3f4ec783d2
* Commenting out unused functions. TODO: remove when it is not needed * Update README with namespace and template example * Adding note about changing the record name format via a template * Adding test scripts to automate k8s startup * Automating k8s namespace creation * Adding automation to start 4 k8s services * Updating documentation for k8s tests * Avoid downloading kubectl if already exists * Adding debug statement when namespace is not exposed. * Adding basic kubernetes integration tests * Makefile now contains a "testk8s" target. This target requires k8s to be running. * Adding test/kubernetes_test.go file with a couple of basic A record tests. * Updating k8s integration tests to only run k8s integration tests * Adding support for namespace wildcards * Refactoring to move filtering logic to kubernetes.go file * go fmt fixes * Adding wildcard support for namespaces and service names * Kubernetes integration tests updated for A records. * Expanded record name assembly for answer section not yet implemented. * Refactoring to focus k8sclient code just on accessing k8s API. Filtering now handled in kubernetes.go * Adding wildcard test cases * Adding skydns startup script. (To allow side by side testing of wildcards.) * Commenting out record name assmebly based on NameTemplate. Need to improve template before this makes sense. * Adding basic SRV integration tests * Need to add verification for additional answer section * Fixing comments and formatting * Moving wildcard constants to vars * Travis test execution appears to be failing on access to these constants * Fixing access to util package * Trying to work around Travis test bug * Reverting to access kubernetes/util as "util" Travis breakage is due to "Infoblox-CTO" in src path
111 lines
2.6 KiB
Go
111 lines
2.6 KiB
Go
package https
|
|
|
|
import (
|
|
"bytes"
|
|
"crypto"
|
|
"crypto/ecdsa"
|
|
"crypto/elliptic"
|
|
"crypto/rand"
|
|
"crypto/rsa"
|
|
"crypto/x509"
|
|
"os"
|
|
"runtime"
|
|
"testing"
|
|
)
|
|
|
|
func TestSaveAndLoadRSAPrivateKey(t *testing.T) {
|
|
keyFile := "test.key"
|
|
defer os.Remove(keyFile)
|
|
|
|
privateKey, err := rsa.GenerateKey(rand.Reader, 2048)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
|
|
// test save
|
|
err = savePrivateKey(privateKey, keyFile)
|
|
if err != nil {
|
|
t.Fatal("error saving private key:", err)
|
|
}
|
|
|
|
// it doesn't make sense to test file permission on windows
|
|
if runtime.GOOS != "windows" {
|
|
// get info of the key file
|
|
info, err := os.Stat(keyFile)
|
|
if err != nil {
|
|
t.Fatal("error stating private key:", err)
|
|
}
|
|
// verify permission of key file is correct
|
|
if info.Mode().Perm() != 0600 {
|
|
t.Error("Expected key file to have permission 0600, but it wasn't")
|
|
}
|
|
}
|
|
|
|
// test load
|
|
loadedKey, err := loadPrivateKey(keyFile)
|
|
if err != nil {
|
|
t.Error("error loading private key:", err)
|
|
}
|
|
|
|
// verify loaded key is correct
|
|
if !PrivateKeysSame(privateKey, loadedKey) {
|
|
t.Error("Expected key bytes to be the same, but they weren't")
|
|
}
|
|
}
|
|
|
|
func TestSaveAndLoadECCPrivateKey(t *testing.T) {
|
|
keyFile := "test.key"
|
|
defer os.Remove(keyFile)
|
|
|
|
privateKey, err := ecdsa.GenerateKey(elliptic.P384(), rand.Reader)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
|
|
// test save
|
|
err = savePrivateKey(privateKey, keyFile)
|
|
if err != nil {
|
|
t.Fatal("error saving private key:", err)
|
|
}
|
|
|
|
// it doesn't make sense to test file permission on windows
|
|
if runtime.GOOS != "windows" {
|
|
// get info of the key file
|
|
info, err := os.Stat(keyFile)
|
|
if err != nil {
|
|
t.Fatal("error stating private key:", err)
|
|
}
|
|
// verify permission of key file is correct
|
|
if info.Mode().Perm() != 0600 {
|
|
t.Error("Expected key file to have permission 0600, but it wasn't")
|
|
}
|
|
}
|
|
|
|
// test load
|
|
loadedKey, err := loadPrivateKey(keyFile)
|
|
if err != nil {
|
|
t.Error("error loading private key:", err)
|
|
}
|
|
|
|
// verify loaded key is correct
|
|
if !PrivateKeysSame(privateKey, loadedKey) {
|
|
t.Error("Expected key bytes to be the same, but they weren't")
|
|
}
|
|
}
|
|
|
|
// PrivateKeysSame compares the bytes of a and b and returns true if they are the same.
|
|
func PrivateKeysSame(a, b crypto.PrivateKey) bool {
|
|
return bytes.Equal(PrivateKeyBytes(a), PrivateKeyBytes(b))
|
|
}
|
|
|
|
// PrivateKeyBytes returns the bytes of DER-encoded key.
|
|
func PrivateKeyBytes(key crypto.PrivateKey) []byte {
|
|
var keyBytes []byte
|
|
switch key := key.(type) {
|
|
case *rsa.PrivateKey:
|
|
keyBytes = x509.MarshalPKCS1PrivateKey(key)
|
|
case *ecdsa.PrivateKey:
|
|
keyBytes, _ = x509.MarshalECPrivateKey(key)
|
|
}
|
|
return keyBytes
|
|
}
|