Blame - src/crypto/x509/pem_decrypt_test.go - platform/prebuilts/go/linux-x86

blob: 13e4700bddade6007081b4ac0d20e8aa1d064178 [file] [log] [blame]

Colin Cross	7bb052a	2015-02-03 12:59:37 -0800	[diff] [blame^]	1	// Copyright 2012 The Go Authors. All rights reserved.
				2	// Use of this source code is governed by a BSD-style
				3	// license that can be found in the LICENSE file.
				4
				5	package x509
				6
				7	import (
				8	"bytes"
				9	"crypto/rand"
				10	"encoding/base64"
				11	"encoding/pem"
				12	"testing"
				13	)
				14
				15	func TestDecrypt(t *testing.T) {
				16	for i, data := range testData {
				17	t.Logf("test %v. %v", i, data.kind)
				18	block, rest := pem.Decode(data.pemData)
				19	if len(rest) > 0 {
				20	t.Error("extra data")
				21	}
				22	der, err := DecryptPEMBlock(block, data.password)
				23	if err != nil {
				24	t.Error("decrypt failed: ", err)
				25	continue
				26	}
				27	if _, err := ParsePKCS1PrivateKey(der); err != nil {
				28	t.Error("invalid private key: ", err)
				29	}
				30	plainDER, err := base64.StdEncoding.DecodeString(data.plainDER)
				31	if err != nil {
				32	t.Fatal("cannot decode test DER data: ", err)
				33	}
				34	if !bytes.Equal(der, plainDER) {
				35	t.Error("data mismatch")
				36	}
				37	}
				38	}
				39
				40	func TestEncrypt(t *testing.T) {
				41	for i, data := range testData {
				42	t.Logf("test %v. %v", i, data.kind)
				43	plainDER, err := base64.StdEncoding.DecodeString(data.plainDER)
				44	if err != nil {
				45	t.Fatal("cannot decode test DER data: ", err)
				46	}
				47	password := []byte("kremvax1")
				48	block, err := EncryptPEMBlock(rand.Reader, "RSA PRIVATE KEY", plainDER, password, data.kind)
				49	if err != nil {
				50	t.Error("encrypt: ", err)
				51	continue
				52	}
				53	if !IsEncryptedPEMBlock(block) {
				54	t.Error("PEM block does not appear to be encrypted")
				55	}
				56	if block.Type != "RSA PRIVATE KEY" {
				57	t.Errorf("unexpected block type; got %q want %q", block.Type, "RSA PRIVATE KEY")
				58	}
				59	if block.Headers["Proc-Type"] != "4,ENCRYPTED" {
				60	t.Errorf("block does not have correct Proc-Type header")
				61	}
				62	der, err := DecryptPEMBlock(block, password)
				63	if err != nil {
				64	t.Error("decrypt: ", err)
				65	continue
				66	}
				67	if !bytes.Equal(der, plainDER) {
				68	t.Errorf("data mismatch")
				69	}
				70	}
				71	}
				72
				73	var testData = []struct {
				74	kind PEMCipher
				75	password []byte
				76	pemData []byte
				77	plainDER string
				78	}{
				79	{
				80	kind: PEMCipherDES,
				81	password: []byte("asdf"),
				82	pemData: []byte(`
				83	-----BEGIN RSA PRIVATE KEY-----
				84	Proc-Type: 4,ENCRYPTED
				85	DEK-Info: DES-CBC,34F09A4FC8DE22B5
				86
				87	WXxy8kbZdiZvANtKvhmPBLV7eVFj2A5z6oAxvI9KGyhG0ZK0skfnt00C24vfU7m5
				88	ICXeoqP67lzJ18xCzQfHjDaBNs53DSDT+Iz4e8QUep1xQ30+8QKX2NA2coee3nwc
				89	6oM1cuvhNUDemBH2i3dKgMVkfaga0zQiiOq6HJyGSncCMSruQ7F9iWEfRbFcxFCx
				90	qtHb1kirfGKEtgWTF+ynyco6+2gMXNu70L7nJcnxnV/RLFkHt7AUU1yrclxz7eZz
				91	XOH9VfTjb52q/I8Suozq9coVQwg4tXfIoYUdT//O+mB7zJb9HI9Ps77b9TxDE6Gm
				92	4C9brwZ3zg2vqXcwwV6QRZMtyll9rOpxkbw6NPlpfBqkc3xS51bbxivbO/Nve4KD
				93	r12ymjFNF4stXCfJnNqKoZ50BHmEEUDu5Wb0fpVn82XrGw7CYc4iug==
				94	-----END RSA PRIVATE KEY-----`),
				95	plainDER: `
				96	MIIBPAIBAAJBAPASZe+tCPU6p80AjHhDkVsLYa51D35e/YGa8QcZyooeZM8EHozo
				97	KD0fNiKI+53bHdy07N+81VQ8/ejPcRoXPlsCAwEAAQJBAMTxIuSq27VpR+zZ7WJf
				98	c6fvv1OBvpMZ0/d1pxL/KnOAgq2rD5hDtk9b0LGhTPgQAmrrMTKuSeGoIuYE+gKQ
				99	QvkCIQD+GC1m+/do+QRurr0uo46Kx1LzLeSCrjBk34wiOp2+dwIhAPHfTLRXS2fv
				100	7rljm0bYa4+eDZpz+E8RcXEgzhhvcQQ9AiAI5eHZJGOyml3MXnQjiPi55WcDOw0w
				101	glcRgT6QCEtz2wIhANSyqaFtosIkHKqrDUGfz/bb5tqMYTAnBruVPaf/WEOBAiEA
				102	9xORWeRG1tRpso4+dYy4KdDkuLPIO01KY6neYGm3BCM=`,
				103	},
				104	{
				105	kind: PEMCipher3DES,
				106	password: []byte("asdf"),
				107	pemData: []byte(`
				108	-----BEGIN RSA PRIVATE KEY-----
				109	Proc-Type: 4,ENCRYPTED
				110	DEK-Info: DES-EDE3-CBC,C1F4A6A03682C2C7
				111
				112	0JqVdBEH6iqM7drTkj+e2W/bE3LqakaiWhb9WUVonFkhyu8ca/QzebY3b5gCvAZQ
				113	YwBvDcT/GHospKqPx+cxDHJNsUASDZws6bz8ZXWJGwZGExKzr0+Qx5fgXn44Ms3x
				114	8g1ENFuTXtxo+KoNK0zuAMAqp66Llcds3Fjl4XR18QaD0CrVNAfOdgATWZm5GJxk
				115	Fgx5f84nT+/ovvreG+xeOzWgvtKo0UUZVrhGOgfKLpa57adumcJ6SkUuBtEFpZFB
				116	ldw5w7WC7d13x2LsRkwo8ZrDKgIV+Y9GNvhuCCkTzNP0V3gNeJpd201HZHR+9n3w
				117	3z0VjR/MGqsfcy1ziEWMNOO53At3zlG6zP05aHMnMcZoVXadEK6L1gz++inSSDCq
				118	gI0UJP4e3JVB7AkgYymYAwiYALAkoEIuanxoc50njJk=
				119	-----END RSA PRIVATE KEY-----`),
				120	plainDER: `
				121	MIIBOwIBAAJBANOCXKdoNS/iP/MAbl9cf1/SF3P+Ns7ZeNL27CfmDh0O6Zduaax5
				122	NBiumd2PmjkaCu7lQ5JOibHfWn+xJsc3kw0CAwEAAQJANX/W8d1Q/sCqzkuAn4xl
				123	B5a7qfJWaLHndu1QRLNTRJPn0Ee7OKJ4H0QKOhQM6vpjRrz+P2u9thn6wUxoPsef
				124	QQIhAP/jCkfejFcy4v15beqKzwz08/tslVjF+Yq41eJGejmxAiEA05pMoqfkyjcx
				125	fyvGhpoOyoCp71vSGUfR2I9CR65oKh0CIC1Msjs66LlfJtQctRq6bCEtFCxEcsP+
				126	eEjYo/Sk6WphAiEAxpgWPMJeU/shFT28gS+tmhjPZLpEoT1qkVlC14u0b3ECIQDX
				127	tZZZxCtPAm7shftEib0VU77Lk8MsXJcx2C4voRsjEw==`,
				128	},
				129	{
				130	kind: PEMCipherAES128,
				131	password: []byte("asdf"),
				132	pemData: []byte(`
				133	-----BEGIN RSA PRIVATE KEY-----
				134	Proc-Type: 4,ENCRYPTED
				135	DEK-Info: AES-128-CBC,D4492E793FC835CC038A728ED174F78A
				136
				137	EyfQSzXSjv6BaNH+NHdXRlkHdimpF9izWlugVJAPApgXrq5YldPe2aGIOFXyJ+QE
				138	ZIG20DYqaPzJRjTEbPNZ6Es0S2JJ5yCpKxwJuDkgJZKtF39Q2i36JeGbSZQIuWJE
				139	GZbBpf1jDH/pr0iGonuAdl2PCCZUiy+8eLsD2tyviHUkFLOB+ykYoJ5t8ngZ/B6D
				140	33U43LLb7+9zD4y3Q9OVHqBFGyHcxCY9+9Qh4ZnFp7DTf6RY5TNEvE3s4g6aDpBs
				141	3NbvRVvYTgs8K9EPk4K+5R+P2kD8J8KvEIGxVa1vz8QoCJ/jr7Ka2rvNgPCex5/E
				142	080LzLHPCrXKdlr/f50yhNWq08ZxMWQFkui+FDHPDUaEELKAXV8/5PDxw80Rtybo
				143	AVYoCVIbZXZCuCO81op8UcOgEpTtyU5Lgh3Mw5scQL0=
				144	-----END RSA PRIVATE KEY-----`),
				145	plainDER: `
				146	MIIBOgIBAAJBAMBlj5FxYtqbcy8wY89d/S7n0+r5MzD9F63BA/Lpl78vQKtdJ5dT
				147	cDGh/rBt1ufRrNp0WihcmZi7Mpl/3jHjiWECAwEAAQJABNOHYnKhtDIqFYj1OAJ3
				148	k3GlU0OlERmIOoeY/cL2V4lgwllPBEs7r134AY4wMmZSBUj8UR/O4SNO668ElKPE
				149	cQIhAOuqY7/115x5KCdGDMWi+jNaMxIvI4ETGwV40ykGzqlzAiEA0P9oEC3m9tHB
				150	kbpjSTxaNkrXxDgdEOZz8X0uOUUwHNsCIAwzcSCiGLyYJTULUmP1ESERfW1mlV78
				151	XzzESaJpIM/zAiBQkSTcl9VhcJreQqvjn5BnPZLP4ZHS4gPwJAGdsj5J4QIhAOVR
				152	B3WlRNTXR2WsJ5JdByezg9xzdXzULqmga0OE339a`,
				153	},
				154	{
				155	kind: PEMCipherAES192,
				156	password: []byte("asdf"),
				157	pemData: []byte(`
				158	-----BEGIN RSA PRIVATE KEY-----
				159	Proc-Type: 4,ENCRYPTED
				160	DEK-Info: AES-192-CBC,E2C9FB02BCA23ADE1829F8D8BC5F5369
				161
				162	cqVslvHqDDM6qwU6YjezCRifXmKsrgEev7ng6Qs7UmDJOpHDgJQZI9fwMFUhIyn5
				163	FbCu1SHkLMW52Ld3CuEqMnzWMlhPrW8tFvUOrMWPYSisv7nNq88HobZEJcUNL2MM
				164	Y15XmHW6IJwPqhKyLHpWXyOCVEh4ODND2nV15PCoi18oTa475baxSk7+1qH7GuIs
				165	Rb7tshNTMqHbCpyo9Rn3UxeFIf9efdl8YLiMoIqc7J8E5e9VlbeQSdLMQOgDAQJG
				166	ReUtTw8exmKsY4gsSjhkg5uiw7/ZB1Ihto0qnfQJgjGc680qGkT1d6JfvOfeYAk6
				167	xn5RqS/h8rYAYm64KnepfC9vIujo4NqpaREDmaLdX5MJPQ+SlytITQvgUsUq3q/t
				168	Ss85xjQEZH3hzwjQqdJvmA4hYP6SUjxYpBM+02xZ1Xw=
				169	-----END RSA PRIVATE KEY-----`),
				170	plainDER: `
				171	MIIBOwIBAAJBAMGcRrZiNNmtF20zyS6MQ7pdGx17aFDl+lTl+qnLuJRUCMUG05xs
				172	OmxmL/O1Qlf+bnqR8Bgg65SfKg21SYuLhiMCAwEAAQJBAL94uuHyO4wux2VC+qpj
				173	IzPykjdU7XRcDHbbvksf4xokSeUFjjD3PB0Qa83M94y89ZfdILIqS9x5EgSB4/lX
				174	qNkCIQD6cCIqLfzq/lYbZbQgAAjpBXeQVYsbvVtJrPrXJAlVVQIhAMXpDKMeFPMn
				175	J0g2rbx1gngx0qOa5r5iMU5w/noN4W2XAiBjf+WzCG5yFvazD+dOx3TC0A8+4x3P
				176	uZ3pWbaXf5PNuQIgAcdXarvhelH2w2piY1g3BPeFqhzBSCK/yLGxR82KIh8CIQDD
				177	+qGKsd09NhQ/G27y/DARzOYtml1NvdmCQAgsDIIOLA==`,
				178	},
				179	{
				180	kind: PEMCipherAES256,
				181	password: []byte("asdf"),
				182	pemData: []byte(`
				183	-----BEGIN RSA PRIVATE KEY-----
				184	Proc-Type: 4,ENCRYPTED
				185	DEK-Info: AES-256-CBC,8E7ED5CD731902CE938957A886A5FFBD
				186
				187	4Mxr+KIzRVwoOP0wwq6caSkvW0iS+GE2h2Ov/u+n9ZTMwL83PRnmjfjzBgfRZLVf
				188	JFPXxUK26kMNpIdssNnqGOds+DhB+oSrsNKoxgxSl5OBoYv9eJTVYm7qOyAFIsjr
				189	DRKAcjYCmzfesr7PVTowwy0RtHmYwyXMGDlAzzZrEvaiySFFmMyKKvtoavwaFoc7
				190	Pz3RZScwIuubzTGJ1x8EzdffYOsdCa9Mtgpp3L136+23dOd6L/qK2EG2fzrJSHs/
				191	2XugkleBFSMKzEp9mxXKRfa++uidQvMZTFLDK9w5YjrRvMBo/l2BoZIsq0jAIE1N
				192	sv5Z/KwlX+3MDEpPQpUwGPlGGdLnjI3UZ+cjgqBcoMiNc6HfgbBgYJSU6aDSHuCk
				193	clCwByxWkBNgJ2GrkwNrF26v+bGJJJNR4SKouY1jQf0=
				194	-----END RSA PRIVATE KEY-----`),
				195	plainDER: `
				196	MIIBOgIBAAJBAKy3GFkstoCHIEeUU/qO8207m8WSrjksR+p9B4tf1w5k+2O1V/GY
				197	AQ5WFCApItcOkQe/I0yZZJk/PmCqMzSxrc8CAwEAAQJAOCAz0F7AW9oNelVQSP8F
				198	Sfzx7O1yom+qWyAQQJF/gFR11gpf9xpVnnyu1WxIRnDUh1LZwUsjwlDYb7MB74id
				199	oQIhANPcOiLwOPT4sIUpRM5HG6BF1BI7L77VpyGVk8xNP7X/AiEA0LMHZtk4I+lJ
				200	nClgYp4Yh2JZ1Znbu7IoQMCEJCjwKDECIGd8Dzm5tViTkUW6Hs3Tlf73nNs65duF
				201	aRnSglss8I3pAiEAonEnKruawgD8RavDFR+fUgmQiPz4FnGGeVgfwpGG1JECIBYq
				202	PXHYtPqxQIbD2pScR5qum7iGUh11lEUPkmt+2uqS`,
				203	},
				204	{
				205	// generated with:
				206	// openssl genrsa -aes128 -passout pass:asdf -out server.orig.key 128
				207	kind: PEMCipherAES128,
				208	password: []byte("asdf"),
				209	pemData: []byte(`
				210	-----BEGIN RSA PRIVATE KEY-----
				211	Proc-Type: 4,ENCRYPTED
				212	DEK-Info: AES-128-CBC,74611ABC2571AF11B1BF9B69E62C89E7
				213
				214	6ei/MlytjE0FFgZOGQ+jrwomKfpl8kdefeE0NSt/DMRrw8OacHAzBNi3pPEa0eX3
				215	eND9l7C9meCirWovjj9QWVHrXyugFuDIqgdhQ8iHTgCfF3lrmcttVrbIfMDw+smD
				216	hTP8O1mS/MHl92NE0nhv0w==
				217	-----END RSA PRIVATE KEY-----`),
				218	plainDER: `
				219	MGMCAQACEQC6ssxmYuauuHGOCDAI54RdAgMBAAECEQCWIn6Yv2O+kBcDF7STctKB
				220	AgkA8SEfu/2i3g0CCQDGNlXbBHX7kQIIK3Ww5o0cYbECCQDCimPb0dYGsQIIeQ7A
				221	jryIst8=`,
				222	},
				223	}