github.com/IBM-Blockchain/fabric-operator@v1.0.4/pkg/initializer/ca/tls/tls_test.go (about) 1 /* 2 * Copyright contributors to the Hyperledger Fabric Operator project 3 * 4 * SPDX-License-Identifier: Apache-2.0 5 * 6 * Licensed under the Apache License, Version 2.0 (the "License"); 7 * you may not use this file except in compliance with the License. 8 * You may obtain a copy of the License at: 9 * 10 * http://www.apache.org/licenses/LICENSE-2.0 11 * 12 * Unless required by applicable law or agreed to in writing, software 13 * distributed under the License is distributed on an "AS IS" BASIS, 14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 * See the License for the specific language governing permissions and 16 * limitations under the License. 17 */ 18 19 package tls_test 20 21 import ( 22 "crypto/x509" 23 "fmt" 24 "io/ioutil" 25 "os" 26 "path/filepath" 27 28 "github.com/IBM-Blockchain/fabric-operator/pkg/initializer/ca/tls" 29 cfcsr "github.com/cloudflare/cfssl/csr" 30 "github.com/hyperledger/fabric-ca/api" 31 "github.com/hyperledger/fabric/bccsp/factory" 32 . "github.com/onsi/ginkgo/v2" 33 . "github.com/onsi/gomega" 34 ) 35 36 var _ = Describe("generating TLS crypto", func() { 37 var ( 38 tlsGen *tls.TLS 39 csr *api.CSRInfo 40 ) 41 42 BeforeEach(func() { 43 csp := &factory.FactoryOpts{ 44 ProviderName: "SW", 45 } 46 tlsGen = &tls.TLS{ 47 CAHomeDir: "crypto", 48 CSP: csp, 49 } 50 51 csr = &api.CSRInfo{ 52 CN: "tls-ca", 53 Names: []cfcsr.Name{ 54 cfcsr.Name{ 55 C: "United States", 56 ST: "North Carolina", 57 L: "Raleigh", 58 O: "IBM", 59 OU: "Blockchain", 60 }, 61 }, 62 Hosts: []string{"localhost", "127.0.0.1"}, 63 } 64 }) 65 66 AfterEach(func() { 67 err := os.RemoveAll("crypto") 68 Expect(err).NotTo(HaveOccurred()) 69 }) 70 71 It("generates key and self-signed TLS certificate", func() { 72 certBytes, err := tlsGen.GenerateSelfSignedTLSCrypto(csr) 73 Expect(err).NotTo(HaveOccurred()) 74 75 By("returning a properly populated certificate", func() { 76 cert, err := x509.ParseCertificate(certBytes) 77 Expect(err).NotTo(HaveOccurred()) 78 79 Expect(cert.Subject.Country).To(Equal([]string{"United States"})) 80 Expect(cert.Subject.Province).To(Equal([]string{"North Carolina"})) 81 Expect(cert.Subject.Locality).To(Equal([]string{"Raleigh"})) 82 Expect(cert.Subject.Organization).To(Equal([]string{"IBM"})) 83 Expect(cert.Subject.OrganizationalUnit).To(Equal([]string{"Blockchain"})) 84 85 Expect(cert.DNSNames[0]).To(Equal("localhost")) 86 Expect(fmt.Sprintf("%s", cert.IPAddresses[0])).To(Equal("127.0.0.1")) 87 88 Expect(cert.Subject).To(Equal(cert.Issuer)) 89 }) 90 91 By("writing the private key to proper location", func() { 92 keystorePath := filepath.Join(tlsGen.CAHomeDir, "tls/msp/keystore") 93 Expect(keystorePath).Should(BeADirectory()) 94 95 files, err := ioutil.ReadDir(keystorePath) 96 Expect(err).NotTo(HaveOccurred()) 97 Expect(len(files)).NotTo(Equal(0)) 98 Expect(files[0].Name()).To(ContainSubstring("sk")) 99 }) 100 }) 101 102 It("stores the certificate in the proper directory", func() { 103 certBytes, err := tlsGen.GenerateSelfSignedTLSCrypto(csr) 104 Expect(err).NotTo(HaveOccurred()) 105 106 err = tlsGen.WriteCryptoToFile(certBytes, "tls-cert.pem") 107 Expect(err).NotTo(HaveOccurred()) 108 109 certPath := filepath.Join(tlsGen.CAHomeDir, "tls", "tls-cert.pem") 110 Expect(certPath).Should(BeAnExistingFile()) 111 }) 112 })