Strona główna Odkrywaj Pomoc
Zarejestruj się Zaloguj się
zhouyuhuan
/
Cloudpods
1
0
Forkuj 0
Pliki Problemy 0 Oczekujące zmiany 0 Wiki
Drzewo: 4e53efd173
Gałęzie Tagi
Cloudpods
/
backend
/
pkg
/
util
/
tls
/
key
/
key_test.go

key_test.go 8.8 KB
Historia Czysty

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211 
  1. // Copyright 2019 Yunion
    2. 

  2. //
    3. 

  3. // Licensed under the Apache License, Version 2.0 (the "License");
    4. 

  4. // you may not use this file except in compliance with the License.
    5. 

  5. // You may obtain a copy of the License at
    6. 

  6. //
    7. 

  7. //     http://www.apache.org/licenses/LICENSE-2.0
    8. 

  8. //
    9. 

  9. // Unless required by applicable law or agreed to in writing, software
    10. 

  10. // distributed under the License is distributed on an "AS IS" BASIS,
    11. 

  11. // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12. 

  12. // See the License for the specific language governing permissions and
    13. 

  13. // limitations under the License.
    14. 

  14. 

  15. /*
    16. 

  16. Copyright 2018 The Kubernetes Authors.
    17. 

  17. 

  18. Licensed under the Apache License, Version 2.0 (the "License");
    19. 

  19. you may not use this file except in compliance with the License.
    20. 

  20. You may obtain a copy of the License at
    21. 

  21. 

  22.     http://www.apache.org/licenses/LICENSE-2.0
    23. 

  23. 

  24. Unless required by applicable law or agreed to in writing, software
    25. 

  25. distributed under the License is distributed on an "AS IS" BASIS,
    26. 

  26. WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    27. 

  27. See the License for the specific language governing permissions and
    28. 

  28. limitations under the License.
    29. 

  29. */
    30. 

  30. 

  31. package key
    32. 

  32. 

  33. import (
    34. 

  34. 	"io/ioutil"
    35. 

  35. 	"os"
    36. 

  36. 	"testing"
    37. 

  37. )
    38. 

  38. 

  39. const (
    40. 

  40. 	// rsaPrivateKey is a RSA Private Key in PKCS#1 format
    41. 

  41. 	// openssl genrsa -out rsa2048.pem 2048
    42. 

  42. 	rsaPrivateKey = `-----BEGIN RSA PRIVATE KEY-----
    43. 

  43. MIIEpAIBAAKCAQEA92mVjhBKOFsdxFzb/Pjq+7b5TJlODAdY5hK+WxLZTIrfhDPq
    44. 

  44. FWrGKdjSNiHbXrdEtwJh9V+RqPZVSN3aWy1224RgkyNdMJsXhJKuCC24ZKY8SXtW
    45. 

  45. xuTYmMRaMnCsv6QBGRTIbZ2EFbAObVM7lDyv1VqY3amZIWFQMlZ9CNpxDSPa5yi4
    46. 

  46. 3gopbXkne0oGNmey9X0qtpk7NMZIgAL6Zz4rZ30bcfC2ag6RLOFI2E/c4n8c38R8
    47. 

  47. 9MfXfLkj8/Cxo4JfI9NvRCpPOpFO8d/ZtWVUuIrBQN+Y7tkN2T60Qq/TkKXUrhDe
    48. 

  48. fwlTlktZVJ/GztLYU41b2GcWsh/XO+PH831rmwIDAQABAoIBAQCC9c6GDjVbM0/E
    49. 

  49. WurPMusfJjE7zII1d8YkspM0HfwLug6qKdikUYpnKC/NG4rEzfl/bbFwco/lgc6O
    50. 

  50. 7W/hh2U8uQttlvCDA/Uk5YddKOZL0Hpk4vaB/SxxYK3luSKXpjY2knutGg2KdVCN
    51. 

  51. qdsFkkH4iyYTXuyBcMNEgedZQldI/kEujIH/L7FE+DF5TMzT4lHhozDoG+fy564q
    52. 

  52. qVGUZXJn0ubc3GaPn2QOLNNM44sfYA4UJCpKBXPu85bvNObjxVQO4WqwwxU1vRnL
    53. 

  53. UUsaGaelhSVJCo0dVPRvrfPPKZ09HTwpy40EkgQo6VriFc1EBoQDjENLbAJv9OfQ
    54. 

  54. aCc9wiZhAoGBAP/8oEy48Zbb0P8Vdy4djf5tfBW8yXFLWzXewJ4l3itKS1r42nbX
    55. 

  55. 9q3cJsgRTQm8uRcMIpWxsc3n6zG+lREvTkoTB3ViI7+uQPiqA+BtWyNy7jzufFke
    56. 

  56. ONKZfg7QxxmYRWZBRnoNGNbMpNeERuLmhvQuom9D1WbhzAYJbfs/O4WTAoGBAPds
    57. 

  57. 2FNDU0gaesFDdkIUGq1nIJqRQDW485LXZm4pFqBFxdOpbdWRuYT2XZjd3fD0XY98
    58. 

  58. Nhkpb7NTMCuK3BdKcqIptt+cK+quQgYid0hhhgZbpCQ5AL6c6KgyjgpYlh2enzU9
    59. 

  59. Zo3yg8ej1zbbA11sBlhX+5iO2P1u5DG+JHLwUUbZAoGAUwaU102EzfEtsA4+QW7E
    60. 

  60. hyjrfgFlNKHES4yb3K9bh57pIfBkqvcQwwMMcQdrfSUAw0DkVrjzel0mI1Q09QXq
    61. 

  61. 1ould6UFAz55RC2gZEITtUOpkYmoOx9aPrQZ9qQwb1S77ZZuTVfCHqjxLhVxCFbM
    62. 

  62. npYhiQTvShciHTMhwMOZgpECgYAVV5EtVXBYltgh1YTc3EkUzgF087R7LdHsx6Gx
    63. 

  63. POATwRD4WfP8aQ58lpeqOPEM+LcdSlSMRRO6fyF3kAm+BJDwxfJdRWZQXumZB94M
    64. 

  64. I0VhRQRaj4Qt7PDwmTPBVrTUJzuKZxpyggm17b8Bn1Ch/VBqzGQKW8AB1E/grosM
    65. 

  65. UwhfuQKBgQC2JO/iqTQScHClf0qlItCJsBuVukFmSAVCkpOD8YdbdlPdOOwSk1wQ
    66. 

  66. C0eAlsC3BCMvkpidKQmra6IqIrvTGI6EFgkrb3aknWdup2w8j2udYCNqyE3W+fVe
    67. 

  67. p8FdYQ1FkACQ+daO5VlClL/9l0sGjKXlNKbpmJ2H4ngZmXj5uGmxuQ==
    68. 

  68. -----END RSA PRIVATE KEY-----`
    69. 

  69. 

  70. 	// rsaPublicKey is a RSA Public Key in PEM encoded format
    71. 

  71. 	// openssl rsa -in rsa2048.pem -pubout -out rsa2048pub.pem
    72. 

  72. 	rsaPublicKey = `-----BEGIN PUBLIC KEY-----
    73. 

  73. MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA92mVjhBKOFsdxFzb/Pjq
    74. 

  74. +7b5TJlODAdY5hK+WxLZTIrfhDPqFWrGKdjSNiHbXrdEtwJh9V+RqPZVSN3aWy12
    75. 

  75. 24RgkyNdMJsXhJKuCC24ZKY8SXtWxuTYmMRaMnCsv6QBGRTIbZ2EFbAObVM7lDyv
    76. 

  76. 1VqY3amZIWFQMlZ9CNpxDSPa5yi43gopbXkne0oGNmey9X0qtpk7NMZIgAL6Zz4r
    77. 

  77. Z30bcfC2ag6RLOFI2E/c4n8c38R89MfXfLkj8/Cxo4JfI9NvRCpPOpFO8d/ZtWVU
    78. 

  78. uIrBQN+Y7tkN2T60Qq/TkKXUrhDefwlTlktZVJ/GztLYU41b2GcWsh/XO+PH831r
    79. 

  79. mwIDAQAB
    80. 

  80. -----END PUBLIC KEY-----`
    81. 

  81. 

  82. 	// certificate is an x509 certificate in PEM encoded format
    83. 

  83. 	// openssl req -new -key rsa2048.pem -sha256 -nodes -x509 -days 1826 -out x509certificate.pem -subj "/C=US/CN=not-valid"
    84. 

  84. 	certificate = `-----BEGIN CERTIFICATE-----
    85. 

  85. MIIDFTCCAf2gAwIBAgIJAN8B8NOwtiUCMA0GCSqGSIb3DQEBCwUAMCExCzAJBgNV
    86. 

  86. BAYTAlVTMRIwEAYDVQQDDAlub3QtdmFsaWQwHhcNMTcwMzIyMDI1NjM2WhcNMjIw
    87. 

  87. MzIyMDI1NjM2WjAhMQswCQYDVQQGEwJVUzESMBAGA1UEAwwJbm90LXZhbGlkMIIB
    88. 

  88. IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA92mVjhBKOFsdxFzb/Pjq+7b5
    89. 

  89. TJlODAdY5hK+WxLZTIrfhDPqFWrGKdjSNiHbXrdEtwJh9V+RqPZVSN3aWy1224Rg
    90. 

  90. kyNdMJsXhJKuCC24ZKY8SXtWxuTYmMRaMnCsv6QBGRTIbZ2EFbAObVM7lDyv1VqY
    91. 

  91. 3amZIWFQMlZ9CNpxDSPa5yi43gopbXkne0oGNmey9X0qtpk7NMZIgAL6Zz4rZ30b
    92. 

  92. cfC2ag6RLOFI2E/c4n8c38R89MfXfLkj8/Cxo4JfI9NvRCpPOpFO8d/ZtWVUuIrB
    93. 

  93. QN+Y7tkN2T60Qq/TkKXUrhDefwlTlktZVJ/GztLYU41b2GcWsh/XO+PH831rmwID
    94. 

  94. AQABo1AwTjAdBgNVHQ4EFgQU1I5GfinLF7ta+dBJ6UWcrYaexLswHwYDVR0jBBgw
    95. 

  95. FoAU1I5GfinLF7ta+dBJ6UWcrYaexLswDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0B
    96. 

  96. AQsFAAOCAQEAUl0wUD4y41juHFOVMYiziPYr1ShSpQXdwp8FfaHrzI5hsr8UMe8D
    97. 

  97. dzb9QzZ4bx3yZhiG3ahrSBh956thMTHrKTEwAfJIEXI4cuSVWQAaOJ4Em5SDFxQe
    98. 

  98. d0E6Ui2nGh1SFGF7oyuEXyzqgRMWFNDFw9HLUNgXaO18Zfouw8+K0BgbfEWEcSi1
    99. 

  99. JLQbyhCjz088gltrliQGPWDFAg9cHBKtJhuTzZkvuqK1CLEmBhtzP1zFiGBfOJc8
    100. 

  100. v+aKjAwrPUNX11cXOCPxBv2qXMetxaovBem6AI2hvypCInXaVQfP+yOLubzlTDjS
    101. 

  101. Y708SlY38hmS1uTwDpyLOn8AKkZ8jtx75g==
    102. 

  102. -----END CERTIFICATE-----`
    103. 

  103. 

  104. 	// ecdsaPrivateKeyWithParams is a ECDSA Private Key with included EC Parameters block
    105. 

  105. 	// openssl ecparam -name prime256v1 -genkey -out ecdsa256params.pem
    106. 

  106. 	ecdsaPrivateKeyWithParams = `-----BEGIN EC PARAMETERS-----
    107. 

  107. BggqhkjOPQMBBw==
    108. 

  108. -----END EC PARAMETERS-----
    109. 

  109. -----BEGIN EC PRIVATE KEY-----
    110. 

  110. MHcCAQEEIAwSOWQqlMTZNqNF7tgua812Jxib1DVOgb2pHHyIEyNNoAoGCCqGSM49
    111. 

  111. AwEHoUQDQgAEyxYNrs6a6tsNCFNYn+l+JDUZ0PnUZbcsDgJn2O62D1se8M5iQ5rY
    112. 

  112. iIv6RpxE3VHvlHEIvYgCZkG0jHszTUopBg==
    113. 

  113. -----END EC PRIVATE KEY-----`
    114. 

  114. 

  115. 	// ecdsaPrivateKey is a ECDSA Private Key in ASN.1 format
    116. 

  116. 	// openssl ecparam -name prime256v1 -genkey -noout -out ecdsa256.pem
    117. 

  117. 	ecdsaPrivateKey = `-----BEGIN EC PRIVATE KEY-----
    118. 

  118. MHcCAQEEIP6Qw6dHDiLsSnLXUhQVTPE0fTQQrj3XSbiQAZPXnk5+oAoGCCqGSM49
    119. 

  119. AwEHoUQDQgAEZZzi1u5f2/AEGFI/HYUhU+u6cTK1q2bbtE7r1JMK+/sQA5sNAp+7
    120. 

  120. Vdc3psr1OaNzyTyuhTECyRdFKXm63cMnGg==
    121. 

  121. -----END EC PRIVATE KEY-----`
    122. 

  122. 

  123. 	// ecdsaPublicKey is a ECDSA Public Key in PEM encoded format
    124. 

  124. 	// openssl ec -in ecdsa256.pem -pubout -out ecdsa256pub.pem
    125. 

  125. 	ecdsaPublicKey = `-----BEGIN PUBLIC KEY-----
    126. 

  126. MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEZZzi1u5f2/AEGFI/HYUhU+u6cTK1
    127. 

  127. q2bbtE7r1JMK+/sQA5sNAp+7Vdc3psr1OaNzyTyuhTECyRdFKXm63cMnGg==
    128. 

  128. -----END PUBLIC KEY-----`
    129. 

  129. )
    130. 

  130. 

  131. func TestReadPrivateKey(t *testing.T) {
    132. 

  132. 	f, err := ioutil.TempFile("", "")
    133. 

  133. 	if err != nil {
    134. 

  134. 		t.Fatalf("error creating tmpfile: %v", err)
    135. 

  135. 	}
    136. 

  136. 	defer os.Remove(f.Name())
    137. 

  137. 

  138. 	if _, err := PrivateKeyFromFile(f.Name()); err == nil {
    139. 

  139. 		t.Fatalf("Expected error reading key from empty file, got none")
    140. 

  140. 	}
    141. 

  141. 

  142. 	if err := ioutil.WriteFile(f.Name(), []byte(rsaPrivateKey), os.FileMode(0600)); err != nil {
    143. 

  143. 		t.Fatalf("error writing private key to tmpfile: %v", err)
    144. 

  144. 	}
    145. 

  145. 	if _, err := PrivateKeyFromFile(f.Name()); err != nil {
    146. 

  146. 		t.Fatalf("error reading private RSA key: %v", err)
    147. 

  147. 	}
    148. 

  148. 

  149. 	if err := ioutil.WriteFile(f.Name(), []byte(ecdsaPrivateKey), os.FileMode(0600)); err != nil {
    150. 

  150. 		t.Fatalf("error writing private key to tmpfile: %v", err)
    151. 

  151. 	}
    152. 

  152. 	if _, err := PrivateKeyFromFile(f.Name()); err != nil {
    153. 

  153. 		t.Fatalf("error reading private ECDSA key: %v", err)
    154. 

  154. 	}
    155. 

  155. 

  156. 	if err := ioutil.WriteFile(f.Name(), []byte(ecdsaPrivateKeyWithParams), os.FileMode(0600)); err != nil {
    157. 

  157. 		t.Fatalf("error writing private key to tmpfile: %v", err)
    158. 

  158. 	}
    159. 

  159. 	if _, err := PrivateKeyFromFile(f.Name()); err != nil {
    160. 

  160. 		t.Fatalf("error reading private ECDSA key with params: %v", err)
    161. 

  161. 	}
    162. 

  162. }
    163. 

  163. 

  164. func TestReadPublicKeys(t *testing.T) {
    165. 

  165. 	f, err := ioutil.TempFile("", "")
    166. 

  166. 	if err != nil {
    167. 

  167. 		t.Fatalf("error creating tmpfile: %v", err)
    168. 

  168. 	}
    169. 

  169. 	defer os.Remove(f.Name())
    170. 

  170. 

  171. 	if _, err := PublicKeysFromFile(f.Name()); err == nil {
    172. 

  172. 		t.Fatalf("Expected error reading keys from empty file, got none")
    173. 

  173. 	}
    174. 

  174. 

  175. 	if err := ioutil.WriteFile(f.Name(), []byte(rsaPublicKey), os.FileMode(0600)); err != nil {
    176. 

  176. 		t.Fatalf("error writing public key to tmpfile: %v", err)
    177. 

  177. 	}
    178. 

  178. 	if keys, err := PublicKeysFromFile(f.Name()); err != nil {
    179. 

  179. 		t.Fatalf("error reading RSA public key: %v", err)
    180. 

  180. 	} else if len(keys) != 1 {
    181. 

  181. 		t.Fatalf("expected 1 key, got %d", len(keys))
    182. 

  182. 	}
    183. 

  183. 

  184. 	if err := ioutil.WriteFile(f.Name(), []byte(ecdsaPublicKey), os.FileMode(0600)); err != nil {
    185. 

  185. 		t.Fatalf("error writing public key to tmpfile: %v", err)
    186. 

  186. 	}
    187. 

  187. 	if keys, err := PublicKeysFromFile(f.Name()); err != nil {
    188. 

  188. 		t.Fatalf("error reading ECDSA public key: %v", err)
    189. 

  189. 	} else if len(keys) != 1 {
    190. 

  190. 		t.Fatalf("expected 1 key, got %d", len(keys))
    191. 

  191. 	}
    192. 

  192. 

  193. 	if err := ioutil.WriteFile(f.Name(), []byte(rsaPublicKey+"\n"+ecdsaPublicKey), os.FileMode(0600)); err != nil {
    194. 

  194. 		t.Fatalf("error writing public key to tmpfile: %v", err)
    195. 

  195. 	}
    196. 

  196. 	if keys, err := PublicKeysFromFile(f.Name()); err != nil {
    197. 

  197. 		t.Fatalf("error reading combined RSA/ECDSA public key file: %v", err)
    198. 

  198. 	} else if len(keys) != 2 {
    199. 

  199. 		t.Fatalf("expected 2 keys, got %d", len(keys))
    200. 

  200. 	}
    201. 

  201. 

  202. 	if err := ioutil.WriteFile(f.Name(), []byte(certificate), os.FileMode(0600)); err != nil {
    203. 

  203. 		t.Fatalf("error writing certificate to tmpfile: %v", err)
    204. 

  204. 	}
    205. 

  205. 	if keys, err := PublicKeysFromFile(f.Name()); err != nil {
    206. 

  206. 		t.Fatalf("error reading public key from certificate file: %v", err)
    207. 

  207. 	} else if len(keys) != 1 {
    208. 

  208. 		t.Fatalf("expected 1 keys, got %d", len(keys))
    209. 

  209. 	}
    210. 

  210. 

  211. }
    212.