-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathtlsya_test.go
88 lines (73 loc) · 2.03 KB
/
tlsya_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
package tlsya
import (
"crypto/x509"
"encoding/pem"
"io/ioutil"
"os"
"path/filepath"
"testing"
"time"
)
func TestGenerateTLS(t *testing.T) {
// Create a temporary directory for test files
tempDir, err := ioutil.TempDir("", "tlsya_test")
if err != nil {
t.Fatalf("Failed to create temp dir: %v", err)
}
defer os.RemoveAll(tempDir)
keyPath := filepath.Join(tempDir, "test.key")
certPath := filepath.Join(tempDir, "test.crt")
config := TLSConfig{
IPAddresses: []string{"127.0.0.1", "192.168.1.1"},
KeyPath: keyPath,
CertPath: certPath,
}
// Test GenerateTLS function
err = GenerateTLS(config)
if err != nil {
t.Fatalf("GenerateTLS failed: %v", err)
}
// Check if files were created
if _, err := os.Stat(keyPath); os.IsNotExist(err) {
t.Errorf("Key file was not created at %s", keyPath)
}
if _, err := os.Stat(certPath); os.IsNotExist(err) {
t.Errorf("Certificate file was not created at %s", certPath)
}
// Read and parse the certificate
certPEM, err := ioutil.ReadFile(certPath)
if err != nil {
t.Fatalf("Failed to read certificate file: %v", err)
}
block, _ := pem.Decode(certPEM)
if block == nil {
t.Fatalf("Failed to parse certificate PEM")
}
cert, err := x509.ParseCertificate(block.Bytes)
if err != nil {
t.Fatalf("Failed to parse certificate: %v", err)
}
// Check IP addresses
if len(cert.IPAddresses) != 2 {
t.Errorf("Expected 2 IP addresses, got %d", len(cert.IPAddresses))
}
expectedIPs := map[string]bool{
"127.0.0.1": true,
"192.168.1.1": true,
}
for _, ip := range cert.IPAddresses {
if !expectedIPs[ip.String()] {
t.Errorf("Unexpected IP address in certificate: %s", ip.String())
}
delete(expectedIPs, ip.String())
}
if len(expectedIPs) > 0 {
t.Errorf("Not all expected IP addresses were in the certificate")
}
// Check validity period
expectedValidity := 365 * 24 * time.Hour
actualValidity := cert.NotAfter.Sub(cert.NotBefore)
if actualValidity != expectedValidity {
t.Errorf("Expected validity period of %v, got %v", expectedValidity, actualValidity)
}
}