Verified Commit f38c91f9 authored by meskio's avatar meskio 👷
Browse files

Don't use entropy for test

Use math/rand instead of crypto/rand, so entropy is not a blocker when
running the tests.
parent e4c01f05
Pipeline #40339 passed with stage
in 9 minutes and 55 seconds
package amp
import (
"crypto/rand"
"io"
"io/ioutil"
"math/rand"
"strings"
"testing"
)
......
package utls
import (
"crypto/rand"
"crypto/rsa"
"crypto/tls"
"crypto/x509"
"crypto/x509/pkix"
"math/big"
"math/rand"
"net/http"
"testing"
"time"
......@@ -26,7 +26,15 @@ func TestRoundTripper(t *testing.T) {
Convey("[Test]Set up http servers", t, func(c C) {
c.Convey("[Test]Generate Self-Signed Cert", func(c C) {
// Ported from https://gist.github.com/samuel/8b500ddd3f6118d052b5e6bc16bc4c09
priv, err := rsa.GenerateKey(rand.Reader, 4096)
// note that we use the insecure math/rand here because some platforms
// fail the test suite at build time in Debian, due to entropy starvation.
// since that's not a problem at test time, we do *not* use a secure
// mechanism for key generation.
//
// DO NOT REUSE THIS CODE IN PRODUCTION, IT IS DANGEROUS
insecureRandReader := rand.New(rand.NewSource(1337))
priv, err := rsa.GenerateKey(insecureRandReader, 4096)
c.So(err, ShouldBeNil)
template := x509.Certificate{
SerialNumber: big.NewInt(1),
......@@ -40,7 +48,7 @@ func TestRoundTripper(t *testing.T) {
ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
BasicConstraintsValid: true,
}
derBytes, err := x509.CreateCertificate(rand.Reader, &template, &template, priv.Public(), priv)
derBytes, err := x509.CreateCertificate(insecureRandReader, &template, &template, priv.Public(), priv)
c.So(err, ShouldBeNil)
selfSignedPrivateKey = priv
selfSignedCert = derBytes
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment