Skip to content

Commit

Permalink
Adding canned CSRs, tests
Browse files Browse the repository at this point in the history
Signed-off-by: Richard Zak <richard@profian.com>
  • Loading branch information
rjzak committed Nov 2, 2022
1 parent 95d1b11 commit 53336d4
Show file tree
Hide file tree
Showing 3 changed files with 33 additions and 3 deletions.
Binary file added src/ext/sgx/icelake.csr
Binary file not shown.
Binary file added src/ext/snp/milan.csr
Binary file not shown.
36 changes: 33 additions & 3 deletions src/main.rs
Original file line number Diff line number Diff line change
Expand Up @@ -511,15 +511,14 @@ mod tests {
use der::{AnyRef, Encode};
use x509::attr::Attribute;
use x509::request::{CertReq, CertReqInfo, ExtensionReq};
#[cfg(feature = "insecure")]
use x509::PkiPath;
use x509::{ext::Extension, name::RdnSequence};

#[cfg(feature = "insecure")]
use axum::response::Response;
use http::header::CONTENT_TYPE;
use http::Request;
use hyper::Body;
#[cfg(feature = "insecure")]
use rstest::rstest;
use tower::ServiceExt; // for `app.oneshot()`

Expand Down Expand Up @@ -586,7 +585,6 @@ mod tests {
}
}

#[cfg(feature = "insecure")]
async fn attest_response(state: State, response: Response, multi: bool) {
let body = hyper::body::to_bytes(response.into_body()).await.unwrap();

Expand Down Expand Up @@ -714,6 +712,22 @@ mod tests {
assert_eq!(output.issued.len(), five_crs.len());
}

#[tokio::test]
async fn sgx_canned_csr() {
let csr = include_bytes!("ext/sgx/icelake.csr");

let request = Request::builder()
.method("POST")
.uri("/")
.header(CONTENT_TYPE, PKCS10)
.body(Body::from(Bytes::from(csr.as_slice())))
.unwrap();

let response = app(certificates_state()).oneshot(request).await.unwrap();
assert_eq!(response.status(), StatusCode::OK);
attest_response(certificates_state(), response, false).await;
}

#[cfg(feature = "insecure")]
#[rstest]
#[case(PKCS10, false)]
Expand Down Expand Up @@ -773,6 +787,22 @@ mod tests {
}
}

#[tokio::test]
async fn snp_canned_csr() {
let csr = include_bytes!("ext/snp/milan.csr");

let request = Request::builder()
.method("POST")
.uri("/")
.header(CONTENT_TYPE, PKCS10)
.body(Body::from(Bytes::from(csr.as_slice())))
.unwrap();

let response = app(certificates_state()).oneshot(request).await.unwrap();
assert_eq!(response.status(), StatusCode::OK);
attest_response(certificates_state(), response, false).await;
}

#[cfg(feature = "insecure")]
#[rstest]
#[case(PKCS10, false)]
Expand Down

0 comments on commit 53336d4

Please sign in to comment.