summaryrefslogtreecommitdiffstats
path: root/vendor/github.com/xenolf/lego/acme/crypto_test.go
blob: d2fc5088bcae638d5d0bde66c0762daae300fd8f (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
package acme

import (
	"bytes"
	"crypto/rand"
	"crypto/rsa"
	"testing"
	"time"
)

func TestGeneratePrivateKey(t *testing.T) {
	key, err := generatePrivateKey(RSA2048)
	if err != nil {
		t.Error("Error generating private key:", err)
	}
	if key == nil {
		t.Error("Expected key to not be nil, but it was")
	}
}

func TestGenerateCSR(t *testing.T) {
	key, err := rsa.GenerateKey(rand.Reader, 512)
	if err != nil {
		t.Fatal("Error generating private key:", err)
	}

	csr, err := generateCsr(key, "fizz.buzz", nil)
	if err != nil {
		t.Error("Error generating CSR:", err)
	}
	if csr == nil || len(csr) == 0 {
		t.Error("Expected CSR with data, but it was nil or length 0")
	}
}

func TestPEMEncode(t *testing.T) {
	buf := bytes.NewBufferString("TestingRSAIsSoMuchFun")

	reader := MockRandReader{b: buf}
	key, err := rsa.GenerateKey(reader, 32)
	if err != nil {
		t.Fatal("Error generating private key:", err)
	}

	data := pemEncode(key)

	if data == nil {
		t.Fatal("Expected result to not be nil, but it was")
	}
	if len(data) != 127 {
		t.Errorf("Expected PEM encoding to be length 127, but it was %d", len(data))
	}
}

func TestPEMCertExpiration(t *testing.T) {
	privKey, err := generatePrivateKey(RSA2048)
	if err != nil {
		t.Fatal("Error generating private key:", err)
	}

	expiration := time.Now().Add(365)
	expiration = expiration.Round(time.Second)
	certBytes, err := generateDerCert(privKey.(*rsa.PrivateKey), expiration, "test.com")
	if err != nil {
		t.Fatal("Error generating cert:", err)
	}

	buf := bytes.NewBufferString("TestingRSAIsSoMuchFun")

	// Some random string should return an error.
	if ctime, err := GetPEMCertExpiration(buf.Bytes()); err == nil {
		t.Errorf("Expected getCertExpiration to return an error for garbage string but returned %v", ctime)
	}

	// A DER encoded certificate should return an error.
	if _, err := GetPEMCertExpiration(certBytes); err == nil {
		t.Errorf("Expected getCertExpiration to return an error for DER certificates but returned none.")
	}

	// A PEM encoded certificate should work ok.
	pemCert := pemEncode(derCertificateBytes(certBytes))
	if ctime, err := GetPEMCertExpiration(pemCert); err != nil || !ctime.Equal(expiration.UTC()) {
		t.Errorf("Expected getCertExpiration to return %v but returned %v. Error: %v", expiration, ctime, err)
	}
}

type MockRandReader struct {
	b *bytes.Buffer
}

func (r MockRandReader) Read(p []byte) (int, error) {
	return r.b.Read(p)
}