github.com/andresvia/terraform@v0.6.15-0.20160412045437-d51c75946785/builtin/providers/tls/resource_private_key_test.go (about) 1 package tls 2 3 import ( 4 "fmt" 5 "strings" 6 "testing" 7 8 r "github.com/hashicorp/terraform/helper/resource" 9 "github.com/hashicorp/terraform/terraform" 10 ) 11 12 func TestPrivateKeyRSA(t *testing.T) { 13 r.Test(t, r.TestCase{ 14 Providers: testProviders, 15 Steps: []r.TestStep{ 16 r.TestStep{ 17 Config: ` 18 resource "tls_private_key" "test" { 19 algorithm = "RSA" 20 } 21 output "private_key_pem" { 22 value = "${tls_private_key.test.private_key_pem}" 23 } 24 output "public_key_pem" { 25 value = "${tls_private_key.test.public_key_pem}" 26 } 27 output "public_key_openssh" { 28 value = "${tls_private_key.test.public_key_openssh}" 29 } 30 `, 31 Check: func(s *terraform.State) error { 32 gotPrivate := s.RootModule().Outputs["private_key_pem"] 33 if !strings.HasPrefix(gotPrivate, "-----BEGIN RSA PRIVATE KEY----") { 34 return fmt.Errorf("private key is missing RSA key PEM preamble") 35 } 36 if len(gotPrivate) > 1700 { 37 return fmt.Errorf("private key PEM looks too long for a 2048-bit key (got %v characters)", len(gotPrivate)) 38 } 39 40 gotPublic := s.RootModule().Outputs["public_key_pem"] 41 if !strings.HasPrefix(gotPublic, "-----BEGIN PUBLIC KEY----") { 42 return fmt.Errorf("public key is missing public key PEM preamble") 43 } 44 45 gotPublicSSH := s.RootModule().Outputs["public_key_openssh"] 46 if !strings.HasPrefix(gotPublicSSH, "ssh-rsa ") { 47 return fmt.Errorf("SSH public key is missing ssh-rsa prefix") 48 } 49 50 return nil 51 }, 52 }, 53 r.TestStep{ 54 Config: ` 55 resource "tls_private_key" "test" { 56 algorithm = "RSA" 57 rsa_bits = 4096 58 } 59 output "key_pem" { 60 value = "${tls_private_key.test.private_key_pem}" 61 } 62 `, 63 Check: func(s *terraform.State) error { 64 got := s.RootModule().Outputs["key_pem"] 65 if !strings.HasPrefix(got, "-----BEGIN RSA PRIVATE KEY----") { 66 return fmt.Errorf("key is missing RSA key PEM preamble") 67 } 68 if len(got) < 1700 { 69 return fmt.Errorf("key PEM looks too short for a 4096-bit key (got %v characters)", len(got)) 70 } 71 return nil 72 }, 73 }, 74 }, 75 }) 76 } 77 78 func TestPrivateKeyECDSA(t *testing.T) { 79 r.Test(t, r.TestCase{ 80 Providers: testProviders, 81 Steps: []r.TestStep{ 82 r.TestStep{ 83 Config: ` 84 resource "tls_private_key" "test" { 85 algorithm = "ECDSA" 86 } 87 output "private_key_pem" { 88 value = "${tls_private_key.test.private_key_pem}" 89 } 90 output "public_key_pem" { 91 value = "${tls_private_key.test.public_key_pem}" 92 } 93 output "public_key_openssh" { 94 value = "${tls_private_key.test.public_key_openssh}" 95 } 96 `, 97 Check: func(s *terraform.State) error { 98 gotPrivate := s.RootModule().Outputs["private_key_pem"] 99 if !strings.HasPrefix(gotPrivate, "-----BEGIN EC PRIVATE KEY----") { 100 return fmt.Errorf("Private key is missing EC key PEM preamble") 101 } 102 103 gotPublic := s.RootModule().Outputs["public_key_pem"] 104 if !strings.HasPrefix(gotPublic, "-----BEGIN PUBLIC KEY----") { 105 return fmt.Errorf("public key is missing public key PEM preamble") 106 } 107 108 gotPublicSSH := s.RootModule().Outputs["public_key_openssh"] 109 if gotPublicSSH != "" { 110 return fmt.Errorf("P224 EC key should not generate OpenSSH public key") 111 } 112 113 return nil 114 }, 115 }, 116 r.TestStep{ 117 Config: ` 118 resource "tls_private_key" "test" { 119 algorithm = "ECDSA" 120 ecdsa_curve = "P256" 121 } 122 output "private_key_pem" { 123 value = "${tls_private_key.test.private_key_pem}" 124 } 125 output "public_key_pem" { 126 value = "${tls_private_key.test.public_key_pem}" 127 } 128 output "public_key_openssh" { 129 value = "${tls_private_key.test.public_key_openssh}" 130 } 131 `, 132 Check: func(s *terraform.State) error { 133 gotPrivate := s.RootModule().Outputs["private_key_pem"] 134 if !strings.HasPrefix(gotPrivate, "-----BEGIN EC PRIVATE KEY----") { 135 return fmt.Errorf("Private key is missing EC key PEM preamble") 136 } 137 138 gotPublic := s.RootModule().Outputs["public_key_pem"] 139 if !strings.HasPrefix(gotPublic, "-----BEGIN PUBLIC KEY----") { 140 return fmt.Errorf("public key is missing public key PEM preamble") 141 } 142 143 gotPublicSSH := s.RootModule().Outputs["public_key_openssh"] 144 if !strings.HasPrefix(gotPublicSSH, "ecdsa-sha2-nistp256 ") { 145 return fmt.Errorf("P256 SSH public key is missing ecdsa prefix") 146 } 147 148 return nil 149 }, 150 }, 151 }, 152 }) 153 }