github.com/kubernetes-incubator/kube-aws@v0.16.4/pki/cert_test.go (about) 1 package pki 2 3 import ( 4 "github.com/stretchr/testify/assert" 5 "github.com/stretchr/testify/require" 6 "net" 7 "testing" 8 "time" 9 ) 10 11 func TestIsExpired(t *testing.T) { 12 13 cert := Certificate{NotAfter: time.Now().AddDate(0, 0, -1)} 14 assert.True(t, cert.IsExpired()) 15 } 16 17 func TestIsNotExpired(t *testing.T) { 18 19 cert := Certificate{NotAfter: time.Now().AddDate(0, 0, 1)} 20 assert.False(t, cert.IsExpired()) 21 } 22 23 func TestCertificateContainsDNSName(t *testing.T) { 24 25 cert := Certificate{DNSNames: []string{"kube-aws.com", "test.com"}} 26 assert.True(t, cert.ContainsDNSName("kube-aws.com")) 27 } 28 29 func TestCertificateDoesNOTContainDNSName(t *testing.T) { 30 31 cert := Certificate{} 32 assert.False(t, cert.ContainsDNSName("kube-aws.com")) 33 } 34 35 func TestCertificateContainsIPAddress(t *testing.T) { 36 37 localhost := net.IPv4(127, 0, 0, 1) 38 cert := Certificate{IPAddresses: []net.IP{localhost}} 39 assert.True(t, cert.ContainsIPAddress(localhost)) 40 } 41 42 func TestCertificateDoesNOTContainIPAddress(t *testing.T) { 43 44 localhost := net.IPv4(127, 0, 0, 1) 45 cert := Certificate{} 46 assert.False(t, cert.ContainsIPAddress(localhost)) 47 } 48 49 func TestCertificatesFromBytes(t *testing.T) { 50 51 cert1 := EncodeCertificatePEM(getSelfSignedCert(t, "test CN", "ABC organization")) 52 cert2 := EncodeCertificatePEM(getSelfSignedCert(t, "test 2 CN", "XYZ organization")) 53 bundle := append(cert1[:], cert2[:]...) 54 certs, err := CertificatesFromBytes(bundle) 55 require.NoError(t, err) 56 57 require.Equal(t, 2, len(certs)) 58 assert.Equal(t, "test CN", certs[0].Issuer.CommonName) 59 assert.Equal(t, "test CN", certs[0].Subject.CommonName) 60 assert.Equal(t, "test 2 CN", certs[1].Issuer.CommonName) 61 assert.Equal(t, "test 2 CN", certs[1].Subject.CommonName) 62 63 require.Equal(t, 1, len(certs[0].Issuer.Organization)) 64 require.Equal(t, 1, len(certs[0].Subject.Organization)) 65 assert.Equal(t, "ABC organization", certs[0].Issuer.Organization[0]) 66 assert.Equal(t, "ABC organization", certs[0].Subject.Organization[0]) 67 } 68 69 func TestCertificateFromBytesExistsInBundle(t *testing.T) { 70 71 cert1 := EncodeCertificatePEM(getSelfSignedCert(t, "one", "")) 72 cert2 := EncodeCertificatePEM(getSelfSignedCert(t, "two", "")) 73 bundle := append(cert1[:], cert2[:]...) 74 certs, err := CertificatesFromBytes(bundle) 75 require.NoError(t, err) 76 77 _, ok := certs.GetBySubjectCommonNamePattern("two") 78 assert.True(t, ok) 79 } 80 81 func TestCertificateFromBytesMissingFromBundle(t *testing.T) { 82 83 cert1 := EncodeCertificatePEM(getSelfSignedCert(t, "one", "")) 84 cert2 := EncodeCertificatePEM(getSelfSignedCert(t, "two", "")) 85 bundle := append(cert1[:], cert2[:]...) 86 certs, err := CertificatesFromBytes(bundle) 87 require.NoError(t, err) 88 89 _, ok := certs.GetBySubjectCommonNamePattern("three") 90 assert.False(t, ok) 91 }