github.phpd.cn/hashicorp/packer@v1.3.2/builder/azure/pkcs12/pkcs8_test.go

github.phpd.cn/hashicorp/packer@v1.3.2/builder/azure/pkcs12/pkcs8_test.go (about)

     1  // Copyright 2016 The Go Authors. All rights reserved.
     2  // Use of this source code is governed by a BSD-style
     3  // license that can be found in the LICENSE file.
     4  package pkcs12
     5  
     6  import (
     7  	"crypto/ecdsa"
     8  	"crypto/elliptic"
     9  	"crypto/rand"
    10  	"crypto/rsa"
    11  	"crypto/x509"
    12  	"encoding/asn1"
    13  	"testing"
    14  )
    15  
    16  func TestRoundTripPkcs8Rsa(t *testing.T) {
    17  	privateKey, err := rsa.GenerateKey(rand.Reader, 512)
    18  	if err != nil {
    19  		t.Fatalf("failed to generate a private key: %s", err)
    20  	}
    21  
    22  	bytes, err := marshalPKCS8PrivateKey(privateKey)
    23  	if err != nil {
    24  		t.Fatalf("failed to marshal private key: %s", err)
    25  	}
    26  
    27  	key, err := x509.ParsePKCS8PrivateKey(bytes)
    28  	if err != nil {
    29  		t.Fatalf("failed to parse private key: %s", err)
    30  	}
    31  
    32  	actualPrivateKey, ok := key.(*rsa.PrivateKey)
    33  	if !ok {
    34  		t.Fatalf("expected key to be of type *rsa.PrivateKey, but actual was %T", key)
    35  	}
    36  
    37  	if actualPrivateKey.Validate() != nil {
    38  		t.Fatalf("private key did not validate")
    39  	}
    40  
    41  	if actualPrivateKey.N.Cmp(privateKey.N) != 0 {
    42  		t.Errorf("private key's N did not round trip")
    43  	}
    44  	if actualPrivateKey.D.Cmp(privateKey.D) != 0 {
    45  		t.Errorf("private key's D did not round trip")
    46  	}
    47  	if actualPrivateKey.E != privateKey.E {
    48  		t.Errorf("private key's E did not round trip")
    49  	}
    50  	if actualPrivateKey.Primes[0].Cmp(privateKey.Primes[0]) != 0 {
    51  		t.Errorf("private key's P did not round trip")
    52  	}
    53  	if actualPrivateKey.Primes[1].Cmp(privateKey.Primes[1]) != 0 {
    54  		t.Errorf("private key's Q did not round trip")
    55  	}
    56  }
    57  
    58  func TestRoundTripPkcs8Ecdsa(t *testing.T) {
    59  	privateKey, err := ecdsa.GenerateKey(elliptic.P224(), rand.Reader)
    60  	if err != nil {
    61  		t.Fatalf("failed to generate a private key: %s", err)
    62  	}
    63  
    64  	bytes, err := marshalPKCS8PrivateKey(privateKey)
    65  	if err != nil {
    66  		t.Fatalf("failed to marshal private key: %s", err)
    67  	}
    68  
    69  	key, err := x509.ParsePKCS8PrivateKey(bytes)
    70  	if err != nil {
    71  		t.Fatalf("failed to parse private key: %s", err)
    72  	}
    73  
    74  	actualPrivateKey, ok := key.(*ecdsa.PrivateKey)
    75  	if !ok {
    76  		t.Fatalf("expected key to be of type *ecdsa.PrivateKey, but actual was %T", key)
    77  	}
    78  
    79  	// sanity check, not exhaustive
    80  	if actualPrivateKey.D.Cmp(privateKey.D) != 0 {
    81  		t.Errorf("private key's D did not round trip")
    82  	}
    83  	if actualPrivateKey.X.Cmp(privateKey.X) != 0 {
    84  		t.Errorf("private key's X did not round trip")
    85  	}
    86  	if actualPrivateKey.Y.Cmp(privateKey.Y) != 0 {
    87  		t.Errorf("private key's Y did not round trip")
    88  	}
    89  	if actualPrivateKey.Curve.Params().B.Cmp(privateKey.Curve.Params().B) != 0 {
    90  		t.Errorf("private key's Curve.B did not round trip")
    91  	}
    92  }
    93  
    94  func TestNullParametersPkcs8Rsa(t *testing.T) {
    95  	privateKey, err := rsa.GenerateKey(rand.Reader, 512)
    96  	if err != nil {
    97  		t.Fatalf("failed to generate a private key: %s", err)
    98  	}
    99  
   100  	checkNullParameter(t, privateKey)
   101  }
   102  
   103  func TestNullParametersPkcs8Ecdsa(t *testing.T) {
   104  	privateKey, err := ecdsa.GenerateKey(elliptic.P224(), rand.Reader)
   105  	if err != nil {
   106  		t.Fatalf("failed to generate a private key: %s", err)
   107  	}
   108  
   109  	checkNullParameter(t, privateKey)
   110  }
   111  
   112  func checkNullParameter(t *testing.T, privateKey interface{}) {
   113  	bytes, err := marshalPKCS8PrivateKey(privateKey)
   114  	if err != nil {
   115  		t.Fatalf("failed to marshal private key: %s", err)
   116  	}
   117  
   118  	var pkcs pkcs8
   119  	rest, err := asn1.Unmarshal(bytes, &pkcs)
   120  	if err != nil {
   121  		t.Fatalf("failed to unmarshal PKCS#8: %s", err)
   122  	}
   123  
   124  	if len(rest) != 0 {
   125  		t.Fatalf("unexpected trailing bytes of len=%d, bytes=%x", len(rest), rest)
   126  	}
   127  
   128  	// Only version == 0 is known and valid
   129  	if pkcs.Version != 0 {
   130  		t.Errorf("expected version=0, but actual=%d", pkcs.Version)
   131  	}
   132  
   133  	// ensure a NULL parameter is inserted
   134  	if pkcs.Algo.Parameters.Tag != 5 {
   135  		t.Errorf("expected parameters to be NULL, but actual tag=%d, class=%d, isCompound=%t, bytes=%x",
   136  			pkcs.Algo.Parameters.Tag,
   137  			pkcs.Algo.Parameters.Class,
   138  			pkcs.Algo.Parameters.IsCompound,
   139  			pkcs.Algo.Parameters.Bytes)
   140  	}
   141  }