cert_test.go 1.1 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647
  1. // Copyright 2014 The Go Authors. All rights reserved.
  2. // Use of this source code is governed by a BSD-style
  3. // license that can be found in the LICENSE file.
  4. // +build darwin dragonfly freebsd linux netbsd openbsd
  5. package test
  6. import (
  7. "crypto/rand"
  8. "testing"
  9. "golang.org/x/crypto/ssh"
  10. )
  11. func TestCertLogin(t *testing.T) {
  12. s := newServer(t)
  13. defer s.Shutdown()
  14. // Use a key different from the default.
  15. clientKey := testSigners["dsa"]
  16. caAuthKey := testSigners["ecdsa"]
  17. cert := &ssh.Certificate{
  18. Key: clientKey.PublicKey(),
  19. ValidPrincipals: []string{username()},
  20. CertType: ssh.UserCert,
  21. ValidBefore: ssh.CertTimeInfinity,
  22. }
  23. if err := cert.SignCert(rand.Reader, caAuthKey); err != nil {
  24. t.Fatalf("SetSignature: %v", err)
  25. }
  26. certSigner, err := ssh.NewCertSigner(cert, clientKey)
  27. if err != nil {
  28. t.Fatalf("NewCertSigner: %v", err)
  29. }
  30. conf := &ssh.ClientConfig{
  31. User: username(),
  32. }
  33. conf.Auth = append(conf.Auth, ssh.PublicKeys(certSigner))
  34. client, err := s.TryDial(conf)
  35. if err != nil {
  36. t.Fatalf("TryDial: %v", err)
  37. }
  38. client.Close()
  39. }