Skip to content

Commit

Permalink
Fix TestGetRsaKey running with openssl 1.1
Browse files Browse the repository at this point in the history 
openssl 1.1 generates PKCS#1 (wrapped in RSA PRIVATE KEY block)
while the test was expecting the behavior of more recent openssl
generating PKCS#8 (wrapped in PRIVATE KEY block).

Handle both in the unit test.
  • Loading branch information
@cbosdo
cbosdo committed Dec 13, 2024
1 parent f98118c commit 475d84c
Showing 1 changed file with 10 additions and 2 deletions.
12 changes: 10 additions & 2 deletions shared/ssl/ssl_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -154,8 +154,16 @@ func TestOrderCasChain2(t *testing.T) {
func TestGetRsaKey(t *testing.T) {
key := testutils.ReadFile(t, "testdata/RootCA.key")
actual := string(GetRsaKey(key, "secret"))
if !strings.HasPrefix(actual, "-----BEGIN PRIVATE KEY-----\nMIIEugIBADANBgkqhkiG9w0BAQEFAAS") ||
!strings.HasSuffix(actual, "DKY9SmW6QD+RJwbMc4M=\n-----END PRIVATE KEY-----\n") {

// This is what new openssl would generate
matchingPKCS8 := strings.HasPrefix(actual, "-----BEGIN PRIVATE KEY-----\nMIIEugIBADANBgkqhkiG9w0BAQEFAAS") &&
strings.HasSuffix(actual, "DKY9SmW6QD+RJwbMc4M=\n-----END PRIVATE KEY-----\n")

// This is what older openssl would generate
matchingPKCS1 := strings.HasPrefix(actual, "-----BEGIN RSA PRIVATE KEY-----\nMIIEoAIBAAKCAQEArqQvTR0") &&
strings.HasSuffix(actual, "+3i4RXV4XtWHzmQymPUplukA/kScGzHOD\n-----END RSA PRIVATE KEY-----")

if !matchingPKCS1 && !matchingPKCS8 {
t.Errorf("Unexpected generated RSA key: %s", actual)
}
}

0 comments on commit 475d84c

Please sign in to comment.