diff options
| -rw-r--r-- | ssh/keys.go | 6 | ||||
| -rw-r--r-- | ssh/keys_test.go | 41 |
2 files changed, 35 insertions, 12 deletions
diff --git a/ssh/keys.go b/ssh/keys.go index 47a0753..18851e7 100644 --- a/ssh/keys.go +++ b/ssh/keys.go @@ -1271,6 +1271,12 @@ func (*PassphraseMissingError) Error() string { return "ssh: this private key is passphrase protected" } +// Is return true if the target is an instance of PassphraseMissingError. +func (errPassMissing *PassphraseMissingError) Is(target error) (ok bool) { + _, ok = target.(*PassphraseMissingError) + return ok +} + // ParseRawPrivateKey returns a private key from a PEM encoded private key. It supports // RSA, DSA, ECDSA, and Ed25519 private keys in PKCS#1, PKCS#8, OpenSSL, and OpenSSH // formats. If the private key is encrypted, it will return a PassphraseMissingError. diff --git a/ssh/keys_test.go b/ssh/keys_test.go index a1165ec..ed5bb1a 100644 --- a/ssh/keys_test.go +++ b/ssh/keys_test.go @@ -272,18 +272,18 @@ func TestParseEncryptedPrivateKeysWithPassphrase(t *testing.T) { } func TestParseEncryptedPrivateKeysWithUnsupportedCiphers(t *testing.T) { - for _, tt := range testdata.UnsupportedCipherData { - t.Run(tt.Name, func(t *testing.T){ - _, err := ParsePrivateKeyWithPassphrase(tt.PEMBytes, []byte(tt.EncryptionKey)) - if err == nil { - t.Fatalf("expected 'unknown cipher' error for %q, got nil", tt.Name) - // If this cipher is now supported, remove it from testdata.UnsupportedCipherData - } - if !strings.Contains(err.Error(), "unknown cipher") { - t.Errorf("wanted 'unknown cipher' error, got %v", err.Error()) - } - }) - } + for _, tt := range testdata.UnsupportedCipherData { + t.Run(tt.Name, func(t *testing.T) { + _, err := ParsePrivateKeyWithPassphrase(tt.PEMBytes, []byte(tt.EncryptionKey)) + if err == nil { + t.Fatalf("expected 'unknown cipher' error for %q, got nil", tt.Name) + // If this cipher is now supported, remove it from testdata.UnsupportedCipherData + } + if !strings.Contains(err.Error(), "unknown cipher") { + t.Errorf("wanted 'unknown cipher' error, got %v", err.Error()) + } + }) + } } func TestParseEncryptedPrivateKeysWithIncorrectPassphrase(t *testing.T) { @@ -863,3 +863,20 @@ cLYUOHfQDw== t.Fatal("parsing an SSH certificate using another certificate as signature key succeeded; expected failure") } } + +func TestPassphraseMissingErrorIs(t *testing.T) { + var ( + errPassMissing = &PassphraseMissingError{} + + err error + ) + + _, err = ParseRawPrivateKey(testdata.PEMEncryptedKeys[0].PEMBytes) + if err == nil { + t.Fatalf(`got error nil, want %T`, errPassMissing) + } + + if !errors.Is(err, errPassMissing) { + t.Fatalf(`got error %T, want %T `, err, errPassMissing) + } +} |