caddy/caddy/letsencrypt/crypto_test.go

package letsencrypt

import (
	"bytes"
	"crypto/rand"
	"crypto/rsa"
	"crypto/x509"
	"os"
	"testing"
)

func init() {
	rsaKeySizeToUse = 128 // make tests faster; small key size OK for testing
}

func TestSaveAndLoadRSAPrivateKey(t *testing.T) {
	keyFile := "test.key"
	defer os.Remove(keyFile)

	privateKey, err := rsa.GenerateKey(rand.Reader, rsaKeySizeToUse)
	if err != nil {
		t.Fatal(err)
	}

	// test save
	err = saveRSAPrivateKey(privateKey, keyFile)
	if err != nil {
		t.Fatal("error saving private key:", err)
	}

	// test load
	loadedKey, err := loadRSAPrivateKey(keyFile)
	if err != nil {
		t.Error("error loading private key:", err)
	}

	// very loaded key is correct
	if !rsaPrivateKeysSame(privateKey, loadedKey) {
		t.Error("Expected key bytes to be the same, but they weren't")
	}
}

// rsaPrivateKeysSame compares the bytes of a and b and returns true if they are the same.
func rsaPrivateKeysSame(a, b *rsa.PrivateKey) bool {
	return bytes.Equal(rsaPrivateKeyBytes(a), rsaPrivateKeyBytes(b))
}

// rsaPrivateKeyBytes returns the bytes of DER-encoded key.
func rsaPrivateKeyBytes(key *rsa.PrivateKey) []byte {
	return x509.MarshalPKCS1PrivateKey(key)
}
letsencrypt: Tests for load/save RSA keys and redirPlaintextHost 2015-10-18 13:35:59 +08:00			`package letsencrypt`

			`import (`
			`"bytes"`
			`"crypto/rand"`
			`"crypto/rsa"`
			`"crypto/x509"`
			`"os"`
			`"testing"`
			`)`

letsencrypt: More tests, tests for user.go & slight refactoring 2015-10-19 02:09:06 +08:00			`func init() {`
Minor test improvements 2015-10-28 02:53:31 +08:00			`rsaKeySizeToUse = 128 // make tests faster; small key size OK for testing`
letsencrypt: More tests, tests for user.go & slight refactoring 2015-10-19 02:09:06 +08:00			`}`

letsencrypt: Tests for load/save RSA keys and redirPlaintextHost 2015-10-18 13:35:59 +08:00			`func TestSaveAndLoadRSAPrivateKey(t *testing.T) {`
			`keyFile := "test.key"`
			`defer os.Remove(keyFile)`

Minor test improvements 2015-10-28 02:53:31 +08:00			`privateKey, err := rsa.GenerateKey(rand.Reader, rsaKeySizeToUse)`
letsencrypt: Tests for load/save RSA keys and redirPlaintextHost 2015-10-18 13:35:59 +08:00			`if err != nil {`
			`t.Fatal(err)`
			`}`

			`// test save`
			`err = saveRSAPrivateKey(privateKey, keyFile)`
			`if err != nil {`
			`t.Fatal("error saving private key:", err)`
			`}`

			`// test load`
			`loadedKey, err := loadRSAPrivateKey(keyFile)`
			`if err != nil {`
			`t.Error("error loading private key:", err)`
			`}`

			`// very loaded key is correct`
letsencrypt: More tests, tests for user.go & slight refactoring 2015-10-19 02:09:06 +08:00			`if !rsaPrivateKeysSame(privateKey, loadedKey) {`
letsencrypt: Tests for load/save RSA keys and redirPlaintextHost 2015-10-18 13:35:59 +08:00			`t.Error("Expected key bytes to be the same, but they weren't")`
			`}`
			`}`
letsencrypt: More tests, tests for user.go & slight refactoring 2015-10-19 02:09:06 +08:00
			`// rsaPrivateKeysSame compares the bytes of a and b and returns true if they are the same.`
			`func rsaPrivateKeysSame(a, b *rsa.PrivateKey) bool {`
			`return bytes.Equal(rsaPrivateKeyBytes(a), rsaPrivateKeyBytes(b))`
			`}`
letsencrypt: Fix OCSP stapling and restarts with new LE-capable hosts Before, Caddy couldn't support graceful (zero-downtime) restarts when the reloaded Caddyfile had a host in it that was elligible for a LE certificate because the port was already in use. This commit makes it possible to do zero-downtime reloads and issue certificates for new hosts that need it. Supports only http-01 challenge at this time. OCSP stapling is improved in that it updates before the expiration time when the validity window has shifted forward. See 30c949085cad82d07562ca3403a22513b8fcd440. Before it only used to update when the status changed. This commit also sets the user agent for Let's Encrypt requests with a string containing "Caddy". 2016-01-04 08:05:10 +08:00
			`// rsaPrivateKeyBytes returns the bytes of DER-encoded key.`
			`func rsaPrivateKeyBytes(key *rsa.PrivateKey) []byte {`
			`return x509.MarshalPKCS1PrivateKey(key)`
			`}`