github.com/letsencrypt/boulder@v0.20251208.0/core/core_test.go

github.com/letsencrypt/boulder@v0.20251208.0/core/core_test.go (about)

     1  package core
     2  
     3  import (
     4  	"encoding/base64"
     5  	"encoding/json"
     6  	"testing"
     7  
     8  	"github.com/go-jose/go-jose/v4"
     9  
    10  	"github.com/letsencrypt/boulder/test"
    11  )
    12  
    13  // challenges.go
    14  
    15  var accountKeyJSON = `{
    16    "kty":"RSA",
    17    "n":"yNWVhtYEKJR21y9xsHV-PD_bYwbXSeNuFal46xYxVfRL5mqha7vttvjB_vc7Xg2RvgCxHPCqoxgMPTzHrZT75LjCwIW2K_klBYN8oYvTwwmeSkAz6ut7ZxPv-nZaT5TJhGk0NT2kh_zSpdriEJ_3vW-mqxYbbBmpvHqsa1_zx9fSuHYctAZJWzxzUZXykbWMWQZpEiE0J4ajj51fInEzVn7VxV-mzfMyboQjujPh7aNJxAWSq4oQEJJDgWwSh9leyoJoPpONHxh5nEE5AjE01FkGICSxjpZsF-w8hOTI3XXohUdu29Se26k2B0PolDSuj0GIQU6-W9TdLXSjBb2SpQ",
    18    "e":"AQAB"
    19  }`
    20  
    21  func TestChallenges(t *testing.T) {
    22  	var accountKey *jose.JSONWebKey
    23  	err := json.Unmarshal([]byte(accountKeyJSON), &accountKey)
    24  	if err != nil {
    25  		t.Errorf("Error unmarshaling JWK: %v", err)
    26  	}
    27  
    28  	token := NewToken()
    29  	http01 := HTTPChallenge01(token)
    30  	test.AssertNotError(t, http01.CheckPending(), "CheckConsistencyForClientOffer returned an error")
    31  
    32  	dns01 := DNSChallenge01(token)
    33  	test.AssertNotError(t, dns01.CheckPending(), "CheckConsistencyForClientOffer returned an error")
    34  
    35  	dnsAccount01 := DNSAccountChallenge01(token)
    36  	test.AssertNotError(t, dnsAccount01.CheckPending(), "CheckConsistencyForClientOffer returned an error")
    37  
    38  	tlsalpn01 := TLSALPNChallenge01(token)
    39  	test.AssertNotError(t, tlsalpn01.CheckPending(), "CheckConsistencyForClientOffer returned an error")
    40  
    41  	test.Assert(t, ChallengeTypeHTTP01.IsValid(), "Refused valid challenge")
    42  	test.Assert(t, ChallengeTypeDNS01.IsValid(), "Refused valid challenge")
    43  	test.Assert(t, ChallengeTypeTLSALPN01.IsValid(), "Refused valid challenge")
    44  	test.Assert(t, ChallengeTypeDNSAccount01.IsValid(), "Refused valid challenge")
    45  	test.Assert(t, !AcmeChallenge("nonsense-71").IsValid(), "Accepted invalid challenge")
    46  }
    47  
    48  // util.go
    49  
    50  func TestRandomString(t *testing.T) {
    51  	byteLength := 256
    52  	b64 := RandomString(byteLength)
    53  	bin, err := base64.RawURLEncoding.DecodeString(b64)
    54  	if err != nil {
    55  		t.Errorf("Error in base64 decode: %v", err)
    56  	}
    57  	if len(bin) != byteLength {
    58  		t.Errorf("Improper length: %v", len(bin))
    59  	}
    60  
    61  	token := NewToken()
    62  	if len(token) != 43 {
    63  		t.Errorf("Improper length for token: %v %v", len(token), token)
    64  	}
    65  }
    66  
    67  func TestFingerprint(t *testing.T) {
    68  	in := []byte{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}
    69  	out := []byte{55, 71, 8, 255, 247, 113, 157, 213,
    70  		151, 158, 200, 117, 213, 108, 210, 40,
    71  		111, 109, 60, 247, 236, 49, 122, 59,
    72  		37, 99, 42, 171, 40, 236, 55, 187}
    73  
    74  	digest := Fingerprint256(in)
    75  	if digest != base64.RawURLEncoding.EncodeToString(out) {
    76  		t.Errorf("Incorrect SHA-256 fingerprint: %v", digest)
    77  	}
    78  }