config: extend validity of testdata certs (#186)

Signed-off-by: Simon Pasquier <[email protected]>

Author: simonpasquier

config/http_config_test.go

@@ -39,9 +39,9 @@ const (
 	TLSCAChainPath        = "testdata/tls-ca-chain.pem"
 	ServerCertificatePath = "testdata/server.crt"
 	ServerKeyPath         = "testdata/server.key"
-	BarneyCertificatePath = "testdata/barney.crt"
-	BarneyKeyNoPassPath   = "testdata/barney-no-pass.key"
-	InvalidCA             = "testdata/barney-no-pass.key"
+	ClientCertificatePath = "testdata/client.crt"
+	ClientKeyNoPassPath   = "testdata/client-no-pass.key"
+	InvalidCA             = "testdata/client-no-pass.key"
 	WrongClientCertPath   = "testdata/self-signed-client.crt"
 	WrongClientKeyPath    = "testdata/self-signed-client.key"
 	EmptyFile             = "testdata/empty"
@@ -113,8 +113,8 @@ func TestNewClientFromConfig(t *testing.T) {
 			clientConfig: HTTPClientConfig{
 				TLSConfig: TLSConfig{
 					CAFile:             "",
-					CertFile:           BarneyCertificatePath,
-					KeyFile:            BarneyKeyNoPassPath,
+					CertFile:           ClientCertificatePath,
+					KeyFile:            ClientKeyNoPassPath,
 					ServerName:         "",
 					InsecureSkipVerify: true},
 			},
@@ -125,8 +125,8 @@ func TestNewClientFromConfig(t *testing.T) {
 			clientConfig: HTTPClientConfig{
 				TLSConfig: TLSConfig{
 					CAFile:             TLSCAChainPath,
-					CertFile:           BarneyCertificatePath,
-					KeyFile:            BarneyKeyNoPassPath,
+					CertFile:           ClientCertificatePath,
+					KeyFile:            ClientKeyNoPassPath,
 					ServerName:         "",
 					InsecureSkipVerify: false},
 			},
@@ -138,8 +138,8 @@ func TestNewClientFromConfig(t *testing.T) {
 				BearerToken: BearerToken,
 				TLSConfig: TLSConfig{
 					CAFile:             TLSCAChainPath,
-					CertFile:           BarneyCertificatePath,
-					KeyFile:            BarneyKeyNoPassPath,
+					CertFile:           ClientCertificatePath,
+					KeyFile:            ClientKeyNoPassPath,
 					ServerName:         "",
 					InsecureSkipVerify: false},
 			},
@@ -157,8 +157,8 @@ func TestNewClientFromConfig(t *testing.T) {
 				BearerTokenFile: BearerTokenFile,
 				TLSConfig: TLSConfig{
 					CAFile:             TLSCAChainPath,
-					CertFile:           BarneyCertificatePath,
-					KeyFile:            BarneyKeyNoPassPath,
+					CertFile:           ClientCertificatePath,
+					KeyFile:            ClientKeyNoPassPath,
 					ServerName:         "",
 					InsecureSkipVerify: false},
 			},
@@ -179,8 +179,8 @@ func TestNewClientFromConfig(t *testing.T) {
 				},
 				TLSConfig: TLSConfig{
 					CAFile:             TLSCAChainPath,
-					CertFile:           BarneyCertificatePath,
-					KeyFile:            BarneyKeyNoPassPath,
+					CertFile:           ClientCertificatePath,
+					KeyFile:            ClientKeyNoPassPath,
 					ServerName:         "",
 					InsecureSkipVerify: false},
 			},
@@ -274,8 +274,8 @@ func TestMissingBearerAuthFile(t *testing.T) {
 		BearerTokenFile: MissingBearerTokenFile,
 		TLSConfig: TLSConfig{
 			CAFile:             TLSCAChainPath,
-			CertFile:           BarneyCertificatePath,
-			KeyFile:            BarneyKeyNoPassPath,
+			CertFile:           ClientCertificatePath,
+			KeyFile:            ClientKeyNoPassPath,
 			ServerName:         "",
 			InsecureSkipVerify: false},
 	}
@@ -361,8 +361,8 @@ func TestBearerAuthFileRoundTripper(t *testing.T) {
 func TestTLSConfig(t *testing.T) {
 	configTLSConfig := TLSConfig{
 		CAFile:             TLSCAChainPath,
-		CertFile:           BarneyCertificatePath,
-		KeyFile:            BarneyKeyNoPassPath,
+		CertFile:           ClientCertificatePath,
+		KeyFile:            ClientKeyNoPassPath,
 		ServerName:         "localhost",
 		InsecureSkipVerify: false}
 
@@ -384,17 +384,17 @@ func TestTLSConfig(t *testing.T) {
 		t.Fatalf("Can't create a new TLS Config from a configuration (%s).", err)
 	}
 
-	barneyCertificate, err := tls.LoadX509KeyPair(BarneyCertificatePath, BarneyKeyNoPassPath)
+	clientCertificate, err := tls.LoadX509KeyPair(ClientCertificatePath, ClientKeyNoPassPath)
 	if err != nil {
 		t.Fatalf("Can't load the client key pair ('%s' and '%s'). Reason: %s",
-			BarneyCertificatePath, BarneyKeyNoPassPath, err)
+			ClientCertificatePath, ClientKeyNoPassPath, err)
 	}
 	cert, err := tlsConfig.GetClientCertificate(nil)
 	if err != nil {
 		t.Fatalf("unexpected error returned by tlsConfig.GetClientCertificate(): %s", err)
 	}
-	if !reflect.DeepEqual(cert, &barneyCertificate) {
-		t.Fatalf("Unexpected client certificate result: \n\n%+v\n expected\n\n%+v", cert, barneyCertificate)
+	if !reflect.DeepEqual(cert, &clientCertificate) {
+		t.Fatalf("Unexpected client certificate result: \n\n%+v\n expected\n\n%+v", cert, clientCertificate)
 	}
 
 	// non-nil functions are never equal.
@@ -440,18 +440,18 @@ func TestTLSConfigInvalidCA(t *testing.T) {
 			configTLSConfig: TLSConfig{
 				CAFile:             "",
 				CertFile:           MissingCert,
-				KeyFile:            BarneyKeyNoPassPath,
+				KeyFile:            ClientKeyNoPassPath,
 				ServerName:         "",
 				InsecureSkipVerify: false},
-			errorMessage: fmt.Sprintf("unable to use specified client cert (%s) & key (%s):", MissingCert, BarneyKeyNoPassPath),
+			errorMessage: fmt.Sprintf("unable to use specified client cert (%s) & key (%s):", MissingCert, ClientKeyNoPassPath),
 		}, {
 			configTLSConfig: TLSConfig{
 				CAFile:             "",
-				CertFile:           BarneyCertificatePath,
+				CertFile:           ClientCertificatePath,
 				KeyFile:            MissingKey,
 				ServerName:         "",
 				InsecureSkipVerify: false},
-			errorMessage: fmt.Sprintf("unable to use specified client cert (%s) & key (%s):", BarneyCertificatePath, MissingKey),
+			errorMessage: fmt.Sprintf("unable to use specified client cert (%s) & key (%s):", ClientCertificatePath, MissingKey),
 		},
 	}
 
@@ -548,8 +548,8 @@ func TestBasicAuthPasswordFile(t *testing.T) {
 func getCertificateBlobs(t *testing.T) map[string][]byte {
 	files := []string{
 		TLSCAChainPath,
-		BarneyCertificatePath,
-		BarneyKeyNoPassPath,
+		ClientCertificatePath,
+		ClientKeyNoPassPath,
 		ServerCertificatePath,
 		ServerKeyPath,
 		WrongClientCertPath,
@@ -608,14 +608,14 @@ func TestTLSRoundTripper(t *testing.T) {
 		{
 			// Valid certs.
 			ca:   TLSCAChainPath,
-			cert: BarneyCertificatePath,
-			key:  BarneyKeyNoPassPath,
+			cert: ClientCertificatePath,
+			key:  ClientKeyNoPassPath,
 		},
 		{
 			// CA not matching.
-			ca:   BarneyCertificatePath,
-			cert: BarneyCertificatePath,
-			key:  BarneyKeyNoPassPath,
+			ca:   ClientCertificatePath,
+			cert: ClientCertificatePath,
+			key:  ClientKeyNoPassPath,
 
 			errMsg: "certificate signed by unknown authority",
 		},
@@ -630,32 +630,32 @@ func TestTLSRoundTripper(t *testing.T) {
 		{
 			// CA file empty
 			ca:   EmptyFile,
-			cert: BarneyCertificatePath,
-			key:  BarneyKeyNoPassPath,
+			cert: ClientCertificatePath,
+			key:  ClientKeyNoPassPath,
 
 			errMsg: "unable to use specified CA cert",
 		},
 		{
 			// cert file empty
 			ca:   TLSCAChainPath,
 			cert: EmptyFile,
-			key:  BarneyKeyNoPassPath,
+			key:  ClientKeyNoPassPath,
 
 			errMsg: "failed to find any PEM data in certificate input",
 		},
 		{
 			// key file empty
 			ca:   TLSCAChainPath,
-			cert: BarneyCertificatePath,
+			cert: ClientCertificatePath,
 			key:  EmptyFile,
 
 			errMsg: "failed to find any PEM data in key input",
 		},
 		{
 			// Valid certs again.
 			ca:   TLSCAChainPath,
-			cert: BarneyCertificatePath,
-			key:  BarneyKeyNoPassPath,
+			cert: ClientCertificatePath,
+			key:  ClientKeyNoPassPath,
 		},
 	}
 
@@ -745,8 +745,8 @@ func TestTLSRoundTripperRaces(t *testing.T) {
 
 	var c *http.Client
 	writeCertificate(bs, TLSCAChainPath, ca)
-	writeCertificate(bs, BarneyCertificatePath, cert)
-	writeCertificate(bs, BarneyKeyNoPassPath, key)
+	writeCertificate(bs, ClientCertificatePath, cert)
+	writeCertificate(bs, ClientKeyNoPassPath, key)
 	c, err = NewClientFromConfig(cfg, "test")
 	if err != nil {
 		t.Fatalf("Error creating HTTP Client: %v", err)
@@ -785,7 +785,7 @@ func TestTLSRoundTripperRaces(t *testing.T) {
 			tick := time.NewTicker(10 * time.Millisecond)
 			<-tick.C
 			if i%2 == 0 {
-				writeCertificate(bs, BarneyCertificatePath, ca)
+				writeCertificate(bs, ClientCertificatePath, ca)
 			} else {
 				writeCertificate(bs, TLSCAChainPath, ca)
 			}

config/testdata/barney-no-pass.key

@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQC307b8Il9zajKw
+mkOih8sfYI+O9gSTvvyQN7Bh+Bu6lLN+XhtRxt+ZqOHfqo30EuPmdScMrqregqup
+VPGKgfkXVP3hF5rYdWqZx4XOKdyxbaarZupkAv2gtVNEBSmVSj8urt5WZOJVnF7Q
+GmhCAHpx34L5CCPYDXJBd5ExLwGIByKxQNugor7dJx8ehmVkGKto01GWjgY+sPYp
+lV9KxvD49ygXYQ6VAqgt/V2EG/PMmT0/jUtmM2tYDFztPkSISJg0vB/f9zHlYIdD
+GjkBjngekAij77T93xEuouox25UtXmg6ApqvDVEiBxZmN5Dt70HBsQ+IftENEUoY
+8jhrImwBAgMBAAECggEBAJNlgjK3SPvdKlnqx9KZuagmH9YMs+zX1eG5lYdojqtT
+snzf7l3q7b1i6gIS2pHbV7uhMjd8EmwqMIStJKPfxaAMuSj0aWeo9lnp3wNJE7l8
+54hGFCkvMLjcy7Adx5L6HqFK++IgME9e+7M3iWNqyMNn6bfO7Ba/6V5PBi9+tmaf
+nZWqgY2Kf8A2iNnm9RvmiwQ42nsjVsKcXzGdBmFTp69ar/QWtk1dWDajUVw/NctM
+cs+IypPjZiAE3CgyyiLKzG9CWCjkfMEd14uxFE73q2SAG6RWYSnv1M3WOupAF0rP
+ll/NMXaMjLlq2q3B9v2ZAaojbbWlHLDdEpE/jwXkkwECgYEA5iWN7SGH8ZE6wDfO
+EYuTQKpqYt1WbCQxv77leuGcm1KlFYfV8LsB/9xiocVtGm7N126zuwfgzfkIZWQD
+KrpoFUkz1jUg+kHCqf4FO8hzR0By3hbdTImJQILtC/K3fHJtexFKiW82mb40lgYc
++Mk6Nb5CmL6VCX5u8MNBvD8WaLECgYEAzHofIneLLLqF2f2uVzF743CdgP1h0fPI
+BS3akp56/8qzQWNW+natJRxiTh2R8gdvB+P/UtEZR8E+FbSzZ4dIRrxIi44ew0Cr
+sROaP4LkaZFflKS/fD8S1M7yZQhussRoRWH0BDvM0hsu6UTGlESHX73b7js4AHpB
+2q4frJMTDFECgYBr2f2Aus3yLpTRr1Uqc7Y1/6aLXh4531xQ9yyjQUcaosgqJtXj
+Uj/Fn4m5NcPDN1nPM1mWtEJtQ97jZNL3GxPbpcpc/9jMbjTDZP8e3Pjo0xMBcMWU
+MH/Zc4GSr9O8xgL4QUokzbFQqwoJpCO/ks1skhSzb9x37oAe4+HSTd46gQKBgQCk
++9hJSCl8kpdTl5Nm+R9cGU6MeGXIMKnwO9pDOSpHX7cZCF1yw/Tan7dWDhfnMEZP
+GJC3ss1yDyLYArBK1WXk5SCnsalyo6ikvQtVOXixEUIMvo1eY8n++WetS4t+JGl5
+qhponBOcZ6CHSR3tHgoYnyloZFHAWOTv3FTkOttAsQKBgQCzWSO2TA4v/vIKIrSV
+Lf2cI51imcy/JCsYUU+o66VQ6QdIJlfamuAKaKYAwfJtHtZOzAgrh09JV3qEEtN5
+duBdXiuygAz8eHbqSoSe5FYgImI0BREDq8Zm3ArgUhv6S9aBeg/mS1W/5ZfmV2cT
+0MdlE8vUtcbDkmKpi7CaklzMNw==
+-----END PRIVATE KEY-----