-
Notifications
You must be signed in to change notification settings - Fork 4
/
ocsp_test.go
106 lines (82 loc) · 2.67 KB
/
ocsp_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
package main
import (
"bytes"
"io/ioutil"
"os"
"testing"
"golang.org/x/crypto/ocsp"
)
func TestGetOCSPResponse(t *testing.T) {
cert, err := readCertificate("./testdata/twitter.pem")
if err != nil {
t.Fatal("Could not read test certificate.")
}
issuer, err := readCertificate("./testdata/DigiCertSHA2ExtendedValidationServerCA.crt")
if err != nil {
t.Fatal("Could not read test issuer certificate.")
}
httpClient := &MockHTTPClient{}
client := NewClient(httpClient, os.Stdout)
resp, _ := client.GetOCSPResponse(cert, issuer)
expected := "16190166165489431910151563605275097819"
if resp.SerialNumber.String() != expected {
t.Errorf("expected %q, got %q", expected, resp.SerialNumber.String())
}
}
func TestGetOCSPServer(t *testing.T) {
cert, _ := readCertificate("./testdata/certificate.pem")
server, err := getOCSPServer(cert)
if server != "http://ocsp.digicert.com" {
t.Fatal(err)
}
}
func TestPrintStatusResponse(t *testing.T) {
rawResp, _ := ioutil.ReadFile("./testdata/twitter_ocsp_response_v1.der")
resp, _ := ocsp.ParseResponse(rawResp, nil)
out := new(bytes.Buffer) // capture output
expected := "Serial number: 16190166165489431910151563605275097819\n\n" +
"Status: Good\n\n" +
"Produced at: 2017-12-23 06:30:33 +0000 UTC\n" +
"This update: 2017-12-23 06:30:33 +0000 UTC\n" +
"Next update: 2017-12-30 05:45:33 +0000 UTC\n"
httpClient := &MockHTTPClient{}
client := NewClient(httpClient, out)
client.printStatusResponse(resp)
got := out.String()
if got != expected {
t.Errorf("expected %q, got %q", expected, got)
}
}
func TestPrintStatusResponseRevoked(t *testing.T) {
rawResp, _ := ioutil.ReadFile("./testdata/cisco_ocsp_response_revoked.der")
resp, _ := ocsp.ParseResponse(rawResp, nil)
out := new(bytes.Buffer) // capture output
expected := "Serial number: 582831098329266023459877175593458587837818271346\n\n" +
"Status: Revoked\n" +
"Reason: Key compromise\n" +
"Revoked at: 2017-06-18 17:57:00 +0000 UTC\n\n" +
"Produced at: 2017-12-23 16:24:32 +0000 UTC\n" +
"This update: 2017-12-23 16:24:32 +0000 UTC\n" +
"Next update: 2017-12-25 16:24:32 +0000 UTC\n"
httpClient := &MockHTTPClient{}
client := NewClient(httpClient, out)
client.printStatusResponse(resp)
got := out.String()
if got != expected {
t.Errorf("expected %q, got %q", expected, got)
}
}
func TestStatusMessage(t *testing.T) {
status := statusMessage(ocsp.Good)
expected := "Good"
if status != expected {
t.Errorf("expected %q, got %q", expected, status)
}
}
func TestRevocationReason(t *testing.T) {
reason := revocationReason(ocsp.KeyCompromise)
expected := "Key compromise"
if reason != expected {
t.Errorf("expected %q, got %q", expected, reason)
}
}