diff options
author | Christopher Speller <crspeller@gmail.com> | 2016-10-03 16:03:15 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2016-10-03 16:03:15 -0400 |
commit | 8f91c777559748fa6e857d9fc1f4ae079a532813 (patch) | |
tree | 190f7cef373764a0d47a91045fdb486ee3d6781d /vendor/gopkg.in/square/go-jose.v1/utils_test.go | |
parent | 5f8e5c401bd96cba9a98b2db02d72f9cbacb0103 (diff) | |
download | chat-8f91c777559748fa6e857d9fc1f4ae079a532813.tar.gz chat-8f91c777559748fa6e857d9fc1f4ae079a532813.tar.bz2 chat-8f91c777559748fa6e857d9fc1f4ae079a532813.zip |
Adding ability to serve TLS directly from Mattermost server (#4119)
Diffstat (limited to 'vendor/gopkg.in/square/go-jose.v1/utils_test.go')
-rw-r--r-- | vendor/gopkg.in/square/go-jose.v1/utils_test.go | 225 |
1 files changed, 225 insertions, 0 deletions
diff --git a/vendor/gopkg.in/square/go-jose.v1/utils_test.go b/vendor/gopkg.in/square/go-jose.v1/utils_test.go new file mode 100644 index 000000000..6ad622da7 --- /dev/null +++ b/vendor/gopkg.in/square/go-jose.v1/utils_test.go @@ -0,0 +1,225 @@ +/*- + * Copyright 2014 Square Inc. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package jose + +import ( + "crypto/ecdsa" + "crypto/rand" + "crypto/rsa" + "encoding/base64" + "encoding/hex" + "math/big" + "regexp" + "testing" +) + +// Reset random reader to original value +func resetRandReader() { + randReader = rand.Reader +} + +// Build big int from hex-encoded string. Strips whitespace (for testing). +func fromHexInt(base16 string) *big.Int { + re := regexp.MustCompile(`\s+`) + val, ok := new(big.Int).SetString(re.ReplaceAllString(base16, ""), 16) + if !ok { + panic("Invalid test data") + } + return val +} + +// Build big int from base64-encoded string. Strips whitespace (for testing). +func fromBase64Int(base64 string) *big.Int { + re := regexp.MustCompile(`\s+`) + val, err := base64URLDecode(re.ReplaceAllString(base64, "")) + if err != nil { + panic("Invalid test data") + } + return new(big.Int).SetBytes(val) +} + +// Decode hex-encoded string into byte array. Strips whitespace (for testing). +func fromHexBytes(base16 string) []byte { + re := regexp.MustCompile(`\s+`) + val, err := hex.DecodeString(re.ReplaceAllString(base16, "")) + if err != nil { + panic("Invalid test data") + } + return val +} + +// Decode base64-encoded string into byte array. Strips whitespace (for testing). +func fromBase64Bytes(b64 string) []byte { + re := regexp.MustCompile(`\s+`) + val, err := base64.StdEncoding.DecodeString(re.ReplaceAllString(b64, "")) + if err != nil { + panic("Invalid test data") + } + return val +} + +// Test vectors below taken from crypto/x509/x509_test.go in the Go std lib. + +var pkixPublicKey = `-----BEGIN PUBLIC KEY----- +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3VoPN9PKUjKFLMwOge6+ +wnDi8sbETGIx2FKXGgqtAKpzmem53kRGEQg8WeqRmp12wgp74TGpkEXsGae7RS1k +enJCnma4fii+noGH7R0qKgHvPrI2Bwa9hzsH8tHxpyM3qrXslOmD45EH9SxIDUBJ +FehNdaPbLP1gFyahKMsdfxFJLUvbUycuZSJ2ZnIgeVxwm4qbSvZInL9Iu4FzuPtg +fINKcbbovy1qq4KvPIrXzhbY3PWDc6btxCf3SE0JdE1MCPThntB62/bLMSQ7xdDR +FF53oIpvxe/SCOymfWq/LW849Ytv3Xwod0+wzAP8STXG4HSELS4UedPYeHJJJYcZ ++QIDAQAB +-----END PUBLIC KEY-----` + +var pkcs1PrivateKey = `-----BEGIN RSA PRIVATE KEY----- +MIIBOgIBAAJBALKZD0nEffqM1ACuak0bijtqE2QrI/KLADv7l3kK3ppMyCuLKoF0 +fd7Ai2KW5ToIwzFofvJcS/STa6HA5gQenRUCAwEAAQJBAIq9amn00aS0h/CrjXqu +/ThglAXJmZhOMPVn4eiu7/ROixi9sex436MaVeMqSNf7Ex9a8fRNfWss7Sqd9eWu +RTUCIQDasvGASLqmjeffBNLTXV2A5g4t+kLVCpsEIZAycV5GswIhANEPLmax0ME/ +EO+ZJ79TJKN5yiGBRsv5yvx5UiHxajEXAiAhAol5N4EUyq6I9w1rYdhPMGpLfk7A +IU2snfRJ6Nq2CQIgFrPsWRCkV+gOYcajD17rEqmuLrdIRexpg8N1DOSXoJ8CIGlS +tAboUGBxTDq3ZroNism3DaMIbKPyYrAqhKov1h5V +-----END RSA PRIVATE KEY-----` + +var ecdsaSHA256p384CertPem = ` +-----BEGIN CERTIFICATE----- +MIICSjCCAdECCQDje/no7mXkVzAKBggqhkjOPQQDAjCBjjELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDU1vdW50YWluIFZpZXcxFDAS +BgNVBAoMC0dvb2dsZSwgSW5jMRcwFQYDVQQDDA53d3cuZ29vZ2xlLmNvbTEjMCEG +CSqGSIb3DQEJARYUZ29sYW5nLWRldkBnbWFpbC5jb20wHhcNMTIwNTIxMDYxMDM0 +WhcNMjIwNTE5MDYxMDM0WjCBjjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlm +b3JuaWExFjAUBgNVBAcMDU1vdW50YWluIFZpZXcxFDASBgNVBAoMC0dvb2dsZSwg +SW5jMRcwFQYDVQQDDA53d3cuZ29vZ2xlLmNvbTEjMCEGCSqGSIb3DQEJARYUZ29s +YW5nLWRldkBnbWFpbC5jb20wdjAQBgcqhkjOPQIBBgUrgQQAIgNiAARRuzRNIKRK +jIktEmXanNmrTR/q/FaHXLhWRZ6nHWe26Fw7Rsrbk+VjGy4vfWtNn7xSFKrOu5ze +qxKnmE0h5E480MNgrUiRkaGO2GMJJVmxx20aqkXOk59U8yGA4CghE6MwCgYIKoZI +zj0EAwIDZwAwZAIwBZEN8gvmRmfeP/9C1PRLzODIY4JqWub2PLRT4mv9GU+yw3Gr +PU9A3CHMdEcdw/MEAjBBO1lId8KOCh9UZunsSMfqXiVurpzmhWd6VYZ/32G+M+Mh +3yILeYQzllt/g0rKVRk= +-----END CERTIFICATE-----` + +var ecdsaSHA256p384CertDer = fromBase64Bytes(` +MIICSjCCAdECCQDje/no7mXkVzAKBggqhkjOPQQDAjCBjjELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDU1vdW50YWluIFZpZXcxFDAS +BgNVBAoMC0dvb2dsZSwgSW5jMRcwFQYDVQQDDA53d3cuZ29vZ2xlLmNvbTEjMCEG +CSqGSIb3DQEJARYUZ29sYW5nLWRldkBnbWFpbC5jb20wHhcNMTIwNTIxMDYxMDM0 +WhcNMjIwNTE5MDYxMDM0WjCBjjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlm +b3JuaWExFjAUBgNVBAcMDU1vdW50YWluIFZpZXcxFDASBgNVBAoMC0dvb2dsZSwg +SW5jMRcwFQYDVQQDDA53d3cuZ29vZ2xlLmNvbTEjMCEGCSqGSIb3DQEJARYUZ29s +YW5nLWRldkBnbWFpbC5jb20wdjAQBgcqhkjOPQIBBgUrgQQAIgNiAARRuzRNIKRK +jIktEmXanNmrTR/q/FaHXLhWRZ6nHWe26Fw7Rsrbk+VjGy4vfWtNn7xSFKrOu5ze +qxKnmE0h5E480MNgrUiRkaGO2GMJJVmxx20aqkXOk59U8yGA4CghE6MwCgYIKoZI +zj0EAwIDZwAwZAIwBZEN8gvmRmfeP/9C1PRLzODIY4JqWub2PLRT4mv9GU+yw3Gr +PU9A3CHMdEcdw/MEAjBBO1lId8KOCh9UZunsSMfqXiVurpzmhWd6VYZ/32G+M+Mh +3yILeYQzllt/g0rKVRk=`) + +var pkcs8ECPrivateKey = ` +-----BEGIN PRIVATE KEY----- +MIHtAgEAMBAGByqGSM49AgEGBSuBBAAjBIHVMIHSAgEBBEHqkl65VsjYDQWIHfgv +zQLPa0JZBsaJI16mjiH8k6VA4lgfK/KNldlEsY433X7wIzo43u8OpX7Nv7n8pVRH +15XWK6GBiQOBhgAEAfDuikMI4bWsyse7t8iSCmjt9fneW/qStZuIPuVLo7mSJdud +Cs3J/x9wOnnhLv1u+0atnq5HKKdL4ff3itJPlhmSAQzByKQ5LTvB7d6fn95GJVK/ +hNuS5qGBpB7qeMXVFoki0/2RZIOway8/fXjmNYwe4v/XB5LLn4hcTvEUGYcF8M9K +-----END PRIVATE KEY-----` + +var ecPrivateKey = ` +-----BEGIN EC PRIVATE KEY----- +MIHcAgEBBEIBv2rdY9mWGD/UgiuXB0LJcUzgaB6TXq/Ra1jrZKBV3IGSacM5QDFu +N8yrywiQaTDEqn1zVcLwrnqoQux3gWN1jxugBwYFK4EEACOhgYkDgYYABAFJgaM/ +2a3+gE6Khm/1PYftqNwAzQ21HSLp27q2lTN+GBFho691ARFRkr9UzlQ8gRnhkTbu +yGfASamlHsYlr3Tv+gFc4BY8SU0q8kzpQ0dOHWFk7dfGFmKwhJrSFIIOeRn/LY03 +XsVFctNDsGhobS2JguQrxhGx8Ll7vQCakV/PEmCQJA== +-----END EC PRIVATE KEY-----` + +var ecPrivateKeyDer = fromBase64Bytes(` +MIHcAgEBBEIBv2rdY9mWGD/UgiuXB0LJcUzgaB6TXq/Ra1jrZKBV3IGSacM5QDFu +N8yrywiQaTDEqn1zVcLwrnqoQux3gWN1jxugBwYFK4EEACOhgYkDgYYABAFJgaM/ +2a3+gE6Khm/1PYftqNwAzQ21HSLp27q2lTN+GBFho691ARFRkr9UzlQ8gRnhkTbu +yGfASamlHsYlr3Tv+gFc4BY8SU0q8kzpQ0dOHWFk7dfGFmKwhJrSFIIOeRn/LY03 +XsVFctNDsGhobS2JguQrxhGx8Ll7vQCakV/PEmCQJA==`) + +var invalidPemKey = ` +-----BEGIN PUBLIC KEY----- +MIHcAgEBBEIBv2rdY9mWGD/UgiuXB0LJcUzgaB6TXq/Ra1jrZKBV3IGSacM5QDFu +XsVFctNDsGhobS2JguQrxhGx8Ll7vQCakV/PEmCQJA== +-----END PUBLIC KEY-----` + +func TestLoadPublicKey(t *testing.T) { + pub, err := LoadPublicKey([]byte(pkixPublicKey)) + switch pub.(type) { + case *rsa.PublicKey: + default: + t.Error("failed to parse RSA PKIX public key:", err) + } + + pub, err = LoadPublicKey([]byte(ecdsaSHA256p384CertPem)) + switch pub.(type) { + case *ecdsa.PublicKey: + default: + t.Error("failed to parse ECDSA X.509 cert:", err) + } + + pub, err = LoadPublicKey([]byte(ecdsaSHA256p384CertDer)) + switch pub.(type) { + case *ecdsa.PublicKey: + default: + t.Error("failed to parse ECDSA X.509 cert:", err) + } + + pub, err = LoadPublicKey([]byte("###")) + if err == nil { + t.Error("should not parse invalid key") + } + + pub, err = LoadPublicKey([]byte(invalidPemKey)) + if err == nil { + t.Error("should not parse invalid key") + } +} + +func TestLoadPrivateKey(t *testing.T) { + priv, err := LoadPrivateKey([]byte(pkcs1PrivateKey)) + switch priv.(type) { + case *rsa.PrivateKey: + default: + t.Error("failed to parse RSA PKCS1 private key:", err) + } + + priv, err = LoadPrivateKey([]byte(pkcs8ECPrivateKey)) + if _, ok := priv.(*ecdsa.PrivateKey); !ok { + t.Error("failed to parse EC PKCS8 private key:", err) + } + + priv, err = LoadPrivateKey([]byte(ecPrivateKey)) + if _, ok := priv.(*ecdsa.PrivateKey); !ok { + t.Error("failed to parse EC private key:", err) + } + + priv, err = LoadPrivateKey([]byte(ecPrivateKeyDer)) + if _, ok := priv.(*ecdsa.PrivateKey); !ok { + t.Error("failed to parse EC private key:", err) + } + + priv, err = LoadPrivateKey([]byte("###")) + if err == nil { + t.Error("should not parse invalid key") + } + + priv, err = LoadPrivateKey([]byte(invalidPemKey)) + if err == nil { + t.Error("should not parse invalid key") + } +} |