From 39e658b527771169d15dfe830a1ed2560b3ba026 Mon Sep 17 00:00:00 2001 From: Herman Slatman Date: Thu, 4 May 2023 15:52:49 +0200 Subject: [PATCH] Add test for `LogSSHCertificate` --- api/api_test.go | 35 ++++++++++++++++++++++++++++++++--- 1 file changed, 32 insertions(+), 3 deletions(-) diff --git a/api/api_test.go b/api/api_test.go index 24e77c75..4d850b54 100644 --- a/api/api_test.go +++ b/api/api_test.go @@ -29,13 +29,14 @@ import ( "github.com/go-chi/chi" "github.com/pkg/errors" sassert "github.com/stretchr/testify/assert" - "golang.org/x/crypto/ssh" - squarejose "gopkg.in/square/go-jose.v2" - + "github.com/stretchr/testify/require" "go.step.sm/crypto/jose" "go.step.sm/crypto/x509util" + "golang.org/x/crypto/ssh" + squarejose "gopkg.in/square/go-jose.v2" "github.com/smallstep/assert" + "github.com/smallstep/certificates/authority" "github.com/smallstep/certificates/authority/provisioner" "github.com/smallstep/certificates/errs" @@ -1657,3 +1658,31 @@ func TestProvisionersResponse_MarshalJSON(t *testing.T) { // MarshalJSON must not affect the struct properties itself sassert.Equal(t, expList, r.Provisioners) } + +const ( + fixtureECDSACertificate = `ecdsa-sha2-nistp256-cert-v01@openssh.com AAAAKGVjZHNhLXNoYTItbmlzdHAyNTYtY2VydC12MDFAb3BlbnNzaC5jb20AAAAgLnkvSk4odlo3b1R+RDw+LmorL3RkN354IilCIVFVen4AAAAIbmlzdHAyNTYAAABBBHjKHss8WM2ffMYlavisoLXR0I6UEIU+cidV1ogEH1U6+/SYaFPrlzQo0tGLM5CNkMbhInbyasQsrHzn8F1Rt7nHg5/tcSf9qwAAAAEAAAAGaGVybWFuAAAACgAAAAZoZXJtYW4AAAAAY8kvJwAAAABjyhBjAAAAAAAAAIIAAAAVcGVybWl0LVgxMS1mb3J3YXJkaW5nAAAAAAAAABdwZXJtaXQtYWdlbnQtZm9yd2FyZGluZwAAAAAAAAAWcGVybWl0LXBvcnQtZm9yd2FyZGluZwAAAAAAAAAKcGVybWl0LXB0eQAAAAAAAAAOcGVybWl0LXVzZXItcmMAAAAAAAAAAAAAAGgAAAATZWNkc2Etc2hhMi1uaXN0cDI1NgAAAAhuaXN0cDI1NgAAAEEE/ayqpPrZZF5uA1UlDt4FreTf15agztQIzpxnWq/XoxAHzagRSkFGkdgFpjgsfiRpP8URHH3BZScqc0ZDCTxhoQAAAGQAAAATZWNkc2Etc2hhMi1uaXN0cDI1NgAAAEkAAAAhAJuP1wCVwoyrKrEtHGfFXrVbRHySDjvXtS1tVTdHyqymAAAAIBa/CSSzfZb4D2NLP+eEmOOMJwSjYOiNM8fiOoAaqglI herman` +) + +func TestLogSSHCertificate(t *testing.T) { + + out, _, _, _, err := ssh.ParseAuthorizedKey([]byte(fixtureECDSACertificate)) + require.NoError(t, err) + + cert, ok := out.(*ssh.Certificate) + require.True(t, ok) + + w := httptest.NewRecorder() + rl := logging.NewResponseLogger(w) + LogSSHCertificate(rl, cert) + + sassert.Equal(t, 200, w.Result().StatusCode) + + fields := rl.Fields() + sassert.Equal(t, uint64(14376510277651266987), fields["serial"]) + sassert.Equal(t, []string{"herman"}, fields["principals"]) + sassert.Equal(t, "user", fields["certificate-type"]) + sassert.Equal(t, "2023-01-19T12:53:11+01:00", fields["valid-from"]) + sassert.Equal(t, "2023-01-20T04:54:11+01:00", fields["valid-to"]) + sassert.Equal(t, "ecdsa-sha2-nistp256-cert-v01@openssh.com AAAAKGVjZHNhLXNoYTItbmlzdHAyNTYtY2VydC12MDFAb3BlbnNzaC5jb20AAAAgLnkvSk4odlo3b1R+RDw+LmorL3RkN354IilCIVFVen4AAAAIbmlzdHAyNTYAAABBBHjKHss8WM2ffMYlavisoLXR0I6UEIU+cidV1ogEH1U6+/SYaFPrlzQo0tGLM5CNkMbhInbyasQsrHzn8F1Rt7nHg5/tcSf9qwAAAAEAAAAGaGVybWFuAAAACgAAAAZoZXJtYW4AAAAAY8kvJwAAAABjyhBjAAAAAAAAAIIAAAAVcGVybWl0LVgxMS1mb3J3YXJkaW5nAAAAAAAAABdwZXJtaXQtYWdlbnQtZm9yd2FyZGluZwAAAAAAAAAWcGVybWl0LXBvcnQtZm9yd2FyZGluZwAAAAAAAAAKcGVybWl0LXB0eQAAAAAAAAAOcGVybWl0LXVzZXItcmMAAAAAAAAAAAAAAGgAAAATZWNkc2Etc2hhMi1uaXN0cDI1NgAAAAhuaXN0cDI1NgAAAEEE/ayqpPrZZF5uA1UlDt4FreTf15agztQIzpxnWq/XoxAHzagRSkFGkdgFpjgsfiRpP8URHH3BZScqc0ZDCTxhoQAAAGQAAAATZWNkc2Etc2hhMi1uaXN0cDI1NgAAAEkAAAAhAJuP1wCVwoyrKrEtHGfFXrVbRHySDjvXtS1tVTdHyqymAAAAIBa/CSSzfZb4D2NLP+eEmOOMJwSjYOiNM8fiOoAaqglI", fields["certificate"]) + sassert.Equal(t, "256 SHA256:RvkDPGwl/G9d7LUFm1kmWhvOD9I/moPq4yxcb0STwr0 no comment (ECDSA-CERT)", fields["public-key"]) +}