2015-06-13 15:53:17 +00:00
|
|
|
package acme
|
|
|
|
|
|
|
|
import (
|
2015-06-14 00:33:21 +00:00
|
|
|
"bytes"
|
2016-01-27 01:01:58 +00:00
|
|
|
"crypto/rand"
|
2015-06-13 15:53:17 +00:00
|
|
|
"crypto/rsa"
|
|
|
|
"testing"
|
2015-10-16 19:05:16 +00:00
|
|
|
"time"
|
2015-06-13 15:53:17 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
func TestGeneratePrivateKey(t *testing.T) {
|
2016-01-27 01:01:58 +00:00
|
|
|
key, err := generatePrivateKey(RSA2048)
|
2015-06-13 15:53:17 +00:00
|
|
|
if err != nil {
|
|
|
|
t.Error("Error generating private key:", err)
|
|
|
|
}
|
|
|
|
if key == nil {
|
|
|
|
t.Error("Expected key to not be nil, but it was")
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestGenerateCSR(t *testing.T) {
|
2016-01-27 01:01:58 +00:00
|
|
|
key, err := rsa.GenerateKey(rand.Reader, 512)
|
2015-06-13 15:53:17 +00:00
|
|
|
if err != nil {
|
|
|
|
t.Fatal("Error generating private key:", err)
|
|
|
|
}
|
|
|
|
|
2016-01-27 01:01:58 +00:00
|
|
|
csr, err := generateCsr(key, "fizz.buzz", nil)
|
2015-06-13 15:53:17 +00:00
|
|
|
if err != nil {
|
|
|
|
t.Error("Error generating CSR:", err)
|
|
|
|
}
|
|
|
|
if csr == nil || len(csr) == 0 {
|
|
|
|
t.Error("Expected CSR with data, but it was nil or length 0")
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestPEMEncode(t *testing.T) {
|
2015-06-14 00:33:21 +00:00
|
|
|
buf := bytes.NewBufferString("TestingRSAIsSoMuchFun")
|
|
|
|
|
|
|
|
reader := MockRandReader{b: buf}
|
|
|
|
key, err := rsa.GenerateKey(reader, 32)
|
2015-06-13 15:53:17 +00:00
|
|
|
if err != nil {
|
|
|
|
t.Fatal("Error generating private key:", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
data := pemEncode(key)
|
|
|
|
|
|
|
|
if data == nil {
|
|
|
|
t.Fatal("Expected result to not be nil, but it was")
|
|
|
|
}
|
|
|
|
if len(data) != 127 {
|
|
|
|
t.Errorf("Expected PEM encoding to be length 127, but it was %d", len(data))
|
|
|
|
}
|
|
|
|
}
|
2015-06-14 00:33:21 +00:00
|
|
|
|
2015-10-18 19:18:36 +00:00
|
|
|
func TestPEMCertExpiration(t *testing.T) {
|
2016-01-27 01:01:58 +00:00
|
|
|
privKey, err := generatePrivateKey(RSA2048)
|
2015-10-16 19:05:16 +00:00
|
|
|
if err != nil {
|
|
|
|
t.Fatal("Error generating private key:", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
expiration := time.Now().Add(365)
|
|
|
|
expiration = expiration.Round(time.Second)
|
2015-10-23 14:24:02 +00:00
|
|
|
certBytes, err := generateDerCert(privKey.(*rsa.PrivateKey), expiration, "test.com")
|
2015-10-16 19:05:16 +00:00
|
|
|
if err != nil {
|
|
|
|
t.Fatal("Error generating cert:", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
buf := bytes.NewBufferString("TestingRSAIsSoMuchFun")
|
|
|
|
|
2015-10-18 19:18:36 +00:00
|
|
|
// Some random string should return an error.
|
|
|
|
if ctime, err := GetPEMCertExpiration(buf.Bytes()); err == nil {
|
2015-10-16 19:05:16 +00:00
|
|
|
t.Errorf("Expected getCertExpiration to return an error for garbage string but returned %v", ctime)
|
|
|
|
}
|
|
|
|
|
2015-10-18 19:18:36 +00:00
|
|
|
// A DER encoded certificate should return an error.
|
|
|
|
if _, err := GetPEMCertExpiration(certBytes); err == nil {
|
|
|
|
t.Errorf("Expected getCertExpiration to return an error for DER certificates but returned none.")
|
|
|
|
}
|
|
|
|
|
|
|
|
// A PEM encoded certificate should work ok.
|
|
|
|
pemCert := pemEncode(derCertificateBytes(certBytes))
|
|
|
|
if ctime, err := GetPEMCertExpiration(pemCert); err != nil || !ctime.Equal(expiration.UTC()) {
|
|
|
|
t.Errorf("Expected getCertExpiration to return %v but returned %v. Error: %v", expiration, ctime, err)
|
2015-10-16 19:05:16 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2015-06-14 00:33:21 +00:00
|
|
|
type MockRandReader struct {
|
|
|
|
b *bytes.Buffer
|
|
|
|
}
|
|
|
|
|
|
|
|
func (r MockRandReader) Read(p []byte) (int, error) {
|
|
|
|
return r.b.Read(p)
|
|
|
|
}
|