github.com/kyma-incubator/compass/components/director@v0.0.0-20230623144113-d764f56ff805/pkg/cert/certutils_test.go

github.com/kyma-incubator/compass/components/director@v0.0.0-20230623144113-d764f56ff805/pkg/cert/certutils_test.go (about)

     1  package cert_test
     2  
     3  import (
     4  	"encoding/base64"
     5  	"testing"
     6  
     7  	"github.com/kyma-incubator/compass/components/director/pkg/cert"
     8  	"github.com/stretchr/testify/assert"
     9  	"github.com/stretchr/testify/require"
    10  )
    11  
    12  func TestSubjectExtraction(t *testing.T) {
    13  	testCases := []struct {
    14  		subject          string
    15  		orgUnitPattern   string
    16  		orgRegionPattern string
    17  		country          string
    18  		locality         string
    19  		province         string
    20  		org              string
    21  		orgUnit          string
    22  		orgUnits         []string
    23  		uuidOrgUnit      string
    24  		remainingOrgUnit string
    25  		commonName       string
    26  	}{
    27  		{
    28  			subject:          "CN=application,OU=SAP Cloud Platform Clients,OU=OrgUnit2,OU=123e4567-e89b-12d3-a456-426614174001,O=Org,L=Waldorf,ST=Waldorf,C=DE",
    29  			orgUnitPattern:   "SAP Cloud Platform Clients",
    30  			orgRegionPattern: "OrgUnit2",
    31  			country:          "DE",
    32  			locality:         "Waldorf",
    33  			province:         "Waldorf",
    34  			org:              "Org",
    35  			orgUnit:          "SAP Cloud Platform Clients",
    36  			orgUnits:         []string{"SAP Cloud Platform Clients", "OrgUnit2", "123e4567-e89b-12d3-a456-426614174001"},
    37  			uuidOrgUnit:      "123e4567-e89b-12d3-a456-426614174001",
    38  			remainingOrgUnit: "123e4567-e89b-12d3-a456-426614174001",
    39  			commonName:       "application",
    40  		},
    41  		{
    42  			subject:          "CN=application,OU=SAP Cloud Platform Clients,OU=123e4567-e89b-12d3-a456-426614174001,O=Org,L=Waldorf,ST=Waldorf,C=DE",
    43  			orgUnitPattern:   "SAP Cloud Platform Clients",
    44  			country:          "DE",
    45  			locality:         "Waldorf",
    46  			province:         "Waldorf",
    47  			org:              "Org",
    48  			orgUnit:          "SAP Cloud Platform Clients",
    49  			orgUnits:         []string{"SAP Cloud Platform Clients", "123e4567-e89b-12d3-a456-426614174001"},
    50  			uuidOrgUnit:      "123e4567-e89b-12d3-a456-426614174001",
    51  			remainingOrgUnit: "123e4567-e89b-12d3-a456-426614174001",
    52  			commonName:       "application",
    53  		},
    54  		{
    55  			subject:          "CN=application,OU=SAP Cloud Platform Clients,OU=123e4567-e89b-12d3-a456-426614174001,O=Org,L=Waldorf,ST=Waldorf,C=DE",
    56  			orgUnitPattern:   "SAP Cloud Platform Clients",
    57  			orgRegionPattern: "OrgUnit2",
    58  			country:          "DE",
    59  			locality:         "Waldorf",
    60  			province:         "Waldorf",
    61  			org:              "Org",
    62  			orgUnit:          "SAP Cloud Platform Clients",
    63  			orgUnits:         []string{"SAP Cloud Platform Clients", "123e4567-e89b-12d3-a456-426614174001"},
    64  			uuidOrgUnit:      "123e4567-e89b-12d3-a456-426614174001",
    65  			remainingOrgUnit: "123e4567-e89b-12d3-a456-426614174001",
    66  			commonName:       "application",
    67  		},
    68  		{
    69  			subject:          "CN=application,OU=SAP Cloud Platform Clients,OU=OrgUnit2,OU=RemainingOrgUnit,O=Org,L=Waldorf,ST=Waldorf,C=DE",
    70  			orgUnitPattern:   "SAP Cloud Platform Clients",
    71  			orgRegionPattern: "OrgUnit2",
    72  			country:          "DE",
    73  			locality:         "Waldorf",
    74  			province:         "Waldorf",
    75  			org:              "Org",
    76  			orgUnit:          "SAP Cloud Platform Clients",
    77  			orgUnits:         []string{"SAP Cloud Platform Clients", "OrgUnit2", "RemainingOrgUnit"},
    78  			uuidOrgUnit:      "",
    79  			remainingOrgUnit: "RemainingOrgUnit",
    80  			commonName:       "application",
    81  		},
    82  		{
    83  			subject:          "CN=application,OU=SAP Cloud Platform Clients,OU=OrgUnit2,OU=RemainingOrgUnit,OU=RemainingOrgUnit2,O=Org,L=Waldorf,ST=Waldorf,C=DE",
    84  			orgUnitPattern:   "SAP Cloud Platform Clients",
    85  			orgRegionPattern: "OrgUnit2",
    86  			country:          "DE",
    87  			locality:         "Waldorf",
    88  			province:         "Waldorf",
    89  			org:              "Org",
    90  			orgUnit:          "SAP Cloud Platform Clients",
    91  			orgUnits:         []string{"SAP Cloud Platform Clients", "OrgUnit2", "RemainingOrgUnit", "RemainingOrgUnit2"},
    92  			uuidOrgUnit:      "",
    93  			remainingOrgUnit: "",
    94  			commonName:       "application",
    95  		},
    96  		{
    97  			subject:        "CN=,OU=,O=,L=,ST=,C=",
    98  			orgUnitPattern: "(SAP Cloud Platform Clients|OrgUnit2|OrgUnit3)|OrgUnit4",
    99  			country:        "",
   100  			locality:       "",
   101  			province:       "",
   102  			org:            "",
   103  			orgUnit:        "",
   104  			orgUnits:       []string{},
   105  			commonName:     "",
   106  		},
   107  		{
   108  			subject:    "CN=,OU=,O=,L=,ST=,C=",
   109  			country:    "",
   110  			locality:   "",
   111  			province:   "",
   112  			org:        "",
   113  			orgUnit:    "",
   114  			orgUnits:   []string{},
   115  			commonName: "",
   116  		},
   117  	}
   118  
   119  	for _, testCase := range testCases {
   120  		t.Run("should extract subject values from subject: "+testCase.subject, func(t *testing.T) {
   121  			assert.Equal(t, testCase.country, cert.GetCountry(testCase.subject))
   122  			assert.Equal(t, testCase.locality, cert.GetLocality(testCase.subject))
   123  			assert.Equal(t, testCase.province, cert.GetProvince(testCase.subject))
   124  			assert.Equal(t, testCase.org, cert.GetOrganization(testCase.subject))
   125  			assert.Equal(t, testCase.orgUnit, cert.GetOrganizationalUnit(testCase.subject))
   126  			assert.Equal(t, testCase.orgUnits, cert.GetAllOrganizationalUnits(testCase.subject))
   127  			assert.Equal(t, testCase.uuidOrgUnit, cert.GetUUIDOrganizationalUnit(testCase.subject))
   128  			assert.Equal(t, testCase.remainingOrgUnit, cert.GetRemainingOrganizationalUnit(testCase.orgUnitPattern, testCase.orgRegionPattern)(testCase.subject))
   129  			assert.Equal(t, testCase.commonName, cert.GetCommonName(testCase.subject))
   130  		})
   131  	}
   132  }
   133  
   134  func TestParseCertificate(t *testing.T) {
   135  	const certificate = "-----BEGIN CERTIFICATE-----\nMIIDbjCCAlYCCQDg7pmtw8dIVTANBgkqhkiG9w0BAQsFADB5MQswCQYDVQQGEwJC\nRzENMAsGA1UECAwEVGVzdDENMAsGA1UEBwwEVGVzdDENMAsGA1UECgwEVGVzdDEN\nMAsGA1UECwwEVGVzdDENMAsGA1UEAwwEVGVzdDEfMB0GCSqGSIb3DQEJARYQdGVz\ndEBleGFtcGxlLmNvbTAeFw0yMjAxMjQxMTM4MDFaFw0zMjAxMjIxMTM4MDFaMHkx\nCzAJBgNVBAYTAkJHMQ0wCwYDVQQIDARUZXN0MQ0wCwYDVQQHDARUZXN0MQ0wCwYD\nVQQKDARUZXN0MQ0wCwYDVQQLDARUZXN0MQ0wCwYDVQQDDARUZXN0MR8wHQYJKoZI\nhvcNAQkBFhB0ZXN0QGV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A\nMIIBCgKCAQEAuiFt98GUVTDSCHsOlBcblvUB/02uEmsalsG+DKEufzIVrp4DCxsA\nEsIN85Ywkd1Fsl0vwg9+3ibQlf1XtyXqJ6/jwm2zFdJPM3u2JfGGiiQpscHYp5hS\nlVscBjxZh1CQMKeBXltDsD64EV+XgHGN1aaw9mWKb6iSKsHLhBz594jYMFCnP3wH\nw9/hm6zBAhoF4Xr6UMOp4ZzzY8nzLCGPQuQ9UGp4lyAethrBpsqI6zAxjPKlqhmx\nL3591wkQgTzuL9th54yLEmyEvPTE26ONJBKylH2BqbAFiZPrwet0+PRJSflAfMU8\nYHqqo2AkaY1lmMAZiKDhj1RxMe/jt3HmVQIDAQABMA0GCSqGSIb3DQEBCwUAA4IB\nAQBx8BRhJ59UA3JDL+FHNKwIpxFewxjJwIGWqJTsOh4+rjPK3QeSnF0vt4cnLrCY\n+FLuhhUdFxjeFqJtWN7tHDK3ywSn/yZQTD5Nwcy/F1RmLjl91hjudxO/VewznOlq\nHJlDoM7kW9kOG6xS2HbbSaC1CzU33E90QOwcyCoeVXJ8aMDe6v/kWC65RoI9evg5\n2OxoARA8fpjyUphMTXuVNVI1kd2Uskpo8PePbc1h3OJVzYPIQ4+qMGsu7n3ZdwzI\nqDs2kdBD77k6cBQS+n7g5ETwv5OAgl5q1O17ye/YFNA/T3FhL9to6Nmrkqt7rlnF\nL8uAkeTGuHEATjmosQWUmbYi\n-----END CERTIFICATE-----\n"
   136  	const key = "-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAuiFt98GUVTDSCHsOlBcblvUB/02uEmsalsG+DKEufzIVrp4D\nCxsAEsIN85Ywkd1Fsl0vwg9+3ibQlf1XtyXqJ6/jwm2zFdJPM3u2JfGGiiQpscHY\np5hSlVscBjxZh1CQMKeBXltDsD64EV+XgHGN1aaw9mWKb6iSKsHLhBz594jYMFCn\nP3wHw9/hm6zBAhoF4Xr6UMOp4ZzzY8nzLCGPQuQ9UGp4lyAethrBpsqI6zAxjPKl\nqhmxL3591wkQgTzuL9th54yLEmyEvPTE26ONJBKylH2BqbAFiZPrwet0+PRJSflA\nfMU8YHqqo2AkaY1lmMAZiKDhj1RxMe/jt3HmVQIDAQABAoIBAH+9xa0N6/FzqhIr\n8ltsaID38cD33QnC++KPYRFl5XViOEM5KrmKdEhragvM/dR92gGJtucmn1lzph/q\nWTLXEJbgPh4ID6pgRf79Xos38bAJFZxrf3e2MKdUei1FaeRWRD9AFqddV100DjvO\nMTnztPX2iujv00zCkl5J1pT7FgrtcYgDPxXQK7dIcHrc9bV9fdTQUnpbVIs/9U7a\n7Qk/eJnEkezbjQCk7+Pgt3ymR29s4vJvyPen3jek0FKhQCxAg6iA5ZOtY+J5AS9e\n3ozZLUEa3b0eOABMw8QnKMtGTmIhLbf9JhISK2Ltsisc/yHHH3KfFE2nayqjvLZf\n5GR62hkCgYEA612EgoRHg4+BSfPfLNG3xsSnM+a98nZOmyxgZ3eNFWpSvi+7MemL\nCJHpwwje412OU1wCc2MtWYvGFY+heL62FxT8+JJLntykZcTQzQoHX3wvaMwopWRi\nJdrv3tEDtSJo9za54kfrNqnVyaxu82r7zgxVbcNiAVR+n7cRXuov288CgYEAynLm\nVI7cIKBOM6U44unkKyIS99Bh57FPjE1QAIsEOiNCWZay4qmzdEboOXjtC95Qyyxn\nTb+MONybwXKkGiLZQZQ2SlgjtEMBDQ+ofk2fK+yHWf4VeLtYWJdBESaAz85xGCCY\nYqlqbFEQd8cl86gTne+emLXp8KrDMuXhbbPvMJsCgYEAgBISAacS9t6GfoQqA0xW\nkNz/EnnTD/UaTst15bci2O1S+tQkK0OmeNJU/eB80AFfabKeTsU/rwMklSTjuz0i\n/ipYgLWyWk47UnknGPsFCgscDQ1SbLTTxz972KWpO83uid6IhT2XGtaNU0D12pRz\nUipZ7fEsCgc9I5FM7XXG9vcCgYBp6xN2ygeBSl2fx6GrlpM5veoOnYeboLjtvsVM\ng28Cu8/K731H+WFaRH7bEtlyjC3ZHrItiznhxgn3e/M/eVwRY2nEG7kSZrv2CWsu\nKY5NfMKT4st5Dwt5zijMwEhEcM3awbL4a4qygPcMs7S3dghNaUCgxQxQTgcyafM3\nYhySYQKBgF7pqQW7ESo1Mp9by+HzJBJsSju5zPBrCZrx8rFAMLCk1uDAIRcUuQtq\n+YwKU8ViemkOHWfN6bePap3/kdVHUxj2xJ6xTAUYHpVOQVMhTw1UmOikiV4FwUo+\nGb5Nk5evWBGhsl2LFqoOqhvFpjftv8+qgRHxmWtj4EoJYWng+hRz\n-----END RSA PRIVATE KEY-----\n"
   137  
   138  	t.Run("non-base64-encoded-cert", func(t *testing.T) {
   139  		_, err := cert.ParseCertificate(certificate, key)
   140  		require.NoError(t, err, "failed to parse certificate")
   141  	})
   142  
   143  	t.Run("base64-encoded-cert", func(t *testing.T) {
   144  		base64EncodedCert := base64.StdEncoding.EncodeToString([]byte(certificate))
   145  		base64EncodedKey := base64.StdEncoding.EncodeToString([]byte(key))
   146  
   147  		_, err := cert.ParseCertificate(base64EncodedCert, base64EncodedKey)
   148  		require.NoError(t, err, "failed to parse certificate")
   149  	})
   150  }