chore: add tests for the import and certificate commands

Issue: #84
pimg · Oct 17, 2024 · 659fbf3 · 659fbf3
1 parent adb31d8
commit 659fbf3
Show file tree

Hide file tree

Showing 7 changed files with 213 additions and 8 deletions.
diff --git a/internal/ports/models/commands/certificate_test.go b/internal/ports/models/commands/certificate_test.go
@@ -0,0 +1,50 @@
+package commands
+
+import (
+ "math/big"
+ "os"
+ "path/filepath"
+ "testing"
+
+ "github.com/pimg/certguard/internal/ports/models/messages"
+ "github.com/pimg/certguard/pkg/domain/crl"
+ "github.com/stretchr/testify/assert"
+)
+
+func TestParseCertificate(t *testing.T) {
+ certRaw, err := os.ReadFile(filepath.Join("..", "..", "..", "..", "testing", "pki", "org-on-crl.pem"))
+ assert.NoError(t, err)
+
+ storage, err := crl.NewMockStorage()
+ assert.NoError(t, err)
+
+ cmds := NewCommands(storage)
+
+ cmd := cmds.ParsePemCertficate(string(certRaw))
+ assert.NotNil(t, cmd)
+
+ certMsg := cmd()
+ assert.NotNil(t, certMsg)
+
+ msg := certMsg.(messages.PemCertificateMsg)
+
+ serialNum, success := new(big.Int).SetString("277698924469047062536476011533217874011933401810", 0)
+ assert.True(t, success)
+ assert.Equal(t, serialNum, msg.Certificate.SerialNumber)
+}
+
+func TestParseCertificateInvalid(t *testing.T) {
+ storage, err := crl.NewMockStorage()
+ assert.NoError(t, err)
+
+ cmds := NewCommands(storage)
+
+ cmd := cmds.ParsePemCertficate("this is not a valid certificate")
+ assert.NotNil(t, cmd)
+
+ msg := cmd()
+
+ errMsg := msg.(messages.ErrorMsg)
+
+ assert.Equal(t, "failed to parse certificate", errMsg.Err.Error())
+}
diff --git a/internal/ports/models/commands/import_test.go b/internal/ports/models/commands/import_test.go
@@ -0,0 +1,92 @@
+package commands
+
+import (
+ "path/filepath"
+ "testing"
+ "time"
+
+ "github.com/pimg/certguard/internal/ports/models/messages"
+ "github.com/pimg/certguard/pkg/domain/crl"
+ "github.com/stretchr/testify/assert"
+)
+
+func TestImportCRL(t *testing.T) {
+ storage, err := crl.NewMockStorage()
+ assert.NoError(t, err)
+
+ cmds := NewCommands(storage)
+
+ msg := cmds.ImportFile(filepath.Join("..", "..", "..", "..", "testing", "pki", "ca.crl"))()
+
+ crlMsg := msg.(messages.CRLResponseMsg)
+
+ assert.Len(t, crlMsg.RevocationList.RevokedCertificateEntries, 1)
+}
+
+func TestImportPEM(t *testing.T) {
+ storage, err := crl.NewMockStorage()
+ assert.NoError(t, err)
+
+ cmds := NewCommands(storage)
+
+ msg := cmds.ImportFile(filepath.Join("..", "..", "..", "..", "testing", "pki", "org-on-crl.pem"))()
+
+ pemMsg := msg.(messages.PemCertificateMsg)
+
+ assert.NotEmpty(t, pemMsg)
+ assert.Equal(t, "277698924469047062536476011533217874011933401810", pemMsg.Certificate.SerialNumber.String())
+}
+
+func TestImportCRLInvalidPath(t *testing.T) {
+ storage, err := crl.NewMockStorage()
+ assert.NoError(t, err)
+
+ cmds := NewCommands(storage)
+
+ msg := cmds.ImportFile(filepath.Join("..", "..", "..", "..", "testing", "pki", "idonotexist.crl"))()
+
+ errMsg := msg.(messages.ErrorMsg)
+
+ assert.ErrorContains(t, errMsg.Err, "could not load CRL from import location")
+}
+
+func TestImportMalformedCertificate(t *testing.T) {
+ storage, err := crl.NewMockStorage()
+ assert.NoError(t, err)
+
+ cmds := NewCommands(storage)
+
+ msg := cmds.ImportFile(filepath.Join("..", "..", "..", "..", "testing", "pki", "malformed-certificate.pem"))()
+
+ errMsg := msg.(messages.ErrorMsg)
+ assert.ErrorContains(t, errMsg.Err, "failed to parse certificate")
+}
+
+func TestImportMalformedCRL(t *testing.T) {
+ storage, err := crl.NewMockStorage()
+ assert.NoError(t, err)
+
+ cmds := NewCommands(storage)
+
+ msg := cmds.ImportFile(filepath.Join("..", "..", "..", "..", "testing", "pki", "malformed.crl"))()
+
+ errMsg := msg.(messages.ErrorMsg)
+ assert.ErrorContains(t, errMsg.Err, "could not parse CRL\nx509: malformed crl\ncannot parse CRL from")
+}
+
+func TestGetRevokedCertificatesNoRevokedCertificatesFound(t *testing.T) {
+ storage, err := crl.NewMockStorage()
+ assert.NoError(t, err)
+
+ cmds := NewCommands(storage)
+
+ msg := cmds.GetRevokedCertificates(&GetRevokedCertificatesArgs{
+ ID: "1",
+ CN: "testCN",
+ ThisUpdate: time.Now().Format(time.DateOnly),
+ NextUpdate: time.Now().Format(time.DateOnly),
+ URL: "http://example.com",
+ })()
+
+ assert.NotNil(t, msg)
+}
diff --git a/pkg/domain/crl/storage_mock.go b/pkg/domain/crl/storage_mock.go
@@ -6,7 +6,10 @@ import (
 )
 
 // TODO create better mock repository that can be used for testing
-type MockRepository struct{}
+type MockRepository struct {
+ CRLs map[int64]*CertificateRevocationList
+ RevokedCertificateEntries map[int64][]x509.RevocationListEntry
+}
 
 func (r *MockRepository) FindRevokedCertificate(_ context.Context, _ string) (*RevokedCertificate, error) {
  return nil, nil
@@ -16,26 +19,50 @@ func (r *MockRepository) List(_ context.Context) ([]*CertificateRevocationList,
  return []*CertificateRevocationList{}, nil
 }
 
-func (r *MockRepository) Save(_ context.Context, _ *CertificateRevocationList) (int64, error) {
- return 0, nil
+func (r *MockRepository) Save(_ context.Context, crl *CertificateRevocationList) (int64, error) {
+ r.CRLs[crl.ID] = crl
+ return crl.ID, nil
 }
 
 func (r *MockRepository) Find(_ context.Context, _ string) (*CertificateRevocationList, error) {
  return &CertificateRevocationList{}, nil
 }
 
-func (r *MockRepository) SaveRevokedCertificates(_ context.Context, _ int64, _ []x509.RevocationListEntry) (int, error) {
- return 0, nil
+func (r *MockRepository) SaveRevokedCertificates(_ context.Context, crlID int64, entries []x509.RevocationListEntry) (int, error) {
+ CRLentries, ok := r.RevokedCertificateEntries[crlID]
+ if !ok {
+ CRLentries = entries
+ } else {
+ CRLentries = append(CRLentries, entries...)
+ }
+ return len(CRLentries), nil
 }
 
-func (r *MockRepository) FindRevokedCertificates(_ context.Context, _ int64) ([]*RevokedCertificate, error) {
- return []*RevokedCertificate{}, nil
+func (r *MockRepository) FindRevokedCertificates(_ context.Context, CRLID int64) ([]*RevokedCertificate, error) {
+ CRL, ok := r.RevokedCertificateEntries[CRLID]
+ revokedCertifcates := make([]*RevokedCertificate, 0)
+ if !ok {
+ return revokedCertifcates, nil
+ }
+
+ for _, entry := range CRL {
+ revokedCertifcates = append(revokedCertifcates, &RevokedCertificate{
+ SerialNumber: entry.SerialNumber.String(),
+ RevocationDate: entry.RevocationTime,
+ })
+ }
+ return revokedCertifcates, nil
 }
 
 func (r *MockRepository) Delete(_ context.Context, _ int64) error {
  return nil
 }
 
 func NewMockStorage() (*Storage, error) {
- return NewStorage(&MockRepository{}, "test")
+ CRLs := make(map[int64]*CertificateRevocationList)
+ RevokedCertificateEntries := make(map[int64][]x509.RevocationListEntry)
+ return NewStorage(&MockRepository{
+ CRLs: CRLs,
+ RevokedCertificateEntries: RevokedCertificateEntries,
+ }, "test")
 }
diff --git a/testing/pki/ca.crl b/testing/pki/ca.crl
diff --git a/testing/pki/malformed-certificate.pem b/testing/pki/malformed-certificate.pem
@@ -0,0 +1,3 @@
+-----BEGIN CERTIFICATE-----
+THIS IS A MALFORMED CERTIFICATE
+-----END CERTIFICATE-----
diff --git a/testing/pki/malformed.crl b/testing/pki/malformed.crl
diff --git a/testing/pki/org-on-crl.pem b/testing/pki/org-on-crl.pem
@@ -0,0 +1,33 @@
+-----BEGIN CERTIFICATE-----
+MIIFyDCCA7CgAwIBAgIUMKRzUFtis65d3InAnE0sDR8oYtIwDQYJKoZIhvcNAQEN
+BQAwPDEcMBoGA1UEChMTTkxYIEludGVybWVkaWF0ZSBDQTEcMBoGA1UEAxMTTkxY
+IEludGVybWVkaWF0ZSBDQTAgFw0yNDAxMDMxNDE3MDBaGA8yMjI0MDEwNDAxMTcw
+MFowTzEVMBMGA1UEChMMbmx4LXRlc3QtY3JsMRcwFQYDVQQDEw5pbndheS50ZXN0
+LWNybDEdMBsGA1UEBRMUMDAwMDAwMDAwMDAwMDAwMDAwMDQwggIiMA0GCSqGSIb3
+DQEBAQUAA4ICDwAwggIKAoICAQC5Wex6QHAA6oP0TYAjSkhoeeLcOSvhD2D56zdf
+PhjFjn2SbX5cEQ+wdxAP2532MSllatE4++bDhWsSKYn9cjuWyuh8grG5BkGChg1j
+A5Or2H1SbXvWlU7rS/g17E33RYN69VsZrNfVmVSqhKhH1l+a6cgjv8shD1N/S9Lb
+mPU46sDBsDajOl3ptQEtf33wgmAHwmKypyCeOdDaao8udXjnBkZwEy0/fs9b4HVJ
+oexe20ceZpm3jBikhat9gZnyarNKD2nsJvO6eIZIabpgHWdaQlUa0j3+JODzgxvW
+pQoNE4D2cbwMxrmtOOqn6AJl0kxw5b+dqWil72otFHYnczn4Mf+KHbIt3lyHaSdx
+McjkPKo3/78MAMaqoGFomnv06yI8QsDTA1pkyg/m6XoQjElYjyBIt5a4aEJ4O74y
+M6/HCT+MeiF11kjYUVkP4PMIfGA5qcy0krM0P/7Q4Wx9FoLGAiQ/XOpaWgVd6P9r
+lxnZgfor8LKpmi7k6dVoo42NLaJQEwTqx+VWmXUMtS+UCZPe69yEIu4ICov4aHfT
+OHwi7fAX46HgY6twgC9VU2YV2rxz/eSyLohtlTpeF1QcNvL+7NO+98mBlEwOJJlP
+Fb4XxuU93vsO8S1tgFKjZa5Y3iOqcCKfMTebEqJnrUKS1PoC+91Z+XSzr/LpBdYt
+QO1/AwIDAQABo4GsMIGpMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEF
+BQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUa8cbBuOEVs+R
+3YdLimBcZo0UbcQwHwYDVR0jBBgwFoAU6a4PeewVQ7FWUf5w5mL7bdhNUbswKgYD
+VR0RBCMwIYIJbG9jYWxob3N0gg5pbndheS50ZXN0LWNybIcEfwAAATANBgkqhkiG
+9w0BAQ0FAAOCAgEAfiqZadEeNJzznnug2TzNfAZpC9lpWXXuXpNsUUYrYpoWfUtE
+RPvHvNf2xfxof68COJG9U2FLO1VY6LpcsHPcpyfB4hbW4mlB3iyG62V+Rt8lE/MN
+tnWZ+xK0yr/STUss6zCw14IlhFdKKVP6zK1NvwdrcBcvDmZ2lIxaRyqhUXhIjSQV
+BD2cwbDb2cn9Pu8ThZDa2FzVZTThvO28EPW48k4L/TLhKXNdhODrME4pd5IBnbtp
+54hwmXOYLUIobGhSgRiWjP6FJbawWfvIqAFxDM/CdRWCHx47oaZXZ2012iU9w2k3
+boNX/UhO9GepQK5i8h7Z16h4SFuT3KMX+NykT1qYqpadTjZ9SvuVNCvATfFcmyaT
+4ZqCQJ2ZCvat0tIaTTU+okTfy9Gwf//kQgN0q7bdXnilUQorJZA2gmbwrBdD9GvV
+hLN+yZpVye09WgGucVtZp9GLkvZFgZuatyPKSNb4AgLkYJnk0f2SZJQ7Q1xDI1ec
+4rY9rHWjx7fU+OaggZ4zanwdrDAzFe3D4ckzzHauLBi6pvZusDRsjNGbf3E0VMMk
+I7HYt62b50wG0a831siy/nJZy+OBi7d6pdIYte5ZoLCM8PDJ1kORlUniCqR1NLmy
+o5YWbi9EIexzsjqchUaf6bvvy8X1vwPmZgKAgBV+SBBNlGDu/R2nZzm2adk=
+-----END CERTIFICATE-----