github.com/kubernetes-incubator/kube-aws@v0.16.4/pki/cert_test.go

github.com/kubernetes-incubator/kube-aws@v0.16.4/pki/cert_test.go (about)

     1  package pki
     2  
     3  import (
     4  	"github.com/stretchr/testify/assert"
     5  	"github.com/stretchr/testify/require"
     6  	"net"
     7  	"testing"
     8  	"time"
     9  )
    10  
    11  func TestIsExpired(t *testing.T) {
    12  
    13  	cert := Certificate{NotAfter: time.Now().AddDate(0, 0, -1)}
    14  	assert.True(t, cert.IsExpired())
    15  }
    16  
    17  func TestIsNotExpired(t *testing.T) {
    18  
    19  	cert := Certificate{NotAfter: time.Now().AddDate(0, 0, 1)}
    20  	assert.False(t, cert.IsExpired())
    21  }
    22  
    23  func TestCertificateContainsDNSName(t *testing.T) {
    24  
    25  	cert := Certificate{DNSNames: []string{"kube-aws.com", "test.com"}}
    26  	assert.True(t, cert.ContainsDNSName("kube-aws.com"))
    27  }
    28  
    29  func TestCertificateDoesNOTContainDNSName(t *testing.T) {
    30  
    31  	cert := Certificate{}
    32  	assert.False(t, cert.ContainsDNSName("kube-aws.com"))
    33  }
    34  
    35  func TestCertificateContainsIPAddress(t *testing.T) {
    36  
    37  	localhost := net.IPv4(127, 0, 0, 1)
    38  	cert := Certificate{IPAddresses: []net.IP{localhost}}
    39  	assert.True(t, cert.ContainsIPAddress(localhost))
    40  }
    41  
    42  func TestCertificateDoesNOTContainIPAddress(t *testing.T) {
    43  
    44  	localhost := net.IPv4(127, 0, 0, 1)
    45  	cert := Certificate{}
    46  	assert.False(t, cert.ContainsIPAddress(localhost))
    47  }
    48  
    49  func TestCertificatesFromBytes(t *testing.T) {
    50  
    51  	cert1 := EncodeCertificatePEM(getSelfSignedCert(t, "test CN", "ABC organization"))
    52  	cert2 := EncodeCertificatePEM(getSelfSignedCert(t, "test 2 CN", "XYZ organization"))
    53  	bundle := append(cert1[:], cert2[:]...)
    54  	certs, err := CertificatesFromBytes(bundle)
    55  	require.NoError(t, err)
    56  
    57  	require.Equal(t, 2, len(certs))
    58  	assert.Equal(t, "test CN", certs[0].Issuer.CommonName)
    59  	assert.Equal(t, "test CN", certs[0].Subject.CommonName)
    60  	assert.Equal(t, "test 2 CN", certs[1].Issuer.CommonName)
    61  	assert.Equal(t, "test 2 CN", certs[1].Subject.CommonName)
    62  
    63  	require.Equal(t, 1, len(certs[0].Issuer.Organization))
    64  	require.Equal(t, 1, len(certs[0].Subject.Organization))
    65  	assert.Equal(t, "ABC organization", certs[0].Issuer.Organization[0])
    66  	assert.Equal(t, "ABC organization", certs[0].Subject.Organization[0])
    67  }
    68  
    69  func TestCertificateFromBytesExistsInBundle(t *testing.T) {
    70  
    71  	cert1 := EncodeCertificatePEM(getSelfSignedCert(t, "one", ""))
    72  	cert2 := EncodeCertificatePEM(getSelfSignedCert(t, "two", ""))
    73  	bundle := append(cert1[:], cert2[:]...)
    74  	certs, err := CertificatesFromBytes(bundle)
    75  	require.NoError(t, err)
    76  
    77  	_, ok := certs.GetBySubjectCommonNamePattern("two")
    78  	assert.True(t, ok)
    79  }
    80  
    81  func TestCertificateFromBytesMissingFromBundle(t *testing.T) {
    82  
    83  	cert1 := EncodeCertificatePEM(getSelfSignedCert(t, "one", ""))
    84  	cert2 := EncodeCertificatePEM(getSelfSignedCert(t, "two", ""))
    85  	bundle := append(cert1[:], cert2[:]...)
    86  	certs, err := CertificatesFromBytes(bundle)
    87  	require.NoError(t, err)
    88  
    89  	_, ok := certs.GetBySubjectCommonNamePattern("three")
    90  	assert.False(t, ok)
    91  }