add test for certificates with extra new lines

pete911 · Jun 30, 2023 · 069812b · 069812b
1 parent 5cb75ff
commit 069812b
Show file tree

Hide file tree

Showing 3 changed files with 55 additions and 37 deletions.
diff --git a/pkg/cert/cert_test.go b/pkg/cert/cert_test.go
@@ -1,13 +1,10 @@
 package cert
 
 import (
-	"bytes"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
-	"os"
-	"path/filepath"
+	"strings"
 	"testing"
-	"time"
 )
 
 func TestFromBytes(t *testing.T) {
@@ -29,12 +26,7 @@ func TestFromBytes(t *testing.T) {
 
 func TestCertificates_RemoveDuplicates(t *testing.T) {
 	t.Run("given duplicate PEM certificate, when remove duplicates is called, then they are removed", func(t *testing.T) {
-		bundle := bytes.Join([][]byte{
-			loadTestFile(t, "bundle.pem"),
-			loadTestFile(t, "bundle.pem"),
-		}, []byte("\n"))
-		certificates, err := FromBytes(bundle)
-		require.NoError(t, err)
+		certificates := loadTestCertificates(t, "bundle.pem", "bundle.pem")
 
 		require.Equal(t, 4, len(certificates))
 		noDuplicates := certificates.RemoveDuplicates()
@@ -45,12 +37,12 @@ func TestCertificates_RemoveDuplicates(t *testing.T) {
 func Test_expiryFormat(t *testing.T) {
 	t.Run("given certificate expiry is more than a year then year is returned as well", func(t *testing.T) {
 		v := expiryFormat(getTime(3, 2, 7, 5, 25))
-		assert.Equal(t, "3 years 2 months 7 days 5 hours 25 minutes", v)
+		assert.True(t, strings.HasPrefix(v, "3 years 2 months "))
 	})
 
 	t.Run("given certificate expiry is less than a year then year is not returned", func(t *testing.T) {
 		v := expiryFormat(getTime(0, 2, 7, 5, 25))
-		assert.Equal(t, "2 months 7 days 5 hours 25 minutes", v)
+		assert.True(t, strings.HasPrefix(v, "2 months "))
 	})
 
 	t.Run("given certificate expiry is less than a month then year and month is not returned", func(t *testing.T) {
@@ -71,17 +63,15 @@ func Test_expiryFormat(t *testing.T) {
 
 func Test_rootIdentification(t *testing.T) {
 	t.Run("given certificate issuer is identical to subject but authority key id is set then identify as root", func(t *testing.T) {
-		certificate, err := FromBytes(loadTestFile(t, "root_with_authority_key_id.pem"))
-		require.NoError(t, err)
+		certificate := loadTestCertificates(t, "root_with_authority_key_id.pem")
 		require.Len(t, certificate, 1)
 		require.Equal(t, certificate[0].x509Certificate.RawSubject, certificate[0].x509Certificate.RawIssuer)
 		require.NotEmpty(t, certificate[0].x509Certificate.AuthorityKeyId)
 		require.Equal(t, "root", CertificateType(certificate[0].x509Certificate))
 	})
 
 	t.Run("given certificate authority key id is unset then identify as root", func(t *testing.T) {
-		certificate, err := FromBytes(loadTestFile(t, "cert.pem"))
-		require.NoError(t, err)
+		certificate := loadTestCertificates(t, "cert.pem")
 		require.Len(t, certificate, 1)
 		assert.Len(t, certificate[0].x509Certificate.AuthorityKeyId, 0)
 		assert.True(t, certificate[0].x509Certificate.IsCA)
@@ -91,30 +81,10 @@ func Test_rootIdentification(t *testing.T) {
 
 func Test_intermediateIdentification(t *testing.T) {
 	t.Run("given intermediate certificate issuer is identical to subject but authority and subject keys are different then identify as intermediate", func(t *testing.T) {
-		certificate, err := FromBytes(loadTestFile(t, "intermediate_same_issuer_and_subject.pem"))
-		require.NoError(t, err)
+		certificate := loadTestCertificates(t, "intermediate_same_issuer_and_subject.pem")
 		require.Len(t, certificate, 1)
 		require.Equal(t, certificate[0].x509Certificate.RawSubject, certificate[0].x509Certificate.RawIssuer)
 		require.NotEmpty(t, certificate[0].x509Certificate.AuthorityKeyId)
 		require.Equal(t, "intermediate", CertificateType(certificate[0].x509Certificate))
 	})
 }
-
-// --- helper functions ---
-
-func loadTestCertificates(t *testing.T, file string) Certificates {
-	certificates, err := FromBytes(loadTestFile(t, file))
-	require.NoError(t, err)
-	return certificates
-}
-
-func loadTestFile(t *testing.T, file string) []byte {
-	b, err := os.ReadFile(filepath.Join("testdata", file))
-	require.NoError(t, err)
-	return b
-}
-
-func getTime(years, months, days, hours, minutes int) time.Time {
-	return time.Now().AddDate(years, months, days).
-		Add(time.Hour*time.Duration(hours) + time.Minute*time.Duration(minutes))
-}
diff --git a/pkg/cert/location_test.go b/pkg/cert/location_test.go
@@ -1,8 +1,10 @@
 package cert
 
 import (
+	"bytes"
 	"crypto/tls"
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 	"testing"
 )
 
@@ -22,3 +24,18 @@ func Test_nameFormat(t *testing.T) {
 		assert.Equal(t, "test name TLS 1.2", name)
 	})
 }
+
+func Test_loadCertificate(t *testing.T) {
+	t.Run("given valid certificate then cert location is loaded", func(t *testing.T) {
+		certificate := loadTestFile(t, "cert.pem")
+		_, err := loadCertificate("test", certificate)
+		require.NoError(t, err)
+	})
+
+	t.Run("given certificate with extra new lines then cert location is loaded", func(t *testing.T) {
+		certificate := loadTestFile(t, "cert.pem")
+		certificate = bytes.Join([][]byte{[]byte("\n\n"), certificate}, []byte("/"))
+		_, err := loadCertificate("test", certificate)
+		require.NoError(t, err)
+	})
+}
diff --git a/pkg/cert/util_test.go b/pkg/cert/util_test.go
@@ -0,0 +1,31 @@
+package cert
+
+import (
+	"bytes"
+	"github.com/stretchr/testify/require"
+	"os"
+	"path/filepath"
+	"testing"
+	"time"
+)
+
+func loadTestCertificates(t *testing.T, files ...string) Certificates {
+	var bundle [][]byte
+	for _, f := range files {
+		bundle = append(bundle, loadTestFile(t, f))
+	}
+	certificates, err := FromBytes(bytes.Join(bundle, []byte("\n")))
+	require.NoError(t, err)
+	return certificates
+}
+
+func loadTestFile(t *testing.T, file string) []byte {
+	b, err := os.ReadFile(filepath.Join("testdata", file))
+	require.NoError(t, err)
+	return b
+}
+
+func getTime(years, months, days, hours, minutes int) time.Time {
+	return time.Now().AddDate(years, months, days).
+		Add(time.Hour*time.Duration(hours) + time.Minute*time.Duration(minutes))
+}