github.com/mitchellh/packer@v1.3.2/builder/azure/pkcs12/pkcs8_test.go (about) 1 // Copyright 2016 The Go Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style 3 // license that can be found in the LICENSE file. 4 package pkcs12 5 6 import ( 7 "crypto/ecdsa" 8 "crypto/elliptic" 9 "crypto/rand" 10 "crypto/rsa" 11 "crypto/x509" 12 "encoding/asn1" 13 "testing" 14 ) 15 16 func TestRoundTripPkcs8Rsa(t *testing.T) { 17 privateKey, err := rsa.GenerateKey(rand.Reader, 512) 18 if err != nil { 19 t.Fatalf("failed to generate a private key: %s", err) 20 } 21 22 bytes, err := marshalPKCS8PrivateKey(privateKey) 23 if err != nil { 24 t.Fatalf("failed to marshal private key: %s", err) 25 } 26 27 key, err := x509.ParsePKCS8PrivateKey(bytes) 28 if err != nil { 29 t.Fatalf("failed to parse private key: %s", err) 30 } 31 32 actualPrivateKey, ok := key.(*rsa.PrivateKey) 33 if !ok { 34 t.Fatalf("expected key to be of type *rsa.PrivateKey, but actual was %T", key) 35 } 36 37 if actualPrivateKey.Validate() != nil { 38 t.Fatalf("private key did not validate") 39 } 40 41 if actualPrivateKey.N.Cmp(privateKey.N) != 0 { 42 t.Errorf("private key's N did not round trip") 43 } 44 if actualPrivateKey.D.Cmp(privateKey.D) != 0 { 45 t.Errorf("private key's D did not round trip") 46 } 47 if actualPrivateKey.E != privateKey.E { 48 t.Errorf("private key's E did not round trip") 49 } 50 if actualPrivateKey.Primes[0].Cmp(privateKey.Primes[0]) != 0 { 51 t.Errorf("private key's P did not round trip") 52 } 53 if actualPrivateKey.Primes[1].Cmp(privateKey.Primes[1]) != 0 { 54 t.Errorf("private key's Q did not round trip") 55 } 56 } 57 58 func TestRoundTripPkcs8Ecdsa(t *testing.T) { 59 privateKey, err := ecdsa.GenerateKey(elliptic.P224(), rand.Reader) 60 if err != nil { 61 t.Fatalf("failed to generate a private key: %s", err) 62 } 63 64 bytes, err := marshalPKCS8PrivateKey(privateKey) 65 if err != nil { 66 t.Fatalf("failed to marshal private key: %s", err) 67 } 68 69 key, err := x509.ParsePKCS8PrivateKey(bytes) 70 if err != nil { 71 t.Fatalf("failed to parse private key: %s", err) 72 } 73 74 actualPrivateKey, ok := key.(*ecdsa.PrivateKey) 75 if !ok { 76 t.Fatalf("expected key to be of type *ecdsa.PrivateKey, but actual was %T", key) 77 } 78 79 // sanity check, not exhaustive 80 if actualPrivateKey.D.Cmp(privateKey.D) != 0 { 81 t.Errorf("private key's D did not round trip") 82 } 83 if actualPrivateKey.X.Cmp(privateKey.X) != 0 { 84 t.Errorf("private key's X did not round trip") 85 } 86 if actualPrivateKey.Y.Cmp(privateKey.Y) != 0 { 87 t.Errorf("private key's Y did not round trip") 88 } 89 if actualPrivateKey.Curve.Params().B.Cmp(privateKey.Curve.Params().B) != 0 { 90 t.Errorf("private key's Curve.B did not round trip") 91 } 92 } 93 94 func TestNullParametersPkcs8Rsa(t *testing.T) { 95 privateKey, err := rsa.GenerateKey(rand.Reader, 512) 96 if err != nil { 97 t.Fatalf("failed to generate a private key: %s", err) 98 } 99 100 checkNullParameter(t, privateKey) 101 } 102 103 func TestNullParametersPkcs8Ecdsa(t *testing.T) { 104 privateKey, err := ecdsa.GenerateKey(elliptic.P224(), rand.Reader) 105 if err != nil { 106 t.Fatalf("failed to generate a private key: %s", err) 107 } 108 109 checkNullParameter(t, privateKey) 110 } 111 112 func checkNullParameter(t *testing.T, privateKey interface{}) { 113 bytes, err := marshalPKCS8PrivateKey(privateKey) 114 if err != nil { 115 t.Fatalf("failed to marshal private key: %s", err) 116 } 117 118 var pkcs pkcs8 119 rest, err := asn1.Unmarshal(bytes, &pkcs) 120 if err != nil { 121 t.Fatalf("failed to unmarshal PKCS#8: %s", err) 122 } 123 124 if len(rest) != 0 { 125 t.Fatalf("unexpected trailing bytes of len=%d, bytes=%x", len(rest), rest) 126 } 127 128 // Only version == 0 is known and valid 129 if pkcs.Version != 0 { 130 t.Errorf("expected version=0, but actual=%d", pkcs.Version) 131 } 132 133 // ensure a NULL parameter is inserted 134 if pkcs.Algo.Parameters.Tag != 5 { 135 t.Errorf("expected parameters to be NULL, but actual tag=%d, class=%d, isCompound=%t, bytes=%x", 136 pkcs.Algo.Parameters.Tag, 137 pkcs.Algo.Parameters.Class, 138 pkcs.Algo.Parameters.IsCompound, 139 pkcs.Algo.Parameters.Bytes) 140 } 141 }