github.com/yacovm/fabric@v2.0.0-alpha.0.20191128145320-c5d4087dc723+incompatible/common/grpclogging/grpclogging_suite_test.go (about) 1 /* 2 Copyright IBM Corp. All Rights Reserved. 3 4 SPDX-License-Identifier: Apache-2.0 5 */ 6 7 package grpclogging_test 8 9 import ( 10 "bytes" 11 "crypto/ecdsa" 12 "crypto/elliptic" 13 "crypto/rand" 14 "crypto/tls" 15 "crypto/x509" 16 "crypto/x509/pkix" 17 "encoding/pem" 18 "math/big" 19 "net" 20 "testing" 21 "time" 22 23 "github.com/hyperledger/fabric/common/grpclogging/testpb" 24 . "github.com/onsi/ginkgo" 25 . "github.com/onsi/gomega" 26 ) 27 28 //go:generate protoc --proto_path=testpb --go_out=plugins=grpc,paths=source_relative:testpb testpb/echo.proto 29 30 func TestGrpclogging(t *testing.T) { 31 RegisterFailHandler(Fail) 32 RunSpecs(t, "Grpclogging Suite") 33 } 34 35 //go:generate counterfeiter -o fakes/echo_service.go --fake-name EchoServiceServer . echoServiceServer 36 37 type echoServiceServer interface { 38 testpb.EchoServiceServer 39 } 40 41 func newTemplate(subjectCN string, hosts ...string) x509.Certificate { 42 notBefore := time.Now().Add(-1 * time.Minute) 43 notAfter := time.Now().Add(time.Duration(365 * 24 * time.Hour)) 44 45 serialNumberLimit := new(big.Int).Lsh(big.NewInt(1), 128) 46 serialNumber, err := rand.Int(rand.Reader, serialNumberLimit) 47 Expect(err).NotTo(HaveOccurred()) 48 49 template := x509.Certificate{ 50 Subject: pkix.Name{CommonName: subjectCN}, 51 SerialNumber: serialNumber, 52 NotBefore: notBefore, 53 NotAfter: notAfter, 54 KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature, 55 ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth, x509.ExtKeyUsageClientAuth}, 56 BasicConstraintsValid: true, 57 } 58 for _, h := range hosts { 59 if ip := net.ParseIP(h); ip != nil { 60 template.IPAddresses = append(template.IPAddresses, ip) 61 } else { 62 template.DNSNames = append(template.DNSNames, h) 63 } 64 } 65 66 return template 67 } 68 69 func pemEncode(derCert []byte, key *ecdsa.PrivateKey) (pemCert, pemKey []byte) { 70 certBuf := &bytes.Buffer{} 71 err := pem.Encode(certBuf, &pem.Block{Type: "CERTIFICATE", Bytes: derCert}) 72 Expect(err).NotTo(HaveOccurred()) 73 74 keyBytes, err := x509.MarshalECPrivateKey(key) 75 Expect(err).NotTo(HaveOccurred()) 76 77 keyBuf := &bytes.Buffer{} 78 err = pem.Encode(keyBuf, &pem.Block{Type: "EC PRIVATE KEY", Bytes: keyBytes}) 79 Expect(err).NotTo(HaveOccurred()) 80 81 return certBuf.Bytes(), keyBuf.Bytes() 82 } 83 84 func generateCA(subjectCN string, hosts ...string) (pemCert, pemKey []byte) { 85 privateKey, err := ecdsa.GenerateKey(elliptic.P384(), rand.Reader) 86 Expect(err).NotTo(HaveOccurred()) 87 publicKey := privateKey.Public() 88 89 template := newTemplate(subjectCN, hosts...) 90 template.KeyUsage |= x509.KeyUsageCertSign 91 template.IsCA = true 92 93 derBytes, err := x509.CreateCertificate(rand.Reader, &template, &template, publicKey, privateKey) 94 Expect(err).NotTo(HaveOccurred()) 95 96 return pemEncode(derBytes, privateKey) 97 } 98 99 func issueCertificate(caCert, caKey []byte, subjectCN string, hosts ...string) (pemCert, pemKey []byte) { 100 tlsCert, err := tls.X509KeyPair(caCert, caKey) 101 Expect(err).NotTo(HaveOccurred()) 102 103 ca, err := x509.ParseCertificate(tlsCert.Certificate[0]) 104 Expect(err).NotTo(HaveOccurred()) 105 106 privateKey, err := ecdsa.GenerateKey(elliptic.P384(), rand.Reader) 107 Expect(err).NotTo(HaveOccurred()) 108 publicKey := privateKey.Public() 109 110 template := newTemplate(subjectCN, hosts...) 111 derBytes, err := x509.CreateCertificate(rand.Reader, &template, ca, publicKey, tlsCert.PrivateKey) 112 Expect(err).NotTo(HaveOccurred()) 113 114 return pemEncode(derBytes, privateKey) 115 }