github.com/aporeto-inc/trireme-lib@v10.358.0+incompatible/controller/pkg/secrets/test_utils.go (about) 1 package secrets 2 3 import ( 4 "crypto/x509" 5 6 "go.aporeto.io/trireme-lib/controller/pkg/claimsheader" 7 "go.aporeto.io/trireme-lib/controller/pkg/pkiverifier" 8 "go.aporeto.io/trireme-lib/utils/crypto" 9 ) 10 11 // Certs 12 var ( 13 CAPEM = `-----BEGIN CERTIFICATE----- 14 MIIBmzCCAUCgAwIBAgIRAIbf7tsXeg6vUJ2pe3WXzgwwCgYIKoZIzj0EAwIwPDEQ 15 MA4GA1UEChMHQXBvcmV0bzEPMA0GA1UECxMGYXBvbXV4MRcwFQYDVQQDEw5BcG9t 16 dXggUm9vdCBDQTAeFw0xODA1MDExODM3MjNaFw0yODAzMDkxODM3MjNaMDwxEDAO 17 BgNVBAoTB0Fwb3JldG8xDzANBgNVBAsTBmFwb211eDEXMBUGA1UEAxMOQXBvbXV4 18 IFJvb3QgQ0EwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQcpOm4VAWyNcI4/WZP 19 qj9EBu5XWQppyG2LoXVYNv1YCfJBFYuVERxVaZEcUJ0ceE/doFyphS1Ohw3QjqDQ 20 xakeoyMwITAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAKBggqhkjO 21 PQQDAgNJADBGAiEA+OL+qkSyXwLu6P/75kXBPo8fFGvXyX2vYis0hUAyHJcCIQCn 22 86EFqkJDkeAguDEKvVtORcnxl+rAP924/PJAHLMh6Q== 23 -----END CERTIFICATE-----` 24 CAKeyPEM = `-----BEGIN EC PRIVATE KEY----- 25 MHcCAQEEILpUWKqL6Sr+HrKDKLHt/vN6EYi22rJKV2q9xgKmiCqioAoGCCqGSM49 26 AwEHoUQDQgAEHKTpuFQFsjXCOP1mT6o/RAbuV1kKachti6F1WDb9WAnyQRWLlREc 27 VWmRHFCdHHhP3aBcqYUtTocN0I6g0MWpHg== 28 -----END EC PRIVATE KEY-----` 29 PrivateKeyPEM = `-----BEGIN EC PRIVATE KEY----- 30 MHcCAQEEIGx017ukBSUSddLXefL/5nxxaRXuM1H/tUxQAYxWBrQtoAoGCCqGSM49 31 AwEHoUQDQgAEZKBbcTmg0hGyVcgsUH7xijvaNOJ3EPM3Oq08VdCBsPNAojAR9wfX 32 KLO/w0SRKj1DL03a9dl1Gwk0r7F0VnPQyw== 33 -----END EC PRIVATE KEY-----` 34 PublicPEM = `-----BEGIN CERTIFICATE----- 35 MIIBsDCCAVagAwIBAgIRAOmitRugFU+nAhiGsp6fYOwwCgYIKoZIzj0EAwIwPDEQ 36 MA4GA1UEChMHQXBvcmV0bzEPMA0GA1UECxMGYXBvbXV4MRcwFQYDVQQDEw5BcG9t 37 dXggUm9vdCBDQTAeFw0xODA1MDExODQwMzFaFw0yODAzMDkxODQwMzFaMDYxETAP 38 BgNVBAoTCHNvbWUgb3JnMRIwEAYDVQQLEwlzb21lLXVuaXQxDTALBgNVBAMTBHRl 39 c3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARkoFtxOaDSEbJVyCxQfvGKO9o0 40 4ncQ8zc6rTxV0IGw80CiMBH3B9cos7/DRJEqPUMvTdr12XUbCTSvsXRWc9DLoz8w 41 PTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMB 42 MAwGA1UdEwEB/wQCMAAwCgYIKoZIzj0EAwIDSAAwRQIgBNYmLdmHI2gKy2NqfSXn 43 MEDF56xWq7son2mcSePvLU8CIQCUxgYfDZDf067Y7vqLw1mWMlSnqECELnq7zel1 44 fXtpyA== 45 -----END CERTIFICATE-----` 46 ) 47 48 // CreateTxtToken creates a transmitter token 49 func CreateTxtToken() []byte { 50 caKey, err := crypto.LoadEllipticCurveKey([]byte(CAKeyPEM)) 51 if err != nil { 52 panic("bad ca key ") 53 } 54 55 clientCert, err := crypto.LoadCertificate([]byte(PublicPEM)) 56 if err != nil { 57 panic("bad client cert ") 58 } 59 60 p := pkiverifier.NewPKIIssuer(caKey) 61 token, err := p.CreateTokenFromCertificate(clientCert, []string{}) 62 if err != nil { 63 panic("can't create token") 64 } 65 return token 66 } 67 68 // CreateCompactPKITestSecrets creates test secrets 69 func CreateCompactPKITestSecrets() (*x509.Certificate, Secrets, error) { 70 txtKey, err := crypto.LoadEllipticCurveKey([]byte(PrivateKeyPEM)) 71 if err != nil { 72 return nil, nil, err 73 } 74 75 cert, err := crypto.LoadCertificate([]byte(PublicPEM)) 76 if err != nil { 77 return nil, nil, err 78 } 79 80 issuer := pkiverifier.NewPKIIssuer(txtKey) 81 txtToken, err := issuer.CreateTokenFromCertificate(cert, []string{}) 82 if err != nil { 83 return nil, nil, err 84 } 85 86 scrts, err := NewCompactPKIWithTokenCA([]byte(PrivateKeyPEM), []byte(PublicPEM), []byte(CAPEM), [][]byte{[]byte(PublicPEM)}, txtToken, claimsheader.CompressionTypeNone) 87 if err != nil { 88 return nil, nil, err 89 } 90 91 return cert, scrts, nil 92 }