removed unused processPrivateKeyFile func & tests

This commit is contained in:
Adrien Delorme 2018-10-09 11:56:43 +02:00
parent c4699cbaa4
commit b2e2d3b008
2 changed files with 0 additions and 130 deletions

View File

@ -1,43 +0,0 @@
package googlecompute
import (
"crypto/x509"
"encoding/pem"
"errors"
"fmt"
"io/ioutil"
)
// processPrivateKeyFile takes a private key file and an optional passphrase
// and decodes it to a byte slice.
func processPrivateKeyFile(privateKeyFile, passphrase string) ([]byte, error) {
rawPrivateKeyBytes, err := ioutil.ReadFile(privateKeyFile)
if err != nil {
return nil, fmt.Errorf("Failed loading private key file: %s", err)
}
PEMBlock, _ := pem.Decode(rawPrivateKeyBytes)
if PEMBlock == nil {
return nil, fmt.Errorf(
"%s does not contain a valid private key", privateKeyFile)
}
if x509.IsEncryptedPEMBlock(PEMBlock) {
if passphrase == "" {
return nil, errors.New("a passphrase must be specified when using an encrypted private key")
}
decryptedPrivateKeyBytes, err := x509.DecryptPEMBlock(PEMBlock, []byte(passphrase))
if err != nil {
return nil, fmt.Errorf("Failed decrypting private key: %s", err)
}
b := &pem.Block{
Type: "RSA PRIVATE KEY",
Bytes: decryptedPrivateKeyBytes,
}
return pem.EncodeToMemory(b), nil
}
return rawPrivateKeyBytes, nil
}

View File

@ -1,87 +0,0 @@
package googlecompute
import (
"crypto/rand"
"crypto/x509"
"encoding/pem"
"io/ioutil"
"os"
"testing"
)
func testPrivateKeyFile(t *testing.T) string {
tf, err := ioutil.TempFile("", "packer")
if err != nil {
t.Fatalf("bad: %s", err)
}
defer tf.Close()
b := &pem.Block{
Type: "RSA PRIVATE KEY",
Bytes: []byte("what"),
}
if err := pem.Encode(tf, b); err != nil {
t.Fatalf("err: %s", err)
}
return tf.Name()
}
func TestProcesssPrivateKeyFile(t *testing.T) {
path := testPrivateKeyFile(t)
defer os.Remove(path)
data, err := processPrivateKeyFile(path, "")
if err != nil {
t.Fatalf("err: %s", err)
}
if len(data) <= 0 {
t.Fatalf("bad: %#v", data)
}
}
func TestProcessPrivateKeyFile_encrypted(t *testing.T) {
data := []byte("what")
// Encrypt the file
b, err := x509.EncryptPEMBlock(rand.Reader,
"RSA PRIVATE KEY",
data,
[]byte("password"),
x509.PEMCipherAES128)
if err != nil {
t.Fatalf("err: %s", err)
}
tf, err := ioutil.TempFile("", "packer")
if err != nil {
t.Fatalf("bad: %s", err)
}
defer os.Remove(tf.Name())
err = pem.Encode(tf, b)
tf.Close()
if err != nil {
t.Fatalf("err: %s", err)
}
path := tf.Name()
// Should have an error with a bad password
if b, err := processPrivateKeyFile(path, "bad"); err == nil {
if string(b) == string(data) {
t.Fatal("should error & be different")
}
t.Logf(`Decrypt was successfull but the body was wrong.`)
// Because of deficiencies
// in the encrypted-PEM format, it's not always possible to detect an incorrect
// password. In these cases no error will be returned but the decrypted DER
// bytes will be random noise.
// https://github.com/golang/go/blob/50bd1c4d4eb4fac8ddeb5f063c099daccfb71b26/src/crypto/x509/pem_decrypt.go#L112-L114
}
if _, err := processPrivateKeyFile(path, "password"); err != nil {
t.Fatalf("bad: %s", err)
}
}