Add missing tests

cas/apiv1/extension_test.go

@@ -1,8 +1,8 @@
 package apiv1
 
 import (
+	"crypto/x509"
 	"crypto/x509/pkix"
-	"fmt"
 	"reflect"
 	"testing"
 )
@@ -49,7 +49,98 @@ func TestCreateCertificateAuthorityExtension(t *testing.T) {
 			}
 			if !reflect.DeepEqual(got, tt.want) {
 				t.Errorf("CreateCertificateAuthorityExtension() = %v, want %v", got, tt.want)
-				fmt.Printf("%x\n", got.Value)
+			}
+		})
+	}
+}
+
+func TestFindCertificateAuthorityExtension(t *testing.T) {
+	expected := pkix.Extension{
+		Id:    oidStepCertificateAuthority,
+		Value: []byte("fake data"),
+	}
+	type args struct {
+		cert *x509.Certificate
+	}
+	tests := []struct {
+		name  string
+		args  args
+		want  pkix.Extension
+		want1 bool
+	}{
+		{"first", args{&x509.Certificate{Extensions: []pkix.Extension{
+			expected,
+			{Id: []int{1, 2, 3, 4}},
+		}}}, expected, true},
+		{"last", args{&x509.Certificate{Extensions: []pkix.Extension{
+			{Id: []int{1, 2, 3, 4}},
+			{Id: []int{2, 3, 4, 5}},
+			expected,
+		}}}, expected, true},
+		{"fail", args{&x509.Certificate{Extensions: []pkix.Extension{
+			{Id: []int{1, 2, 3, 4}},
+		}}}, pkix.Extension{}, false},
+		{"fail ExtraExtensions", args{&x509.Certificate{ExtraExtensions: []pkix.Extension{
+			expected,
+			{Id: []int{1, 2, 3, 4}},
+		}}}, pkix.Extension{}, false},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			got, got1 := FindCertificateAuthorityExtension(tt.args.cert)
+			if !reflect.DeepEqual(got, tt.want) {
+				t.Errorf("FindCertificateAuthorityExtension() got = %v, want %v", got, tt.want)
+			}
+			if got1 != tt.want1 {
+				t.Errorf("FindCertificateAuthorityExtension() got1 = %v, want %v", got1, tt.want1)
+			}
+		})
+	}
+}
+
+func TestRemoveCertificateAuthorityExtension(t *testing.T) {
+	caExt := pkix.Extension{
+		Id:    oidStepCertificateAuthority,
+		Value: []byte("fake data"),
+	}
+	type args struct {
+		cert *x509.Certificate
+	}
+	tests := []struct {
+		name string
+		args args
+		want *x509.Certificate
+	}{
+		{"first", args{&x509.Certificate{ExtraExtensions: []pkix.Extension{
+			caExt,
+			{Id: []int{1, 2, 3, 4}},
+		}}}, &x509.Certificate{ExtraExtensions: []pkix.Extension{
+			{Id: []int{1, 2, 3, 4}},
+		}}},
+		{"last", args{&x509.Certificate{ExtraExtensions: []pkix.Extension{
+			{Id: []int{1, 2, 3, 4}},
+			caExt,
+		}}}, &x509.Certificate{ExtraExtensions: []pkix.Extension{
+			{Id: []int{1, 2, 3, 4}},
+		}}},
+		{"missing", args{&x509.Certificate{ExtraExtensions: []pkix.Extension{
+			{Id: []int{1, 2, 3, 4}},
+		}}}, &x509.Certificate{ExtraExtensions: []pkix.Extension{
+			{Id: []int{1, 2, 3, 4}},
+		}}},
+		{"extensions", args{&x509.Certificate{Extensions: []pkix.Extension{
+			caExt,
+			{Id: []int{1, 2, 3, 4}},
+		}}}, &x509.Certificate{Extensions: []pkix.Extension{
+			caExt,
+			{Id: []int{1, 2, 3, 4}},
+		}}},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			RemoveCertificateAuthorityExtension(tt.args.cert)
+			if !reflect.DeepEqual(tt.args.cert, tt.want) {
+				t.Errorf("RemoveCertificateAuthorityExtension() cert = %v, want %v", tt.args.cert, tt.want)
 			}
 		})
 	}

cas/apiv1/options_test.go

@@ -0,0 +1,131 @@
+package apiv1
+
+import (
+	"context"
+	"crypto"
+	"crypto/x509"
+	"sync"
+	"testing"
+)
+
+type testCAS struct {
+	name string
+}
+
+func (t *testCAS) CreateCertificate(req *CreateCertificateRequest) (*CreateCertificateResponse, error) {
+	return nil, nil
+}
+
+func (t *testCAS) RenewCertificate(req *RenewCertificateRequest) (*RenewCertificateResponse, error) {
+	return nil, nil
+}
+
+func (t *testCAS) RevokeCertificate(req *RevokeCertificateRequest) (*RevokeCertificateResponse, error) {
+	return nil, nil
+}
+
+func mockRegister(t *testing.T) {
+	t.Helper()
+	Register(SoftCAS, func(ctx context.Context, opts Options) (CertificateAuthorityService, error) {
+		return &testCAS{name: SoftCAS}, nil
+	})
+	Register(CloudCAS, func(ctx context.Context, opts Options) (CertificateAuthorityService, error) {
+		return &testCAS{name: CloudCAS}, nil
+	})
+	t.Cleanup(func() {
+		registry = new(sync.Map)
+	})
+}
+
+func TestOptions_Validate(t *testing.T) {
+	mockRegister(t)
+	type fields struct {
+		Type                 string
+		CredentialsFile      string
+		Certificateauthority string
+		Issuer               *x509.Certificate
+		Signer               crypto.Signer
+	}
+	tests := []struct {
+		name    string
+		fields  fields
+		wantErr bool
+	}{
+		{"empty", fields{}, false},
+		{"SoftCAS", fields{SoftCAS, "", "", nil, nil}, false},
+		{"CloudCAS", fields{CloudCAS, "", "", nil, nil}, false},
+		{"softcas", fields{"softcas", "", "", nil, nil}, false},
+		{"CLOUDCAS", fields{"CLOUDCAS", "", "", nil, nil}, false},
+		{"fail", fields{"FailCAS", "", "", nil, nil}, true},
+	}
+	t.Run("nil", func(t *testing.T) {
+		var o *Options
+		if err := o.Validate(); err != nil {
+			t.Errorf("Options.Validate() error = %v, wantErr %v", err, false)
+		}
+	})
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			o := &Options{
+				Type:                 tt.fields.Type,
+				CredentialsFile:      tt.fields.CredentialsFile,
+				Certificateauthority: tt.fields.Certificateauthority,
+				Issuer:               tt.fields.Issuer,
+				Signer:               tt.fields.Signer,
+			}
+			if err := o.Validate(); (err != nil) != tt.wantErr {
+				t.Errorf("Options.Validate() error = %v, wantErr %v", err, tt.wantErr)
+			}
+		})
+	}
+}
+
+func TestOptions_HasType(t *testing.T) {
+	mockRegister(t)
+
+	type fields struct {
+		Type                 string
+		CredentialsFile      string
+		Certificateauthority string
+		Issuer               *x509.Certificate
+		Signer               crypto.Signer
+	}
+	type args struct {
+		t Type
+	}
+	tests := []struct {
+		name   string
+		fields fields
+		args   args
+		want   bool
+	}{
+		{"empty", fields{}, args{}, true},
+		{"SoftCAS", fields{SoftCAS, "", "", nil, nil}, args{"SoftCAS"}, true},
+		{"CloudCAS", fields{CloudCAS, "", "", nil, nil}, args{"CloudCAS"}, true},
+		{"softcas", fields{"softcas", "", "", nil, nil}, args{SoftCAS}, true},
+		{"CLOUDCAS", fields{"CLOUDCAS", "", "", nil, nil}, args{CloudCAS}, true},
+		{"UnknownCAS", fields{"UnknownCAS", "", "", nil, nil}, args{"UnknownCAS"}, true},
+		{"fail", fields{CloudCAS, "", "", nil, nil}, args{"SoftCAS"}, false},
+		{"fail", fields{SoftCAS, "", "", nil, nil}, args{"CloudCAS"}, false},
+	}
+	t.Run("nil", func(t *testing.T) {
+		var o *Options
+		if got := o.HasType(SoftCAS); got != true {
+			t.Errorf("Options.HasType() = %v, want %v", got, true)
+		}
+	})
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			o := &Options{
+				Type:                 tt.fields.Type,
+				CredentialsFile:      tt.fields.CredentialsFile,
+				Certificateauthority: tt.fields.Certificateauthority,
+				Issuer:               tt.fields.Issuer,
+				Signer:               tt.fields.Signer,
+			}
+			if got := o.HasType(tt.args.t); got != tt.want {
+				t.Errorf("Options.HasType() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}

cas/apiv1/registry_test.go

@@ -0,0 +1,90 @@
+package apiv1
+
+import (
+	"context"
+	"fmt"
+	"reflect"
+	"sync"
+	"testing"
+)
+
+func TestRegister(t *testing.T) {
+	t.Cleanup(func() {
+		registry = new(sync.Map)
+	})
+	type args struct {
+		t  Type
+		fn CertificateAuthorityServiceNewFunc
+	}
+	tests := []struct {
+		name    string
+		args    args
+		want    CertificateAuthorityService
+		wantErr bool
+	}{
+		{"ok", args{"TestCAS", func(ctx context.Context, opts Options) (CertificateAuthorityService, error) {
+			return &testCAS{}, nil
+		}}, &testCAS{}, false},
+		{"error", args{"ErrorCAS", func(ctx context.Context, opts Options) (CertificateAuthorityService, error) {
+			return nil, fmt.Errorf("an error")
+		}}, nil, true},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			Register(tt.args.t, tt.args.fn)
+			fmt.Println(registry)
+			fn, ok := registry.LoadAndDelete(tt.args.t.String())
+			if !ok {
+				t.Errorf("Register() failed")
+				return
+			}
+			got, err := fn.(CertificateAuthorityServiceNewFunc)(context.Background(), Options{})
+			if (err != nil) != tt.wantErr {
+				t.Errorf("CertificateAuthorityServiceNewFunc() error = %v, wantErr %v", err, tt.wantErr)
+				return
+			}
+			if !reflect.DeepEqual(got, tt.want) {
+				t.Errorf("CertificateAuthorityServiceNewFunc() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}
+
+func TestLoadCertificateAuthorityServiceNewFunc(t *testing.T) {
+	mockRegister(t)
+	type args struct {
+		t Type
+	}
+	tests := []struct {
+		name   string
+		args   args
+		want   CertificateAuthorityService
+		wantOk bool
+	}{
+		{"default", args{""}, &testCAS{name: SoftCAS}, true},
+		{"SoftCAS", args{"SoftCAS"}, &testCAS{name: SoftCAS}, true},
+		{"CloudCAS", args{"CloudCAS"}, &testCAS{name: CloudCAS}, true},
+		{"softcas", args{"softcas"}, &testCAS{name: SoftCAS}, true},
+		{"cloudcas", args{"cloudcas"}, &testCAS{name: CloudCAS}, true},
+		{"FailCAS", args{"FailCAS"}, nil, false},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			fn, ok := LoadCertificateAuthorityServiceNewFunc(tt.args.t)
+			if ok != tt.wantOk {
+				t.Errorf("LoadCertificateAuthorityServiceNewFunc() ok = %v, want %v", ok, tt.wantOk)
+				return
+			}
+			if ok {
+				got, err := fn(context.Background(), Options{})
+				if err != nil {
+					t.Errorf("CertificateAuthorityServiceNewFunc() error = %v", err)
+					return
+				}
+				if !reflect.DeepEqual(got, tt.want) {
+					t.Errorf("CertificateAuthorityServiceNewFunc() = %v, want %v", got, tt.want)
+				}
+			}
+		})
+	}
+}

cas/apiv1/services_test.go

@@ -0,0 +1,23 @@
+package apiv1
+
+import "testing"
+
+func TestType_String(t *testing.T) {
+	tests := []struct {
+		name string
+		t    Type
+		want string
+	}{
+		{"default", "", "softcas"},
+		{"SoftCAS", SoftCAS, "softcas"},
+		{"CloudCAS", CloudCAS, "cloudcas"},
+		{"UnknownCAS", "UnknownCAS", "unknowncas"},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			if got := tt.t.String(); got != tt.want {
+				t.Errorf("Type.String() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}

cas/cas_test.go

@@ -0,0 +1,60 @@
+package cas
+
+import (
+	"context"
+	"crypto/ed25519"
+	"crypto/x509"
+	"crypto/x509/pkix"
+	"reflect"
+	"testing"
+
+	"github.com/smallstep/certificates/cas/softcas"
+
+	"github.com/smallstep/certificates/cas/apiv1"
+)
+
+func TestNew(t *testing.T) {
+	expected := &softcas.SoftCAS{
+		Issuer: &x509.Certificate{Subject: pkix.Name{CommonName: "Test Issuer"}},
+		Signer: ed25519.PrivateKey{},
+	}
+	type args struct {
+		ctx  context.Context
+		opts apiv1.Options
+	}
+	tests := []struct {
+		name    string
+		args    args
+		want    CertificateAuthorityService
+		wantErr bool
+	}{
+		{"ok default", args{context.Background(), apiv1.Options{
+			Issuer: &x509.Certificate{Subject: pkix.Name{CommonName: "Test Issuer"}},
+			Signer: ed25519.PrivateKey{},
+		}}, expected, false},
+		{"ok softcas", args{context.Background(), apiv1.Options{
+			Type:   "softcas",
+			Issuer: &x509.Certificate{Subject: pkix.Name{CommonName: "Test Issuer"}},
+			Signer: ed25519.PrivateKey{},
+		}}, expected, false},
+		{"ok SoftCAS", args{context.Background(), apiv1.Options{
+			Type:   "SoftCAS",
+			Issuer: &x509.Certificate{Subject: pkix.Name{CommonName: "Test Issuer"}},
+			Signer: ed25519.PrivateKey{},
+		}}, expected, false},
+		{"fail empty", args{context.Background(), apiv1.Options{}}, (*softcas.SoftCAS)(nil), true},
+		{"fail type", args{context.Background(), apiv1.Options{Type: "FailCAS"}}, nil, true},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			got, err := New(tt.args.ctx, tt.args.opts)
+			if (err != nil) != tt.wantErr {
+				t.Errorf("New() error = %v, wantErr %v", err, tt.wantErr)
+				return
+			}
+			if !reflect.DeepEqual(got, tt.want) {
+				t.Errorf("New() = %#v, want %v", got, tt.want)
+			}
+		})
+	}
+}