packer-cn/builder/azure/pkcs12/pkcs8_test.go

// Copyright 2016 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
package pkcs12

import (
	"crypto/ecdsa"
	"crypto/elliptic"
	"crypto/rand"
	"crypto/rsa"
	"crypto/x509"
	"encoding/asn1"
	"testing"
)

func TestRoundTripPkcs8Rsa(t *testing.T) {
	privateKey, err := rsa.GenerateKey(rand.Reader, 512)
	if err != nil {
		t.Fatalf("failed to generate a private key: %s", err)
	}

	bytes, err := marshalPKCS8PrivateKey(privateKey)
	if err != nil {
		t.Fatalf("failed to marshal private key: %s", err)
	}

	key, err := x509.ParsePKCS8PrivateKey(bytes)
	if err != nil {
		t.Fatalf("failed to parse private key: %s", err)
	}

	actualPrivateKey, ok := key.(*rsa.PrivateKey)
	if !ok {
		t.Fatalf("expected key to be of type *rsa.PrivateKey, but actual was %T", key)
	}

	if actualPrivateKey.Validate() != nil {
		t.Fatalf("private key did not validate")
	}

	if actualPrivateKey.N.Cmp(privateKey.N) != 0 {
		t.Errorf("private key's N did not round trip")
	}
	if actualPrivateKey.D.Cmp(privateKey.D) != 0 {
		t.Errorf("private key's D did not round trip")
	}
	if actualPrivateKey.E != privateKey.E {
		t.Errorf("private key's E did not round trip")
	}
	if actualPrivateKey.Primes[0].Cmp(privateKey.Primes[0]) != 0 {
		t.Errorf("private key's P did not round trip")
	}
	if actualPrivateKey.Primes[1].Cmp(privateKey.Primes[1]) != 0 {
		t.Errorf("private key's Q did not round trip")
	}
}

func TestRoundTripPkcs8Ecdsa(t *testing.T) {
	privateKey, err := ecdsa.GenerateKey(elliptic.P224(), rand.Reader)
	if err != nil {
		t.Fatalf("failed to generate a private key: %s", err)
	}

	bytes, err := marshalPKCS8PrivateKey(privateKey)
	if err != nil {
		t.Fatalf("failed to marshal private key: %s", err)
	}

	key, err := x509.ParsePKCS8PrivateKey(bytes)
	if err != nil {
		t.Fatalf("failed to parse private key: %s", err)
	}

	actualPrivateKey, ok := key.(*ecdsa.PrivateKey)
	if !ok {
		t.Fatalf("expected key to be of type *ecdsa.PrivateKey, but actual was %T", key)
	}

	// sanity check, not exhaustive
	if actualPrivateKey.D.Cmp(privateKey.D) != 0 {
		t.Errorf("private key's D did not round trip")
	}
	if actualPrivateKey.X.Cmp(privateKey.X) != 0 {
		t.Errorf("private key's X did not round trip")
	}
	if actualPrivateKey.Y.Cmp(privateKey.Y) != 0 {
		t.Errorf("private key's Y did not round trip")
	}
	if actualPrivateKey.Curve.Params().B.Cmp(privateKey.Curve.Params().B) != 0 {
		t.Errorf("private key's Curve.B did not round trip")
	}
}

func TestNullParametersPkcs8Rsa(t *testing.T) {
	privateKey, err := rsa.GenerateKey(rand.Reader, 512)
	if err != nil {
		t.Fatalf("failed to generate a private key: %s", err)
	}

	checkNullParameter(t, privateKey)
}

func TestNullParametersPkcs8Ecdsa(t *testing.T) {
	privateKey, err := ecdsa.GenerateKey(elliptic.P224(), rand.Reader)
	if err != nil {
		t.Fatalf("failed to generate a private key: %s", err)
	}

	checkNullParameter(t, privateKey)
}

func checkNullParameter(t *testing.T, privateKey interface{}) {
	bytes, err := marshalPKCS8PrivateKey(privateKey)
	if err != nil {
		t.Fatalf("failed to marshal private key: %s", err)
	}

	var pkcs pkcs8
	rest, err := asn1.Unmarshal(bytes, &pkcs)
	if err != nil {
		t.Fatalf("failed to unmarshal PKCS#8: %s", err)
	}

	if len(rest) != 0 {
		t.Fatalf("unexpected trailing bytes of len=%d, bytes=%x", len(rest), rest)
	}

	// Only version == 0 is known and valid
	if pkcs.Version != 0 {
		t.Errorf("expected version=0, but actual=%d", pkcs.Version)
	}

	// ensure a NULL parameter is inserted
	if pkcs.Algo.Parameters.Tag != 5 {
		t.Errorf("expected parameters to be NULL, but actual tag=%d, class=%d, isCompound=%t, bytes=%x",
			pkcs.Algo.Parameters.Tag,
			pkcs.Algo.Parameters.Class,
			pkcs.Algo.Parameters.IsCompound,
			pkcs.Algo.Parameters.Bytes)
	}
}
Add support for Windows to Azure. This is last merge that will happen from the github.com/Azure/packer-Azure repository. All development is being over to this repository. The biggest change in this merge is support for Windows. There are a few other fixes as well. * If the user cancels the build, clean up any resources. * Output a reasonable build artifact. * Log requests and responses with Azure. * Support for US Government and the China clouds. * Support interrupting long running tasks. * Allow the user to set the image version. * Device login support. 2016-04-21 19:50:03 -04:00			`// Copyright 2016 The Go Authors. All rights reserved.`
			`// Use of this source code is governed by a BSD-style`
			`// license that can be found in the LICENSE file.`
			`package pkcs12`

			`import (`
			`"crypto/ecdsa"`
			`"crypto/elliptic"`
			`"crypto/rand"`
			`"crypto/rsa"`
			`"crypto/x509"`
			`"encoding/asn1"`
			`"testing"`
			`)`

			`func TestRoundTripPkcs8Rsa(t *testing.T) {`
			`privateKey, err := rsa.GenerateKey(rand.Reader, 512)`
			`if err != nil {`
			`t.Fatalf("failed to generate a private key: %s", err)`
			`}`

			`bytes, err := marshalPKCS8PrivateKey(privateKey)`
			`if err != nil {`
			`t.Fatalf("failed to marshal private key: %s", err)`
			`}`

			`key, err := x509.ParsePKCS8PrivateKey(bytes)`
			`if err != nil {`
			`t.Fatalf("failed to parse private key: %s", err)`
			`}`

			`actualPrivateKey, ok := key.(*rsa.PrivateKey)`
			`if !ok {`
			`t.Fatalf("expected key to be of type *rsa.PrivateKey, but actual was %T", key)`
			`}`

			`if actualPrivateKey.Validate() != nil {`
Replace pkcs12 code with upstream 2017-09-02 19:09:29 -04:00			`t.Fatalf("private key did not validate")`
Add support for Windows to Azure. This is last merge that will happen from the github.com/Azure/packer-Azure repository. All development is being over to this repository. The biggest change in this merge is support for Windows. There are a few other fixes as well. * If the user cancels the build, clean up any resources. * Output a reasonable build artifact. * Log requests and responses with Azure. * Support for US Government and the China clouds. * Support interrupting long running tasks. * Allow the user to set the image version. * Device login support. 2016-04-21 19:50:03 -04:00			`}`

			`if actualPrivateKey.N.Cmp(privateKey.N) != 0 {`
			`t.Errorf("private key's N did not round trip")`
			`}`
			`if actualPrivateKey.D.Cmp(privateKey.D) != 0 {`
			`t.Errorf("private key's D did not round trip")`
			`}`
			`if actualPrivateKey.E != privateKey.E {`
			`t.Errorf("private key's E did not round trip")`
			`}`
			`if actualPrivateKey.Primes[0].Cmp(privateKey.Primes[0]) != 0 {`
			`t.Errorf("private key's P did not round trip")`
			`}`
			`if actualPrivateKey.Primes[1].Cmp(privateKey.Primes[1]) != 0 {`
			`t.Errorf("private key's Q did not round trip")`
			`}`
			`}`

			`func TestRoundTripPkcs8Ecdsa(t *testing.T) {`
			`privateKey, err := ecdsa.GenerateKey(elliptic.P224(), rand.Reader)`
			`if err != nil {`
			`t.Fatalf("failed to generate a private key: %s", err)`
			`}`

			`bytes, err := marshalPKCS8PrivateKey(privateKey)`
			`if err != nil {`
			`t.Fatalf("failed to marshal private key: %s", err)`
			`}`

			`key, err := x509.ParsePKCS8PrivateKey(bytes)`
			`if err != nil {`
			`t.Fatalf("failed to parse private key: %s", err)`
			`}`

			`actualPrivateKey, ok := key.(*ecdsa.PrivateKey)`
			`if !ok {`
			`t.Fatalf("expected key to be of type *ecdsa.PrivateKey, but actual was %T", key)`
			`}`

			`// sanity check, not exhaustive`
			`if actualPrivateKey.D.Cmp(privateKey.D) != 0 {`
			`t.Errorf("private key's D did not round trip")`
			`}`
			`if actualPrivateKey.X.Cmp(privateKey.X) != 0 {`
			`t.Errorf("private key's X did not round trip")`
			`}`
			`if actualPrivateKey.Y.Cmp(privateKey.Y) != 0 {`
			`t.Errorf("private key's Y did not round trip")`
			`}`
			`if actualPrivateKey.Curve.Params().B.Cmp(privateKey.Curve.Params().B) != 0 {`
			`t.Errorf("private key's Curve.B did not round trip")`
			`}`
			`}`

			`func TestNullParametersPkcs8Rsa(t *testing.T) {`
			`privateKey, err := rsa.GenerateKey(rand.Reader, 512)`
			`if err != nil {`
			`t.Fatalf("failed to generate a private key: %s", err)`
			`}`

			`checkNullParameter(t, privateKey)`
			`}`

			`func TestNullParametersPkcs8Ecdsa(t *testing.T) {`
			`privateKey, err := ecdsa.GenerateKey(elliptic.P224(), rand.Reader)`
			`if err != nil {`
			`t.Fatalf("failed to generate a private key: %s", err)`
			`}`

			`checkNullParameter(t, privateKey)`
			`}`

			`func checkNullParameter(t *testing.T, privateKey interface{}) {`
			`bytes, err := marshalPKCS8PrivateKey(privateKey)`
			`if err != nil {`
			`t.Fatalf("failed to marshal private key: %s", err)`
			`}`

			`var pkcs pkcs8`
			`rest, err := asn1.Unmarshal(bytes, &pkcs)`
			`if err != nil {`
			`t.Fatalf("failed to unmarshal PKCS#8: %s", err)`
			`}`

			`if len(rest) != 0 {`
			`t.Fatalf("unexpected trailing bytes of len=%d, bytes=%x", len(rest), rest)`
			`}`

			`// Only version == 0 is known and valid`
			`if pkcs.Version != 0 {`
			`t.Errorf("expected version=0, but actual=%d", pkcs.Version)`
			`}`

			`// ensure a NULL parameter is inserted`
			`if pkcs.Algo.Parameters.Tag != 5 {`
			`t.Errorf("expected parameters to be NULL, but actual tag=%d, class=%d, isCompound=%t, bytes=%x",`
			`pkcs.Algo.Parameters.Tag,`
			`pkcs.Algo.Parameters.Class,`
			`pkcs.Algo.Parameters.IsCompound,`
			`pkcs.Algo.Parameters.Bytes)`
			`}`
			`}`