Skip to content

Commit b3e235f

Browse files
misak113Sean-Der
authored andcommitted
Add missing rsa.PrivateKey into validating config
validates private keys of certs to be one of RSA, ECDSA or ED25519
1 parent 7afa896 commit b3e235f

3 files changed

Lines changed: 22 additions & 7 deletions

File tree

README.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -150,6 +150,7 @@ Check out the **[contributing wiki](https://github.com/pion/webrtc/wiki/Contribu
150150
* [Jim Wert](https://github.com/bocajim)
151151
* [Alvaro Viebrantz](https://github.com/alvarowolfx)
152152
* [Kegan Dougal](https://github.com/Kegsay)
153+
* [Michael Zabka](https://github.com/misak113)
153154

154155
### License
155156
MIT License - see [LICENSE](LICENSE) for full text

config.go

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@ import (
44
"context"
55
"crypto/ecdsa"
66
"crypto/ed25519"
7+
"crypto/rsa"
78
"crypto/tls"
89
"crypto/x509"
910
"io"
@@ -182,6 +183,7 @@ func validateConfig(config *Config) error {
182183
switch cert.PrivateKey.(type) {
183184
case ed25519.PrivateKey:
184185
case *ecdsa.PrivateKey:
186+
case *rsa.PrivateKey:
185187
default:
186188
return errInvalidPrivateKey
187189
}

config_test.go

Lines changed: 19 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -1,9 +1,10 @@
11
package dtls
22

33
import (
4+
"crypto/dsa" //nolint
5+
"crypto/rand"
6+
"crypto/rsa"
47
"crypto/tls"
5-
"crypto/x509"
6-
"encoding/pem"
78
"errors"
89
"testing"
910

@@ -68,14 +69,20 @@ func TestValidateConfig(t *testing.T) {
6869
}
6970

7071
// Invalid private key
71-
block, _ := pem.Decode([]byte(rawPrivateKey))
72-
rsaKey, err := x509.ParsePKCS1PrivateKey(block.Bytes)
72+
dsaPrivateKey := &dsa.PrivateKey{}
73+
err = dsa.GenerateParameters(&dsaPrivateKey.Parameters, rand.Reader, dsa.L1024N160)
7374
if err != nil {
74-
t.Fatalf("TestValidateConfig: Config validation error(%v), parsing RSA private key", err)
75+
t.Fatalf("TestValidateConfig: Config validation error(%v), DSA parameters not generated", err)
76+
return
77+
}
78+
err = dsa.GenerateKey(dsaPrivateKey, rand.Reader)
79+
if err != nil {
80+
t.Fatalf("TestValidateConfig: Config validation error(%v), DSA private key not generated", err)
81+
return
7582
}
7683
config = &Config{
7784
CipherSuites: []CipherSuiteID{TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256},
78-
Certificates: []tls.Certificate{{Certificate: cert.Certificate, PrivateKey: rsaKey}},
85+
Certificates: []tls.Certificate{{Certificate: cert.Certificate, PrivateKey: dsaPrivateKey}},
7986
}
8087
if err = validateConfig(config); !errors.Is(err, errInvalidPrivateKey) {
8188
t.Fatalf("TestValidateConfig: Client error exp(%v) failed(%v)", errInvalidPrivateKey, err)
@@ -97,9 +104,14 @@ func TestValidateConfig(t *testing.T) {
97104
}
98105

99106
// Valid config
107+
rsaPrivateKey, err := rsa.GenerateKey(rand.Reader, 2048)
108+
if err != nil {
109+
t.Fatalf("TestValidateConfig: Config validation error(%v), RSA private key not generated", err)
110+
return
111+
}
100112
config = &Config{
101113
CipherSuites: []CipherSuiteID{TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256},
102-
Certificates: []tls.Certificate{cert},
114+
Certificates: []tls.Certificate{cert, {Certificate: cert.Certificate, PrivateKey: rsaPrivateKey}},
103115
}
104116
if err = validateConfig(config); err != nil {
105117
t.Fatalf("TestValidateConfig: Client error exp(%v) failed(%v)", nil, err)

0 commit comments

Comments
 (0)