diff --git a/go.mod b/go.mod index 267c8648794..b7ffb7d3a9e 100644 --- a/go.mod +++ b/go.mod @@ -6,7 +6,7 @@ require ( cloud.google.com/go/compute v1.7.0 github.com/google/go-cmp v0.5.8 github.com/google/uuid v1.3.0 - github.com/googleapis/enterprise-certificate-proxy v0.1.0 + github.com/googleapis/enterprise-certificate-proxy v0.2.0 github.com/googleapis/gax-go/v2 v2.4.0 go.opencensus.io v0.23.0 golang.org/x/net v0.0.0-20220909164309-bea034e7d591 diff --git a/go.sum b/go.sum index 7fb35d0a192..4b3eb0c492a 100644 --- a/go.sum +++ b/go.sum @@ -164,8 +164,8 @@ github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+ github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I= github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/googleapis/enterprise-certificate-proxy v0.0.0-20220520183353-fd19c99a87aa/go.mod h1:17drOmN3MwGY7t0e+Ei9b45FFGA3fBs3x36SsCg1hq8= -github.com/googleapis/enterprise-certificate-proxy v0.1.0 h1:zO8WHNx/MYiAKJ3d5spxZXZE6KHmIQGQcAzwUzV7qQw= -github.com/googleapis/enterprise-certificate-proxy v0.1.0/go.mod h1:17drOmN3MwGY7t0e+Ei9b45FFGA3fBs3x36SsCg1hq8= +github.com/googleapis/enterprise-certificate-proxy v0.2.0 h1:y8Yozv7SZtlU//QXbezB6QkpuE6jMD2/gfzk4AftXjs= +github.com/googleapis/enterprise-certificate-proxy v0.2.0/go.mod h1:8C0jb7/mgJe/9KK8Lm7X9ctZC2t60YyIpYEI16jx0Qg= github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= github.com/googleapis/gax-go/v2 v2.1.0/go.mod h1:Q3nei7sK6ybPYH7twZdmQpAd1MKb7pfu6SK+H1/DsU0= diff --git a/transport/cert/enterprise_cert_test.go b/transport/cert/enterprise_cert_test.go index 8f20887fd70..f3a539b2f6d 100644 --- a/transport/cert/enterprise_cert_test.go +++ b/transport/cert/enterprise_cert_test.go @@ -20,7 +20,7 @@ func TestEnterpriseCertificateProxySource_ConfigMissing(t *testing.T) { // This test launches a mock signer binary "test_signer.go" that uses a valid pem file. func TestEnterpriseCertificateProxySource_GetClientCertificateSuccess(t *testing.T) { - source, err := NewEnterpriseCertificateProxySource("testdata/enterprise_certificate_config.json") + source, err := NewEnterpriseCertificateProxySource("testdata/certificate_config.json") if err != nil { t.Fatal(err) } @@ -38,7 +38,7 @@ func TestEnterpriseCertificateProxySource_GetClientCertificateSuccess(t *testing // This test launches a mock signer binary "test_signer.go" that uses an invalid pem file. func TestEnterpriseCertificateProxySource_InitializationFailure(t *testing.T) { - _, err := NewEnterpriseCertificateProxySource("testdata/enterprise_certificate_config_invalid_pem.json") + _, err := NewEnterpriseCertificateProxySource("testdata/certificate_config_invalid_pem.json") if err == nil { t.Error("NewEnterpriseCertificateProxySource: got nil, want non-nil err") } diff --git a/transport/cert/testdata/certificate_config.json b/transport/cert/testdata/certificate_config.json new file mode 100644 index 00000000000..89523d44d9c --- /dev/null +++ b/transport/cert/testdata/certificate_config.json @@ -0,0 +1,10 @@ +{ + "cert_configs": { + "test": { + "issuer": "Test Issuer" + } + }, + "libs": { + "ecp": "./testdata/signer.sh" + } +} diff --git a/transport/cert/testdata/certificate_config_invalid_pem.json b/transport/cert/testdata/certificate_config_invalid_pem.json new file mode 100644 index 00000000000..d56afa40b02 --- /dev/null +++ b/transport/cert/testdata/certificate_config_invalid_pem.json @@ -0,0 +1,10 @@ +{ + "cert_configs": { + "test": { + "issuer": "Test Issuer" + } + }, + "libs": { + "ecp": "./testdata/signer_invalid_pem.sh" + } +} diff --git a/transport/cert/testdata/enterprise_certificate_config.json b/transport/cert/testdata/enterprise_certificate_config.json deleted file mode 100644 index be9f9a3e806..00000000000 --- a/transport/cert/testdata/enterprise_certificate_config.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "cert_info": { - "issuer": "Test Issuer" - }, - "libs": { - "signer_binary": "./testdata/signer.sh" - } -} diff --git a/transport/cert/testdata/enterprise_certificate_config_invalid_pem.json b/transport/cert/testdata/enterprise_certificate_config_invalid_pem.json deleted file mode 100644 index 5fc2dcfc8f9..00000000000 --- a/transport/cert/testdata/enterprise_certificate_config_invalid_pem.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "cert_info": { - "issuer": "Test Issuer" - }, - "libs": { - "signer_binary": "./testdata/signer_invalid_pem.sh" - } -} diff --git a/transport/cert/testdata/rsa2048bit.pem b/transport/cert/testdata/rsa2048bit.pem new file mode 100644 index 00000000000..91ebda969a2 --- /dev/null +++ b/transport/cert/testdata/rsa2048bit.pem @@ -0,0 +1,49 @@ +-----BEGIN CERTIFICATE----- +MIIDZjCCAk4CCQCN7UdavjYDjjANBgkqhkiG9w0BAQsFADB1MQswCQYDVQQGEwJV +UzELMAkGA1UECAwCV0ExDzANBgNVBAcMBlJlbnRvbjEMMAoGA1UECgwDQ0JBMQww +CgYDVQQLDANFQ1AxDTALBgNVBAMMBHRlc3QxHTAbBgkqhkiG9w0BCQEWDnRlc3RA +Z21haWwuY29tMB4XDTIyMDkxMTE2MzIwMVoXDTMyMDkwODE2MzIwMVowdTELMAkG +A1UEBhMCVVMxCzAJBgNVBAgMAldBMQ8wDQYDVQQHDAZSZW50b24xDDAKBgNVBAoM +A0NCQTEMMAoGA1UECwwDRUNQMQ0wCwYDVQQDDAR0ZXN0MR0wGwYJKoZIhvcNAQkB +Fg50ZXN0QGdtYWlsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB +APlRXo2ji8rFYfF8ew7Fsi3KuHMvirW1/OGhhPaqGGDomvFpoAwf5MQn4RIOFzf0 +KCy3bRSHjMJlRfINf/FgByjLik8NRcI3huHlDyAZS4Va4b/L4GIfA7jPuIu/HsAu +eGIOOncBpyKyRwaf2HhGAvy85MfWAvHr+3k0gL90nGQWFjvRDt+wyLLUZ5SIMDUT +x7aBji9qGAxX2sbiFB0C7chK4mwsPKowgK+fIgHkbqSIN6IyFIU6pLXGKJ1WrNBg +CHA2LPUE477GKinuaDq4PjQyVQF9MAQmK4hRu8N7COJeZunHWQJjACT5QRxmMiWp +H2dYbX6Wg3eXMRpbGVoLuHUCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAFvfK3t5u +tK3+PPhkpCoEpcequn5vTOKDBSE95o3Od/RmNQEmUqSsuPtBd5ZVxKKa+ZapVowt +S9YFr5C9jgUleukLEYQNj0p8jrcZjVaUy5hmDynaIlkbtl5NHGyNOeJMJprA5ylV +wQ3ULnGjIxx3AsCEYeSp+eea6jztl5cvH6nGj6rI20lhrrHfKjxaGCRT+4X7NcXP +jSQrvaQjZKjs20iVX1f/En4OgR4FY5YJkMRhrebcoYnldkKzWjNpy3j/QwVWNzl3 +1jfpeDUw8o7a4UDONMIwQjMQq05tqTh9WbL+6B2CEQnhPeKAGm8oHwyqdux8A9Nf +Lw4UcyjbQOSWlA== +-----END CERTIFICATE----- +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQD5UV6No4vKxWHx +fHsOxbItyrhzL4q1tfzhoYT2qhhg6JrxaaAMH+TEJ+ESDhc39Cgst20Uh4zCZUXy +DX/xYAcoy4pPDUXCN4bh5Q8gGUuFWuG/y+BiHwO4z7iLvx7ALnhiDjp3AaciskcG +n9h4RgL8vOTH1gLx6/t5NIC/dJxkFhY70Q7fsMiy1GeUiDA1E8e2gY4vahgMV9rG +4hQdAu3ISuJsLDyqMICvnyIB5G6kiDeiMhSFOqS1xiidVqzQYAhwNiz1BOO+xiop +7mg6uD40MlUBfTAEJiuIUbvDewjiXmbpx1kCYwAk+UEcZjIlqR9nWG1+loN3lzEa +WxlaC7h1AgMBAAECggEBANhlYs9HO4d1CMzkQZ8RwtRyFuSLSDbtzZ89ZT3/Zwd9 +/TY6eprrd9E11+mm50o+ljwxvPDLskXsRuiQBRPJSI2FFPgGSh0HuwAIo7c1nVIT +Dsw9NfWUe9OGH+TTruoZq41YUjCG871uxa0fQnEqO1+IyH4W6Bl4vJ14D6OdoDxR +JMzZyeddezQlyCS+Mi/jMi82YZWdCdhr1mpTtzVpWJEvKj0VUQFSd4ioS87/F7la +RT42Y1t6igfvHjnVV0w0mf+32UiLlDkOZ/xY215/9aYfJMhak7ctUGx3BgJgoyDP +hlRQxS2dzzgZGQrgjI+7jnyIbvGbhS2o6j8JorsTE6ECgYEA/aWK7iBtj1lH3O0t +6atOb/yT76k9bHaFgX0gU+H/8bxiGt0V2r4+IoAWtwJNgi3As9jP4yJPiCiRX2PW +yIhRZkEkoZ4uPSabPLtoKd/95sytiIQ57KRQGhUYehVz1Uockt4c6FfDi0XPkFek +/9N9Fv/sJxhWHp0hMn0u0oBVd2kCgYEA+6GLghm6roxQdq2kjAsBKHXmr1emfuzQ +BvucM3t8wh04I4r3jc2GpmCI428dtHQkYRTV5bdWrxI1MeIWxzumW1hXzjkuV+fI +WDX9gLCOB3d7mtHmwXunSHpwvZygXRZH3y4xYmTOpQgZAIxm1Gm6FsvMFVExF+UD +m06QWH0zgy0CgYBSp1s6db69864DRBauCnCo9XmPo2qsqYKfy5J5QzAQKf8eGeVB +PrUosOy1/j4bqaUd9gzoSwn3qKCWoQYgmqtL0vaI4+7VZns3syoiWyd1ykTSM6Rc +hL7FgRJU1iDE5D2jblWlMNQ70iftNWJDKzub/xGJO9j0aOekeD6FweQX4QKBgHwe +0FjpZhtJXTtdJchqeTTDC3o8SwVavLZlEESYyg5aKWHm33uUALI69erx2X40t+kn +ROceC2UqHxEvC7tU4hc2uYEg1YpI65sPbq8256gpONBCb4fK/dYTh18QTk38epFN +ENEPFptzJhoOJ37pdABgoJd3SDcYITJPi4YKpAk1AoGBAOaQN50lZQuIAab4hwmd +hEXpn2YA8+qU8K1Y4DdJNBdKt+JDzN30+B7qZ1vVvyDCCIEhoKAr9b/wjQHF2pC4 +Vp89uLNKTLF6Pg4Wm+71MbDPFFRTyMghOPBn3vWQvj81sLMselg8eIjTO8XS7mQ7 +hPJVfKseNBDOBE4OolLNAoBK +-----END PRIVATE KEY----- \ No newline at end of file diff --git a/transport/cert/testdata/signer.sh b/transport/cert/testdata/signer.sh index 8a7b2192526..6b4fb6cd960 100755 --- a/transport/cert/testdata/signer.sh +++ b/transport/cert/testdata/signer.sh @@ -4,4 +4,4 @@ # Use of this source code is governed by a BSD-style # license that can be found in the LICENSE file. -go run ../internal/ecp/test_signer.go testdata/testcert.pem +go run ../internal/ecp/test_signer.go testdata/rsa2048bit.pem