github.com/aporeto-inc/trireme-lib@v10.358.0+incompatible/controller/pkg/secrets/compactpki_test.go

github.com/aporeto-inc/trireme-lib@v10.358.0+incompatible/controller/pkg/secrets/compactpki_test.go (about)

     1  // +build !windows
     2  
     3  package secrets
     4  
     5  import (
     6  	"crypto/ecdsa"
     7  	"crypto/x509"
     8  	"testing"
     9  
    10  	. "github.com/smartystreets/goconvey/convey"
    11  	"go.aporeto.io/trireme-lib/controller/pkg/claimsheader"
    12  	"go.aporeto.io/trireme-lib/utils/crypto"
    13  )
    14  
    15  func TestNewCompactPKI(t *testing.T) {
    16  	txKey := CreateTxtToken()
    17  	// txkey is a token that has the client public key signed by the CA
    18  	Convey("When I create a new compact PKI, it should succeed ", t, func() {
    19  
    20  		p, err := NewCompactPKI([]byte(PrivateKeyPEM), []byte(PublicPEM), []byte(CAPEM), txKey, claimsheader.CompressionTypeNone)
    21  		So(err, ShouldBeNil)
    22  		So(p, ShouldNotBeNil)
    23  		So(p.AuthorityPEM, ShouldResemble, []byte(CAPEM))
    24  		So(p.PrivateKeyPEM, ShouldResemble, []byte(PrivateKeyPEM))
    25  		So(p.PublicKeyPEM, ShouldResemble, []byte(PublicPEM))
    26  	})
    27  
    28  	Convey("When I create a new compact PKI with invalid certs, it should fail", t, func() {
    29  		p, err := NewCompactPKI([]byte(PrivateKeyPEM)[:20], []byte(PublicPEM)[:30], []byte(CAPEM), txKey, claimsheader.CompressionTypeNone)
    30  		So(err, ShouldNotBeNil)
    31  		So(p, ShouldBeNil)
    32  	})
    33  
    34  	Convey("When I create a new compact PKI with invalid CA, it should fail", t, func() {
    35  		p, err := NewCompactPKI([]byte(PrivateKeyPEM), []byte(PublicPEM), []byte(CAPEM)[:10], txKey, claimsheader.CompressionTypeNone)
    36  		So(err, ShouldNotBeNil)
    37  		So(p, ShouldBeNil)
    38  	})
    39  
    40  }
    41  
    42  func TestBasicInterfaceFunctions(t *testing.T) {
    43  	txKey := CreateTxtToken()
    44  	Convey("Given a valid CompactPKI ", t, func() {
    45  		p, err := NewCompactPKI([]byte(PrivateKeyPEM), []byte(PublicPEM), []byte(CAPEM), txKey, claimsheader.CompressionTypeNone)
    46  		So(err, ShouldBeNil)
    47  		So(p, ShouldNotBeNil)
    48  
    49  		key, cert, _, _ := crypto.LoadAndVerifyECSecrets([]byte(PrivateKeyPEM), []byte(PublicPEM), []byte(CAPEM))
    50  		Convey("I should get the right secrets type ", func() {
    51  			So(p.Type(), ShouldResemble, PKICompactType)
    52  		})
    53  
    54  		Convey("I should get the right encoding key", func() {
    55  			So(*(p.EncodingKey().(*ecdsa.PrivateKey)), ShouldResemble, *key)
    56  		})
    57  
    58  		Convey("I should get the right transmitter key", func() {
    59  			So(p.TransmittedKey(), ShouldResemble, txKey)
    60  		})
    61  
    62  		Convey("I should ge the right ack size", func() {
    63  			So(p.AckSize(), ShouldEqual, compactPKIAckSize)
    64  		})
    65  
    66  		Convey("I should get the right public key, ", func() {
    67  			So(p.PublicKey().(*x509.Certificate), ShouldResemble, cert)
    68  		})
    69  	})
    70  }