124 lines
2.6 KiB
Go
124 lines
2.6 KiB
Go
package common
|
|
|
|
import (
|
|
"crypto/rand"
|
|
"errors"
|
|
"strconv"
|
|
"testing"
|
|
|
|
"golang.org/x/crypto/ssh"
|
|
)
|
|
|
|
// expected contains the data that the key pair should contain.
|
|
type expected struct {
|
|
kind sshKeyPairType
|
|
bits int
|
|
desc string
|
|
}
|
|
|
|
func (o expected) matches(kp sshKeyPair) error {
|
|
if o.kind.String() == "" {
|
|
return errors.New("expected kind's value cannot be empty")
|
|
}
|
|
|
|
if o.bits <= 0 {
|
|
return errors.New("expected bits' value cannot be less than or equal to 0")
|
|
}
|
|
|
|
if o.desc == "" {
|
|
return errors.New("expected description's value cannot be empty")
|
|
}
|
|
|
|
if kp.Type() != o.kind {
|
|
return errors.New("expected key pair type to be " +
|
|
o.kind.String() + " - got '" + kp.Type().String() + "'")
|
|
}
|
|
|
|
if kp.Bits() != o.bits {
|
|
return errors.New("expected key pair to be " +
|
|
strconv.Itoa(o.bits) + " bits - got " + strconv.Itoa(kp.Bits()))
|
|
}
|
|
|
|
expDescription := kp.Type().String() + " " + strconv.Itoa(o.bits)
|
|
if kp.Description() != expDescription {
|
|
return errors.New("expected key pair description to be '" +
|
|
expDescription + "' - got '" + kp.Description() + "'")
|
|
}
|
|
|
|
err := verifySshKeyPair(kp)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
func TestDefaultSshKeyPairBuilder_Build_Default(t *testing.T) {
|
|
kp, err := newSshKeyPairBuilder().Build()
|
|
if err != nil {
|
|
t.Fatal(err.Error())
|
|
}
|
|
|
|
err = expected{
|
|
kind: ecdsaSsh,
|
|
bits: 521,
|
|
desc: "ecdsa 521",
|
|
}.matches(kp)
|
|
if err != nil {
|
|
t.Fatal(err.Error())
|
|
}
|
|
}
|
|
|
|
func TestDefaultSshKeyPairBuilder_Build_EcdsaDefault(t *testing.T) {
|
|
kp, err := newSshKeyPairBuilder().SetType(ecdsaSsh).Build()
|
|
if err != nil {
|
|
t.Fatal(err.Error())
|
|
}
|
|
|
|
err = expected{
|
|
kind: ecdsaSsh,
|
|
bits: 521,
|
|
desc: "ecdsa 521",
|
|
}.matches(kp)
|
|
if err != nil {
|
|
t.Fatal(err.Error())
|
|
}
|
|
}
|
|
|
|
func TestDefaultSshKeyPairBuilder_Build_RsaDefault(t *testing.T) {
|
|
kp, err := newSshKeyPairBuilder().SetType(rsaSsh).Build()
|
|
if err != nil {
|
|
t.Fatal(err.Error())
|
|
}
|
|
|
|
err = expected{
|
|
kind: rsaSsh,
|
|
bits: 4096,
|
|
desc: "rsa 4096",
|
|
}.matches(kp)
|
|
if err != nil {
|
|
t.Fatal(err.Error())
|
|
}
|
|
}
|
|
|
|
func verifySshKeyPair(kp sshKeyPair) error {
|
|
signer, err := ssh.ParsePrivateKey(kp.PrivateKeyPemBlock())
|
|
if err != nil {
|
|
return errors.New("failed to parse private key during verification - " + err.Error())
|
|
}
|
|
|
|
data := []byte{'b', 'r', '4', 'n', '3'}
|
|
|
|
signature, err := signer.Sign(rand.Reader, data)
|
|
if err != nil {
|
|
return errors.New("failed to sign test data during verification - " + err.Error())
|
|
}
|
|
|
|
err = signer.PublicKey().Verify(data, signature)
|
|
if err != nil {
|
|
return errors.New("failed to verify test data - " + err.Error())
|
|
}
|
|
|
|
return nil
|
|
}
|