github.com/kubernetes-incubator/kube-aws@v0.16.4/pki/pem_test.go

github.com/kubernetes-incubator/kube-aws@v0.16.4/pki/pem_test.go (about)

     1  package pki
     2  
     3  import (
     4  	"crypto/rsa"
     5  	"crypto/x509"
     6  	"github.com/stretchr/testify/assert"
     7  	"github.com/stretchr/testify/require"
     8  	"testing"
     9  )
    10  
    11  func TestEncodePrivateKeyPEM(t *testing.T) {
    12  
    13  	key := getPrivateKey(t)
    14  	b := EncodePrivateKeyPEM(key)
    15  	decodedKey, err := DecodePrivateKeyPEM(b)
    16  	require.NoError(t, err)
    17  
    18  	assert.Equal(t, key, decodedKey)
    19  }
    20  
    21  func TestEncodeCertificatePEM(t *testing.T) {
    22  
    23  	cert := getSelfSignedCert(t, "test CN", "ABC organization")
    24  	b := EncodeCertificatePEM(cert)
    25  	decodedCert, err := DecodeCertificatePEM(b)
    26  	require.NoError(t, err)
    27  
    28  	assert.Equal(t, cert, decodedCert)
    29  }
    30  
    31  func TestEncodeCertificatesPEM(t *testing.T) {
    32  
    33  	cert1 := EncodeCertificatePEM(getSelfSignedCert(t, "test CN", "abc organization"))
    34  	cert2 := EncodeCertificatePEM(getSelfSignedCert(t, "test 2 CN", "xyz organization"))
    35  	bundle := append(cert1[:], cert2[:]...)
    36  
    37  	decodedBundle, err := DecodeCertificatesPEM(bundle)
    38  	require.NoError(t, err)
    39  
    40  	assert.Equal(t, 2, len(decodedBundle))
    41  }
    42  
    43  func TestEncodeCertificatesPEMBundleContainsPrivateKey(t *testing.T) {
    44  
    45  	cert1 := EncodeCertificatePEM(getSelfSignedCert(t, "test CN", "abc organization"))
    46  	key := EncodePrivateKeyPEM(getPrivateKey(t))
    47  	bundle := append(cert1[:], key[:]...)
    48  
    49  	decodedBundle, err := DecodeCertificatesPEM(bundle)
    50  	require.NoError(t, err)
    51  
    52  	assert.Equal(t, 1, len(decodedBundle))
    53  }
    54  
    55  func TestIsCertificatePEMIsFalseForPrivateKey(t *testing.T) {
    56  
    57  	key := getPrivateKey(t)
    58  	b := EncodePrivateKeyPEM(key)
    59  	isCert := IsCertificatePEM(b)
    60  
    61  	assert.False(t, isCert)
    62  }
    63  
    64  func TestIsCertficatePEMIsTrueForSelfSignedCert(t *testing.T) {
    65  
    66  	cert := getSelfSignedCert(t, "test CN", "ABC organization")
    67  	b := EncodeCertificatePEM(cert)
    68  	isCert := IsCertificatePEM(b)
    69  
    70  	assert.True(t, isCert)
    71  }
    72  
    73  // --- helper functions ---
    74  
    75  func getPrivateKey(t *testing.T) *rsa.PrivateKey {
    76  
    77  	key, err := NewPrivateKey()
    78  	require.NoError(t, err)
    79  	return key
    80  }
    81  
    82  func getSelfSignedCert(t *testing.T, commonName, organization string) *x509.Certificate {
    83  
    84  	key := getPrivateKey(t)
    85  	cfg := CACertConfig{Duration: Duration365d, CommonName: commonName, Organization: organization}
    86  
    87  	cert, err := NewSelfSignedCACertificate(cfg, key)
    88  	require.NoError(t, err)
    89  
    90  	return cert
    91  }