBuf); err == nil {
 			t.Errorf("keyManager.DeriveKey() err = nil, want non-nil")
 		}
 	}
 }

 func validateED25519PrivateKey(key *ed25519pb.Ed25519PrivateKey) error {
 	if key.Version != testutil.ED25519SignerKeyVersion {
 		return fmt.Errorf("incorrect private key's version: expect %d, got %d",
 			testutil.ED25519SignerKeyVersion, key.Version)
 	}
 	publicKey := key.PublicKey
 	if publicKey.Version != testutil.ED25519SignerKeyVersion {
 		return fmt.Errorf("incorrect public key's version: expect %d, got %d",
 			testutil.ED25519SignerKeyVersion, key.Version)
 	}

 	signer, err := subtle.NewED25519Signer(key.KeyValue)
 	if err != nil {
 		return fmt.Errorf("unexpected error when creating ED25519Sign: %s", err)
 	}

 	verifier, err := subtle.NewED25519Verifier(publicKey.KeyValue)
 	if err != nil {
 		return fmt.Errorf("unexpected error when creating ED25519Verify: %s", err)
 	}
 	for i := 0; i < 100; i++ {
 		data := random.GetRandomBytes(1281)
 		signature, err := signer.Sign(data)
 		if err != nil {
 			return fmt.Errorf("unexpected error when signing: %s", err)
 		}

 		if err := verifier.Verify(signature, data); err != nil {
 			return fmt.Errorf("unexpected error when verifying signature: %s", err)
 		}
 	}
 	return nil
 }
	// Copyright 2018 Google LLC
	//
	// Licensed under the Apache License, Version 2.0 (the "License");
	// you may not use this file except in compliance with the License.
	// You may obtain a copy of the License at
	//
	// http://www.apache.org/licenses/LICENSE-2.0
	//
	// Unless required by applicable law or agreed to in writing, software
	// distributed under the License is distributed on an "AS IS" BASIS,
	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	// See the License for the specific language governing permissions and
	// limitations under the License.
	//
	////////////////////////////////////////////////////////////////////////////////

	package signature_test

	import (
	"bytes"
	"crypto/ed25519"
	"encoding/hex"
	"fmt"
	"testing"

	"github.com/google/go-cmp/cmp"
	"google.golang.org/protobuf/proto"
	"github.com/google/tink/go/core/registry"
	"github.com/google/tink/go/internal/internalregistry"
	"github.com/google/tink/go/signature/subtle"
	"github.com/google/tink/go/subtle/random"
	"github.com/google/tink/go/testutil"
	ed25519pb "github.com/google/tink/go/proto/ed25519_go_proto"
	tinkpb "github.com/google/tink/go/proto/tink_go_proto"
	)

	func TestED25519SignerGetPrimitiveBasic(t *testing.T) {
	km, err := registry.GetKeyManager(testutil.ED25519SignerTypeURL)
	if err != nil {
	t.Errorf("cannot obtain ED25519Signer key manager: %s", err)
	}
	pvtKey := testutil.NewED25519PrivateKey()
	serializedKey, _ := proto.Marshal(pvtKey)
	tmp, err := km.Primitive(serializedKey)
	if err != nil {
	t.Errorf("unexpect error in test case: %s ", err)
	}
	var s = tmp.(*subtle.ED25519Signer)

	kmPub, err := registry.GetKeyManager(testutil.ED25519VerifierTypeURL)
	if err != nil {
	t.Errorf("cannot obtain ED25519Signer key manager: %s", err)
	}
	pubKey := pvtKey.PublicKey
	serializedKey, _ = proto.Marshal(pubKey)
	tmp, err = kmPub.Primitive(serializedKey)
	if err != nil {
	t.Errorf("unexpect error in test case: %s ", err)
	}
	var v = tmp.(*subtle.ED25519Verifier)

	data := random.GetRandomBytes(1281)
	signature, err := s.Sign(data)
	if err != nil {
	t.Errorf("unexpected error when signing: %s", err)
	}

	if err := v.Verify(signature, data); err != nil {
	t.Errorf("unexpected error when verifying signature: %s", err)
	}

	}

	func TestED25519SignGetPrimitiveWithInvalidInput(t *testing.T) {
	// invalid params
	km, err := registry.GetKeyManager(testutil.ED25519SignerTypeURL)
	if err != nil {
	t.Errorf("cannot obtain ED25519Signer key manager: %s", err)
	}

	// invalid version
	key := testutil.NewED25519PrivateKey()
	key.Version = testutil.ED25519SignerKeyVersion + 1
	serializedKey, _ := proto.Marshal(key)
	if _, err := km.Primitive(serializedKey); err == nil {
	t.Errorf("expect an error when version is invalid")
	}
	// nil input
	if _, err := km.Primitive(nil); err == nil {
	t.Errorf("expect an error when input is nil")
	}
	if _, err := km.Primitive([]byte{}); err == nil {
	t.Errorf("expect an error when input is empty slice")
	}
	}

	func TestED25519SignNewKeyBasic(t *testing.T) {
	km, err := registry.GetKeyManager(testutil.ED25519SignerTypeURL)
	if err != nil {
	t.Errorf("cannot obtain ED25519Signer key manager: %s", err)
	}
	serializedFormat, _ := proto.Marshal(testutil.NewED25519PrivateKey())
	tmp, err := km.NewKey(serializedFormat)
	if err != nil {
	t.Errorf("unexpected error: %s", err)
	}
	key := tmp.(*ed25519pb.Ed25519PrivateKey)
	if err := validateED25519PrivateKey(key); err != nil {
	t.Errorf("invalid private key in test case: %s", err)
	}
	}

	func TestED25519PublicKeyDataBasic(t *testing.T) {
	km, err := registry.GetKeyManager(testutil.ED25519SignerTypeURL)
	if err != nil {
	t.Errorf("cannot obtain ED25519Signer key manager: %s", err)
	}
	pkm, ok := km.(registry.PrivateKeyManager)
	if !ok {
	t.Errorf("cannot obtain private key manager")
	}

	key := testutil.NewED25519PrivateKey()
	serializedKey, _ := proto.Marshal(key)

	pubKeyData, err := pkm.PublicKeyData(serializedKey)
	if err != nil {
	t.Errorf("unexpect error in test case: %s ", err)
	}
	if pubKeyData.TypeUrl != testutil.ED25519VerifierTypeURL {
	t.Errorf("incorrect type url: %s", pubKeyData.TypeUrl)
	}
	if pubKeyData.KeyMaterialType != tinkpb.KeyData_ASYMMETRIC_PUBLIC {
	t.Errorf("incorrect key material type: %d", pubKeyData.KeyMaterialType)
	}
	pubKey := new(ed25519pb.Ed25519PublicKey)
	if err = proto.Unmarshal(pubKeyData.Value, pubKey); err != nil {
	t.Errorf("invalid public key: %s", err)
	}
	}

	func TestED25519PublicKeyDataWithInvalidInput(t *testing.T) {
	km, err := registry.GetKeyManager(testutil.ED25519SignerTypeURL)
	if err != nil {
	t.Errorf("cannot obtain ED25519Signer key manager: %s", err)
	}
	pkm, ok := km.(registry.PrivateKeyManager)
	if !ok {
	t.Errorf("cannot obtain private key manager")
	}
	// modified key
	key := testutil.NewED25519PrivateKey()
	serializedKey, _ := proto.Marshal(key)
	serializedKey[0] = 0
	if _, err := pkm.PublicKeyData(serializedKey); err == nil {
	t.Errorf("expect an error when input is a modified serialized key")
	}
	// invalid with a single byte
	if _, err := pkm.PublicKeyData([]byte{42}); err == nil {
	t.Errorf("expect an error when input is an empty slice")
	}
	}

	func TestED25519KeyMaterialType(t *testing.T) {
	km, err := registry.GetKeyManager(testutil.ED25519SignerTypeURL)
	if err != nil {
	t.Fatalf("registry.GetKeyManager(%q) err = %v, want nil", testutil.ED25519SignerTypeURL, err)
	}
	keyManager, ok := km.(internalregistry.DerivableKeyManager)
	if !ok {
	t.Fatalf("key manager is not DerivableKeyManager")
	}
	if got, want := keyManager.KeyMaterialType(), tinkpb.KeyData_ASYMMETRIC_PRIVATE; got != want {
	t.Errorf("KeyMaterialType() = %v, want %v", got, want)
	}
	}

	func TestED25519DeriveKey(t *testing.T) {
	km, err := registry.GetKeyManager(testutil.ED25519SignerTypeURL)
	if err != nil {
	t.Fatalf("registry.GetKeyManager(%q) err = %v, want nil", testutil.ED25519SignerTypeURL, err)
	}
	keyManager, ok := km.(internalregistry.DerivableKeyManager)
	if !ok {
	t.Fatalf("key manager is not DerivableKeyManager")
	}
	keyFormat, err := proto.Marshal(&ed25519pb.Ed25519KeyFormat{Version: testutil.ED25519SignerKeyVersion})
	if err != nil {
	t.Fatalf("proto.Marshal() err = %v, want nil", err)
	}
	for _, test := range []struct {
	name string
	keyFormat []byte
	}{
	{
	// nil unmarshals to an empty proto, which implies version = 0.
	name: "nil",
	keyFormat: nil,
	},
	{
	// An empty proto implies version = 0.
	name: "empty",
	keyFormat: []byte{},
	},
	{
	name: "specified",
	keyFormat: keyFormat,
	},
	} {
	t.Run(test.name, func(t *testing.T) {
	rand := random.GetRandomBytes(ed25519.SeedSize)
	buf := &bytes.Buffer{}
	buf.Write(rand) // never returns a non-nil error
	k, err := keyManager.DeriveKey(test.keyFormat, buf)
	if err != nil {
	t.Fatalf("keyManager.DeriveKey() err = %v, want nil", err)
	}
	key := k.(*ed25519pb.Ed25519PrivateKey)
	if got, want := len(key.KeyValue), ed25519.SeedSize; got != want {
	t.Errorf("private key length = %d, want %d", got, want)
	}
	if diff := cmp.Diff(key.KeyValue, rand[:ed25519.SeedSize]); diff != "" {
	t.Errorf("incorrect derived private key: diff = %v", diff)
	}
	if got, want := len(key.PublicKey.KeyValue), ed25519.PublicKeySize; got != want {
	t.Errorf("public key length = %d, want %d", got, want)
	}
	if diff := cmp.Diff(key.PublicKey.KeyValue, []byte(ed25519.NewKeyFromSeed(rand))[32:]); diff != "" {
	t.Errorf("incorrect derived public key: diff = %v", diff)
	}
	})
	}
	}

	func TestED25519DeriveKeyFailsWithInvalidKeyFormats(t *testing.T) {
	km, err := registry.GetKeyManager(testutil.ED25519SignerTypeURL)
	if err != nil {
	t.Fatalf("registry.GetKeyManager(%q) err = %v, want nil", testutil.ED25519SignerTypeURL, err)
	}
	keyManager, ok := km.(internalregistry.DerivableKeyManager)
	if !ok {
	t.Fatalf("key manager is not DerivableKeyManager")
	}
	invalidVersion, err := proto.Marshal(&ed25519pb.Ed25519KeyFormat{Version: 10})
	if err != nil {
	t.Fatalf("proto.Marshal() err = %v, want nil", err)
	}
	// Proto messages start with a VarInt, which always ends with a byte with the
	// MSB unset, so 0x80 is invalid.
	invalidSerialization, err := hex.DecodeString("80")
	if err != nil {
	t.Errorf("hex.DecodeString() err = %v, want nil", err)
	}
	for _, test := range []struct {
	name string
	keyFormat []byte
	}{
	{
	name: "invalid version",
	keyFormat: invalidVersion,
	},
	{
	name: "invalid serialization",
	keyFormat: invalidSerialization,
	},
	} {
	t.Run(test.name, func(t *testing.T) {
	buf := bytes.NewBuffer(random.GetRandomBytes(ed25519.SeedSize))
	if _, err := keyManager.DeriveKey(test.keyFormat, buf); err == nil {
	t.Errorf("keyManager.DeriveKey() err = nil, want non-nil")
	}
	})
	}
	}

	func TestED25519DeriveKeyFailsWithInsufficientRandomness(t *testing.T) {
	km, err := registry.GetKeyManager(testutil.ED25519SignerTypeURL)
	if err != nil {
	t.Fatalf("registry.GetKeyManager(%q) err = %v, want nil", testutil.ED25519SignerTypeURL, err)
	}
	keyManager, ok := km.(internalregistry.DerivableKeyManager)
	if !ok {
	t.Fatalf("key manager is not DerivableKeyManager")
	}
	keyFormat, err := proto.Marshal(&ed25519pb.Ed25519KeyFormat{Version: 0})
	if err != nil {
	t.Fatalf("proto.Marshal() err = %v, want nil", err)
	}
	{
	buf := bytes.NewBuffer(random.GetRandomBytes(ed25519.SeedSize))
	if _, err := keyManager.DeriveKey(keyFormat, buf); err != nil {
	t.Errorf("keyManager.DeriveKey() err = %v, want nil", err)
	}
	}
	{
	insufficientBuf := bytes.NewBuffer(random.GetRandomBytes(ed25519.SeedSize - 1))
	if _, err := keyManager.DeriveKey(keyFormat, insufficientBuf); err == nil {
	t.Errorf("keyManager.DeriveKey() err = nil, want non-nil")
	}
	}
	}

	func validateED25519PrivateKey(key *ed25519pb.Ed25519PrivateKey) error {
	if key.Version != testutil.ED25519SignerKeyVersion {
	return fmt.Errorf("incorrect private key's version: expect %d, got %d",
	testutil.ED25519SignerKeyVersion, key.Version)
	}
	publicKey := key.PublicKey
	if publicKey.Version != testutil.ED25519SignerKeyVersion {
	return fmt.Errorf("incorrect public key's version: expect %d, got %d",
	testutil.ED25519SignerKeyVersion, key.Version)
	}

	signer, err := subtle.NewED25519Signer(key.KeyValue)
	if err != nil {
	return fmt.Errorf("unexpected error when creating ED25519Sign: %s", err)
	}

	verifier, err := subtle.NewED25519Verifier(publicKey.KeyValue)
	if err != nil {
	return fmt.Errorf("unexpected error when creating ED25519Verify: %s", err)
	}
	for i := 0; i < 100; i++ {
	data := random.GetRandomBytes(1281)
	signature, err := signer.Sign(data)
	if err != nil {
	return fmt.Errorf("unexpected error when signing: %s", err)
	}

	if err := verifier.Verify(signature, data); err != nil {
	return fmt.Errorf("unexpected error when verifying signature: %s", err)
	}
	}
	return nil
	}