-
Notifications
You must be signed in to change notification settings - Fork 103
/
lib_test.go
99 lines (85 loc) · 2.98 KB
/
lib_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
package openssh
import (
"crypto/ecdsa"
"crypto/ed25519"
"crypto/elliptic"
"crypto/rand"
"crypto/rsa"
"encoding/pem"
"testing"
"golang.org/x/crypto/ssh"
)
func TestOpenSSHFormat_MarshalAndUnmarshal_RSA(t *testing.T) {
// Given an RSA private key
rsaOrig, err := rsa.GenerateKey(rand.Reader, 4096)
if err != nil {
t.Errorf("Failed to generate RSA private key: %v", err)
}
// Marshal it to OpenSSH PEM format
pemOpenSSHPrvKey, err := MarshalPrivateKey(rsaOrig, "")
if err != nil {
t.Errorf("Failed to marshal RSA private key to OpenSSH PEM: %v", err)
}
pemOpenSSHPrvKeyBytes := pem.EncodeToMemory(pemOpenSSHPrvKey)
// Parse it back into an RSA private key
rawPrivateKey, _ := ssh.ParseRawPrivateKey(pemOpenSSHPrvKeyBytes)
rsaParsed, ok := rawPrivateKey.(*rsa.PrivateKey)
if !ok {
t.Errorf("Failed to type assert RSA private key: %v", rawPrivateKey)
}
// Confirm RSA is valid
err = rsaParsed.Validate()
if err != nil {
t.Errorf("Parsed RSA private key is not valid: %v", err)
}
// Confirm it matches the original key by comparing the public ones
if !rsaParsed.Equal(rsaOrig) {
t.Errorf("Parsed RSA private key doesn't match the original")
}
}
func TestOpenSSHFormat_MarshalAndUnmarshal_ECDSA(t *testing.T) {
// Given an ECDSA private key
ecdsaOrig, err := ecdsa.GenerateKey(elliptic.P521(), rand.Reader)
if err != nil {
t.Errorf("Failed to generate ECDSA private key: %v", err)
}
// Marshal it to OpenSSH PEM format
pemOpenSSHPrvKey, err := MarshalPrivateKey(ecdsaOrig, "")
if err != nil {
t.Errorf("Failed to marshal ECDSA private key to OpenSSH PEM: %v", err)
}
pemOpenSSHPrvKeyBytes := pem.EncodeToMemory(pemOpenSSHPrvKey)
// Parse it back into an ECDSA private key
rawPrivateKey, _ := ssh.ParseRawPrivateKey(pemOpenSSHPrvKeyBytes)
ecdsaParsed, ok := rawPrivateKey.(*ecdsa.PrivateKey)
if !ok {
t.Errorf("Failed to type assert ECDSA private key: %v", rawPrivateKey)
}
// Confirm it matches the original key by comparing the public ones
if !ecdsaParsed.Equal(ecdsaOrig) {
t.Errorf("Parsed ECDSA private key doesn't match the original")
}
}
func TestOpenSSHFormat_MarshalAndUnmarshal_ED25519(t *testing.T) {
// Given an ED25519 private key
_, ed25519Orig, err := ed25519.GenerateKey(rand.Reader)
if err != nil {
t.Errorf("Failed to generate ED25519 private key: %v", err)
}
// Marshal it to OpenSSH PEM format
pemOpenSSHPrvKey, err := MarshalPrivateKey(ed25519Orig, "")
if err != nil {
t.Errorf("Failed to marshal ED25519 private key to OpenSSH PEM: %v", err)
}
pemOpenSSHPrvKeyBytes := pem.EncodeToMemory(pemOpenSSHPrvKey)
// Parse it back into an ED25519 private key
rawPrivateKey, _ := ssh.ParseRawPrivateKey(pemOpenSSHPrvKeyBytes)
ed25519Parsed, ok := rawPrivateKey.(*ed25519.PrivateKey)
if !ok {
t.Errorf("Failed to type assert ED25519 private key: %v", rawPrivateKey)
}
// Confirm it matches the original key by comparing the public ones
if !ed25519Parsed.Equal(ed25519Orig) {
t.Errorf("Parsed ED25519 private key doesn't match the original")
}
}