-
Notifications
You must be signed in to change notification settings - Fork 0
/
sortpem_test.go
125 lines (110 loc) · 3.08 KB
/
sortpem_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
package sortpem_test
import (
"crypto/x509"
"encoding/pem"
"sort"
"testing"
"github.com/tehmaze/sortpem"
)
func TestSorter(t *testing.T) {
var (
root, _ = pem.Decode([]byte(selfSignedRootPEM))
intermediate, _ = pem.Decode([]byte(selfSignedIntermediatePEM))
issuer, _ = pem.Decode([]byte(selfSignedIssuerPEM))
endpoint, _ = pem.Decode([]byte(selfSignedEndpointPEM))
endpointKey, _ = pem.Decode([]byte(selfSignedEndpointKeyPEM))
randomKeyDSA, _ = pem.Decode([]byte(selfSignedRootDSAKeyPEM))
randomKeyEC, _ = pem.Decode([]byte(selfSignedRootECKeyPEM))
sorter *sortpem.Sorter
)
// Sorter must not panic if nil
sorter.Less(0, 0)
// Sorter must not panic if out of bounds
sorter = new(sortpem.Sorter)
sorter.Less(-1, -1)
sorter = sortpem.New([]*pem.Block{
&pem.Block{Type: "TEST", Bytes: []byte("Testing :D")},
issuer,
endpoint,
&pem.Block{Type: "EMPTY"},
root,
endpointKey,
intermediate,
randomKeyEC,
randomKeyDSA,
})
sorter.Order = []string{"RSA PRIVATE KEY", "CERTIFICATE", "TEST"}
// Do the sorting
sort.Stable(sorter)
for i, block := range sorter.Blocks {
switch block.Type {
case "CERTIFICATE":
cert, err := x509.ParseCertificate(block.Bytes)
if err != nil {
t.Error(err)
} else {
t.Logf("block %d: %s: %s", i, block.Type, cert.Subject)
}
default:
t.Logf("block %d: %s", i, block.Type)
}
}
if sorter.Blocks[0].Type != "RSA PRIVATE KEY" {
t.Fatalf("expected first block to be an RSA PRIVATE KEY, got %s", sorter.Blocks[0].Type)
}
wantSubjects := []string{
`CN=endpoint.example.org,L=IL`,
`CN=Test Issuer`,
`CN=Test Intermediate`,
`CN=Test Root`,
}
for i := 1; i < 5; i++ {
if sorter.Blocks[i].Type != "CERTIFICATE" {
t.Fatalf("expected block %d to be a CERTIFICATE, got %s", i, sorter.Blocks[i].Type)
}
cert, err := x509.ParseCertificate(sorter.Blocks[i].Bytes)
if err != nil {
t.Error(err)
continue
} else if s := cert.Subject.String(); s != wantSubjects[i-1] {
t.Errorf("expected block %d to have subject %q, got %q", i, wantSubjects[i-1], s)
}
}
}
func TestSorterRoots(t *testing.T) {
roots, _ := sortpem.SystemCertPool()
roots.AppendCertsFromPEM([]byte(selfSignedRootPEM))
var (
intermediate, _ = pem.Decode([]byte(selfSignedIntermediatePEM))
issuer, _ = pem.Decode([]byte(selfSignedIssuerPEM))
endpoint, _ = pem.Decode([]byte(selfSignedEndpointPEM))
sorter = &sortpem.Sorter{
Blocks: []*pem.Block{
intermediate,
issuer,
endpoint,
},
}
)
if sorter.ResolveRoots() {
t.Fatalf("expected sorter without Roots to not change")
}
sorter.Roots = roots
if !sorter.ResolveRoots() {
t.Fatalf("expected sorter with Roots to change")
}
if l := len(sorter.Blocks); l != 4 {
t.Fatalf("expected 4 blocks in sorter, got %d", l)
}
sorter.Roots = nil
if sorter.ExcludeRoots() {
t.Fatalf("expected sorter without Roots to not change")
}
sorter.Roots = roots
if !sorter.ExcludeRoots() {
t.Fatalf("expected sorter with Roots to change")
}
if l := len(sorter.Blocks); l != 3 {
t.Fatalf("expected 3 blocks in sorter, got %d", l)
}
}