Add loadprivatekey test (#987)

ansible · Apr 9, 2024 · d41baaf · d41baaf
1 parent 245080d
commit d41baaf
Show file tree

Hide file tree

Showing 5 changed files with 92 additions and 5 deletions.
diff --git a/pkg/certificates/ca.go b/pkg/certificates/ca.go
@@ -222,8 +222,8 @@ func LoadRequest(filename string) (*x509.CertificateRequest, error) {
 }
 
 // LoadPrivateKey loads a single RSA private key from a file.
-func LoadPrivateKey(filename string) (*rsa.PrivateKey, error) {
-	data, err := LoadFromPEMFile(filename, &OsWrapper{})
+func LoadPrivateKey(filename string, osWrapper Oser) (*rsa.PrivateKey, error) {
+	data, err := LoadFromPEMFile(filename, osWrapper)
 	if err != nil {
 		return nil, err
 	}

diff --git a/pkg/certificates/ca_test.go b/pkg/certificates/ca_test.go
@@ -1222,3 +1222,90 @@ LykGKfMCYVBP+xs97IJO8En/5N9QQwc+N4cfCg9/BWoZKHPbRx/V+57VEj0m69Ep
 JXbL15ZQLCPsaIcqJqpK23VyJKc8fDEA
 -----END PKCS7-----`)
 }
+
+func TestLoadPrivateKey(t *testing.T) {
+	type args struct {
+		filename string
+	}
+
+	positivePrivateKeyFilename := "private_key_test_filename"
+
+	errorSettingUpTypeFormatString := "Error setting up %s: %v"
+
+	goodPrivateKey, err := setupGoodPrivateKey()
+	if err != nil {
+		t.Errorf(errorSettingUpTypeFormatString, "private key", err)
+	}
+
+	negativeMultipleItemFilename := "negative_multiple_item_test"
+	multiplePrivateKeys := setupGoodPrivateKeyPEMData()
+	multiplePrivateKeys = append(multiplePrivateKeys, multiplePrivateKeys[0])
+
+	negativeNoPrivateKeyFilename := "negative_no_private_key_test"
+	noPrivateKey := []byte{
+		0, 0, 0, 0, 0,
+	}
+
+	tests := []struct {
+		name                   string
+		args                   args
+		wantOserReadfileArg    string
+		wantOserReadfileResult []byte
+		want                   *rsa.PrivateKey
+		wantErr                bool
+	}{
+		{
+			name: "Positive Private Key",
+			args: args{
+				filename: positivePrivateKeyFilename,
+			},
+			wantOserReadfileArg:    positivePrivateKeyFilename,
+			wantOserReadfileResult: setupGoodPrivateKeyPEMData(),
+			want:                   goodPrivateKey,
+			wantErr:                false,
+		},
+		{
+			name: "Negative multi item test",
+			args: args{
+				filename: negativeMultipleItemFilename,
+			},
+			wantOserReadfileArg:    negativeMultipleItemFilename,
+			wantOserReadfileResult: multiplePrivateKeys,
+			want:                   nil,
+			wantErr:                true,
+		},
+		{
+			name: "Negative no private key test",
+			args: args{
+				filename: negativeNoPrivateKeyFilename,
+			},
+			wantOserReadfileArg:    negativeNoPrivateKeyFilename,
+			wantOserReadfileResult: noPrivateKey,
+			want:                   nil,
+			wantErr:                true,
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			ctrl := gomock.NewController(t)
+			defer ctrl.Finish()
+
+			o := mock_certificates.NewMockOser(ctrl)
+			o.
+				EXPECT().
+				ReadFile(gomock.Eq(tt.wantOserReadfileArg)).
+				Return(tt.wantOserReadfileResult, nil).
+				Times(1)
+
+			got, err := certificates.LoadPrivateKey(tt.args.filename, o)
+			if (err != nil) != tt.wantErr {
+				t.Errorf("LoadPrivateKey() error = %v, wantErr %v", err, tt.wantErr)
+
+				return
+			}
+			if !reflect.DeepEqual(got, tt.want) {
+				t.Errorf("LoadPrivateKey() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}
diff --git a/pkg/certificates/cli.go b/pkg/certificates/cli.go
@@ -158,7 +158,7 @@ func SignReq(opts *CertOptions, caCrtPath, caKeyPath, reqPath, certOut string, v
 	if err != nil {
 		return err
 	}
-	ca.PrivateKey, err = LoadPrivateKey(caKeyPath)
+	ca.PrivateKey, err = LoadPrivateKey(caKeyPath, &OsWrapper{})
 	if err != nil {
 		return err
 	}

diff --git a/pkg/workceptor/workceptor.go b/pkg/workceptor/workceptor.go
@@ -184,7 +184,7 @@ func (w *Workceptor) createSignature(nodeID string) (string, error) {
 		ExpiresAt: jwt.NewNumericDate(exp),
 		Audience:  []string{nodeID},
 	}
-	rsaPrivateKey, err := certificates.LoadPrivateKey(w.SigningKey)
+	rsaPrivateKey, err := certificates.LoadPrivateKey(w.SigningKey, &certificates.OsWrapper{})
 	if err != nil {
 		return "", fmt.Errorf("could not load signing key file: %s", err.Error())
 	}

diff --git a/tests/utils/common.go b/tests/utils/common.go
@@ -95,7 +95,7 @@ func GenerateCertWithCA(name, caKeyPath, caCrtPath, commonName string, dnsNames,
 	if err != nil {
 		return "", "", err
 	}
-	CA.PrivateKey, err = certificates.LoadPrivateKey(caKeyPath)
+	CA.PrivateKey, err = certificates.LoadPrivateKey(caKeyPath, &certificates.OsWrapper{})
 	if err != nil {
 		return "", "", err
 	}