go-grpc-certificate/pkg/credentials/credentials_test.go

128 lines
3.9 KiB
Go
Raw Normal View History

2023-03-06 16:14:54 +01:00
package credentials
import (
"errors"
"log"
"os"
"os/exec"
"testing"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
)
var (
testDir = "testDir"
testCertKeyError = testDir + "/testKeyError.pem"
testKeyError = testDir + "/error-key.pem"
testCertKey = testDir + "/testCertKey.pem"
testCert = testDir + "/testCert.pem"
testCertScript = testDir + "/certScript.sh"
testKeyPass = "test"
generateKeyScript = `#!/bin/bash
openssl genpkey -out ./` + testCertKey + ` -algorithm RSA -pass pass:test -des3`
generateCertScript = `#!/bin/bash
openssl req -new -sha256 -key ./` + testCertKey + ` -passin pass:test -out ./` + testCert + ` -nodes -x509 -subj "/C=US/ST=Denial/L=Springfield/O=Dis/CN=www.example.com"`
certKeyOk = `-----BEGIN PRIVATE KEY-----
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgP+sX5Fn7WhQgAt1l
nL3YaX0RPuJFf058/r90mO/xViyhRANCAAT3qOUKYwgSbBSVAMkC14/kZAQWZIef
+SnO6GvOjMU8dcchboisMujVQRksfgJUsBZmfquh93BnkYqkSzlD+dIE
-----END PRIVATE KEY-----`
certKeyError = `-----BEGIN PRIVATE KEY-----
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgFrBUnTIIrSbRBZpX
j3TlomgnCQFe6JUVBO0fyRQMk1qhRANCAASTLZ8S8rWSmraKWNdM6N3pWPuATi92
yQuhZ6P2JaLnfmYemIOprHeRSqTqWy4+kus3b4LxPEzu86/248d7d
-----END PRIVATE KEY-----`
)
func createTestDir() error {
return os.MkdirAll(testDir, 0o770)
}
func deleteTestDir() error {
return os.RemoveAll(testDir)
}
func createEncryptedKeyFile() error {
if err := os.WriteFile(testCertScript, []byte(generateKeyScript), os.ModeAppend); err != nil {
log.Fatalln("os.WriteFile: ", err)
}
cmd := exec.Command("bash", testCertScript)
output_bts, err := cmd.CombinedOutput()
if err != nil {
return errors.New(string(output_bts))
}
return nil
}
func createCertificateFromKeyFile() error {
if err := os.WriteFile(testCertScript, []byte(generateCertScript), os.ModeAppend); err != nil {
log.Fatalln("os.WriteFile: ", err)
}
cmd := exec.Command("bash", testCertScript)
output_bts, err := cmd.CombinedOutput()
if err != nil {
return errors.New(string(output_bts))
}
return nil
}
func TestCredentialsFromKeyWithPasswd(t *testing.T) {
require.NoError(t, deleteTestDir())
require.NoError(t, createTestDir())
require.NoError(t, createEncryptedKeyFile())
require.NoError(t, createCertificateFromKeyFile())
defer func() {
require.NoError(t, deleteTestDir())
}()
_, err := CredentialsFromKeyWithPasswd(testCert, testCertKey, testKeyPass)
assert.NoError(t, err, "key with password should not fail")
_, err = CredentialsFromKeyWithPasswd(testCert, testCertKey, "wrong-pass")
assert.Error(t, err, "key with wrong pass password should not fail")
}
func TestCredentialsFromKeyWithPasswdError(t *testing.T) {
require.NoError(t, deleteTestDir())
require.NoError(t, createTestDir())
defer func() {
require.NoError(t, deleteTestDir())
}()
_, err := CredentialsFromKeyWithPasswd("", "", "")
assert.Error(t, err)
_, err = CredentialsFromKeyWithPasswd(testCert, "", "")
assert.Error(t, err)
_, err = CredentialsFromKeyWithPasswd(testCert, "not-exists.txt", "")
assert.Error(t, err)
require.NoError(t, os.WriteFile(testKeyError, []byte(""), os.ModeAppend))
_, err = CredentialsFromKeyWithPasswd(testCert, testKeyError, testKeyPass)
require.Error(t, err)
require.NoError(t, os.WriteFile(testCertKeyError, []byte(certKeyError), os.ModeAppend))
_, err = CredentialsFromKeyWithPasswd(testCert, testCertKeyError, testKeyPass)
assert.Error(t, err)
require.NoError(t, os.Remove(testCertKeyError))
assert.NoError(t, os.WriteFile(testCertKeyError, []byte(certKeyOk), os.ModeAppend))
_, err = CredentialsFromKeyWithPasswd(testCert, testCertKeyError, testKeyPass)
assert.Error(t, err, "key without password should fail")
require.NoError(t, createEncryptedKeyFile())
_, err = CredentialsFromKeyWithPasswd(testCert, testCertKey, testKeyPass)
assert.Error(t, err, "key without password should fail")
}