letsencrypt: Tests for load/save RSA keys and redirPlaintextHost

2025-11-04 03:27:23 -05:00 · 2015-10-17 23:35:59 -06:00 · 2015-10-17 23:35:59 -06:00 · 8cd6b8aa99
commit 8cd6b8aa99
parent da8a4fafcc
3 changed files with 91 additions and 4 deletions
--- a/config/letsencrypt/crypto_test.go
+++ b/config/letsencrypt/crypto_test.go
@ -0,0 +1,40 @@
+package letsencrypt
+
+import (
+	"bytes"
+	"crypto/rand"
+	"crypto/rsa"
+	"crypto/x509"
+	"encoding/pem"
+	"os"
+	"testing"
+)
+
+func TestSaveAndLoadRSAPrivateKey(t *testing.T) {
+	keyFile := "test.key"
+	defer os.Remove(keyFile)
+
+	privateKey, err := rsa.GenerateKey(rand.Reader, 256) // small key size is OK for testing
+	if err != nil {
+		t.Fatal(err)
+	}
+	privateKeyPEM := pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(privateKey)}
+
+	// test save
+	err = saveRSAPrivateKey(privateKey, keyFile)
+	if err != nil {
+		t.Fatal("error saving private key:", err)
+	}
+
+	// test load
+	loadedKey, err := loadRSAPrivateKey(keyFile)
+	if err != nil {
+		t.Error("error loading private key:", err)
+	}
+	loadedKeyPEM := pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(loadedKey)}
+
+	// very loaded key is correct
+	if !bytes.Equal(loadedKeyPEM.Bytes, privateKeyPEM.Bytes) {
+		t.Error("Expected key bytes to be the same, but they weren't")
+	}
+}
--- a/config/letsencrypt/letsencrypt_test.go
+++ b/config/letsencrypt/letsencrypt_test.go
@ -0,0 +1,51 @@
+package letsencrypt
+
+import (
+	"net/http"
+	"testing"
+
+	"github.com/mholt/caddy/middleware/redirect"
+	"github.com/mholt/caddy/server"
+)
+
+func TestRedirPlaintextHost(t *testing.T) {
+	cfg := redirPlaintextHost(server.Config{
+		Host: "example.com",
+		Port: "http",
+	})
+
+	// Check host and port
+	if actual, expected := cfg.Host, "example.com"; actual != expected {
+		t.Errorf("Expected redir config to have host %s but got %s", expected, actual)
+	}
+	if actual, expected := cfg.Port, "http"; actual != expected {
+		t.Errorf("Expected redir config to have port '%s' but got '%s'", expected, actual)
+	}
+
+	// Make sure redirect handler is set up properly
+	if cfg.Middleware == nil || len(cfg.Middleware["/"]) != 1 {
+		t.Fatalf("Redir config middleware not set up properly; got: %#v", cfg.Middleware)
+	}
+
+	handler, ok := cfg.Middleware["/"][0](nil).(redirect.Redirect)
+	if !ok {
+		t.Fatalf("Expected a redirect.Redirect middleware, but got: %#v", handler)
+	}
+	if len(handler.Rules) != 1 {
+		t.Fatalf("Expected one redirect rule, got: %#v", handler.Rules)
+	}
+
+	// Check redirect rule for correctness
+	if actual, expected := handler.Rules[0].FromScheme, "http"; actual != expected {
+		t.Errorf("Expected redirect rule to be from scheme '%s' but is actually from '%s'", expected, actual)
+	}
+	if actual, expected := handler.Rules[0].FromPath, "/"; actual != expected {
+		t.Errorf("Expected redirect rule to be for path '%s' but is actually for '%s'", expected, actual)
+	}
+	if actual, expected := handler.Rules[0].To, "https://example.com{uri}"; actual != expected {
+		t.Errorf("Expected redirect rule to be to URL '%s' but is actually to '%s'", expected, actual)
+	}
+	if actual, expected := handler.Rules[0].Code, http.StatusMovedPermanently; actual != expected {
+		t.Errorf("Expected redirect rule to have code %d but was %d", expected, actual)
+	}
+}
--- a/config/letsencrypt/storage.go
+++ b/config/letsencrypt/storage.go
@ -16,10 +16,6 @@ var storage = Storage(filepath.Join(app.DataFolder(), "letsencrypt"))
 // forming file paths derived from it.
 type Storage string

-func (s Storage) Path(parts ...string) string {
-	return filepath.Join(append([]string{string(s)}, parts...)...)
-}
-
 // Sites gets the directory that stores site certificate and keys.
 func (s Storage) Sites() string {
 	return filepath.Join(string(s), "sites")