mirror of
https://github.com/pion/webrtc.git
synced 2025-09-27 03:25:58 +08:00
139 lines
3.0 KiB
Go
139 lines
3.0 KiB
Go
// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
|
|
// SPDX-License-Identifier: MIT
|
|
|
|
//go:build !js
|
|
// +build !js
|
|
|
|
package webrtc
|
|
|
|
import (
|
|
"crypto/ecdsa"
|
|
"crypto/elliptic"
|
|
"crypto/rand"
|
|
"crypto/rsa"
|
|
"crypto/tls"
|
|
"crypto/x509"
|
|
"encoding/pem"
|
|
"testing"
|
|
"time"
|
|
|
|
"github.com/stretchr/testify/assert"
|
|
)
|
|
|
|
func TestGenerateCertificateRSA(t *testing.T) {
|
|
sk, err := rsa.GenerateKey(rand.Reader, 2048)
|
|
assert.Nil(t, err)
|
|
|
|
skPEM := pem.EncodeToMemory(&pem.Block{
|
|
Type: "RSA PRIVATE KEY",
|
|
Bytes: x509.MarshalPKCS1PrivateKey(sk),
|
|
})
|
|
|
|
cert, err := GenerateCertificate(sk)
|
|
assert.Nil(t, err)
|
|
|
|
certPEM := pem.EncodeToMemory(&pem.Block{
|
|
Type: "CERTIFICATE",
|
|
Bytes: cert.x509Cert.Raw,
|
|
})
|
|
|
|
_, err = tls.X509KeyPair(certPEM, skPEM)
|
|
assert.Nil(t, err)
|
|
}
|
|
|
|
func TestGenerateCertificateECDSA(t *testing.T) {
|
|
sk, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
|
|
assert.Nil(t, err)
|
|
|
|
skDER, err := x509.MarshalECPrivateKey(sk)
|
|
assert.Nil(t, err)
|
|
|
|
skPEM := pem.EncodeToMemory(&pem.Block{
|
|
Type: "EC PRIVATE KEY",
|
|
Bytes: skDER,
|
|
})
|
|
|
|
cert, err := GenerateCertificate(sk)
|
|
assert.Nil(t, err)
|
|
|
|
certPEM := pem.EncodeToMemory(&pem.Block{
|
|
Type: "CERTIFICATE",
|
|
Bytes: cert.x509Cert.Raw,
|
|
})
|
|
|
|
_, err = tls.X509KeyPair(certPEM, skPEM)
|
|
assert.Nil(t, err)
|
|
}
|
|
|
|
func TestGenerateCertificateEqual(t *testing.T) {
|
|
sk1, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
|
|
assert.Nil(t, err)
|
|
|
|
sk3, err := rsa.GenerateKey(rand.Reader, 2048)
|
|
assert.NoError(t, err)
|
|
|
|
cert1, err := GenerateCertificate(sk1)
|
|
assert.Nil(t, err)
|
|
|
|
sk2, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
|
|
assert.Nil(t, err)
|
|
|
|
cert2, err := GenerateCertificate(sk2)
|
|
assert.Nil(t, err)
|
|
|
|
cert3, err := GenerateCertificate(sk3)
|
|
assert.NoError(t, err)
|
|
|
|
assert.True(t, cert1.Equals(*cert1))
|
|
assert.False(t, cert1.Equals(*cert2))
|
|
assert.True(t, cert3.Equals(*cert3))
|
|
}
|
|
|
|
func TestGenerateCertificateExpires(t *testing.T) {
|
|
sk, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
|
|
assert.Nil(t, err)
|
|
|
|
cert, err := GenerateCertificate(sk)
|
|
assert.Nil(t, err)
|
|
|
|
now := time.Now()
|
|
assert.False(t, cert.Expires().IsZero() || now.After(cert.Expires()))
|
|
|
|
x509Cert := CertificateFromX509(sk, &x509.Certificate{})
|
|
assert.NotNil(t, x509Cert)
|
|
assert.Contains(t, x509Cert.statsID, "certificate")
|
|
}
|
|
|
|
func TestBadCertificate(t *testing.T) {
|
|
var nokey interface{}
|
|
badcert, err := NewCertificate(nokey, x509.Certificate{})
|
|
assert.Nil(t, badcert)
|
|
assert.Error(t, err)
|
|
|
|
sk, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
|
|
assert.Nil(t, err)
|
|
|
|
badcert, err = NewCertificate(sk, x509.Certificate{})
|
|
assert.Nil(t, badcert)
|
|
assert.Error(t, err)
|
|
|
|
c0 := Certificate{}
|
|
c1 := Certificate{}
|
|
assert.False(t, c0.Equals(c1))
|
|
}
|
|
|
|
func TestPEM(t *testing.T) {
|
|
sk, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
|
|
assert.Nil(t, err)
|
|
cert, err := GenerateCertificate(sk)
|
|
assert.Nil(t, err)
|
|
|
|
pem, err := cert.PEM()
|
|
assert.Nil(t, err)
|
|
cert2, err := CertificateFromPEM(pem)
|
|
assert.Nil(t, err)
|
|
pem2, err := cert2.PEM()
|
|
assert.Nil(t, err)
|
|
assert.Equal(t, pem, pem2)
|
|
}
|