sigs.k8s.io/cluster-api@v1.7.1/util/certs/certs_test.go (about) 1 /* 2 Copyright 2020 The Kubernetes Authors. 3 4 Licensed under the Apache License, Version 2.0 (the "License"); 5 you may not use this file except in compliance with the License. 6 You may obtain a copy of the License at 7 8 http://www.apache.org/licenses/LICENSE-2.0 9 10 Unless required by applicable law or agreed to in writing, software 11 distributed under the License is distributed on an "AS IS" BASIS, 12 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 See the License for the specific language governing permissions and 14 limitations under the License. 15 */ 16 17 package certs 18 19 import ( 20 "testing" 21 22 . "github.com/onsi/gomega" 23 ) 24 25 type decodeTest struct { 26 name string 27 key []byte 28 expectError bool 29 } 30 31 func TestDecodePrivateKeyPEM(t *testing.T) { 32 cases := []decodeTest{ 33 { 34 name: "successfully processes PKCS1 private key", 35 key: []byte(` 36 -----BEGIN RSA PRIVATE KEY----- 37 MIICXAIBAAKBgQCgcTrC6rTj6KV5GeUyEODguAY+RMxX0ZzskOZBUFuUn1ADj7qK 38 vdfF9WHetcvvnnZ+XuCWrHcoRRIiO5Ikpnz0H54J9Zdy5UAIqkGCOIEdhAVDvLBe 39 oJ7G2x11Lyz/us7EekqNeguZ9xJ+efjWsuPwYxo8iWluR3jcIA3NK5QCLQIDAQAB 40 AoGBAIr1xwkvM4D57OfYb9RPHhZEDNQ9ziZ5nEqgrW0AZnFxEmIjSFQGXS5Ne3jj 41 SEC/pK2LC0Y1FfdA65XOtqMbt7hx3QqjBYIu01AyQGYnrSsiSPdLf4RZviEmZ19n 42 kuZKKI6TjLXG9LfZO9/x3bYJeHa+rgZoSYK/JEUznIn768/BAkEAzKtZhwLH3zcI 43 mFyOYjIk2pFauz5tt/9pdXOFHRFS3KKsIrbI2NZd5C5dVp5mnRZ27H4g9HZGurxy 44 3zWfcrRQ1QJBAMiuUH5iIcWdoRJsgUgCmCYsaynzZgLecEF7VOlRWHiJ60bwNZTG 45 p0TkEewdmPogbCmaAEtovsBFuQ4JCIxVV/kCQFFn+iUUOxGSny2S6uMt1LDGzdLa 46 IuPjiDu6JgEIye+OGG96SmrM4O2Ib4GrYV8r90Nba5owjTNrDzmu52vFQr0CQDE9 47 3JB2YdUMraZIq5xQzqanRZBgogpYLHFU4uvxQuUo6mtYq70a1ZZo5CDszkmpxQCc 48 QjA+vneNZDAWdVuB4XkCQHjO1CcHKWlihm/xmXDVQKK4oWrNrs6MddLwJ6vAZBAw 49 I8eun6k9HNyEieJTVaB9AVnykoZ78UbCQaipm9W7i4Q= 50 -----END RSA PRIVATE KEY----- 51 `), 52 }, 53 { 54 name: "successfully processes PKCS8 private key", 55 key: []byte(` 56 -----BEGIN PRIVATE KEY----- 57 MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAKBxOsLqtOPopXkZ 58 5TIQ4OC4Bj5EzFfRnOyQ5kFQW5SfUAOPuoq918X1Yd61y++edn5e4JasdyhFEiI7 59 kiSmfPQfngn1l3LlQAiqQYI4gR2EBUO8sF6gnsbbHXUvLP+6zsR6So16C5n3En55 60 +Nay4/BjGjyJaW5HeNwgDc0rlAItAgMBAAECgYEAivXHCS8zgPns59hv1E8eFkQM 61 1D3OJnmcSqCtbQBmcXESYiNIVAZdLk17eONIQL+krYsLRjUV90Drlc62oxu3uHHd 62 CqMFgi7TUDJAZietKyJI90t/hFm+ISZnX2eS5koojpOMtcb0t9k73/Hdtgl4dr6u 63 BmhJgr8kRTOcifvrz8ECQQDMq1mHAsffNwiYXI5iMiTakVq7Pm23/2l1c4UdEVLc 64 oqwitsjY1l3kLl1WnmadFnbsfiD0dka6vHLfNZ9ytFDVAkEAyK5QfmIhxZ2hEmyB 65 SAKYJixrKfNmAt5wQXtU6VFYeInrRvA1lManROQR7B2Y+iBsKZoAS2i+wEW5DgkI 66 jFVX+QJAUWf6JRQ7EZKfLZLq4y3UsMbN0toi4+OIO7omAQjJ744Yb3pKaszg7Yhv 67 gathXyv3Q1trmjCNM2sPOa7na8VCvQJAMT3ckHZh1QytpkirnFDOpqdFkGCiClgs 68 cVTi6/FC5Sjqa1irvRrVlmjkIOzOSanFAJxCMD6+d41kMBZ1W4HheQJAeM7UJwcp 69 aWKGb/GZcNVAorihas2uzox10vAnq8BkEDAjx66fqT0c3ISJ4lNVoH0BWfKShnvx 70 RsJBqKmb1buLhA== 71 -----END PRIVATE KEY----- 72 `), 73 }, 74 { 75 name: "successfully processes EC private key", 76 key: []byte(` 77 -----BEGIN EC PRIVATE KEY----- 78 MHcCAQEEIOsVFUX30MNP7e+MFRTbdknxaC3q3S8fYvmXtrM9tPJJoAoGCCqGSM49 79 AwEHoUQDQgAERhsfjOmIFAKxuniysAVbR2GJefo03OombXMr1SuuPyTtlcEbWh4b 80 X9ZN2FCDgn06wSq/cZvLOl2tGPRt5wSMug== 81 -----END EC PRIVATE KEY----- 82 `), 83 }, 84 { 85 name: "return error for bad format private key", 86 key: []byte(` 87 -----BEGIN RSA PRIVATE KEY----- 88 sxcvMIICXAIBAAKBgQCgcTrC6rTj6KV5GeUyEODguAY+RMxX0ZzskOZBUFuUn1ADj7qK 89 vdfF9WHetcvvnnZ+XuCWrHcoRRIiO5Ikpnz0H54J9Zdy5UAIqkGCOIEdhAVDvLBe 90 oJ7G2x11Lyz/us7EekqNeguZ9xJ+efjWsuPwYxo8iWluR3jcIA3NK5QCLQIDAQAB 91 AoGBAIr1xwkvM4D57OfYb9RPHhZEDNQ9ziZ5nEqgrW0AZnFxEmIjSFQGXS5Ne3jj 92 SEC/pK2LC0Y1FfdA65XOtqMbt7hx3QqjBYIu01AyQGYnrSsiSPdLf4RZviEmZ19n 93 kuZKKI6TjLXG9LfZO9/x3bYJeHa+rgZoSYK/JEUznIn768/BAkEAzKtZhwLH3zcI 94 mFyOYjIk2pFauz5tt/9pdXOFHRFS3KKsIrbI2NZd5C5dVp5mnRZ27H4g9HZGurxy 95 3zWfcrRQ1QJBAMiuUH5iIcWdoRJsgUgCmCYsaynzZgLecEF7VOlRWHiJ60bwNZTG 96 p0TkEewdmPogbCmaAEtovsBFuQ4JCIxVV/kCQFFn+iUUOxGSny2S6uMt1LDGzdLa 97 IuPjiDu6JgEIye+OGG96SmrM4O2Ib4GrYV8r90Nba5owjTNrDzmu52vFQr0CQDE9 98 3JB2YdUMraZIq5xQzqanRZBgogpYLHFU4uvxQuUo6mtYq70a1ZZo5CDszkmpxQCc 99 QjA+vneNZDAWdVuB4XkCQHjO1CcHKWlihm/xmXDVQKK4oWrNrs6MddLwJ6vAZBAw 100 I8eun6k9HNyEieJTVaB9AVnykoZ78UbCQaipm9W7i4Q= 101 -----END RSA PRIVATE KEY----- 102 `), 103 expectError: true, 104 }, 105 { 106 name: "return error for un-decodeable key", 107 key: []byte("un-decodeable"), 108 expectError: true, 109 }, 110 } 111 112 for _, tc := range cases { 113 t.Run(tc.name, func(t *testing.T) { 114 g := NewWithT(t) 115 _, err := DecodePrivateKeyPEM(tc.key) 116 if tc.expectError { 117 g.Expect(err).To(HaveOccurred()) 118 return 119 } 120 g.Expect(err).ToNot(HaveOccurred()) 121 }) 122 } 123 } 124 125 func TestDecodeCertPEM(t *testing.T) { 126 cases := []decodeTest{ 127 { 128 name: "return error for un-decodeable cert", 129 key: []byte("un-decodeable"), 130 expectError: true, 131 }, 132 } 133 134 for _, tc := range cases { 135 g := NewWithT(t) 136 t.Run(tc.name, func(*testing.T) { 137 _, err := DecodeCertPEM(tc.key) 138 if tc.expectError { 139 g.Expect(err).To(HaveOccurred()) 140 return 141 } 142 g.Expect(err).ToNot(HaveOccurred()) 143 }) 144 } 145 }