cacert-gosigner/pkg/config/config_test.go

package config

import (
	"crypto/elliptic"
	"crypto/x509"
	"testing"

	"github.com/stretchr/testify/assert"
	"gopkg.in/yaml.v3"
)

func TestPrivateKeyInfo_MarshalYAML(t *testing.T) {
	testData := []struct {
		name     string
		pkInfo   *PrivateKeyInfo
		expected string
	}{
		{
			"RSA",
			&PrivateKeyInfo{
				Algorithm: x509.RSA,
				RSABits:   3072,
			},
			`algorithm: RSA
rsa-bits: 3072
`,
		},
		{
			"ECDSA",
			&PrivateKeyInfo{
				Algorithm: x509.ECDSA,
				EccCurve:  elliptic.P224(),
			},
			`algorithm: EC
ecc-curve: P-224
`,
		},
	}

	for _, item := range testData {
		t.Run(item.name, func(t *testing.T) {
			data, err := yaml.Marshal(item.pkInfo)
			if err != nil {
				t.Fatal(err)
			}

			assert.Equal(t, item.expected, string(data))
		})
	}
}

func TestPrivateKeyInfo_UnmarshalYAML(t *testing.T) {
	testData := []struct {
		name      string
		yaml      string
		expected  *PrivateKeyInfo
		expectErr bool
	}{
		{
			"RSA",
			`label: "mykey"
algorithm: "RSA"
rsa-bits: 2048`,
			&PrivateKeyInfo{
				Algorithm: x509.RSA,
				RSABits:   2048,
			},
			false,
		},
		{
			"ECDSA",
			`label: "mykey"
algorithm: "EC"
ecc-curve: "P-521"`,
			&PrivateKeyInfo{
				Algorithm: x509.ECDSA,
				EccCurve:  elliptic.P521(),
			},
			false,
		},
		{
			"no-algorithm",
			`label: "mykey"`,
			nil,
			true,
		},
		{
			"RSA-no-rsa-bits",
			`label: "mykey"
algorithm: "RSA"`,
			nil,
			true,
		},
		{
			"ECDSA-no-curve",
			`label: "mykey"
algorithm: "EC"`,
			nil,
			true,
		},
	}

	for _, item := range testData {
		t.Run(item.name, func(t *testing.T) {
			pkInfo := &PrivateKeyInfo{}
			err := yaml.Unmarshal([]byte(item.yaml), pkInfo)
			if err != nil {
				if !item.expectErr {
					t.Fatal(err)
				}
			}

			if !item.expectErr {
				assert.Equal(t, item.expected, pkInfo)
			}
		})
	}
}

func TestCaCertificateEntry_UnmarshalYAML(t *testing.T) {
	data := `{
	"key-info": {
		"algorithm":"EC",
		"ecc-curve":"P-521"
	},
	"certificate-file":"test.crt",
	"common-name":"My Little Test Root CA"
}`

	entry := CaCertificateEntry{}

	err := yaml.Unmarshal([]byte(data), &entry)
	if err != nil {
		t.Fatal(err)
	}

	assert.Equal(t, CaCertificateEntry{
		KeyInfo: &PrivateKeyInfo{
			Algorithm: x509.ECDSA,
			EccCurve:  elliptic.P521(),
		},
		CommonName: "My Little Test Root CA",
		Storage:    "default",
	}, entry)
}
Implement configuration and CA hierarchy setup This commit implements a mechanism to load CA configuration dynamically from JSON files. Missing keys and certificates can be generated in a PKCS#11 HSM or Smartcard. Certificates are stored as PEM encoded .crt files in the filesystem. The default PKCS#11 module (softhsm2) is now loaded from a platform specific path using go:build comments. 2022-04-16 20:24:32 +00:00			`package config`

			`import (`
			`"crypto/elliptic"`
			`"crypto/x509"`
			`"testing"`

			`"github.com/stretchr/testify/assert"`
Improve configuration, implement setup mode - implement a dedicated setup mode for creating CA certificates that is triggered by the '-setup' command line flag - switch to YAML configuration for comment support and more human readable syntax. Format documentation is in docs/config.sample.yaml - move HSM related code to pkg/hsm - improve consistency checks in pkg/config 2022-04-19 14:48:32 +00:00			`"gopkg.in/yaml.v3"`
Implement configuration and CA hierarchy setup This commit implements a mechanism to load CA configuration dynamically from JSON files. Missing keys and certificates can be generated in a PKCS#11 HSM or Smartcard. Certificates are stored as PEM encoded .crt files in the filesystem. The default PKCS#11 module (softhsm2) is now loaded from a platform specific path using go:build comments. 2022-04-16 20:24:32 +00:00			`)`

Improve configuration, implement setup mode - implement a dedicated setup mode for creating CA certificates that is triggered by the '-setup' command line flag - switch to YAML configuration for comment support and more human readable syntax. Format documentation is in docs/config.sample.yaml - move HSM related code to pkg/hsm - improve consistency checks in pkg/config 2022-04-19 14:48:32 +00:00			`func TestPrivateKeyInfo_MarshalYAML(t *testing.T) {`
Implement configuration and CA hierarchy setup This commit implements a mechanism to load CA configuration dynamically from JSON files. Missing keys and certificates can be generated in a PKCS#11 HSM or Smartcard. Certificates are stored as PEM encoded .crt files in the filesystem. The default PKCS#11 module (softhsm2) is now loaded from a platform specific path using go:build comments. 2022-04-16 20:24:32 +00:00			`testData := []struct {`
			`name string`
			`pkInfo *PrivateKeyInfo`
			`expected string`
			`}{`
			`{`
			`"RSA",`
			`&PrivateKeyInfo{`
			`Algorithm: x509.RSA,`
			`RSABits: 3072,`
			`},`
Improve configuration, implement setup mode - implement a dedicated setup mode for creating CA certificates that is triggered by the '-setup' command line flag - switch to YAML configuration for comment support and more human readable syntax. Format documentation is in docs/config.sample.yaml - move HSM related code to pkg/hsm - improve consistency checks in pkg/config 2022-04-19 14:48:32 +00:00			`algorithm: RSA
			`rsa-bits: 3072`
			`,
Implement configuration and CA hierarchy setup This commit implements a mechanism to load CA configuration dynamically from JSON files. Missing keys and certificates can be generated in a PKCS#11 HSM or Smartcard. Certificates are stored as PEM encoded .crt files in the filesystem. The default PKCS#11 module (softhsm2) is now loaded from a platform specific path using go:build comments. 2022-04-16 20:24:32 +00:00			`},`
			`{`
			`"ECDSA",`
			`&PrivateKeyInfo{`
			`Algorithm: x509.ECDSA,`
			`EccCurve: elliptic.P224(),`
			`},`
Improve configuration, implement setup mode - implement a dedicated setup mode for creating CA certificates that is triggered by the '-setup' command line flag - switch to YAML configuration for comment support and more human readable syntax. Format documentation is in docs/config.sample.yaml - move HSM related code to pkg/hsm - improve consistency checks in pkg/config 2022-04-19 14:48:32 +00:00			`algorithm: EC
			`ecc-curve: P-224`
			`,
Implement configuration and CA hierarchy setup This commit implements a mechanism to load CA configuration dynamically from JSON files. Missing keys and certificates can be generated in a PKCS#11 HSM or Smartcard. Certificates are stored as PEM encoded .crt files in the filesystem. The default PKCS#11 module (softhsm2) is now loaded from a platform specific path using go:build comments. 2022-04-16 20:24:32 +00:00			`},`
			`}`

			`for _, item := range testData {`
			`t.Run(item.name, func(t *testing.T) {`
Improve configuration, implement setup mode - implement a dedicated setup mode for creating CA certificates that is triggered by the '-setup' command line flag - switch to YAML configuration for comment support and more human readable syntax. Format documentation is in docs/config.sample.yaml - move HSM related code to pkg/hsm - improve consistency checks in pkg/config 2022-04-19 14:48:32 +00:00			`data, err := yaml.Marshal(item.pkInfo)`
Implement configuration and CA hierarchy setup This commit implements a mechanism to load CA configuration dynamically from JSON files. Missing keys and certificates can be generated in a PKCS#11 HSM or Smartcard. Certificates are stored as PEM encoded .crt files in the filesystem. The default PKCS#11 module (softhsm2) is now loaded from a platform specific path using go:build comments. 2022-04-16 20:24:32 +00:00			`if err != nil {`
			`t.Fatal(err)`
			`}`

			`assert.Equal(t, item.expected, string(data))`
			`})`
			`}`
			`}`

Improve configuration, implement setup mode - implement a dedicated setup mode for creating CA certificates that is triggered by the '-setup' command line flag - switch to YAML configuration for comment support and more human readable syntax. Format documentation is in docs/config.sample.yaml - move HSM related code to pkg/hsm - improve consistency checks in pkg/config 2022-04-19 14:48:32 +00:00			`func TestPrivateKeyInfo_UnmarshalYAML(t *testing.T) {`
Implement configuration and CA hierarchy setup This commit implements a mechanism to load CA configuration dynamically from JSON files. Missing keys and certificates can be generated in a PKCS#11 HSM or Smartcard. Certificates are stored as PEM encoded .crt files in the filesystem. The default PKCS#11 module (softhsm2) is now loaded from a platform specific path using go:build comments. 2022-04-16 20:24:32 +00:00			`testData := []struct {`
			`name string`
Improve configuration, implement setup mode - implement a dedicated setup mode for creating CA certificates that is triggered by the '-setup' command line flag - switch to YAML configuration for comment support and more human readable syntax. Format documentation is in docs/config.sample.yaml - move HSM related code to pkg/hsm - improve consistency checks in pkg/config 2022-04-19 14:48:32 +00:00			`yaml string`
Implement configuration and CA hierarchy setup This commit implements a mechanism to load CA configuration dynamically from JSON files. Missing keys and certificates can be generated in a PKCS#11 HSM or Smartcard. Certificates are stored as PEM encoded .crt files in the filesystem. The default PKCS#11 module (softhsm2) is now loaded from a platform specific path using go:build comments. 2022-04-16 20:24:32 +00:00			`expected *PrivateKeyInfo`
			`expectErr bool`
			`}{`
			`{`
			`"RSA",`
Improve configuration, implement setup mode - implement a dedicated setup mode for creating CA certificates that is triggered by the '-setup' command line flag - switch to YAML configuration for comment support and more human readable syntax. Format documentation is in docs/config.sample.yaml - move HSM related code to pkg/hsm - improve consistency checks in pkg/config 2022-04-19 14:48:32 +00:00			`label: "mykey"
			`algorithm: "RSA"`
			rsa-bits: 2048`,
Implement configuration and CA hierarchy setup This commit implements a mechanism to load CA configuration dynamically from JSON files. Missing keys and certificates can be generated in a PKCS#11 HSM or Smartcard. Certificates are stored as PEM encoded .crt files in the filesystem. The default PKCS#11 module (softhsm2) is now loaded from a platform specific path using go:build comments. 2022-04-16 20:24:32 +00:00			`&PrivateKeyInfo{`
			`Algorithm: x509.RSA,`
			`RSABits: 2048,`
			`},`
			`false,`
			`},`
			`{`
			`"ECDSA",`
Improve configuration, implement setup mode - implement a dedicated setup mode for creating CA certificates that is triggered by the '-setup' command line flag - switch to YAML configuration for comment support and more human readable syntax. Format documentation is in docs/config.sample.yaml - move HSM related code to pkg/hsm - improve consistency checks in pkg/config 2022-04-19 14:48:32 +00:00			`label: "mykey"
			`algorithm: "EC"`
			ecc-curve: "P-521"`,
Implement configuration and CA hierarchy setup This commit implements a mechanism to load CA configuration dynamically from JSON files. Missing keys and certificates can be generated in a PKCS#11 HSM or Smartcard. Certificates are stored as PEM encoded .crt files in the filesystem. The default PKCS#11 module (softhsm2) is now loaded from a platform specific path using go:build comments. 2022-04-16 20:24:32 +00:00			`&PrivateKeyInfo{`
			`Algorithm: x509.ECDSA,`
			`EccCurve: elliptic.P521(),`
			`},`
			`false,`
			`},`
			`{`
			`"no-algorithm",`
Improve configuration, implement setup mode - implement a dedicated setup mode for creating CA certificates that is triggered by the '-setup' command line flag - switch to YAML configuration for comment support and more human readable syntax. Format documentation is in docs/config.sample.yaml - move HSM related code to pkg/hsm - improve consistency checks in pkg/config 2022-04-19 14:48:32 +00:00			`label: "mykey"`,
Implement configuration and CA hierarchy setup This commit implements a mechanism to load CA configuration dynamically from JSON files. Missing keys and certificates can be generated in a PKCS#11 HSM or Smartcard. Certificates are stored as PEM encoded .crt files in the filesystem. The default PKCS#11 module (softhsm2) is now loaded from a platform specific path using go:build comments. 2022-04-16 20:24:32 +00:00			`nil,`
			`true,`
			`},`
			`{`
			`"RSA-no-rsa-bits",`
Improve configuration, implement setup mode - implement a dedicated setup mode for creating CA certificates that is triggered by the '-setup' command line flag - switch to YAML configuration for comment support and more human readable syntax. Format documentation is in docs/config.sample.yaml - move HSM related code to pkg/hsm - improve consistency checks in pkg/config 2022-04-19 14:48:32 +00:00			`label: "mykey"
			algorithm: "RSA"`,
Implement configuration and CA hierarchy setup This commit implements a mechanism to load CA configuration dynamically from JSON files. Missing keys and certificates can be generated in a PKCS#11 HSM or Smartcard. Certificates are stored as PEM encoded .crt files in the filesystem. The default PKCS#11 module (softhsm2) is now loaded from a platform specific path using go:build comments. 2022-04-16 20:24:32 +00:00			`nil,`
			`true,`
			`},`
			`{`
			`"ECDSA-no-curve",`
Improve configuration, implement setup mode - implement a dedicated setup mode for creating CA certificates that is triggered by the '-setup' command line flag - switch to YAML configuration for comment support and more human readable syntax. Format documentation is in docs/config.sample.yaml - move HSM related code to pkg/hsm - improve consistency checks in pkg/config 2022-04-19 14:48:32 +00:00			`label: "mykey"
			algorithm: "EC"`,
Implement configuration and CA hierarchy setup This commit implements a mechanism to load CA configuration dynamically from JSON files. Missing keys and certificates can be generated in a PKCS#11 HSM or Smartcard. Certificates are stored as PEM encoded .crt files in the filesystem. The default PKCS#11 module (softhsm2) is now loaded from a platform specific path using go:build comments. 2022-04-16 20:24:32 +00:00			`nil,`
			`true,`
			`},`
			`}`

			`for _, item := range testData {`
			`t.Run(item.name, func(t *testing.T) {`
			`pkInfo := &PrivateKeyInfo{}`
Improve configuration, implement setup mode - implement a dedicated setup mode for creating CA certificates that is triggered by the '-setup' command line flag - switch to YAML configuration for comment support and more human readable syntax. Format documentation is in docs/config.sample.yaml - move HSM related code to pkg/hsm - improve consistency checks in pkg/config 2022-04-19 14:48:32 +00:00			`err := yaml.Unmarshal([]byte(item.yaml), pkInfo)`
Implement configuration and CA hierarchy setup This commit implements a mechanism to load CA configuration dynamically from JSON files. Missing keys and certificates can be generated in a PKCS#11 HSM or Smartcard. Certificates are stored as PEM encoded .crt files in the filesystem. The default PKCS#11 module (softhsm2) is now loaded from a platform specific path using go:build comments. 2022-04-16 20:24:32 +00:00			`if err != nil {`
			`if !item.expectErr {`
			`t.Fatal(err)`
			`}`
			`}`

			`if !item.expectErr {`
			`assert.Equal(t, item.expected, pkInfo)`
			`}`
			`})`
			`}`
			`}`

Improve configuration, implement setup mode - implement a dedicated setup mode for creating CA certificates that is triggered by the '-setup' command line flag - switch to YAML configuration for comment support and more human readable syntax. Format documentation is in docs/config.sample.yaml - move HSM related code to pkg/hsm - improve consistency checks in pkg/config 2022-04-19 14:48:32 +00:00			`func TestCaCertificateEntry_UnmarshalYAML(t *testing.T) {`
Implement configuration and CA hierarchy setup This commit implements a mechanism to load CA configuration dynamically from JSON files. Missing keys and certificates can be generated in a PKCS#11 HSM or Smartcard. Certificates are stored as PEM encoded .crt files in the filesystem. The default PKCS#11 module (softhsm2) is now loaded from a platform specific path using go:build comments. 2022-04-16 20:24:32 +00:00			data := `{
			`"key-info": {`
			`"algorithm":"EC",`
			`"ecc-curve":"P-521"`
			`},`
			`"certificate-file":"test.crt",`
			`"common-name":"My Little Test Root CA"`
			}`

			`entry := CaCertificateEntry{}`

Improve configuration, implement setup mode - implement a dedicated setup mode for creating CA certificates that is triggered by the '-setup' command line flag - switch to YAML configuration for comment support and more human readable syntax. Format documentation is in docs/config.sample.yaml - move HSM related code to pkg/hsm - improve consistency checks in pkg/config 2022-04-19 14:48:32 +00:00			`err := yaml.Unmarshal([]byte(data), &entry)`
Implement configuration and CA hierarchy setup This commit implements a mechanism to load CA configuration dynamically from JSON files. Missing keys and certificates can be generated in a PKCS#11 HSM or Smartcard. Certificates are stored as PEM encoded .crt files in the filesystem. The default PKCS#11 module (softhsm2) is now loaded from a platform specific path using go:build comments. 2022-04-16 20:24:32 +00:00			`if err != nil {`
			`t.Fatal(err)`
			`}`

			`assert.Equal(t, CaCertificateEntry{`
			`KeyInfo: &PrivateKeyInfo{`
			`Algorithm: x509.ECDSA,`
			`EccCurve: elliptic.P521(),`
			`},`
			`CommonName: "My Little Test Root CA",`
Fix failing test 2022-04-20 07:03:00 +00:00			`Storage: "default",`
Implement configuration and CA hierarchy setup This commit implements a mechanism to load CA configuration dynamically from JSON files. Missing keys and certificates can be generated in a PKCS#11 HSM or Smartcard. Certificates are stored as PEM encoded .crt files in the filesystem. The default PKCS#11 module (softhsm2) is now loaded from a platform specific path using go:build comments. 2022-04-16 20:24:32 +00:00			`}, entry)`
			`}`