first fully working version of leap_ca

author: elijah <elijah@riseup.net> 2012-11-12 23:53:51 -0800
committer: elijah <elijah@riseup.net> 2012-11-12 23:53:51 -0800
commit: c37a35df81b2d6becc09f1820240db24c3ec632c (patch)
tree: 50187e4ab1face237760614ecf844b42efdd51e1 /test
parent: c90d30621e042cc3e52ffc87e3491ab110a57e9e (diff)
7 files changed, 82 insertions, 44 deletions
diff --git a/test/config/config.yaml b/test/config/config.yaml
new file mode 100644
index 0000000..707385c
--- /dev/null
+++ b/test/config/config.yaml
@@ -0,0 +1,20 @@
+#
+# testing configuration options
+#
+
+#
+# Certificate Authority
+#
+ca_key_path: "./test/files/ca.key"
+ca_key_password: ~
+ca_cert_path: "./test/files/ca.crt"
+
+#
+# Certificate pool
+#
+max_pool_size: 4
+client_cert_lifespan: 1
+client_cert_bit_size: 1024
+client_cert_hash: "SHA1"
+
+db_name: "client_certificates_test"
diff --git a/test/files/ca.crt b/test/files/ca.crt
new file mode 100644
index 0000000..cade598
--- /dev/null
+++ b/test/files/ca.crt
@@ -0,0 +1,14 @@
+-----BEGIN CERTIFICATE-----
+MIICPDCCAYmgAwIBAgIEUKCI4DANBgkqhkiG9w0BAQsFADAkMSIwIAYDVQQDExlS
+b290IENBIGZvciBydW5uaW5nIHRlc3RzMB4XDTEyMTExMjA1MjgwMFoXDTEzMTEx
+MjA1MjgwMFowJDEiMCAGA1UEAxMZUm9vdCBDQSBmb3IgcnVubmluZyB0ZXN0czCB
+uzANBgkqhkiG9w0BAQEFAAOBqQAwgaUCgZ0ApeqCGQOmiHxCFxsfUKmBV6ruOYar
+EsepFAycTmmakXBjNj4B9Pd3gE3Cc56rvkq0uxluRvqspzpEOQpCg8M5fkft/fxS
+acw+ackj3ys7r0MrXgL66QeLnNGe8+RjBO8UHb3OPx547hqUHVg+3HqSCdn9cGQX
+9//EJrnSJsLuZw9ktkN4Ytyd1deZo6AkiIeCyz0HxKQBIhdJAPRlAgMBAAGjQzBB
+MA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcEADAdBgNVHQ4EFgQUBe1l
+BbuGErEkHLffGvkY5dDOH1YwDQYJKoZIhvcNAQELBQADgZ0ADpudncToYPS183w8
+c68dObCCvNfv/FTBg4ihCLW6PapADYuvXmCvXgHflylET+rFdcrnUfl+XjNT5IjF
+ImUyyOnCiy7scRgY+9qrEb7neH4CopGZKkWBTadZLu0QZqMcsWyAZBzaI8tBwL+G
++ylSgw3xTSf/HFjmTJAlDzUieV4DufrPqz7Yx0GrTswdJOcccc/PWUvQIU1GXvto
+-----END CERTIFICATE-----
diff --git a/test/files/ca.key b/test/files/ca.key
new file mode 100644
index 0000000..d266ef7
--- /dev/null
+++ b/test/files/ca.key
@@ -0,0 +1,18 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIC2gIBAAKBnQCl6oIZA6aIfEIXGx9QqYFXqu45hqsSx6kUDJxOaZqRcGM2PgH0
+93eATcJznqu+SrS7GW5G+qynOkQ5CkKDwzl+R+39/FJpzD5pySPfKzuvQyteAvrp
+B4uc0Z7z5GME7xQdvc4/HnjuGpQdWD7cepIJ2f1wZBf3/8QmudImwu5nD2S2Q3hi
+3J3V15mjoCSIh4LLPQfEpAEiF0kA9GUCAwEAAQKBnAKz9FSgqO42Sq6tBBtAolkh
+nBSXK2L4mmTiOQr/UMOnzLtN0qMBWRK1Bu2dRcz+0zztEs0t45wsfdS0DxYDGy+s
+elBrSOhs/w34IeZ5LM6xY0u4HZDmhn0pQNo6QZcFICr0GkkYdmWDlkLvIeJ/u6+q
+nmyqAQXvj3R4nA7hrKUXzJjfvN3RYrhLN+/T41zLybeJ5vLZQK3jJSiIjQJPAMhS
+HTIbYTUi2pxYVSwJDY4S2klTdroNGvTCkqcTRcB4Ms70FGLPZ6+ZumrkbSohHUsj
+gDRRy3e4fjA9qMSQynVr2gkUobsR0tAdQGVOKwJPANQIUPaTc2ouNYNLAiHoAXoL
+qAcF5g7/vtlMOwr+16EYoG7bLbiEie7nBfg9zz/VUnvOEy6pZ89YvsZOMlGicsRs
++tfUM1g/u0ZFEoQPrwJOC6bbE+ML0G9qj9WDfsA4DZ+DGujD6yZ//uSiax1v3TYg
+nnEMDoNJ4KjscvM+dkjez1QNTP3E+/27OUsc2fIiFJplYEnW7m6m+Hv7FulpAk8A
+tiASk0oiV/ErLARw53jmU9PRV378lqOcZgAxswclZo3FuJLxmc3WwOuV2B4Xd+gf
+epKPLYR708GR1Lp0RGS6GfjWGi9+ju3nSbuo5OCnAk5yun/UvDdtnZ6fXo9aF22/
+yoiztru7yhJdVrMx3PbbndfN2y9ctqcd6CD5fIQdyZ4K8eTr686RjH8C0XP095Ib
+an3AO/TQG1c4yE2hSvQ=
+-----END RSA PRIVATE KEY-----
diff --git a/test/test_helper.rb b/test/test_helper.rb
index d78cc96..7e90cfa 100644
--- a/test/test_helper.rb
+++ b/test/test_helper.rb
@@ -1,6 +1,10 @@
 require 'rubygems'
 require 'minitest/autorun'
-LEAP_CA_ROOT = File.expand_path('../..', __FILE__)
-$:.unshift File.expand_path('lib', LEAP_CA_ROOT)
 
-require 'mocha'
+BASE_DIR = File.expand_path('../..', __FILE__)
+$:.unshift File.expand_path('lib', BASE_DIR)
+
+require 'mocha/setup'
+
+LEAP_CA_CONFIG = "test/config/config.yaml"
+require 'leap_ca'
diff --git a/test/unit/cert_test.rb b/test/unit/cert_test.rb
index 761e5a9..21e4d96 100644
--- a/test/unit/cert_test.rb
+++ b/test/unit/cert_test.rb
@@ -1,50 +1,32 @@
-require 'test_helper'
-require 'leap_ca/cert'
+require File.expand_path('../../test_helper.rb', __FILE__)
 
 class CertTest < MiniTest::Unit::TestCase
 
   def setup
-    @sample = Cert.new
-    @sample.set_random
-    @sample.attach_zip
+    @cert = LeapCA::Cert.new
   end
 
-  def test_certs_come_with_attachments
-    assert @sample.has_attachment? "cert.txt"
-  end
+  def test_generate
+    @cert.generate
 
-  def test_zipper_returns_zip_attachement
-    assert_equal "text/plain", @sample.zip_attachment["content_type"]
-  end
+    assert @cert.cert, 'certificate should exist'
+    assert @cert.key, 'key should exist'
 
-  def test_zipname_returns_name_of_zip_file
-    assert_equal "cert.txt", @sample.zipname
-  end
+    ca   = OpenSSL::X509::Certificate.new(File.read(LeapCA::Config.ca_cert_path))
+    cert = OpenSSL::X509::Certificate.new(@cert.cert)
+    key  = OpenSSL::PKey::RSA.new(@cert.key)
 
-  def test_test_data
-    assert @sample.valid?
-  end
-
-  def test_zipped_returns_actual_data
-    @sample.save # This is required!
-    lines = @sample.zipped.split("\n")
-    assert_equal 56, lines.count
-    assert_equal "-----BEGIN RSA PRIVATE KEY-----", lines.first.chomp
-    assert_equal "-----END CERTIFICATE-----", lines.last.chomp
+    assert cert.verify(ca.public_key), "cert was not signed by CA"
+    assert_equal ca.subject.to_s, cert.issuer.to_s, 'issuer should match'
+    assert_equal "test", cert.public_key.public_decrypt(key.private_encrypt("test")), 'keypair should be able to encrypt/decrypt'
   end
 
   def test_validation_of_random
-    @sample.stubs(:set_random)
-    [0, 1, nil, "asdf"].each do |invalid|
-      @sample.random = invalid
-      assert !@sample.valid?, "#{invalid} should not be a valid value for random"
+    @cert.stubs(:set_random)
+    [1, nil, "asdf"].each do |invalid|
+      @cert.random = invalid
+      assert !@cert.valid?, "#{invalid} should not be a valid value for random"
     end
   end
 
-  def test_validation_of_attachement
-    @sample.stubs(:attach_zip)
-    @sample.delete_attachment(@sample.zipname)
-    assert !@sample.valid?, "Cert should require zipped attachment"
-  end
-
-end
+end
+\ No newline at end of file
diff --git a/test/unit/couch_changes_test.rb b/test/unit/couch_changes_test.rb
index 2ef5de3..9c99d30 100644
--- a/test/unit/couch_changes_test.rb
+++ b/test/unit/couch_changes_test.rb
@@ -1,5 +1,5 @@
-require 'test_helper'
-require 'lib/couch_changes'
+require File.expand_path('../../test_helper.rb', __FILE__)
+require 'leap_ca/couch_changes'
 
 class CouchChangesTest < MiniTest::Unit::TestCase
 
@@ -7,7 +7,7 @@ class CouchChangesTest < MiniTest::Unit::TestCase
 
   def setup
     @stream = mock()
-    @changes = CouchChanges.new(@stream)
+    @changes = LeapCA::CouchChanges.new(@stream)
   end
 
   def test_last_seq
diff --git a/test/unit/couch_stream_test.rb b/test/unit/couch_stream_test.rb
index af5a34e..7f86351 100644
--- a/test/unit/couch_stream_test.rb
+++ b/test/unit/couch_stream_test.rb
@@ -1,5 +1,5 @@
-require 'test_helper'
-require 'lib/couch_stream'
+require File.expand_path('../../test_helper.rb', __FILE__)
+require 'leap_ca/couch_stream'
 
 # we'll mock this
 module Yajl
@@ -11,7 +11,7 @@ class CouchStreamTest < MiniTest::Unit::TestCase
 
   def setup
     @root = "http://server/database"
-    @stream = CouchStream.new(@root)
+    @stream = LeapCA::CouchStream.new(@root)
     @url = @root + "/_changes?a=b&c=d"
     @path = "_changes"
     @options = {:a => :b, :c => :d}
author	elijah <elijah@riseup.net>	2012-11-12 23:53:51 -0800
committer	elijah <elijah@riseup.net>	2012-11-12 23:53:51 -0800
commit	c37a35df81b2d6becc09f1820240db24c3ec632c (patch)
tree	50187e4ab1face237760614ecf844b42efdd51e1 /test
parent	c90d30621e042cc3e52ffc87e3491ab110a57e9e (diff)