open-vault/builtin/logical/pki/cert_util_test.go

package pki

import (
	"context"
	"fmt"
	"testing"

	"strings"

	"github.com/hashicorp/vault/logical"
)

func TestPki_FetchCertBySerial(t *testing.T) {
	storage := &logical.InmemStorage{}

	cases := map[string]struct {
		Req    *logical.Request
		Prefix string
		Serial string
	}{
		"valid cert": {
			&logical.Request{
				Storage: storage,
			},
			"certs/",
			"00:00:00:00:00:00:00:00",
		},
		"revoked cert": {
			&logical.Request{
				Storage: storage,
			},
			"revoked/",
			"11:11:11:11:11:11:11:11",
		},
	}

	// Test for colon-based paths in storage
	for name, tc := range cases {
		storageKey := fmt.Sprintf("%s%s", tc.Prefix, tc.Serial)
		err := storage.Put(context.Background(), &logical.StorageEntry{
			Key:   storageKey,
			Value: []byte("some data"),
		})
		if err != nil {
			t.Fatalf("error writing to storage on %s colon-based storage path: %s", name, err)
		}

		certEntry, err := fetchCertBySerial(context.Background(), tc.Req, tc.Prefix, tc.Serial)
		if err != nil {
			t.Fatalf("error on %s for colon-based storage path: %s", name, err)
		}

		// Check for non-nil on valid/revoked certs
		if certEntry == nil {
			t.Fatalf("nil on %s for colon-based storage path", name)
		}

		// Ensure that cert serials are converted/updated after fetch
		expectedKey := tc.Prefix + normalizeSerial(tc.Serial)
		se, err := storage.Get(context.Background(), expectedKey)
		if err != nil {
			t.Fatalf("error on %s for colon-based storage path:%s", name, err)
		}
		if strings.Compare(expectedKey, se.Key) != 0 {
			t.Fatalf("expected: %s, got: %s", expectedKey, certEntry.Key)
		}
	}

	// Reset storage
	storage = &logical.InmemStorage{}

	// Test for hyphen-base paths in storage
	for name, tc := range cases {
		storageKey := tc.Prefix + normalizeSerial(tc.Serial)
		err := storage.Put(context.Background(), &logical.StorageEntry{
			Key:   storageKey,
			Value: []byte("some data"),
		})
		if err != nil {
			t.Fatalf("error writing to storage on %s hyphen-based storage path: %s", name, err)
		}

		certEntry, err := fetchCertBySerial(context.Background(), tc.Req, tc.Prefix, tc.Serial)
		if err != nil || certEntry == nil {
			t.Fatalf("error on %s for hyphen-based storage path: err: %v, entry: %v", name, err, certEntry)
		}
	}

	noConvCases := map[string]struct {
		Req    *logical.Request
		Prefix string
		Serial string
	}{
		"ca": {
			&logical.Request{
				Storage: storage,
			},
			"",
			"ca",
		},
		"crl": {
			&logical.Request{
				Storage: storage,
			},
			"",
			"crl",
		},
	}

	// Test for ca and crl case
	for name, tc := range noConvCases {
		err := storage.Put(context.Background(), &logical.StorageEntry{
			Key:   tc.Serial,
			Value: []byte("some data"),
		})
		if err != nil {
			t.Fatalf("error writing to storage on %s: %s", name, err)
		}

		certEntry, err := fetchCertBySerial(context.Background(), tc.Req, tc.Prefix, tc.Serial)
		if err != nil || certEntry == nil {
			t.Fatalf("error on %s: err: %v, entry: %v", name, err, certEntry)
		}
	}
}
Tests for cert and crl util 2017-04-26 06:46:01 +00:00			`package pki`

			`import (`
Add context to storage backends and wire it through a lot of places (#3817) 2018-01-19 06:44:44 +00:00			`"context"`
Refactor cert_util_test 2017-04-27 21:09:59 +00:00			`"fmt"`
Tests for cert and crl util 2017-04-26 06:46:01 +00:00			`"testing"`

Refactor cert_util_test 2017-04-27 21:09:59 +00:00			`"strings"`

Tests for cert and crl util 2017-04-26 06:46:01 +00:00			`"github.com/hashicorp/vault/logical"`
			`)`

Rename tests, use HandleRequest() for existing paths 2017-04-27 13:47:56 +00:00			`func TestPki_FetchCertBySerial(t *testing.T) {`
Tests for cert and crl util 2017-04-26 06:46:01 +00:00			`storage := &logical.InmemStorage{}`

			`cases := map[string]struct {`
Refactor cert_util_test 2017-04-27 21:09:59 +00:00			`Req *logical.Request`
			`Prefix string`
			`Serial string`
Tests for cert and crl util 2017-04-26 06:46:01 +00:00			`}{`
Refactor cert_util_test 2017-04-27 21:09:59 +00:00			`"valid cert": {`
Tests for cert and crl util 2017-04-26 06:46:01 +00:00			`&logical.Request{`
Add test for ca and crl case 2017-04-28 12:55:28 +00:00			`Storage: storage,`
Tests for cert and crl util 2017-04-26 06:46:01 +00:00			`},`
Refactor cert_util_test 2017-04-27 21:09:59 +00:00			`"certs/",`
			`"00:00:00:00:00:00:00:00",`
Tests for cert and crl util 2017-04-26 06:46:01 +00:00			`},`
Refactor cert_util_test 2017-04-27 21:09:59 +00:00			`"revoked cert": {`
Tests for cert and crl util 2017-04-26 06:46:01 +00:00			`&logical.Request{`
Add test for ca and crl case 2017-04-28 12:55:28 +00:00			`Storage: storage,`
Tests for cert and crl util 2017-04-26 06:46:01 +00:00			`},`
Refactor cert_util_test 2017-04-27 21:09:59 +00:00			`"revoked/",`
			`"11:11:11:11:11:11:11:11",`
Tests for cert and crl util 2017-04-26 06:46:01 +00:00			`},`
			`}`

Refactor cert_util_test 2017-04-27 21:09:59 +00:00			`// Test for colon-based paths in storage`
			`for name, tc := range cases {`
			`storageKey := fmt.Sprintf("%s%s", tc.Prefix, tc.Serial)`
Add context to storage backends and wire it through a lot of places (#3817) 2018-01-19 06:44:44 +00:00			`err := storage.Put(context.Background(), &logical.StorageEntry{`
Refactor cert_util_test 2017-04-27 21:09:59 +00:00			`Key: storageKey,`
			`Value: []byte("some data"),`
			`})`
			`if err != nil {`
			`t.Fatalf("error writing to storage on %s colon-based storage path: %s", name, err)`
			`}`

Add context to storage backends and wire it through a lot of places (#3817) 2018-01-19 06:44:44 +00:00			`certEntry, err := fetchCertBySerial(context.Background(), tc.Req, tc.Prefix, tc.Serial)`
Refactor cert_util_test 2017-04-27 21:09:59 +00:00			`if err != nil {`
			`t.Fatalf("error on %s for colon-based storage path: %s", name, err)`
			`}`

			`// Check for non-nil on valid/revoked certs`
			`if certEntry == nil {`
			`t.Fatalf("nil on %s for colon-based storage path", name)`
			`}`

			`// Ensure that cert serials are converted/updated after fetch`
Include and use normalizeSerial func 2017-05-03 14:12:58 +00:00			`expectedKey := tc.Prefix + normalizeSerial(tc.Serial)`
Add context to storage backends and wire it through a lot of places (#3817) 2018-01-19 06:44:44 +00:00			`se, err := storage.Get(context.Background(), expectedKey)`
Refactor cert_util_test 2017-04-27 21:09:59 +00:00			`if err != nil {`
			`t.Fatalf("error on %s for colon-based storage path:%s", name, err)`
			`}`
			`if strings.Compare(expectedKey, se.Key) != 0 {`
			`t.Fatalf("expected: %s, got: %s", expectedKey, certEntry.Key)`
			`}`
			`}`

			`// Reset storage`
			`storage = &logical.InmemStorage{}`

			`// Test for hyphen-base paths in storage`
Tests for cert and crl util 2017-04-26 06:46:01 +00:00			`for name, tc := range cases {`
Include and use normalizeSerial func 2017-05-03 14:12:58 +00:00			`storageKey := tc.Prefix + normalizeSerial(tc.Serial)`
Add context to storage backends and wire it through a lot of places (#3817) 2018-01-19 06:44:44 +00:00			`err := storage.Put(context.Background(), &logical.StorageEntry{`
Refactor cert_util_test 2017-04-27 21:09:59 +00:00			`Key: storageKey,`
Tests for cert and crl util 2017-04-26 06:46:01 +00:00			`Value: []byte("some data"),`
			`})`
			`if err != nil {`
Refactor cert_util_test 2017-04-27 21:09:59 +00:00			`t.Fatalf("error writing to storage on %s hyphen-based storage path: %s", name, err)`
Tests for cert and crl util 2017-04-26 06:46:01 +00:00			`}`

Add context to storage backends and wire it through a lot of places (#3817) 2018-01-19 06:44:44 +00:00			`certEntry, err := fetchCertBySerial(context.Background(), tc.Req, tc.Prefix, tc.Serial)`
Add test for ca and crl case 2017-04-28 12:55:28 +00:00			`if err != nil \|\| certEntry == nil {`
			`t.Fatalf("error on %s for hyphen-based storage path: err: %v, entry: %v", name, err, certEntry)`
			`}`
			`}`

			`noConvCases := map[string]struct {`
			`Req *logical.Request`
			`Prefix string`
			`Serial string`
			`}{`
			`"ca": {`
			`&logical.Request{`
			`Storage: storage,`
			`},`
			`"",`
			`"ca",`
			`},`
			`"crl": {`
			`&logical.Request{`
			`Storage: storage,`
			`},`
			`"",`
			`"crl",`
			`},`
			`}`

			`// Test for ca and crl case`
			`for name, tc := range noConvCases {`
Add context to storage backends and wire it through a lot of places (#3817) 2018-01-19 06:44:44 +00:00			`err := storage.Put(context.Background(), &logical.StorageEntry{`
Add test for ca and crl case 2017-04-28 12:55:28 +00:00			`Key: tc.Serial,`
			`Value: []byte("some data"),`
			`})`
Tests for cert and crl util 2017-04-26 06:46:01 +00:00			`if err != nil {`
Add test for ca and crl case 2017-04-28 12:55:28 +00:00			`t.Fatalf("error writing to storage on %s: %s", name, err)`
Tests for cert and crl util 2017-04-26 06:46:01 +00:00			`}`

Add context to storage backends and wire it through a lot of places (#3817) 2018-01-19 06:44:44 +00:00			`certEntry, err := fetchCertBySerial(context.Background(), tc.Req, tc.Prefix, tc.Serial)`
Add test for ca and crl case 2017-04-28 12:55:28 +00:00			`if err != nil \|\| certEntry == nil {`
			`t.Fatalf("error on %s: err: %v, entry: %v", name, err, certEntry)`
Tests for cert and crl util 2017-04-26 06:46:01 +00:00			`}`
			`}`
			`}`