cacert-gosigner/pkg/config/config_test.go
Jan Dittberner 47d5b2afff Improve configuration, implement setup mode
- implement a dedicated setup mode for creating CA certificates that is
  triggered by the '-setup' command line flag
- switch to YAML configuration for comment support and more human
  readable syntax. Format documentation is in docs/config.sample.yaml
- move HSM related code to pkg/hsm
- improve consistency checks in pkg/config
2022-04-19 16:48:32 +02:00

146 lines
2.3 KiB
Go

package config
import (
"crypto/elliptic"
"crypto/x509"
"testing"
"github.com/stretchr/testify/assert"
"gopkg.in/yaml.v3"
)
func TestPrivateKeyInfo_MarshalYAML(t *testing.T) {
testData := []struct {
name string
pkInfo *PrivateKeyInfo
expected string
}{
{
"RSA",
&PrivateKeyInfo{
Algorithm: x509.RSA,
RSABits: 3072,
},
`algorithm: RSA
rsa-bits: 3072
`,
},
{
"ECDSA",
&PrivateKeyInfo{
Algorithm: x509.ECDSA,
EccCurve: elliptic.P224(),
},
`algorithm: EC
ecc-curve: P-224
`,
},
}
for _, item := range testData {
t.Run(item.name, func(t *testing.T) {
data, err := yaml.Marshal(item.pkInfo)
if err != nil {
t.Fatal(err)
}
assert.Equal(t, item.expected, string(data))
})
}
}
func TestPrivateKeyInfo_UnmarshalYAML(t *testing.T) {
testData := []struct {
name string
yaml string
expected *PrivateKeyInfo
expectErr bool
}{
{
"RSA",
`label: "mykey"
algorithm: "RSA"
rsa-bits: 2048`,
&PrivateKeyInfo{
Algorithm: x509.RSA,
RSABits: 2048,
},
false,
},
{
"ECDSA",
`label: "mykey"
algorithm: "EC"
ecc-curve: "P-521"`,
&PrivateKeyInfo{
Algorithm: x509.ECDSA,
EccCurve: elliptic.P521(),
},
false,
},
{
"no-algorithm",
`label: "mykey"`,
nil,
true,
},
{
"RSA-no-rsa-bits",
`label: "mykey"
algorithm: "RSA"`,
nil,
true,
},
{
"ECDSA-no-curve",
`label: "mykey"
algorithm: "EC"`,
nil,
true,
},
}
for _, item := range testData {
t.Run(item.name, func(t *testing.T) {
pkInfo := &PrivateKeyInfo{}
err := yaml.Unmarshal([]byte(item.yaml), pkInfo)
if err != nil {
if !item.expectErr {
t.Fatal(err)
}
}
if !item.expectErr {
assert.Equal(t, item.expected, pkInfo)
}
})
}
}
func TestCaCertificateEntry_UnmarshalYAML(t *testing.T) {
data := `{
"label":"root",
"key-info": {
"algorithm":"EC",
"ecc-curve":"P-521"
},
"certificate-file":"test.crt",
"common-name":"My Little Test Root CA"
}`
entry := CaCertificateEntry{}
err := yaml.Unmarshal([]byte(data), &entry)
if err != nil {
t.Fatal(err)
}
assert.Equal(t, CaCertificateEntry{
Label: "root",
KeyInfo: &PrivateKeyInfo{
Algorithm: x509.ECDSA,
EccCurve: elliptic.P521(),
},
CommonName: "My Little Test Root CA",
}, entry)
}