Repository: kudu Updated Branches: refs/heads/master b7b418b5e -> 54f529dd4
[security] clean-up on cert_management-test.cc A minor clean-up on cert-related tests: moved other than X509 CSR-related tests from cert_management-test.cc into cert-test.cc. Also, removed duplicated key-specific tests from cert_management.cc: they are in crypto-test.cc now (probably, the duplication was the result of merge conflicts resolution). There are no functional changes in this patch. Change-Id: I3e42d8545e783fbc657de9bf2d4d231265cf3f3f Reviewed-on: http://gerrit.cloudera.org:8080/5937 Reviewed-by: Alexey Serbin <[email protected]> Tested-by: Kudu Jenkins Project: http://git-wip-us.apache.org/repos/asf/kudu/repo Commit: http://git-wip-us.apache.org/repos/asf/kudu/commit/54f529dd Tree: http://git-wip-us.apache.org/repos/asf/kudu/tree/54f529dd Diff: http://git-wip-us.apache.org/repos/asf/kudu/diff/54f529dd Branch: refs/heads/master Commit: 54f529dd40f1690b078e570bb340c06c336f9979 Parents: b7b418b Author: Alexey Serbin <[email protected]> Authored: Tue Feb 7 21:58:02 2017 -0800 Committer: Alexey Serbin <[email protected]> Committed: Wed Feb 8 22:04:42 2017 +0000 ---------------------------------------------------------------------- src/kudu/security/ca/cert_management-test.cc | 62 ----------------------- src/kudu/security/cert-test.cc | 22 ++++++++ 2 files changed, 22 insertions(+), 62 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/kudu/blob/54f529dd/src/kudu/security/ca/cert_management-test.cc ---------------------------------------------------------------------- diff --git a/src/kudu/security/ca/cert_management-test.cc b/src/kudu/security/ca/cert_management-test.cc index 6a9c7a9..e2b2552 100644 --- a/src/kudu/security/ca/cert_management-test.cc +++ b/src/kudu/security/ca/cert_management-test.cc @@ -21,7 +21,6 @@ #include <utility> #include <vector> -#include "kudu/gutil/strings/strip.h" #include "kudu/gutil/strings/substitute.h" #include "kudu/gutil/strings/util.h" #include "kudu/security/cert.h" @@ -96,67 +95,6 @@ class CertManagementTest : public KuduTest { PrivateKey ca_exp_private_key_; }; -// Check input/output of RSA private keys in PEM format. -TEST_F(CertManagementTest, RsaPrivateKeyInputOutputPEM) { - const auto& key = ca_private_key_; - string key_str; - key.ToString(&key_str, DataFormat::PEM); - RemoveExtraWhitespace(&key_str); - - string ca_input_key(kCaPrivateKey); - RemoveExtraWhitespace(&ca_input_key); - EXPECT_EQ(ca_input_key, key_str); -} - -// Check input/output of RSA public keys in PEM format. -TEST_F(CertManagementTest, RsaPublicKeyInputOutputPEM) { - const auto& key = ca_public_key_; - string str_key; - key.ToString(&str_key, DataFormat::PEM); - RemoveExtraWhitespace(&str_key); - - string ref_str_key(kCaPublicKey); - RemoveExtraWhitespace(&ref_str_key); - EXPECT_EQ(ref_str_key, str_key); -} - -// Check extraction of the public part out from RSA private keys par. -TEST_F(CertManagementTest, RsaExtractPublicPartFromPrivateKey) { - // Load the reference RSA private key. - const PrivateKey& private_key = ca_private_key_; - - PublicKey public_key; - ASSERT_OK(private_key.GetPublicKey(&public_key)); - string str_public_key; - public_key.ToString(&str_public_key, DataFormat::PEM); - RemoveExtraWhitespace(&str_public_key); - - string ref_str_public_key(kCaPublicKey); - RemoveExtraWhitespace(&ref_str_public_key); - EXPECT_EQ(ref_str_public_key, str_public_key); -} - -// Check input/output of the X509 certificates in PEM format. -TEST_F(CertManagementTest, CertInputOutputPEM) { - const Cert& cert = ca_cert_; - string cert_str; - cert.ToString(&cert_str, DataFormat::PEM); - RemoveExtraWhitespace(&cert_str); - - string ca_input_cert(kCaCert); - RemoveExtraWhitespace(&ca_input_cert); - EXPECT_EQ(ca_input_cert, cert_str); -} - -// Check that Cert behaves in a predictable way if given invalid PEM data. -TEST_F(CertManagementTest, CertInvalidInput) { - // Providing files which guaranteed to exists, but do not contain valid data. - // This is to make sure the init handles that situation correctly and - // does not choke on the wrong input data. - Cert c; - ASSERT_FALSE(c.FromFile("/bin/sh", DataFormat::PEM).ok()); -} - // Check for basic SAN-related constraints while initializing // CertRequestGenerator objects. TEST_F(CertManagementTest, RequestGeneratorSanConstraints) { http://git-wip-us.apache.org/repos/asf/kudu/blob/54f529dd/src/kudu/security/cert-test.cc ---------------------------------------------------------------------- diff --git a/src/kudu/security/cert-test.cc b/src/kudu/security/cert-test.cc index f0d88bb..d3883a1 100644 --- a/src/kudu/security/cert-test.cc +++ b/src/kudu/security/cert-test.cc @@ -17,6 +17,7 @@ #include <utility> +#include "kudu/gutil/strings/strip.h" #include "kudu/security/cert.h" #include "kudu/security/crypto.h" #include "kudu/security/openssl_util.h" @@ -56,6 +57,27 @@ class CertTest : public KuduTest { PrivateKey ca_exp_private_key_; }; +// Check input/output of the X509 certificates in PEM format. +TEST_F(CertTest, CertInputOutputPEM) { + const Cert& cert = ca_cert_; + string cert_str; + cert.ToString(&cert_str, DataFormat::PEM); + RemoveExtraWhitespace(&cert_str); + + string ca_input_cert(kCaCert); + RemoveExtraWhitespace(&ca_input_cert); + EXPECT_EQ(ca_input_cert, cert_str); +} + +// Check that Cert behaves in a predictable way if given invalid PEM data. +TEST_F(CertTest, CertInvalidInput) { + // Providing files which guaranteed to exists, but do not contain valid data. + // This is to make sure the init handles that situation correctly and + // does not choke on the wrong input data. + Cert c; + ASSERT_FALSE(c.FromFile("/bin/sh", DataFormat::PEM).ok()); +} + // Check X509 certificate/private key matching: match cases. TEST_F(CertTest, CertMatchesRsaPrivateKey) { const pair<const Cert*, const PrivateKey*> cases[] = {
