github.com/hechain20/hechain@v0.0.0-20220316014945-b544036ba106/common/fabhttp/fabhttp_suite_test.go (about) 1 /* 2 Copyright hechain All Rights Reserved. 3 4 SPDX-License-Identifier: Apache-2.0 5 */ 6 7 package fabhttp_test 8 9 import ( 10 "crypto/tls" 11 "crypto/x509" 12 "io/ioutil" 13 "net/http" 14 "path/filepath" 15 "testing" 16 17 "github.com/hechain20/hechain/common/crypto/tlsgen" 18 . "github.com/onsi/ginkgo" 19 . "github.com/onsi/gomega" 20 ) 21 22 func TestFabHTTP(t *testing.T) { 23 RegisterFailHandler(Fail) 24 RunSpecs(t, "FabHTTP Suite") 25 } 26 27 func generateCertificates(tempDir string) { 28 serverCA, err := tlsgen.NewCA() 29 Expect(err).NotTo(HaveOccurred()) 30 err = ioutil.WriteFile(filepath.Join(tempDir, "server-ca.pem"), serverCA.CertBytes(), 0o640) 31 Expect(err).NotTo(HaveOccurred()) 32 serverKeyPair, err := serverCA.NewServerCertKeyPair("127.0.0.1") 33 Expect(err).NotTo(HaveOccurred()) 34 err = ioutil.WriteFile(filepath.Join(tempDir, "server-cert.pem"), serverKeyPair.Cert, 0o640) 35 Expect(err).NotTo(HaveOccurred()) 36 err = ioutil.WriteFile(filepath.Join(tempDir, "server-key.pem"), serverKeyPair.Key, 0o640) 37 Expect(err).NotTo(HaveOccurred()) 38 39 clientCA, err := tlsgen.NewCA() 40 Expect(err).NotTo(HaveOccurred()) 41 err = ioutil.WriteFile(filepath.Join(tempDir, "client-ca.pem"), clientCA.CertBytes(), 0o640) 42 Expect(err).NotTo(HaveOccurred()) 43 clientKeyPair, err := clientCA.NewClientCertKeyPair() 44 Expect(err).NotTo(HaveOccurred()) 45 err = ioutil.WriteFile(filepath.Join(tempDir, "client-cert.pem"), clientKeyPair.Cert, 0o640) 46 Expect(err).NotTo(HaveOccurred()) 47 err = ioutil.WriteFile(filepath.Join(tempDir, "client-key.pem"), clientKeyPair.Key, 0o640) 48 Expect(err).NotTo(HaveOccurred()) 49 } 50 51 func newHTTPClient(tlsDir string, withClientCert bool, tlsOpts ...func(config *tls.Config)) *http.Client { 52 clientCertPool := x509.NewCertPool() 53 caCert, err := ioutil.ReadFile(filepath.Join(tlsDir, "server-ca.pem")) 54 Expect(err).NotTo(HaveOccurred()) 55 clientCertPool.AppendCertsFromPEM(caCert) 56 57 tlsClientConfig := &tls.Config{ 58 RootCAs: clientCertPool, 59 } 60 if withClientCert { 61 clientCert, err := tls.LoadX509KeyPair( 62 filepath.Join(tlsDir, "client-cert.pem"), 63 filepath.Join(tlsDir, "client-key.pem"), 64 ) 65 Expect(err).NotTo(HaveOccurred()) 66 tlsClientConfig.Certificates = []tls.Certificate{clientCert} 67 } 68 69 for _, opt := range tlsOpts { 70 opt(tlsClientConfig) 71 } 72 73 return &http.Client{ 74 Transport: &http.Transport{ 75 TLSClientConfig: tlsClientConfig, 76 }, 77 } 78 }