github.com/mtsmfm/go/src@v0.0.0-20221020090648-44bdcb9f8fde/crypto/tls/boring_test.go (about)

     1  // Copyright 2017 The Go Authors. All rights reserved.
     2  // Use of this source code is governed by a BSD-style
     3  // license that can be found in the LICENSE file.
     4  
     5  //go:build boringcrypto
     6  
     7  package tls
     8  
     9  import (
    10  	"crypto/ecdsa"
    11  	"crypto/elliptic"
    12  	"crypto/internal/boring/fipstls"
    13  	"crypto/rand"
    14  	"crypto/rsa"
    15  	"crypto/x509"
    16  	"crypto/x509/pkix"
    17  	"encoding/pem"
    18  	"fmt"
    19  	"math/big"
    20  	"net"
    21  	"runtime"
    22  	"strings"
    23  	"testing"
    24  	"time"
    25  )
    26  
    27  func TestBoringServerProtocolVersion(t *testing.T) {
    28  	test := func(name string, v uint16, msg string) {
    29  		t.Run(name, func(t *testing.T) {
    30  			serverConfig := testConfig.Clone()
    31  			serverConfig.MinVersion = VersionSSL30
    32  			clientHello := &clientHelloMsg{
    33  				vers:               v,
    34  				random:             make([]byte, 32),
    35  				cipherSuites:       allCipherSuites(),
    36  				compressionMethods: []uint8{compressionNone},
    37  				supportedVersions:  []uint16{v},
    38  			}
    39  			testClientHelloFailure(t, serverConfig, clientHello, msg)
    40  		})
    41  	}
    42  
    43  	test("VersionTLS10", VersionTLS10, "")
    44  	test("VersionTLS11", VersionTLS11, "")
    45  	test("VersionTLS12", VersionTLS12, "")
    46  	test("VersionTLS13", VersionTLS13, "")
    47  
    48  	fipstls.Force()
    49  	defer fipstls.Abandon()
    50  	test("VersionSSL30", VersionSSL30, "client offered only unsupported versions")
    51  	test("VersionTLS10", VersionTLS10, "client offered only unsupported versions")
    52  	test("VersionTLS11", VersionTLS11, "client offered only unsupported versions")
    53  	test("VersionTLS12", VersionTLS12, "")
    54  	test("VersionTLS13", VersionTLS13, "client offered only unsupported versions")
    55  }
    56  
    57  func isBoringVersion(v uint16) bool {
    58  	return v == VersionTLS12
    59  }
    60  
    61  func isBoringCipherSuite(id uint16) bool {
    62  	switch id {
    63  	case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
    64  		TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
    65  		TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
    66  		TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
    67  		TLS_RSA_WITH_AES_128_GCM_SHA256,
    68  		TLS_RSA_WITH_AES_256_GCM_SHA384:
    69  		return true
    70  	}
    71  	return false
    72  }
    73  
    74  func isBoringCurve(id CurveID) bool {
    75  	switch id {
    76  	case CurveP256, CurveP384, CurveP521:
    77  		return true
    78  	}
    79  	return false
    80  }
    81  
    82  func isECDSA(id uint16) bool {
    83  	for _, suite := range cipherSuites {
    84  		if suite.id == id {
    85  			return suite.flags&suiteECSign == suiteECSign
    86  		}
    87  	}
    88  	panic(fmt.Sprintf("unknown cipher suite %#x", id))
    89  }
    90  
    91  func isBoringSignatureScheme(alg SignatureScheme) bool {
    92  	switch alg {
    93  	default:
    94  		return false
    95  	case PKCS1WithSHA256,
    96  		ECDSAWithP256AndSHA256,
    97  		PKCS1WithSHA384,
    98  		ECDSAWithP384AndSHA384,
    99  		PKCS1WithSHA512,
   100  		ECDSAWithP521AndSHA512,
   101  		PSSWithSHA256,
   102  		PSSWithSHA384,
   103  		PSSWithSHA512:
   104  		// ok
   105  	}
   106  	return true
   107  }
   108  
   109  func TestBoringServerCipherSuites(t *testing.T) {
   110  	serverConfig := testConfig.Clone()
   111  	serverConfig.CipherSuites = allCipherSuites()
   112  	serverConfig.Certificates = make([]Certificate, 1)
   113  
   114  	for _, id := range allCipherSuites() {
   115  		if isECDSA(id) {
   116  			serverConfig.Certificates[0].Certificate = [][]byte{testECDSACertificate}
   117  			serverConfig.Certificates[0].PrivateKey = testECDSAPrivateKey
   118  		} else {
   119  			serverConfig.Certificates[0].Certificate = [][]byte{testRSACertificate}
   120  			serverConfig.Certificates[0].PrivateKey = testRSAPrivateKey
   121  		}
   122  		serverConfig.BuildNameToCertificate()
   123  		t.Run(fmt.Sprintf("suite=%#x", id), func(t *testing.T) {
   124  			clientHello := &clientHelloMsg{
   125  				vers:               VersionTLS12,
   126  				random:             make([]byte, 32),
   127  				cipherSuites:       []uint16{id},
   128  				compressionMethods: []uint8{compressionNone},
   129  				supportedCurves:    defaultCurvePreferences,
   130  				supportedPoints:    []uint8{pointFormatUncompressed},
   131  			}
   132  
   133  			testClientHello(t, serverConfig, clientHello)
   134  			t.Run("fipstls", func(t *testing.T) {
   135  				fipstls.Force()
   136  				defer fipstls.Abandon()
   137  				msg := ""
   138  				if !isBoringCipherSuite(id) {
   139  					msg = "no cipher suite supported by both client and server"
   140  				}
   141  				testClientHelloFailure(t, serverConfig, clientHello, msg)
   142  			})
   143  		})
   144  	}
   145  }
   146  
   147  func TestBoringServerCurves(t *testing.T) {
   148  	serverConfig := testConfig.Clone()
   149  	serverConfig.Certificates = make([]Certificate, 1)
   150  	serverConfig.Certificates[0].Certificate = [][]byte{testECDSACertificate}
   151  	serverConfig.Certificates[0].PrivateKey = testECDSAPrivateKey
   152  	serverConfig.BuildNameToCertificate()
   153  
   154  	for _, curveid := range defaultCurvePreferences {
   155  		t.Run(fmt.Sprintf("curve=%d", curveid), func(t *testing.T) {
   156  			clientHello := &clientHelloMsg{
   157  				vers:               VersionTLS12,
   158  				random:             make([]byte, 32),
   159  				cipherSuites:       []uint16{TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256},
   160  				compressionMethods: []uint8{compressionNone},
   161  				supportedCurves:    []CurveID{curveid},
   162  				supportedPoints:    []uint8{pointFormatUncompressed},
   163  			}
   164  
   165  			testClientHello(t, serverConfig, clientHello)
   166  
   167  			// With fipstls forced, bad curves should be rejected.
   168  			t.Run("fipstls", func(t *testing.T) {
   169  				fipstls.Force()
   170  				defer fipstls.Abandon()
   171  				msg := ""
   172  				if !isBoringCurve(curveid) {
   173  					msg = "no cipher suite supported by both client and server"
   174  				}
   175  				testClientHelloFailure(t, serverConfig, clientHello, msg)
   176  			})
   177  		})
   178  	}
   179  }
   180  
   181  func boringHandshake(t *testing.T, clientConfig, serverConfig *Config) (clientErr, serverErr error) {
   182  	c, s := localPipe(t)
   183  	client := Client(c, clientConfig)
   184  	server := Server(s, serverConfig)
   185  	done := make(chan error, 1)
   186  	go func() {
   187  		done <- client.Handshake()
   188  		c.Close()
   189  	}()
   190  	serverErr = server.Handshake()
   191  	s.Close()
   192  	clientErr = <-done
   193  	return
   194  }
   195  
   196  func TestBoringServerSignatureAndHash(t *testing.T) {
   197  	defer func() {
   198  		testingOnlyForceClientHelloSignatureAlgorithms = nil
   199  	}()
   200  
   201  	for _, sigHash := range defaultSupportedSignatureAlgorithms {
   202  		t.Run(fmt.Sprintf("%#x", sigHash), func(t *testing.T) {
   203  			serverConfig := testConfig.Clone()
   204  			serverConfig.Certificates = make([]Certificate, 1)
   205  
   206  			testingOnlyForceClientHelloSignatureAlgorithms = []SignatureScheme{sigHash}
   207  
   208  			sigType, _, _ := typeAndHashFromSignatureScheme(sigHash)
   209  			switch sigType {
   210  			case signaturePKCS1v15, signatureRSAPSS:
   211  				serverConfig.CipherSuites = []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256}
   212  				serverConfig.Certificates[0].Certificate = [][]byte{testRSA2048Certificate}
   213  				serverConfig.Certificates[0].PrivateKey = testRSA2048PrivateKey
   214  			case signatureEd25519:
   215  				serverConfig.CipherSuites = []uint16{TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256}
   216  				serverConfig.Certificates[0].Certificate = [][]byte{testEd25519Certificate}
   217  				serverConfig.Certificates[0].PrivateKey = testEd25519PrivateKey
   218  			case signatureECDSA:
   219  				serverConfig.CipherSuites = []uint16{TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256}
   220  				serverConfig.Certificates[0].Certificate = [][]byte{testECDSACertificate}
   221  				serverConfig.Certificates[0].PrivateKey = testECDSAPrivateKey
   222  			}
   223  			serverConfig.BuildNameToCertificate()
   224  			// PKCS#1 v1.5 signature algorithms can't be used standalone in TLS
   225  			// 1.3, and the ECDSA ones bind to the curve used.
   226  			serverConfig.MaxVersion = VersionTLS12
   227  
   228  			clientErr, serverErr := boringHandshake(t, testConfig, serverConfig)
   229  			if clientErr != nil {
   230  				t.Fatalf("expected handshake with %#x to succeed; client error: %v; server error: %v", sigHash, clientErr, serverErr)
   231  			}
   232  
   233  			// With fipstls forced, bad curves should be rejected.
   234  			t.Run("fipstls", func(t *testing.T) {
   235  				fipstls.Force()
   236  				defer fipstls.Abandon()
   237  				clientErr, _ := boringHandshake(t, testConfig, serverConfig)
   238  				if isBoringSignatureScheme(sigHash) {
   239  					if clientErr != nil {
   240  						t.Fatalf("expected handshake with %#x to succeed; err=%v", sigHash, clientErr)
   241  					}
   242  				} else {
   243  					if clientErr == nil {
   244  						t.Fatalf("expected handshake with %#x to fail, but it succeeded", sigHash)
   245  					}
   246  				}
   247  			})
   248  		})
   249  	}
   250  }
   251  
   252  func TestBoringClientHello(t *testing.T) {
   253  	// Test that no matter what we put in the client config,
   254  	// the client does not offer non-FIPS configurations.
   255  	fipstls.Force()
   256  	defer fipstls.Abandon()
   257  
   258  	c, s := net.Pipe()
   259  	defer c.Close()
   260  	defer s.Close()
   261  
   262  	clientConfig := testConfig.Clone()
   263  	// All sorts of traps for the client to avoid.
   264  	clientConfig.MinVersion = VersionSSL30
   265  	clientConfig.MaxVersion = VersionTLS13
   266  	clientConfig.CipherSuites = allCipherSuites()
   267  	clientConfig.CurvePreferences = defaultCurvePreferences
   268  
   269  	go Client(c, clientConfig).Handshake()
   270  	srv := Server(s, testConfig)
   271  	msg, err := srv.readHandshake()
   272  	if err != nil {
   273  		t.Fatal(err)
   274  	}
   275  	hello, ok := msg.(*clientHelloMsg)
   276  	if !ok {
   277  		t.Fatalf("unexpected message type %T", msg)
   278  	}
   279  
   280  	if !isBoringVersion(hello.vers) {
   281  		t.Errorf("client vers=%#x, want %#x (TLS 1.2)", hello.vers, VersionTLS12)
   282  	}
   283  	for _, v := range hello.supportedVersions {
   284  		if !isBoringVersion(v) {
   285  			t.Errorf("client offered disallowed version %#x", v)
   286  		}
   287  	}
   288  	for _, id := range hello.cipherSuites {
   289  		if !isBoringCipherSuite(id) {
   290  			t.Errorf("client offered disallowed suite %#x", id)
   291  		}
   292  	}
   293  	for _, id := range hello.supportedCurves {
   294  		if !isBoringCurve(id) {
   295  			t.Errorf("client offered disallowed curve %d", id)
   296  		}
   297  	}
   298  	for _, sigHash := range hello.supportedSignatureAlgorithms {
   299  		if !isBoringSignatureScheme(sigHash) {
   300  			t.Errorf("client offered disallowed signature-and-hash %v", sigHash)
   301  		}
   302  	}
   303  }
   304  
   305  func TestBoringCertAlgs(t *testing.T) {
   306  	// NaCl, arm and wasm time out generating keys. Nothing in this test is architecture-specific, so just don't bother on those.
   307  	if runtime.GOOS == "nacl" || runtime.GOARCH == "arm" || runtime.GOOS == "js" {
   308  		t.Skipf("skipping on %s/%s because key generation takes too long", runtime.GOOS, runtime.GOARCH)
   309  	}
   310  
   311  	// Set up some roots, intermediate CAs, and leaf certs with various algorithms.
   312  	// X_Y is X signed by Y.
   313  	R1 := boringCert(t, "R1", boringRSAKey(t, 2048), nil, boringCertCA|boringCertFIPSOK)
   314  	R2 := boringCert(t, "R2", boringRSAKey(t, 4096), nil, boringCertCA)
   315  
   316  	M1_R1 := boringCert(t, "M1_R1", boringECDSAKey(t, elliptic.P256()), R1, boringCertCA|boringCertFIPSOK)
   317  	M2_R1 := boringCert(t, "M2_R1", boringECDSAKey(t, elliptic.P224()), R1, boringCertCA)
   318  
   319  	I_R1 := boringCert(t, "I_R1", boringRSAKey(t, 3072), R1, boringCertCA|boringCertFIPSOK)
   320  	I_R2 := boringCert(t, "I_R2", I_R1.key, R2, boringCertCA|boringCertFIPSOK)
   321  	I_M1 := boringCert(t, "I_M1", I_R1.key, M1_R1, boringCertCA|boringCertFIPSOK)
   322  	I_M2 := boringCert(t, "I_M2", I_R1.key, M2_R1, boringCertCA|boringCertFIPSOK)
   323  
   324  	L1_I := boringCert(t, "L1_I", boringECDSAKey(t, elliptic.P384()), I_R1, boringCertLeaf|boringCertFIPSOK)
   325  	L2_I := boringCert(t, "L2_I", boringRSAKey(t, 1024), I_R1, boringCertLeaf)
   326  
   327  	// client verifying server cert
   328  	testServerCert := func(t *testing.T, desc string, pool *x509.CertPool, key interface{}, list [][]byte, ok bool) {
   329  		clientConfig := testConfig.Clone()
   330  		clientConfig.RootCAs = pool
   331  		clientConfig.InsecureSkipVerify = false
   332  		clientConfig.ServerName = "example.com"
   333  
   334  		serverConfig := testConfig.Clone()
   335  		serverConfig.Certificates = []Certificate{{Certificate: list, PrivateKey: key}}
   336  		serverConfig.BuildNameToCertificate()
   337  
   338  		clientErr, _ := boringHandshake(t, clientConfig, serverConfig)
   339  
   340  		if (clientErr == nil) == ok {
   341  			if ok {
   342  				t.Logf("%s: accept", desc)
   343  			} else {
   344  				t.Logf("%s: reject", desc)
   345  			}
   346  		} else {
   347  			if ok {
   348  				t.Errorf("%s: BAD reject (%v)", desc, clientErr)
   349  			} else {
   350  				t.Errorf("%s: BAD accept", desc)
   351  			}
   352  		}
   353  	}
   354  
   355  	// server verifying client cert
   356  	testClientCert := func(t *testing.T, desc string, pool *x509.CertPool, key interface{}, list [][]byte, ok bool) {
   357  		clientConfig := testConfig.Clone()
   358  		clientConfig.ServerName = "example.com"
   359  		clientConfig.Certificates = []Certificate{{Certificate: list, PrivateKey: key}}
   360  
   361  		serverConfig := testConfig.Clone()
   362  		serverConfig.ClientCAs = pool
   363  		serverConfig.ClientAuth = RequireAndVerifyClientCert
   364  
   365  		_, serverErr := boringHandshake(t, clientConfig, serverConfig)
   366  
   367  		if (serverErr == nil) == ok {
   368  			if ok {
   369  				t.Logf("%s: accept", desc)
   370  			} else {
   371  				t.Logf("%s: reject", desc)
   372  			}
   373  		} else {
   374  			if ok {
   375  				t.Errorf("%s: BAD reject (%v)", desc, serverErr)
   376  			} else {
   377  				t.Errorf("%s: BAD accept", desc)
   378  			}
   379  		}
   380  	}
   381  
   382  	// Run simple basic test with known answers before proceeding to
   383  	// exhaustive test with computed answers.
   384  	r1pool := x509.NewCertPool()
   385  	r1pool.AddCert(R1.cert)
   386  	testServerCert(t, "basic", r1pool, L2_I.key, [][]byte{L2_I.der, I_R1.der}, true)
   387  	testClientCert(t, "basic (client cert)", r1pool, L2_I.key, [][]byte{L2_I.der, I_R1.der}, true)
   388  	fipstls.Force()
   389  	testServerCert(t, "basic (fips)", r1pool, L2_I.key, [][]byte{L2_I.der, I_R1.der}, false)
   390  	testClientCert(t, "basic (fips, client cert)", r1pool, L2_I.key, [][]byte{L2_I.der, I_R1.der}, false)
   391  	fipstls.Abandon()
   392  
   393  	if t.Failed() {
   394  		t.Fatal("basic test failed, skipping exhaustive test")
   395  	}
   396  
   397  	if testing.Short() {
   398  		t.Logf("basic test passed; skipping exhaustive test in -short mode")
   399  		return
   400  	}
   401  
   402  	for l := 1; l <= 2; l++ {
   403  		leaf := L1_I
   404  		if l == 2 {
   405  			leaf = L2_I
   406  		}
   407  		for i := 0; i < 64; i++ {
   408  			reachable := map[string]bool{leaf.parentOrg: true}
   409  			reachableFIPS := map[string]bool{leaf.parentOrg: leaf.fipsOK}
   410  			list := [][]byte{leaf.der}
   411  			listName := leaf.name
   412  			addList := func(cond int, c *boringCertificate) {
   413  				if cond != 0 {
   414  					list = append(list, c.der)
   415  					listName += "," + c.name
   416  					if reachable[c.org] {
   417  						reachable[c.parentOrg] = true
   418  					}
   419  					if reachableFIPS[c.org] && c.fipsOK {
   420  						reachableFIPS[c.parentOrg] = true
   421  					}
   422  				}
   423  			}
   424  			addList(i&1, I_R1)
   425  			addList(i&2, I_R2)
   426  			addList(i&4, I_M1)
   427  			addList(i&8, I_M2)
   428  			addList(i&16, M1_R1)
   429  			addList(i&32, M2_R1)
   430  
   431  			for r := 1; r <= 3; r++ {
   432  				pool := x509.NewCertPool()
   433  				rootName := ","
   434  				shouldVerify := false
   435  				shouldVerifyFIPS := false
   436  				addRoot := func(cond int, c *boringCertificate) {
   437  					if cond != 0 {
   438  						rootName += "," + c.name
   439  						pool.AddCert(c.cert)
   440  						if reachable[c.org] {
   441  							shouldVerify = true
   442  						}
   443  						if reachableFIPS[c.org] && c.fipsOK {
   444  							shouldVerifyFIPS = true
   445  						}
   446  					}
   447  				}
   448  				addRoot(r&1, R1)
   449  				addRoot(r&2, R2)
   450  				rootName = rootName[1:] // strip leading comma
   451  				testServerCert(t, listName+"->"+rootName[1:], pool, leaf.key, list, shouldVerify)
   452  				testClientCert(t, listName+"->"+rootName[1:]+"(client cert)", pool, leaf.key, list, shouldVerify)
   453  				fipstls.Force()
   454  				testServerCert(t, listName+"->"+rootName[1:]+" (fips)", pool, leaf.key, list, shouldVerifyFIPS)
   455  				testClientCert(t, listName+"->"+rootName[1:]+" (fips, client cert)", pool, leaf.key, list, shouldVerifyFIPS)
   456  				fipstls.Abandon()
   457  			}
   458  		}
   459  	}
   460  }
   461  
   462  const (
   463  	boringCertCA = iota
   464  	boringCertLeaf
   465  	boringCertFIPSOK = 0x80
   466  )
   467  
   468  func boringRSAKey(t *testing.T, size int) *rsa.PrivateKey {
   469  	k, err := rsa.GenerateKey(rand.Reader, size)
   470  	if err != nil {
   471  		t.Fatal(err)
   472  	}
   473  	return k
   474  }
   475  
   476  func boringECDSAKey(t *testing.T, curve elliptic.Curve) *ecdsa.PrivateKey {
   477  	k, err := ecdsa.GenerateKey(curve, rand.Reader)
   478  	if err != nil {
   479  		t.Fatal(err)
   480  	}
   481  	return k
   482  }
   483  
   484  type boringCertificate struct {
   485  	name      string
   486  	org       string
   487  	parentOrg string
   488  	der       []byte
   489  	cert      *x509.Certificate
   490  	key       interface{}
   491  	fipsOK    bool
   492  }
   493  
   494  func boringCert(t *testing.T, name string, key interface{}, parent *boringCertificate, mode int) *boringCertificate {
   495  	org := name
   496  	parentOrg := ""
   497  	if i := strings.Index(org, "_"); i >= 0 {
   498  		org = org[:i]
   499  		parentOrg = name[i+1:]
   500  	}
   501  	tmpl := &x509.Certificate{
   502  		SerialNumber: big.NewInt(1),
   503  		Subject: pkix.Name{
   504  			Organization: []string{org},
   505  		},
   506  		NotBefore: time.Unix(0, 0),
   507  		NotAfter:  time.Unix(0, 0),
   508  
   509  		KeyUsage:              x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature,
   510  		ExtKeyUsage:           []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth, x509.ExtKeyUsageClientAuth},
   511  		BasicConstraintsValid: true,
   512  	}
   513  	if mode&^boringCertFIPSOK == boringCertLeaf {
   514  		tmpl.DNSNames = []string{"example.com"}
   515  	} else {
   516  		tmpl.IsCA = true
   517  		tmpl.KeyUsage |= x509.KeyUsageCertSign
   518  	}
   519  
   520  	var pcert *x509.Certificate
   521  	var pkey interface{}
   522  	if parent != nil {
   523  		pcert = parent.cert
   524  		pkey = parent.key
   525  	} else {
   526  		pcert = tmpl
   527  		pkey = key
   528  	}
   529  
   530  	var pub interface{}
   531  	switch k := key.(type) {
   532  	case *rsa.PrivateKey:
   533  		pub = &k.PublicKey
   534  	case *ecdsa.PrivateKey:
   535  		pub = &k.PublicKey
   536  	default:
   537  		t.Fatalf("invalid key %T", key)
   538  	}
   539  
   540  	der, err := x509.CreateCertificate(rand.Reader, tmpl, pcert, pub, pkey)
   541  	if err != nil {
   542  		t.Fatal(err)
   543  	}
   544  	cert, err := x509.ParseCertificate(der)
   545  	if err != nil {
   546  		t.Fatal(err)
   547  	}
   548  
   549  	fipsOK := mode&boringCertFIPSOK != 0
   550  	return &boringCertificate{name, org, parentOrg, der, cert, key, fipsOK}
   551  }
   552  
   553  // A self-signed test certificate with an RSA key of size 2048, for testing
   554  // RSA-PSS with SHA512. SAN of example.golang.
   555  var (
   556  	testRSA2048Certificate []byte
   557  	testRSA2048PrivateKey  *rsa.PrivateKey
   558  )
   559  
   560  func init() {
   561  	block, _ := pem.Decode([]byte(`
   562  -----BEGIN CERTIFICATE-----
   563  MIIC/zCCAeegAwIBAgIRALHHX/kh4+4zMU9DarzBEcQwDQYJKoZIhvcNAQELBQAw
   564  EjEQMA4GA1UEChMHQWNtZSBDbzAeFw0xMTAxMDExNTA0MDVaFw0yMDEyMjkxNTA0
   565  MDVaMBIxEDAOBgNVBAoTB0FjbWUgQ28wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
   566  ggEKAoIBAQCf8fk0N6ieCBX4IOVIfKitt4kGcOQLeimCfsjqqHcysMIVGEtFSM6E
   567  4Ay141f/7IqdW0UtIqNb4PXhROID7yDxR284xL6XbCuv/t5hP3UcehYc3hmLiyVd
   568  MkZQiZWtfUUJf/1qOtM+ohNg59LRWp4d+6iX0la1JL3EwCIckkNjJ9hQbF7Pb2CS
   569  +ES9Yo55KAap8KOblpcR8MBSN38bqnwjfQdCXvOEOjam2HUxKzEFX5MA+fA0me4C
   570  ioCcCRLWKl+GoN9F8fABfoZ+T+2eal4DLuO95rXR8SrOIVBh3XFOr/RVhjtXcNVF
   571  ZKcvDt6d68V6jAKAYKm5nlj9GPpd4v+rAgMBAAGjUDBOMA4GA1UdDwEB/wQEAwIF
   572  oDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAAMBkGA1UdEQQSMBCC
   573  DmV4YW1wbGUuZ29sYW5nMA0GCSqGSIb3DQEBCwUAA4IBAQCOoYsVcFCBhboqe3WH
   574  dC6V7XXXECmnjh01r8h80yv0NR379nSD3cw2M+HKvaXysWqrl5hjGVKw0vtwD81r
   575  V4JzDu7IfIog5m8+QNC+7LqDZsz88vDKOrsoySVOmUCgmCKFXew+LA+eO/iQEJTr
   576  7ensddOeXJEp27Ed5vW+kmWW3Qmglc2Gwy8wFrMDIqnrnOzBA4oCnDEgtXJt0zog
   577  nRwbfEMAWi1aQRy5dT9KA3SP9mo5SeTFSzGGHiE4s4gHUe7jvsAFF2qgtD6+wH6s
   578  z9b6shxnC7g5IlBKhI7SVB/Uqt2ydJ+kH1YbjMcIq6NAM5eNMKgZuJr3+zwsSgwh
   579  GNaE
   580  -----END CERTIFICATE-----`))
   581  	testRSA2048Certificate = block.Bytes
   582  
   583  	block, _ = pem.Decode([]byte(`
   584  -----BEGIN RSA PRIVATE KEY-----
   585  MIIEpAIBAAKCAQEAn/H5NDeonggV+CDlSHyorbeJBnDkC3opgn7I6qh3MrDCFRhL
   586  RUjOhOAMteNX/+yKnVtFLSKjW+D14UTiA+8g8UdvOMS+l2wrr/7eYT91HHoWHN4Z
   587  i4slXTJGUImVrX1FCX/9ajrTPqITYOfS0VqeHfuol9JWtSS9xMAiHJJDYyfYUGxe
   588  z29gkvhEvWKOeSgGqfCjm5aXEfDAUjd/G6p8I30HQl7zhDo2pth1MSsxBV+TAPnw
   589  NJnuAoqAnAkS1ipfhqDfRfHwAX6Gfk/tnmpeAy7jvea10fEqziFQYd1xTq/0VYY7
   590  V3DVRWSnLw7enevFeowCgGCpuZ5Y/Rj6XeL/qwIDAQABAoIBAQCNpMZifd/vg42h
   591  HdCvLuZaYS0R7SunFlpoXEsltGdLFsnp0IfoJZ/ugFQBSAIIfLwMumU6oXA1z7Uv
   592  98aIYV61DePrTCDVDFBsHbNmP8JAo8WtbusEbwd5zyoB7LYG2+clkJklWE73KqUq
   593  rmI+UJeyScl2Gin7ZTxBXz1WPBk9VwcnwkeaXpgASIBW23fhECM9gnYEEwaBez5T
   594  6Me8d1tHtYQv7vsKe7ro9w9/HKrRXejqYKK1LxkhfFriyV+m8LZJZn2nXOa6G3gF
   595  Nb8Qk1Uk5PUBENBmyMFJhT4M/uuSq4YtMrrO2gi8Q+fPhuGzc5SshYKRBp0W4P5r
   596  mtVCtEFRAoGBAMENBIFLrV2+HsGj0xYFasKov/QPe6HSTR1Hh2IZONp+oK4oszWE
   597  jBT4VcnITmpl6tC1Wy4GcrxjNgKIFZAj+1x1LUULdorXkuG8yr0tAhG9zNyfWsSy
   598  PrSovC0UVbzr8Jxxla+kQVxEQQqWQxPlEVuL8kXaIDA6Lyt1Hpua2LvPAoGBANQZ
   599  c6Lq2T7+BxLxNdi2m8kZzej5kgzBp/XdVsbFWRlebIX2KrFHsrHzT9PUk3DE1vZK
   600  M6pzTt94nQhWSkDgCaw1SohElJ3HFIFwcusF1SJAc3pQepd8ug6IYdlpDMLtBj/P
   601  /5P6BVUtgo05E4+I/T3iYatmglQxTtlZ0RkSV2llAoGBALOXkKFX7ahPvf0WksDh
   602  uTfuFOTPoowgQG0EpgW0wRdCxeg/JLic3lSD0gsttQV2WsRecryWcxaelRg10RmO
   603  38BbogmhaF4xvgsSvujOfiZTE8oK1T43M+6NKsIlML3YILbpU/9aJxPWy0s2DqDr
   604  cQJhZrlk+pzjBA7Bnf/URdwxAoGAKR/CNw14D+mrL3YLbbiCXiydqxVwxv5pdZdz
   605  8thi3TNcsWC4iGURdcVqbfUinVPdJiXe/Kac3WGCeRJaFVgbKAOxLti1RB5MkIhg
   606  D8eyupBqk4W1L1gkrxqsdj4TFlxkwMywjl2E2S4YyQ8PBt6V04DoVRZsIKzqz+PF
   607  UionPq0CgYBCYXvqioJhPewkOq/Y5wrDBeZW1FQK5QD9W5M8/5zxd4rdvJtjhbJp
   608  oOrtvMdrl6upy9Hz4BJD3FXwVFiPFE7jqeNqi0F21viLxBPMMD3UODF6LL5EyLiR
   609  9V4xVMS8KXxvg7rxsuqzMPscViaWUL6WNVBhsD2+92dHxSXzz5EJKQ==
   610  -----END RSA PRIVATE KEY-----`))
   611  	var err error
   612  	testRSA2048PrivateKey, err = x509.ParsePKCS1PrivateKey(block.Bytes)
   613  	if err != nil {
   614  		panic(err)
   615  	}
   616  }