cloudflare/cloudflared
Publicmirrored fromhttps://github.com/cloudflare/cloudflaredAvailable
certutil/certutil_test.go
67lines · modecode
| 1 | package certutil |
| 2 | |
| 3 | import ( |
| 4 | "fmt" |
| 5 | "io/ioutil" |
| 6 | "testing" |
| 7 | |
| 8 | "github.com/stretchr/testify/assert" |
| 9 | ) |
| 10 | |
| 11 | func TestLoadOriginCert(t *testing.T) { |
| 12 | cert, err := DecodeOriginCert([]byte{}) |
| 13 | assert.Equal(t, fmt.Errorf("Cannot decode empty certificate"), err) |
| 14 | assert.Nil(t, cert) |
| 15 | |
| 16 | blocks, err := ioutil.ReadFile("test-cert-no-key.pem") |
| 17 | assert.Nil(t, err) |
| 18 | cert, err = DecodeOriginCert(blocks) |
| 19 | assert.Equal(t, fmt.Errorf("Missing private key in the certificate"), err) |
| 20 | assert.Nil(t, cert) |
| 21 | |
| 22 | blocks, err = ioutil.ReadFile("test-cert-two-certificates.pem") |
| 23 | assert.Nil(t, err) |
| 24 | cert, err = DecodeOriginCert(blocks) |
| 25 | assert.Equal(t, fmt.Errorf("Found multiple certificates in the certificate"), err) |
| 26 | assert.Nil(t, cert) |
| 27 | |
| 28 | blocks, err = ioutil.ReadFile("test-cert-unknown-block.pem") |
| 29 | assert.Nil(t, err) |
| 30 | cert, err = DecodeOriginCert(blocks) |
| 31 | assert.Equal(t, fmt.Errorf("Unknown block RSA PRIVATE KEY in the certificate"), err) |
| 32 | assert.Nil(t, cert) |
| 33 | |
| 34 | blocks, err = ioutil.ReadFile("test-cert.pem") |
| 35 | assert.Nil(t, err) |
| 36 | cert, err = DecodeOriginCert(blocks) |
| 37 | assert.Nil(t, err) |
| 38 | assert.NotNil(t, cert) |
| 39 | assert.Equal(t, "7b0a4d77dfb881c1a3b7d61ea9443e19", cert.ZoneID) |
| 40 | key := "v1.0-58bd4f9e28f7b3c28e05a35ff3e80ab4fd9644ef3fece537eb0d12e2e9258217-183442fbb0bbdb3e571558fec9b5589ebd77aafc87498ee3f09f64a4ad79ffe8791edbae08b36c1d8f1d70a8670de56922dff92b15d214a524f4ebfa1958859e-7ce80f79921312a6022c5d25e2d380f82ceaefe3fbdc43dd13b080e3ef1e26f7" |
| 41 | assert.Equal(t, key, cert.ServiceKey) |
| 42 | } |
| 43 | |
| 44 | func TestNewlineArgoTunnelToken(t *testing.T) { |
| 45 | ArgoTunnelTokenTest(t, "test-argo-tunnel-cert.pem") |
| 46 | } |
| 47 | |
| 48 | func TestJSONArgoTunnelToken(t *testing.T) { |
| 49 | // The given cert's Argo Tunnel Token was generated by base64 encoding this JSON: |
| 50 | // { |
| 51 | // "zoneID": "7b0a4d77dfb881c1a3b7d61ea9443e19", |
| 52 | // "serviceKey": "test-service-key", |
| 53 | // "accountID": "abcdabcdabcdabcd1234567890abcdef" |
| 54 | // } |
| 55 | ArgoTunnelTokenTest(t, "test-argo-tunnel-cert-json.pem") |
| 56 | } |
| 57 | |
| 58 | func ArgoTunnelTokenTest(t *testing.T, path string) { |
| 59 | blocks, err := ioutil.ReadFile(path) |
| 60 | assert.Nil(t, err) |
| 61 | cert, err := DecodeOriginCert(blocks) |
| 62 | assert.Nil(t, err) |
| 63 | assert.NotNil(t, cert) |
| 64 | assert.Equal(t, "7b0a4d77dfb881c1a3b7d61ea9443e19", cert.ZoneID) |
| 65 | key := "test-service-key" |
| 66 | assert.Equal(t, key, cert.ServiceKey) |
| 67 | } |
| 68 | |