From ccb8768272387252f897e3b216afd16e34d46032 Mon Sep 17 00:00:00 2001 From: Jeremy Clerc Date: Tue, 14 Feb 2017 14:19:40 +0100 Subject: Add tests for certificate pkg. --- pkg/certificate/certificate.go | 4 +- pkg/certificate/certificate_test.go | 124 ++++++++++++++++++++++++++++++++++++ 2 files changed, 126 insertions(+), 2 deletions(-) create mode 100644 pkg/certificate/certificate_test.go diff --git a/pkg/certificate/certificate.go b/pkg/certificate/certificate.go index 187fb1c..fe3d6c2 100644 --- a/pkg/certificate/certificate.go +++ b/pkg/certificate/certificate.go @@ -38,11 +38,11 @@ func (b *Bundle) Raw() ([]byte, []byte) { func RawToBundle(name string, key []byte, cert []byte) (*Bundle, error) { k, err := x509.ParsePKCS1PrivateKey(key) if err != nil { - return nil, fmt.Errorf("failed parsing private key from PEM bytes: %v", err) + return nil, fmt.Errorf("failed parsing private key: %v", err) } c, err := x509.ParseCertificate(cert) if err != nil { - return nil, fmt.Errorf("failed parsing certificate from PEM bytes: %v", err) + return nil, fmt.Errorf("failed parsing certificate: %v", err) } return &Bundle{Name: name, Key: k, Cert: c}, nil } diff --git a/pkg/certificate/certificate_test.go b/pkg/certificate/certificate_test.go new file mode 100644 index 0000000..bca8708 --- /dev/null +++ b/pkg/certificate/certificate_test.go @@ -0,0 +1,124 @@ +// Copyright 2015 Google Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package certificate + +import ( + "encoding/pem" + "fmt" + "reflect" + "testing" +) + +var ( + pemKey = []byte(`-----BEGIN RSA PRIVATE KEY----- +MIIEpQIBAAKCAQEAxGJ/tXy7ItxDpI9RLb0L/mkxGpw+BodijFoNixq0QEzxsc+t +Lr+3czb00a0B/kzObV0AQYwXFqdJ+qb7jZXc3To6iALDw3ghWNgfaBeIKPueY6n7 +7DU4ZpzjLy8DhlWO44Vx6CZjByr6qmGh3TnDqD8sVEFPZlattgHy4KfTmc0abk4b +wlJ4lvpXBshl1SYsMgpyZrTC1mggcu+xw98EcvLollYKvW4WyYtTbwBo5S8c/hVt +m2nbxLZgUui5wMPmEmtvxnfYeB4kL8LHNMtxT1Pw6JLd4vUL00k8GrUfEa+2J3FG +euG9dCI1ZS1N5Z/UN0Odq4QCs8ILexAgj99XLwIDAQABAoIBAQCXqUnfKriKr3g9 +ucCDhh+hFjOpzUfJWvysT09uQe06SzHMlAm2tLBD9gkTdHy5my9AHjZ4aGvcPs1P +GW3jZfzvjGxvZVMxvbBjIGUAykuI+ujTJw861876z+ZTJgee0qxK4V+aXSrU+kgj +FMsgQd/sKv1dBCMBcactjEu5W2J6vyQ3N7kq9gA/+VQ6yPaPN6y+DTgyZTkG4oXU +5vetosdvm8MzuvGZlYf/LEtiYfFSpLmg1EzHO1Z6mJ2NOkT4GJ1JIltIWk0Mm3xl +4Co4zwlKebEGEN0jJ7Rs67ZIcWgcTfOd1xnwabEC04EnN6UhuE8fXZWOuqLFxVg1 +UKl8U7zBAoGBAOlBqcLr4P5GeqrH65P2HfkaKLI9V+fip3gO7taWRn7XxX5BMzfr +vBJabRif+nd8eqKrLw+6l1cSBc/6kdunyINoYDfhgEFXfb1tKKc74x4k8xVdsVEU +X+e2nM2+uGe5afnMX61qYNHLa8LDUI0q/Aj5813F0Akj9FxdNMU3T/jpAoGBANeI +ehmT5zvtmFCXqAbb3U6kGjUv/eM016NbDn1l6QVhs4qqm1x1CRwP16qjvU9yLwDr +/QTRWBBAQpR7vzHY+qE768FCJj0zPNU40R2uXXrVYyqm+WhzBuO1kZtlUNwZLW/m +Ek6h0HJdCoNpTxBbUWIdI/TQPEr5hFTtdOf/C8BXAoGBALubU5XyMBFz0F+h0mk8 +L9lV39uUGSrpkraulAzF60dD9pVYjYBxut+sGUkQCtylouFI+94TvnuKhGBF8aCQ +72Y5wgHP/l8PppN/w43WThLFtzm9FMvYrlZo+u9EcX8DkygV5/JLuDmk+jQ48YXJ +R9NUbhhC7NMdNwI++R2SImFZAoGBAI4tmV4GEyOVOETxxgXAQ9z8o80yO2kGErnP +918BOxYxvR5cLOBw0/GPAdWu7dLan+cbxWzILC+MNF9+wkE/wRVbUcnKuS7l/dsp +/8h0nXXKDgC05RHhz0mnHMZFr3GBqleGjc0RMVA/0A+gCGfh1W3Di1STiTJsJr9f +ZR8lP7tBAoGAVbnEDpvT9pNxKhXd3PzQqjsM+DUeqnpvxT4O5wKJ+M2Bn17VOHMj +JXZMs55G8qITwK3q2BRs+hCvrfAM5oQClv3MwQ4ItqYH24Ed7rU3yA90/LXioXgZ +5zWBV7LaFFBReJlmsAmEf85eKPRG/OrfoxxHwpGTSnJgU/zuciNgLD8= +-----END RSA PRIVATE KEY-----`) + + pemCert = []byte(`-----BEGIN CERTIFICATE----- +MIIDuzCCAqOgAwIBAgIQBDsLj8sbZAngX2d7OwD1ZzANBgkqhkiG9w0BAQsFADBn +MQswCQYDVQQGEwJVUzERMA8GA1UECBMITmV3IFlvcmsxDjAMBgNVBAcTBUFnbG9l +MRYwFAYDVQQKEw1VbWJyZWxsYSBDb3JwMQswCQYDVQQLEwJJVDEQMA4GA1UEAxMH +Um9vdCBDQTAeFw0xNzAyMTQxMjE5NTZaFw0xODAyMTQxMjE5NTZaMGcxCzAJBgNV +BAYTAlVTMREwDwYDVQQIEwhOZXcgWW9yazEOMAwGA1UEBxMFQWdsb2UxFjAUBgNV +BAoTDVVtYnJlbGxhIENvcnAxCzAJBgNVBAsTAklUMRAwDgYDVQQDEwdSb290IENB +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxGJ/tXy7ItxDpI9RLb0L +/mkxGpw+BodijFoNixq0QEzxsc+tLr+3czb00a0B/kzObV0AQYwXFqdJ+qb7jZXc +3To6iALDw3ghWNgfaBeIKPueY6n77DU4ZpzjLy8DhlWO44Vx6CZjByr6qmGh3TnD +qD8sVEFPZlattgHy4KfTmc0abk4bwlJ4lvpXBshl1SYsMgpyZrTC1mggcu+xw98E +cvLollYKvW4WyYtTbwBo5S8c/hVtm2nbxLZgUui5wMPmEmtvxnfYeB4kL8LHNMtx +T1Pw6JLd4vUL00k8GrUfEa+2J3FGeuG9dCI1ZS1N5Z/UN0Odq4QCs8ILexAgj99X +LwIDAQABo2MwYTAOBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNV +HQ4EFgQUqHqzyLJ/FARR2FjEK+KgEa1mm28wHwYDVR0jBBgwFoAUqHqzyLJ/FARR +2FjEK+KgEa1mm28wDQYJKoZIhvcNAQELBQADggEBAI8gE4wo13oMpBM5YgIIcUhI +0S1N4Z1F+n48aJU9JcQvHSpdOt1RkVhh6jUVkU9+HRv1Eu+4SMfIVswLF9y+jNzf +vPIYGcrXh5jIWybte8PwPQ3AzRBoyxDXCkQyFSb/CLVT7oC+fQje1DeIJeNPNdav +Cm+VrNZPVlFhD2Mbp+Jcn370xBoP5hLeq3JtO954UnBBM7ntN74n2J63JAuroqME +SwXQznqZmQHv3oJZ6DU5JThzsSWKF7aarp6xMzD+UVX2T1vAq/qI6xGfPI8qAQyu +PFM1z1LC4UMUTDN0IxOqRluF4z4GnqqODqrI6SAbt+raLZp3pcHhbtLQYs641iw= +-----END CERTIFICATE-----`) +) + +// pemToDer returns the private key and certificate key DER encoded. +func pemToDER() ([]byte, []byte, error) { + k, _ := pem.Decode(pemKey) + if k == nil { + return nil, nil, fmt.Errorf("no PEM data found for certificate") + } + c, _ := pem.Decode(pemCert) + if c == nil { + return nil, nil, fmt.Errorf("no PEM data found for certificate") + } + return k.Bytes, c.Bytes, nil +} + +func TestRawToBundle(t *testing.T) { + k, c, err := pemToDER() + if err != nil { + t.Fatalf("failed retrieving fake key and cert: %v", err) + } + bundleName := "fakeca" + b, err := RawToBundle(bundleName, k, c) + if err != nil { + t.Fatalf("RawToBundle(%v, ...): got error %v != expected nil", bundleName, err) + } + if b.Name != bundleName { + t.Errorf("RawToBundle(%v, ...): got bundle name %v != expected %v", bundleName, b.Name, bundleName) + } + sn := "5623491996784668439572849354101290343" + if b.Cert.SerialNumber.String() != sn { + t.Errorf("RawToBundle(%v, ...): got cert with serial number %v != expected %v", bundleName, b.Cert.SerialNumber, sn) + } + + rk, rc := b.Raw() + if !reflect.DeepEqual(k, rk) { + t.Errorf("Raw(): raw private key != raw private key used to generate bundle") + } + if !reflect.DeepEqual(c, rc) { + t.Errorf("Raw(): raw certificate != raw certificate used to generate bundle") + } + + _, err = RawToBundle("badkey", k[1:], c) + if err == nil { + t.Error("RawToBundle(badkey, ...): got error nil != expected failed parsing private key...") + } + _, err = RawToBundle("badcert", k, c[1:]) + if err == nil { + t.Error("RawToBundle(badcert, ...): got error nil != expected failed parsing certificate...") + } +} -- cgit v1.3