github.com/hechain20/hechain@v0.0.0-20220316014945-b544036ba106/common/fabhttp/fabhttp_suite_test.go (about)

     1  /*
     2  Copyright hechain All Rights Reserved.
     3  
     4  SPDX-License-Identifier: Apache-2.0
     5  */
     6  
     7  package fabhttp_test
     8  
     9  import (
    10  	"crypto/tls"
    11  	"crypto/x509"
    12  	"io/ioutil"
    13  	"net/http"
    14  	"path/filepath"
    15  	"testing"
    16  
    17  	"github.com/hechain20/hechain/common/crypto/tlsgen"
    18  	. "github.com/onsi/ginkgo"
    19  	. "github.com/onsi/gomega"
    20  )
    21  
    22  func TestFabHTTP(t *testing.T) {
    23  	RegisterFailHandler(Fail)
    24  	RunSpecs(t, "FabHTTP Suite")
    25  }
    26  
    27  func generateCertificates(tempDir string) {
    28  	serverCA, err := tlsgen.NewCA()
    29  	Expect(err).NotTo(HaveOccurred())
    30  	err = ioutil.WriteFile(filepath.Join(tempDir, "server-ca.pem"), serverCA.CertBytes(), 0o640)
    31  	Expect(err).NotTo(HaveOccurred())
    32  	serverKeyPair, err := serverCA.NewServerCertKeyPair("127.0.0.1")
    33  	Expect(err).NotTo(HaveOccurred())
    34  	err = ioutil.WriteFile(filepath.Join(tempDir, "server-cert.pem"), serverKeyPair.Cert, 0o640)
    35  	Expect(err).NotTo(HaveOccurred())
    36  	err = ioutil.WriteFile(filepath.Join(tempDir, "server-key.pem"), serverKeyPair.Key, 0o640)
    37  	Expect(err).NotTo(HaveOccurred())
    38  
    39  	clientCA, err := tlsgen.NewCA()
    40  	Expect(err).NotTo(HaveOccurred())
    41  	err = ioutil.WriteFile(filepath.Join(tempDir, "client-ca.pem"), clientCA.CertBytes(), 0o640)
    42  	Expect(err).NotTo(HaveOccurred())
    43  	clientKeyPair, err := clientCA.NewClientCertKeyPair()
    44  	Expect(err).NotTo(HaveOccurred())
    45  	err = ioutil.WriteFile(filepath.Join(tempDir, "client-cert.pem"), clientKeyPair.Cert, 0o640)
    46  	Expect(err).NotTo(HaveOccurred())
    47  	err = ioutil.WriteFile(filepath.Join(tempDir, "client-key.pem"), clientKeyPair.Key, 0o640)
    48  	Expect(err).NotTo(HaveOccurred())
    49  }
    50  
    51  func newHTTPClient(tlsDir string, withClientCert bool, tlsOpts ...func(config *tls.Config)) *http.Client {
    52  	clientCertPool := x509.NewCertPool()
    53  	caCert, err := ioutil.ReadFile(filepath.Join(tlsDir, "server-ca.pem"))
    54  	Expect(err).NotTo(HaveOccurred())
    55  	clientCertPool.AppendCertsFromPEM(caCert)
    56  
    57  	tlsClientConfig := &tls.Config{
    58  		RootCAs: clientCertPool,
    59  	}
    60  	if withClientCert {
    61  		clientCert, err := tls.LoadX509KeyPair(
    62  			filepath.Join(tlsDir, "client-cert.pem"),
    63  			filepath.Join(tlsDir, "client-key.pem"),
    64  		)
    65  		Expect(err).NotTo(HaveOccurred())
    66  		tlsClientConfig.Certificates = []tls.Certificate{clientCert}
    67  	}
    68  
    69  	for _, opt := range tlsOpts {
    70  		opt(tlsClientConfig)
    71  	}
    72  
    73  	return &http.Client{
    74  		Transport: &http.Transport{
    75  			TLSClientConfig: tlsClientConfig,
    76  		},
    77  	}
    78  }