2 * ============LICENSE_START=======================================================
3 * oom-certservice-k8s-external-provider
4 * ================================================================================
5 * Copyright (C) 2020 Nokia. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=========================================================
28 "github.com/stretchr/testify/assert"
30 "onap.org/oom-certservice/k8s-external-provider/src/cmpv2provisioner/csr/testdata"
33 func Test_FilterFieldsFromCSR_shouldFilterUnsupportedFields(t *testing.T) {
34 filteredCsrBytes, _ := FilterFieldsFromCSR(testdata.CsrBytesWithNotSupportedFields, testdata.PrivateKeyBytes)
36 assertNotFilteredFieldsNotChanged(t, testdata.CsrBytesWithNotSupportedFields, filteredCsrBytes)
37 assertFilteredFieldsEmpty(t, filteredCsrBytes)
40 func Test_FilterFieldsFromCSR_shouldNotChangeCsrWithoutNotSupportedFields(t *testing.T) {
41 filteredCsrBytes, _ := FilterFieldsFromCSR(testdata.CsrBytesWithoutNotSupportedFields, testdata.PrivateKeyBytes)
43 assertNotFilteredFieldsNotChanged(t, testdata.CsrBytesWithoutNotSupportedFields, filteredCsrBytes)
44 assertFilteredFieldsEmpty(t, filteredCsrBytes)
47 func Test_FilterFieldsFromCSR_shouldErrorWhenCsrPemCannotBeDecoded(t *testing.T) {
48 _, err := FilterFieldsFromCSR([]byte(""), testdata.PrivateKeyBytes)
53 func Test_FilterFieldsFromCSR_shouldErrorWhenCsrCannotBeParsed(t *testing.T) {
54 //Private Key used as CSR
55 _, err := FilterFieldsFromCSR(testdata.PrivateKeyBytes, testdata.PrivateKeyBytes)
60 func Test_FilterFieldsFromCSR_shouldErrorWhenPkPemCannotBeDecoded(t *testing.T) {
61 _, err := FilterFieldsFromCSR(testdata.CsrBytesWithNotSupportedFields, []byte(""))
66 func Test_FilterFieldsFromCSR_shouldErrorWhenPkCannotBeParsed(t *testing.T) {
67 //CSR used as Private Key
68 _, err := FilterFieldsFromCSR(testdata.CsrBytesWithNotSupportedFields, testdata.CsrBytesWithNotSupportedFields)
73 func assertNotFilteredFieldsNotChanged(t *testing.T, originalCsrBytes []byte, filteredCsrBytes []byte) {
74 originalCsr := parseCsrBytes(originalCsrBytes)
75 filteredCsr := parseCsrBytes(filteredCsrBytes)
77 assert.Equal(t, originalCsr.DNSNames, filteredCsr.DNSNames)
78 assert.Equal(t, originalCsr.URIs, filteredCsr.URIs)
79 assert.Equal(t, originalCsr.EmailAddresses, filteredCsr.EmailAddresses)
80 assert.Equal(t, originalCsr.IPAddresses, filteredCsr.IPAddresses)
81 assert.Equal(t, originalCsr.PublicKey, filteredCsr.PublicKey)
82 assert.Equal(t, originalCsr.PublicKeyAlgorithm, filteredCsr.PublicKeyAlgorithm)
83 assert.Equal(t, originalCsr.SignatureAlgorithm, filteredCsr.SignatureAlgorithm)
84 assert.Equal(t, originalCsr.Subject.CommonName, filteredCsr.Subject.CommonName)
85 assert.Equal(t, originalCsr.Subject.Country, filteredCsr.Subject.Country)
86 assert.Equal(t, originalCsr.Subject.Locality, filteredCsr.Subject.Locality)
87 assert.Equal(t, originalCsr.Subject.Organization, filteredCsr.Subject.Organization)
88 assert.Equal(t, originalCsr.Subject.OrganizationalUnit, filteredCsr.Subject.OrganizationalUnit)
89 assert.Equal(t, originalCsr.Subject.Province, filteredCsr.Subject.Province)
92 func assertFilteredFieldsEmpty(t *testing.T, csrBytes []byte) {
93 csr := parseCsrBytes(csrBytes)
94 assert.Nil(t, csr.Subject.PostalCode)
95 assert.Equal(t, "", csr.Subject.SerialNumber)
96 assert.Nil(t, csr.Subject.StreetAddress)
99 func parseCsrBytes(csrBytes []byte) *x509.CertificateRequest {
100 decodedCsr, _ := pem.Decode(csrBytes)
101 csr, _ := x509.ParseCertificateRequest(decodedCsr.Bytes)