github.com/kubernetes-incubator/kube-aws@v0.16.4/pki/pem_test.go (about) 1 package pki 2 3 import ( 4 "crypto/rsa" 5 "crypto/x509" 6 "github.com/stretchr/testify/assert" 7 "github.com/stretchr/testify/require" 8 "testing" 9 ) 10 11 func TestEncodePrivateKeyPEM(t *testing.T) { 12 13 key := getPrivateKey(t) 14 b := EncodePrivateKeyPEM(key) 15 decodedKey, err := DecodePrivateKeyPEM(b) 16 require.NoError(t, err) 17 18 assert.Equal(t, key, decodedKey) 19 } 20 21 func TestEncodeCertificatePEM(t *testing.T) { 22 23 cert := getSelfSignedCert(t, "test CN", "ABC organization") 24 b := EncodeCertificatePEM(cert) 25 decodedCert, err := DecodeCertificatePEM(b) 26 require.NoError(t, err) 27 28 assert.Equal(t, cert, decodedCert) 29 } 30 31 func TestEncodeCertificatesPEM(t *testing.T) { 32 33 cert1 := EncodeCertificatePEM(getSelfSignedCert(t, "test CN", "abc organization")) 34 cert2 := EncodeCertificatePEM(getSelfSignedCert(t, "test 2 CN", "xyz organization")) 35 bundle := append(cert1[:], cert2[:]...) 36 37 decodedBundle, err := DecodeCertificatesPEM(bundle) 38 require.NoError(t, err) 39 40 assert.Equal(t, 2, len(decodedBundle)) 41 } 42 43 func TestEncodeCertificatesPEMBundleContainsPrivateKey(t *testing.T) { 44 45 cert1 := EncodeCertificatePEM(getSelfSignedCert(t, "test CN", "abc organization")) 46 key := EncodePrivateKeyPEM(getPrivateKey(t)) 47 bundle := append(cert1[:], key[:]...) 48 49 decodedBundle, err := DecodeCertificatesPEM(bundle) 50 require.NoError(t, err) 51 52 assert.Equal(t, 1, len(decodedBundle)) 53 } 54 55 func TestIsCertificatePEMIsFalseForPrivateKey(t *testing.T) { 56 57 key := getPrivateKey(t) 58 b := EncodePrivateKeyPEM(key) 59 isCert := IsCertificatePEM(b) 60 61 assert.False(t, isCert) 62 } 63 64 func TestIsCertficatePEMIsTrueForSelfSignedCert(t *testing.T) { 65 66 cert := getSelfSignedCert(t, "test CN", "ABC organization") 67 b := EncodeCertificatePEM(cert) 68 isCert := IsCertificatePEM(b) 69 70 assert.True(t, isCert) 71 } 72 73 // --- helper functions --- 74 75 func getPrivateKey(t *testing.T) *rsa.PrivateKey { 76 77 key, err := NewPrivateKey() 78 require.NoError(t, err) 79 return key 80 } 81 82 func getSelfSignedCert(t *testing.T, commonName, organization string) *x509.Certificate { 83 84 key := getPrivateKey(t) 85 cfg := CACertConfig{Duration: Duration365d, CommonName: commonName, Organization: organization} 86 87 cert, err := NewSelfSignedCACertificate(cfg, key) 88 require.NoError(t, err) 89 90 return cert 91 }