Home Explore Help
Sign In
cloudflare
/
cloudflared
mirror of https://github.com/cloudflare/cloudflared
Watch 1
Star 0
Fork 0
Files Issues
Branch: readme-links
Branches Tags
cloudflared
/
certutil
/
certutil_test.go

certutil_test.go 2.2 KB
Permalink History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768 
  1. package certutil
    2. 

  2. 

  3. import (
    4. 

  4. 	"fmt"
    5. 

  5. 	"io/ioutil"
    6. 

  6. 	"testing"
    7. 

  7. 

  8. 	"github.com/stretchr/testify/assert"
    9. 

  9. )
    10. 

  10. 

  11. func TestLoadOriginCert(t *testing.T) {
    12. 

  12. 	cert, err := DecodeOriginCert([]byte{})
    13. 

  13. 	assert.Equal(t, fmt.Errorf("Cannot decode empty certificate"), err)
    14. 

  14. 	assert.Nil(t, cert)
    15. 

  15. 

  16. 	blocks, err := ioutil.ReadFile("test-cert-no-key.pem")
    17. 

  17. 	assert.Nil(t, err)
    18. 

  18. 	cert, err = DecodeOriginCert(blocks)
    19. 

  19. 	assert.Equal(t, fmt.Errorf("Missing private key in the certificate"), err)
    20. 

  20. 	assert.Nil(t, cert)
    21. 

  21. 

  22. 	blocks, err = ioutil.ReadFile("test-cert-two-certificates.pem")
    23. 

  23. 	assert.Nil(t, err)
    24. 

  24. 	cert, err = DecodeOriginCert(blocks)
    25. 

  25. 	assert.Equal(t, fmt.Errorf("Found multiple certificates in the certificate"), err)
    26. 

  26. 	assert.Nil(t, cert)
    27. 

  27. 

  28. 	blocks, err = ioutil.ReadFile("test-cert-unknown-block.pem")
    29. 

  29. 	assert.Nil(t, err)
    30. 

  30. 	cert, err = DecodeOriginCert(blocks)
    31. 

  31. 	assert.Equal(t, fmt.Errorf("Unknown block RSA PRIVATE KEY in the certificate"), err)
    32. 

  32. 	assert.Nil(t, cert)
    33. 

  33. 

  34. 	blocks, err = ioutil.ReadFile("test-cert.pem")
    35. 

  35. 	assert.Nil(t, err)
    36. 

  36. 	cert, err = DecodeOriginCert(blocks)
    37. 

  37. 	assert.Nil(t, err)
    38. 

  38. 	assert.NotNil(t, cert)
    39. 

  39. 	assert.Equal(t, "7b0a4d77dfb881c1a3b7d61ea9443e19", cert.ZoneID)
    40. 

  40. 	key := "v1.0-58bd4f9e28f7b3c28e05a35ff3e80ab4fd9644ef3fece537eb0d12e2e9258217-183442fbb0bbdb3e571558fec9b5589ebd77aafc87498ee3f09f64a4ad79ffe8791edbae08b36c1d8f1d70a8670de56922dff92b15d214a524f4ebfa1958859e-7ce80f79921312a6022c5d25e2d380f82ceaefe3fbdc43dd13b080e3ef1e26f7"
    41. 

  41. 	assert.Equal(t, key, cert.ServiceKey)
    42. 

  42. }
    43. 

  43. 

  44. func TestNewlineArgoTunnelToken(t *testing.T) {
    45. 

  45. 	ArgoTunnelTokenTest(t, "test-argo-tunnel-cert.pem")
    46. 

  46. }
    47. 

  47. 

  48. func TestJSONArgoTunnelToken(t *testing.T) {
    49. 

  49. 	// The given cert's Argo Tunnel Token was generated by base64 encoding this JSON:
    50. 

  50. 	// {
    51. 

  51. 	// "zoneID": "7b0a4d77dfb881c1a3b7d61ea9443e19",
    52. 

  52. 	// "serviceKey": "test-service-key",
    53. 

  53. 	// "accountID": "abcdabcdabcdabcd1234567890abcdef"
    54. 

  54. 	// }
    55. 

  55. 	ArgoTunnelTokenTest(t, "test-argo-tunnel-cert-json.pem")
    56. 

  56. }
    57. 

  57. 

  58. func ArgoTunnelTokenTest(t *testing.T, path string) {
    59. 

  59. 	blocks, err := ioutil.ReadFile(path)
    60. 

  60. 	assert.Nil(t, err)
    61. 

  61. 	cert, err := DecodeOriginCert(blocks)
    62. 

  62. 	assert.Nil(t, err)
    63. 

  63. 	assert.NotNil(t, cert)
    64. 

  64. 	assert.Equal(t, "7b0a4d77dfb881c1a3b7d61ea9443e19", cert.ZoneID)
    65. 

  65. 	key := "test-service-key"
    66. 

  66. 	assert.Equal(t, key, cert.ServiceKey)
    67. 

  67. }
    68. 

  68.