packer-cn/builder/virtualbox/common/sshkeypair_test.go

124 lines
2.6 KiB
Go

package common
import (
"crypto/rand"
"errors"
"strconv"
"testing"
"golang.org/x/crypto/ssh"
)
// expected contains the data that the key pair should contain.
type expected struct {
kind sshKeyPairType
bits int
desc string
}
func (o expected) matches(kp sshKeyPair) error {
if o.kind.String() == "" {
return errors.New("expected kind's value cannot be empty")
}
if o.bits <= 0 {
return errors.New("expected bits' value cannot be less than or equal to 0")
}
if o.desc == "" {
return errors.New("expected description's value cannot be empty")
}
if kp.Type() != o.kind {
return errors.New("expected key pair type to be " +
o.kind.String() + " - got '" + kp.Type().String() + "'")
}
if kp.Bits() != o.bits {
return errors.New("expected key pair to be " +
strconv.Itoa(o.bits) + " bits - got " + strconv.Itoa(kp.Bits()))
}
expDescription := kp.Type().String() + " " + strconv.Itoa(o.bits)
if kp.Description() != expDescription {
return errors.New("expected key pair description to be '" +
expDescription + "' - got '" + kp.Description() + "'")
}
err := verifySshKeyPair(kp)
if err != nil {
return err
}
return nil
}
func TestDefaultSshKeyPairBuilder_Build_Default(t *testing.T) {
kp, err := newSshKeyPairBuilder().Build()
if err != nil {
t.Fatal(err.Error())
}
err = expected{
kind: ecdsaSsh,
bits: 521,
desc: "ecdsa 521",
}.matches(kp)
if err != nil {
t.Fatal(err.Error())
}
}
func TestDefaultSshKeyPairBuilder_Build_EcdsaDefault(t *testing.T) {
kp, err := newSshKeyPairBuilder().SetType(ecdsaSsh).Build()
if err != nil {
t.Fatal(err.Error())
}
err = expected{
kind: ecdsaSsh,
bits: 521,
desc: "ecdsa 521",
}.matches(kp)
if err != nil {
t.Fatal(err.Error())
}
}
func TestDefaultSshKeyPairBuilder_Build_RsaDefault(t *testing.T) {
kp, err := newSshKeyPairBuilder().SetType(rsaSsh).Build()
if err != nil {
t.Fatal(err.Error())
}
err = expected{
kind: rsaSsh,
bits: 4096,
desc: "rsa 4096",
}.matches(kp)
if err != nil {
t.Fatal(err.Error())
}
}
func verifySshKeyPair(kp sshKeyPair) error {
signer, err := ssh.ParsePrivateKey(kp.PrivateKeyPemBlock())
if err != nil {
return errors.New("failed to parse private key during verification - " + err.Error())
}
data := []byte{'b', 'r', '4', 'n', '3'}
signature, err := signer.Sign(rand.Reader, data)
if err != nil {
return errors.New("failed to sign test data during verification - " + err.Error())
}
err = signer.PublicKey().Verify(data, signature)
if err != nil {
return errors.New("failed to verify test data - " + err.Error())
}
return nil
}