From 0a980f17eca4428bc5f16418145da382da8bc30a Mon Sep 17 00:00:00 2001 From: aeris Date: Sat, 11 Feb 2017 21:06:43 +0100 Subject: [PATCH] Refactor unit tests chain load --- spec/cryptcheck/tls/cert_spec.rb | 20 +++++++------------- spec/cryptcheck/tls/server_spec.rb | 2 -- spec/helpers.rb | 5 +++++ 3 files changed, 12 insertions(+), 15 deletions(-) diff --git a/spec/cryptcheck/tls/cert_spec.rb b/spec/cryptcheck/tls/cert_spec.rb index 5fa01d7..1876d3a 100644 --- a/spec/cryptcheck/tls/cert_spec.rb +++ b/spec/cryptcheck/tls/cert_spec.rb @@ -1,38 +1,32 @@ -require 'faketime' - describe CryptCheck::Tls::Cert do - def load_chain(chain) - chain.collect { |f| ::OpenSSL::X509::Certificate.new File.read "spec/resources/#{f}.crt" } - end - describe '::trusted?' do it 'must accept valid certificate' do FakeTime.freeze Time.utc(2000, 1, 1) do - cert, *chain, ca = load_chain %w(ecdsa-prime256v1 intermediate ca) + cert, *chain, ca = chain(%w(ecdsa-prime256v1 intermediate ca)) trust = ::CryptCheck::Tls::Cert.trusted? cert, chain, roots: ca expect(trust).to eq :trusted end end it 'must reject self signed certificate' do - cert, ca = load_chain %w(self-signed ca) + cert, ca = chain(%w(self-signed ca)) trust = ::CryptCheck::Tls::Cert.trusted? cert, [], roots: ca expect(trust).to eq 'self signed certificate' # Case for SSLv2 - cert, ca = load_chain %w(self-signed ca) + cert, ca = chain(%w(self-signed ca)) trust = ::CryptCheck::Tls::Cert.trusted? cert, nil, roots: ca expect(trust).to eq 'self signed certificate' end it 'must reject unknown CA' do - cert, *chain = load_chain %w(ecdsa-prime256v1 intermediate ca) + cert, *chain = chain(%w(ecdsa-prime256v1 intermediate ca)) trust = ::CryptCheck::Tls::Cert.trusted? cert, chain, roots: [] expect(trust).to eq 'unable to get issuer certificate' end it 'must reject missing intermediate chain' do - cert, ca = load_chain %w(ecdsa-prime256v1 ca) + cert, ca = chain(%w(ecdsa-prime256v1 ca)) chain = [] trust = ::CryptCheck::Tls::Cert.trusted? cert, chain, roots: ca expect(trust).to eq 'unable to get local issuer certificate' @@ -40,7 +34,7 @@ describe CryptCheck::Tls::Cert do it 'must reject expired certificate' do FakeTime.freeze Time.utc(2002, 1, 1) do - cert, *chain, ca = load_chain %w(ecdsa-prime256v1 intermediate ca) + cert, *chain, ca = chain(%w(ecdsa-prime256v1 intermediate ca)) trust = ::CryptCheck::Tls::Cert.trusted? cert, chain, roots: ca expect(trust).to eq 'certificate has expired' end @@ -48,7 +42,7 @@ describe CryptCheck::Tls::Cert do it 'must reject not yet valid certificate' do FakeTime.freeze Time.utc(1999, 1, 1) do - cert, *chain, ca = load_chain %w(ecdsa-prime256v1 intermediate ca) + cert, *chain, ca = chain(%w(ecdsa-prime256v1 intermediate ca)) trust = ::CryptCheck::Tls::Cert.trusted? cert, chain, roots: ca expect(trust).to eq 'certificate is not yet valid' end diff --git a/spec/cryptcheck/tls/server_spec.rb b/spec/cryptcheck/tls/server_spec.rb index 96b4104..b7e16c6 100644 --- a/spec/cryptcheck/tls/server_spec.rb +++ b/spec/cryptcheck/tls/server_spec.rb @@ -1,5 +1,3 @@ -require 'faketime' - describe CryptCheck::Tls::Server do before :all do FakeTime.freeze Time.utc(2000, 1, 1) diff --git a/spec/helpers.rb b/spec/helpers.rb index b0569fd..6dbf001 100644 --- a/spec/helpers.rb +++ b/spec/helpers.rb @@ -3,6 +3,7 @@ require 'rubygems' require 'bundler/setup' Bundler.require :default, :development require 'cryptcheck' +require 'faketime' Dir['./spec/**/support/**/*.rb'].sort.each { |f| require f } require 'simplecov' @@ -40,6 +41,10 @@ module Helpers OpenSSL::X509::Certificate.new File.read "spec/resources/#{name}.crt" end + def chain(chain) + chain.collect { |f| self.cert f } + end + def dh(name) OpenSSL::PKey::DH.new File.read "spec/resources/dh-#{name}.pem" end