github.com/mmcquillan/packer@v1.1.1-0.20171009221028-c85cf0483a5d/builder/oracle/oci/client/config_test.go (about) 1 package oci 2 3 import ( 4 "crypto/rand" 5 "crypto/rsa" 6 "crypto/x509" 7 "encoding/asn1" 8 "encoding/pem" 9 "os" 10 "reflect" 11 "strings" 12 "testing" 13 ) 14 15 func TestNewConfigMissingFile(t *testing.T) { 16 // WHEN 17 _, err := LoadConfigsFromFile("some/invalid/path") 18 19 // THEN 20 21 if err == nil { 22 t.Error("Expected missing file error") 23 } 24 } 25 26 func TestNewConfigDefaultOnly(t *testing.T) { 27 // GIVEN 28 29 // Get DEFAULT config 30 cfg, keyFile, err := BaseTestConfig() 31 defer os.Remove(keyFile.Name()) 32 33 // Write test config to file 34 f, err := WriteTestConfig(cfg) 35 if err != nil { 36 t.Fatal(err) 37 } 38 defer os.Remove(f.Name()) // clean up 39 40 // WHEN 41 42 // Load configs 43 cfgs, err := LoadConfigsFromFile(f.Name()) 44 if err != nil { 45 t.Fatal(err) 46 } 47 48 // THEN 49 50 if _, ok := cfgs["DEFAULT"]; !ok { 51 t.Fatal("Expected DEFAULT config to exist in map") 52 } 53 } 54 55 func TestNewConfigDefaultsPopulated(t *testing.T) { 56 // GIVEN 57 58 // Get DEFAULT config 59 cfg, keyFile, err := BaseTestConfig() 60 defer os.Remove(keyFile.Name()) 61 62 admin := cfg.Section("ADMIN") 63 admin.NewKey("user", "ocid1.user.oc1..bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb") 64 admin.NewKey("fingerprint", "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11") 65 66 // Write test config to file 67 f, err := WriteTestConfig(cfg) 68 if err != nil { 69 t.Fatal(err) 70 } 71 defer os.Remove(f.Name()) // clean up 72 73 // WHEN 74 75 cfgs, err := LoadConfigsFromFile(f.Name()) 76 adminConfig, ok := cfgs["ADMIN"] 77 78 // THEN 79 80 if !ok { 81 t.Fatal("Expected ADMIN config to exist in map") 82 } 83 84 if adminConfig.Region != "us-phoenix-1" { 85 t.Errorf("Expected 'us-phoenix-1', got '%s'", adminConfig.Region) 86 } 87 } 88 89 func TestNewConfigDefaultsOverridden(t *testing.T) { 90 // GIVEN 91 92 // Get DEFAULT config 93 cfg, keyFile, err := BaseTestConfig() 94 defer os.Remove(keyFile.Name()) 95 96 admin := cfg.Section("ADMIN") 97 admin.NewKey("user", "ocid1.user.oc1..bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb") 98 admin.NewKey("fingerprint", "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11") 99 100 // Write test config to file 101 f, err := WriteTestConfig(cfg) 102 if err != nil { 103 t.Fatal(err) 104 } 105 defer os.Remove(f.Name()) // clean up 106 107 // WHEN 108 109 cfgs, err := LoadConfigsFromFile(f.Name()) 110 adminConfig, ok := cfgs["ADMIN"] 111 112 // THEN 113 114 if !ok { 115 t.Fatal("Expected ADMIN config to exist in map") 116 } 117 118 if adminConfig.Fingerprint != "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11" { 119 t.Errorf("Expected fingerprint '11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11', got '%s'", 120 adminConfig.Fingerprint) 121 } 122 } 123 124 func TestParseEncryptedPrivateKeyValidPassword(t *testing.T) { 125 // Generate private key 126 priv, err := rsa.GenerateKey(rand.Reader, 2014) 127 if err != nil { 128 t.Fatalf("Unexpected generating RSA key: %+v", err) 129 } 130 publicKey := priv.PublicKey 131 132 // ASN.1 DER encoded form 133 privDer := x509.MarshalPKCS1PrivateKey(priv) 134 135 blockType := "RSA PRIVATE KEY" 136 password := []byte("password") 137 cipherType := x509.PEMCipherAES256 138 139 // Encrypt priv with password 140 encryptedPEMBlock, err := x509.EncryptPEMBlock( 141 rand.Reader, 142 blockType, 143 privDer, 144 password, 145 cipherType) 146 if err != nil { 147 t.Fatalf("Unexpected error encryting PEM block: %+v", err) 148 } 149 150 // Parse private key 151 key, err := ParsePrivateKey(pem.EncodeToMemory(encryptedPEMBlock), password) 152 if err != nil { 153 t.Fatalf("unexpected error: %+v", err) 154 } 155 156 // Check we get the same key back 157 if !reflect.DeepEqual(publicKey, key.PublicKey) { 158 t.Errorf("expected public key of encrypted and decrypted key to match") 159 } 160 } 161 162 func TestParseEncryptedPrivateKeyPKCS8(t *testing.T) { 163 // Generate private key 164 priv, err := rsa.GenerateKey(rand.Reader, 2014) 165 if err != nil { 166 t.Fatalf("Unexpected generating RSA key: %+v", err) 167 } 168 publicKey := priv.PublicKey 169 170 // Implements x509.MarshalPKCS8PrivateKey which is not included in the 171 // standard library. 172 pkey := struct { 173 Version int 174 PrivateKeyAlgorithm []asn1.ObjectIdentifier 175 PrivateKey []byte 176 }{ 177 Version: 0, 178 PrivateKeyAlgorithm: []asn1.ObjectIdentifier{{1, 2, 840, 113549, 1, 1, 1}}, 179 PrivateKey: x509.MarshalPKCS1PrivateKey(priv), 180 } 181 privDer, err := asn1.Marshal(pkey) 182 if err != nil { 183 t.Fatalf("Unexpected marshaling RSA key: %+v", err) 184 } 185 186 blockType := "RSA PRIVATE KEY" 187 password := []byte("password") 188 cipherType := x509.PEMCipherAES256 189 190 // Encrypt priv with password 191 encryptedPEMBlock, err := x509.EncryptPEMBlock( 192 rand.Reader, 193 blockType, 194 privDer, 195 password, 196 cipherType) 197 if err != nil { 198 t.Fatalf("Unexpected error encryting PEM block: %+v", err) 199 } 200 201 // Parse private key 202 key, err := ParsePrivateKey(pem.EncodeToMemory(encryptedPEMBlock), password) 203 if err != nil { 204 t.Fatalf("unexpected error: %+v", err) 205 } 206 207 // Check we get the same key back 208 if !reflect.DeepEqual(publicKey, key.PublicKey) { 209 t.Errorf("expected public key of encrypted and decrypted key to match") 210 } 211 } 212 213 func TestParseEncryptedPrivateKeyInvalidPassword(t *testing.T) { 214 // Generate private key 215 priv, err := rsa.GenerateKey(rand.Reader, 2014) 216 if err != nil { 217 t.Fatalf("Unexpected generating RSA key: %+v", err) 218 } 219 220 // ASN.1 DER encoded form 221 privDer := x509.MarshalPKCS1PrivateKey(priv) 222 223 blockType := "RSA PRIVATE KEY" 224 password := []byte("password") 225 cipherType := x509.PEMCipherAES256 226 227 // Encrypt priv with password 228 encryptedPEMBlock, err := x509.EncryptPEMBlock( 229 rand.Reader, 230 blockType, 231 privDer, 232 password, 233 cipherType) 234 if err != nil { 235 t.Fatalf("Unexpected error encrypting PEM block: %+v", err) 236 } 237 238 // Parse private key (with wrong password) 239 _, err = ParsePrivateKey(pem.EncodeToMemory(encryptedPEMBlock), []byte("foo")) 240 if err == nil { 241 t.Fatalf("Expected error, got nil") 242 } 243 244 if !strings.Contains(err.Error(), "decryption password incorrect") { 245 t.Errorf("Expected error to contain 'decryption password incorrect', got %+v", err) 246 } 247 } 248 249 func TestParseEncryptedPrivateKeyInvalidNoPassword(t *testing.T) { 250 // Generate private key 251 priv, err := rsa.GenerateKey(rand.Reader, 2014) 252 if err != nil { 253 t.Fatalf("Unexpected generating RSA key: %+v", err) 254 } 255 256 // ASN.1 DER encoded form 257 privDer := x509.MarshalPKCS1PrivateKey(priv) 258 259 blockType := "RSA PRIVATE KEY" 260 password := []byte("password") 261 cipherType := x509.PEMCipherAES256 262 263 // Encrypt priv with password 264 encryptedPEMBlock, err := x509.EncryptPEMBlock( 265 rand.Reader, 266 blockType, 267 privDer, 268 password, 269 cipherType) 270 if err != nil { 271 t.Fatalf("Unexpected error encrypting PEM block: %+v", err) 272 } 273 274 // Parse private key (with wrong password) 275 _, err = ParsePrivateKey(pem.EncodeToMemory(encryptedPEMBlock), []byte{}) 276 if err == nil { 277 t.Fatalf("Expected error, got nil") 278 } 279 280 if !strings.Contains(err.Error(), "no pass phrase provided") { 281 t.Errorf("Expected error to contain 'no pass phrase provided', got %+v", err) 282 } 283 }