diff --git a/pkg/cert/cert_test.go b/pkg/cert/cert_test.go index cf26a87..95f0a4e 100644 --- a/pkg/cert/cert_test.go +++ b/pkg/cert/cert_test.go @@ -1,13 +1,10 @@ package cert import ( - "bytes" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" - "os" - "path/filepath" + "strings" "testing" - "time" ) func TestFromBytes(t *testing.T) { @@ -29,12 +26,7 @@ func TestFromBytes(t *testing.T) { func TestCertificates_RemoveDuplicates(t *testing.T) { t.Run("given duplicate PEM certificate, when remove duplicates is called, then they are removed", func(t *testing.T) { - bundle := bytes.Join([][]byte{ - loadTestFile(t, "bundle.pem"), - loadTestFile(t, "bundle.pem"), - }, []byte("\n")) - certificates, err := FromBytes(bundle) - require.NoError(t, err) + certificates := loadTestCertificates(t, "bundle.pem", "bundle.pem") require.Equal(t, 4, len(certificates)) noDuplicates := certificates.RemoveDuplicates() @@ -45,12 +37,12 @@ func TestCertificates_RemoveDuplicates(t *testing.T) { func Test_expiryFormat(t *testing.T) { t.Run("given certificate expiry is more than a year then year is returned as well", func(t *testing.T) { v := expiryFormat(getTime(3, 2, 7, 5, 25)) - assert.Equal(t, "3 years 2 months 7 days 5 hours 25 minutes", v) + assert.True(t, strings.HasPrefix(v, "3 years 2 months ")) }) t.Run("given certificate expiry is less than a year then year is not returned", func(t *testing.T) { v := expiryFormat(getTime(0, 2, 7, 5, 25)) - assert.Equal(t, "2 months 7 days 5 hours 25 minutes", v) + assert.True(t, strings.HasPrefix(v, "2 months ")) }) t.Run("given certificate expiry is less than a month then year and month is not returned", func(t *testing.T) { @@ -71,8 +63,7 @@ func Test_expiryFormat(t *testing.T) { func Test_rootIdentification(t *testing.T) { t.Run("given certificate issuer is identical to subject but authority key id is set then identify as root", func(t *testing.T) { - certificate, err := FromBytes(loadTestFile(t, "root_with_authority_key_id.pem")) - require.NoError(t, err) + certificate := loadTestCertificates(t, "root_with_authority_key_id.pem") require.Len(t, certificate, 1) require.Equal(t, certificate[0].x509Certificate.RawSubject, certificate[0].x509Certificate.RawIssuer) require.NotEmpty(t, certificate[0].x509Certificate.AuthorityKeyId) @@ -80,8 +71,7 @@ func Test_rootIdentification(t *testing.T) { }) t.Run("given certificate authority key id is unset then identify as root", func(t *testing.T) { - certificate, err := FromBytes(loadTestFile(t, "cert.pem")) - require.NoError(t, err) + certificate := loadTestCertificates(t, "cert.pem") require.Len(t, certificate, 1) assert.Len(t, certificate[0].x509Certificate.AuthorityKeyId, 0) assert.True(t, certificate[0].x509Certificate.IsCA) @@ -91,30 +81,10 @@ func Test_rootIdentification(t *testing.T) { func Test_intermediateIdentification(t *testing.T) { t.Run("given intermediate certificate issuer is identical to subject but authority and subject keys are different then identify as intermediate", func(t *testing.T) { - certificate, err := FromBytes(loadTestFile(t, "intermediate_same_issuer_and_subject.pem")) - require.NoError(t, err) + certificate := loadTestCertificates(t, "intermediate_same_issuer_and_subject.pem") require.Len(t, certificate, 1) require.Equal(t, certificate[0].x509Certificate.RawSubject, certificate[0].x509Certificate.RawIssuer) require.NotEmpty(t, certificate[0].x509Certificate.AuthorityKeyId) require.Equal(t, "intermediate", CertificateType(certificate[0].x509Certificate)) }) } - -// --- helper functions --- - -func loadTestCertificates(t *testing.T, file string) Certificates { - certificates, err := FromBytes(loadTestFile(t, file)) - require.NoError(t, err) - return certificates -} - -func loadTestFile(t *testing.T, file string) []byte { - b, err := os.ReadFile(filepath.Join("testdata", file)) - require.NoError(t, err) - return b -} - -func getTime(years, months, days, hours, minutes int) time.Time { - return time.Now().AddDate(years, months, days). - Add(time.Hour*time.Duration(hours) + time.Minute*time.Duration(minutes)) -} diff --git a/pkg/cert/location_test.go b/pkg/cert/location_test.go index b21f590..6325f99 100644 --- a/pkg/cert/location_test.go +++ b/pkg/cert/location_test.go @@ -1,8 +1,10 @@ package cert import ( + "bytes" "crypto/tls" "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" "testing" ) @@ -22,3 +24,18 @@ func Test_nameFormat(t *testing.T) { assert.Equal(t, "test name TLS 1.2", name) }) } + +func Test_loadCertificate(t *testing.T) { + t.Run("given valid certificate then cert location is loaded", func(t *testing.T) { + certificate := loadTestFile(t, "cert.pem") + _, err := loadCertificate("test", certificate) + require.NoError(t, err) + }) + + t.Run("given certificate with extra new lines then cert location is loaded", func(t *testing.T) { + certificate := loadTestFile(t, "cert.pem") + certificate = bytes.Join([][]byte{[]byte("\n\n"), certificate}, []byte("/")) + _, err := loadCertificate("test", certificate) + require.NoError(t, err) + }) +} diff --git a/pkg/cert/util_test.go b/pkg/cert/util_test.go new file mode 100644 index 0000000..eef04f1 --- /dev/null +++ b/pkg/cert/util_test.go @@ -0,0 +1,31 @@ +package cert + +import ( + "bytes" + "github.com/stretchr/testify/require" + "os" + "path/filepath" + "testing" + "time" +) + +func loadTestCertificates(t *testing.T, files ...string) Certificates { + var bundle [][]byte + for _, f := range files { + bundle = append(bundle, loadTestFile(t, f)) + } + certificates, err := FromBytes(bytes.Join(bundle, []byte("\n"))) + require.NoError(t, err) + return certificates +} + +func loadTestFile(t *testing.T, file string) []byte { + b, err := os.ReadFile(filepath.Join("testdata", file)) + require.NoError(t, err) + return b +} + +func getTime(years, months, days, hours, minutes int) time.Time { + return time.Now().AddDate(years, months, days). + Add(time.Hour*time.Duration(hours) + time.Minute*time.Duration(minutes)) +}