Browse Source

Refactor unit tests chain load

aeris 2 years ago
parent
commit
0a980f17ec
3 changed files with 12 additions and 15 deletions
  1. 7
    13
      spec/cryptcheck/tls/cert_spec.rb
  2. 0
    2
      spec/cryptcheck/tls/server_spec.rb
  3. 5
    0
      spec/helpers.rb

+ 7
- 13
spec/cryptcheck/tls/cert_spec.rb View File

@@ -1,38 +1,32 @@
1
-require 'faketime'
2
-
3 1
 describe CryptCheck::Tls::Cert do
4
-	def load_chain(chain)
5
-		chain.collect { |f| ::OpenSSL::X509::Certificate.new File.read "spec/resources/#{f}.crt" }
6
-	end
7
-
8 2
 	describe '::trusted?' do
9 3
 		it 'must accept valid certificate' do
10 4
 			FakeTime.freeze Time.utc(2000, 1, 1) do
11
-				cert, *chain, ca = load_chain %w(ecdsa-prime256v1 intermediate ca)
5
+				cert, *chain, ca = chain(%w(ecdsa-prime256v1 intermediate ca))
12 6
 				trust            = ::CryptCheck::Tls::Cert.trusted? cert, chain, roots: ca
13 7
 				expect(trust).to eq :trusted
14 8
 			end
15 9
 		end
16 10
 
17 11
 		it 'must reject self signed certificate' do
18
-			cert, ca = load_chain %w(self-signed ca)
12
+			cert, ca = chain(%w(self-signed ca))
19 13
 			trust    = ::CryptCheck::Tls::Cert.trusted? cert, [], roots: ca
20 14
 			expect(trust).to eq 'self signed certificate'
21 15
 
22 16
 			# Case for SSLv2
23
-			cert, ca = load_chain %w(self-signed ca)
17
+			cert, ca = chain(%w(self-signed ca))
24 18
 			trust    = ::CryptCheck::Tls::Cert.trusted? cert, nil, roots: ca
25 19
 			expect(trust).to eq 'self signed certificate'
26 20
 		end
27 21
 
28 22
 		it 'must reject unknown CA' do
29
-			cert, *chain = load_chain %w(ecdsa-prime256v1 intermediate ca)
23
+			cert, *chain = chain(%w(ecdsa-prime256v1 intermediate ca))
30 24
 			trust        = ::CryptCheck::Tls::Cert.trusted? cert, chain, roots: []
31 25
 			expect(trust).to eq 'unable to get issuer certificate'
32 26
 		end
33 27
 
34 28
 		it 'must reject missing intermediate chain' do
35
-			cert, ca = load_chain %w(ecdsa-prime256v1 ca)
29
+			cert, ca = chain(%w(ecdsa-prime256v1 ca))
36 30
 			chain    = []
37 31
 			trust    = ::CryptCheck::Tls::Cert.trusted? cert, chain, roots: ca
38 32
 			expect(trust).to eq 'unable to get local issuer certificate'
@@ -40,7 +34,7 @@ describe CryptCheck::Tls::Cert do
40 34
 
41 35
 		it 'must reject expired certificate' do
42 36
 			FakeTime.freeze Time.utc(2002, 1, 1) do
43
-				cert, *chain, ca = load_chain %w(ecdsa-prime256v1 intermediate ca)
37
+				cert, *chain, ca = chain(%w(ecdsa-prime256v1 intermediate ca))
44 38
 				trust            = ::CryptCheck::Tls::Cert.trusted? cert, chain, roots: ca
45 39
 				expect(trust).to eq 'certificate has expired'
46 40
 			end
@@ -48,7 +42,7 @@ describe CryptCheck::Tls::Cert do
48 42
 
49 43
 		it 'must reject not yet valid certificate' do
50 44
 			FakeTime.freeze Time.utc(1999, 1, 1) do
51
-				cert, *chain, ca = load_chain %w(ecdsa-prime256v1 intermediate ca)
45
+				cert, *chain, ca = chain(%w(ecdsa-prime256v1 intermediate ca))
52 46
 				trust            = ::CryptCheck::Tls::Cert.trusted? cert, chain, roots: ca
53 47
 				expect(trust).to eq 'certificate is not yet valid'
54 48
 			end

+ 0
- 2
spec/cryptcheck/tls/server_spec.rb View File

@@ -1,5 +1,3 @@
1
-require 'faketime'
2
-
3 1
 describe CryptCheck::Tls::Server do
4 2
 	before :all do
5 3
 		FakeTime.freeze Time.utc(2000, 1, 1)

+ 5
- 0
spec/helpers.rb View File

@@ -3,6 +3,7 @@ require 'rubygems'
3 3
 require 'bundler/setup'
4 4
 Bundler.require :default, :development
5 5
 require 'cryptcheck'
6
+require 'faketime'
6 7
 Dir['./spec/**/support/**/*.rb'].sort.each { |f| require f }
7 8
 
8 9
 require 'simplecov'
@@ -40,6 +41,10 @@ module Helpers
40 41
 		OpenSSL::X509::Certificate.new File.read "spec/resources/#{name}.crt"
41 42
 	end
42 43
 
44
+	def chain(chain)
45
+		chain.collect { |f| self.cert f }
46
+	end
47
+
43 48
 	def dh(name)
44 49
 		OpenSSL::PKey::DH.new File.read "spec/resources/dh-#{name}.pem"
45 50
 	end

Loading…
Cancel
Save