// TestVariousAESKeyEncoding tests some AES <-> PEM conversions
func TestVariousAESKeyEncoding(t *testing.T) {
key, err := GetRandomBytes(32)
if err != nil {
t.Fatalf("Failed generating AES key [%s]", err)
}
// PEM format
pem := utils.AEStoPEM(key)
keyFromPEM, err := utils.PEMtoAES(pem, nil)
if err != nil {
t.Fatalf("Failed converting PEM to AES key [%s]", err)
}
if 0 != bytes.Compare(key, keyFromPEM) {
t.Fatalf("Failed converting PEM to AES key. Keys are different [%x][%x]", key, keyFromPEM)
}
// Encrypted PEM format
pem, err = utils.AEStoEncryptedPEM(key, []byte("passwd"))
if err != nil {
t.Fatalf("Failed converting AES key to Encrypted PEM [%s]", err)
}
keyFromPEM, err = utils.PEMtoAES(pem, []byte("passwd"))
if err != nil {
t.Fatalf("Failed converting encrypted PEM to AES key [%s]", err)
}
if 0 != bytes.Compare(key, keyFromPEM) {
t.Fatalf("Failed converting encrypted PEM to AES key. Keys are different [%x][%x]", key, keyFromPEM)
}
}
func (ks *FileBasedKeyStore) storeKey(alias string, key []byte) error {
pem, err := utils.AEStoEncryptedPEM(key, ks.pwd)
if err != nil {
logger.Errorf("Failed converting key to PEM [%s]: [%s]", alias, err)
return err
}
err = ioutil.WriteFile(ks.getPathForAlias(alias, "key"), pem, 0700)
if err != nil {
logger.Errorf("Failed storing key [%s]: [%s]", alias, err)
return err
}
return nil
}