diff options
Diffstat (limited to 'configserver/src/test/java/com/yahoo/vespa/config/server/tenant/EndpointCertificateMetadataStoreTest.java')
-rw-r--r-- | configserver/src/test/java/com/yahoo/vespa/config/server/tenant/EndpointCertificateMetadataStoreTest.java | 27 |
1 files changed, 21 insertions, 6 deletions
diff --git a/configserver/src/test/java/com/yahoo/vespa/config/server/tenant/EndpointCertificateMetadataStoreTest.java b/configserver/src/test/java/com/yahoo/vespa/config/server/tenant/EndpointCertificateMetadataStoreTest.java index 5193e23fce0..d71eab25ce3 100644 --- a/configserver/src/test/java/com/yahoo/vespa/config/server/tenant/EndpointCertificateMetadataStoreTest.java +++ b/configserver/src/test/java/com/yahoo/vespa/config/server/tenant/EndpointCertificateMetadataStoreTest.java @@ -7,11 +7,23 @@ import com.yahoo.config.provision.ApplicationName; import com.yahoo.config.provision.InstanceName; import com.yahoo.config.provision.TenantName; import com.yahoo.path.Path; +import com.yahoo.security.KeyAlgorithm; +import com.yahoo.security.KeyUtils; +import com.yahoo.security.SignatureAlgorithm; +import com.yahoo.security.X509CertificateBuilder; +import com.yahoo.security.X509CertificateUtils; import com.yahoo.vespa.config.server.MockSecretStore; import com.yahoo.vespa.curator.mock.MockCurator; import org.junit.Before; import org.junit.Test; +import javax.security.auth.x500.X500Principal; +import java.math.BigInteger; +import java.security.KeyPair; +import java.security.cert.X509Certificate; +import java.time.Instant; +import java.time.temporal.ChronoUnit; + import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertTrue; @@ -26,6 +38,9 @@ public class EndpointCertificateMetadataStoreTest { private MockSecretStore secretStore = new MockSecretStore(); private EndpointCertificateMetadataStore endpointCertificateMetadataStore; private EndpointCertificateRetriever endpointCertificateRetriever; + private KeyPair keyPair = KeyUtils.generateKeypair(KeyAlgorithm.EC, 256); + private X509Certificate certificate = X509CertificateBuilder.fromKeypair(keyPair, new X500Principal("CN=subject"), + Instant.now(), Instant.now().plus(1, ChronoUnit.DAYS), SignatureAlgorithm.SHA512_WITH_ECDSA, BigInteger.valueOf(12345)).build(); @Before public void setUp() { @@ -33,8 +48,8 @@ public class EndpointCertificateMetadataStoreTest { endpointCertificateMetadataStore = new EndpointCertificateMetadataStore(curator, tenantPath); endpointCertificateRetriever = new EndpointCertificateRetriever(secretStore); - secretStore.put("vespa.tlskeys.tenant1--app1-cert", "CERT"); - secretStore.put("vespa.tlskeys.tenant1--app1-key", "KEY"); + secretStore.put("vespa.tlskeys.tenant1--app1-cert", X509CertificateUtils.toPem(certificate)); + secretStore.put("vespa.tlskeys.tenant1--app1-key", KeyUtils.toPem(keyPair.getPrivate())); } @Test @@ -45,8 +60,8 @@ public class EndpointCertificateMetadataStoreTest { var endpointCertificateSecrets = endpointCertificateMetadataStore.readEndpointCertificateMetadata(applicationId) .flatMap(endpointCertificateRetriever::readEndpointCertificateSecrets); assertTrue(endpointCertificateSecrets.isPresent()); - assertEquals("KEY", endpointCertificateSecrets.get().key()); - assertEquals("CERT", endpointCertificateSecrets.get().certificate()); + assertTrue(endpointCertificateSecrets.get().key().startsWith("-----BEGIN EC PRIVATE KEY")); + assertTrue(endpointCertificateSecrets.get().certificate().startsWith("-----BEGIN CERTIFICATE")); } @Test @@ -59,8 +74,8 @@ public class EndpointCertificateMetadataStoreTest { var secrets = endpointCertificateMetadataStore.readEndpointCertificateMetadata(applicationId) .flatMap(endpointCertificateRetriever::readEndpointCertificateSecrets); assertTrue(secrets.isPresent()); - assertEquals("KEY", secrets.get().key()); - assertEquals("CERT", secrets.get().certificate()); + assertTrue(secrets.get().key().startsWith("-----BEGIN EC PRIVATE KEY")); + assertTrue(secrets.get().certificate().startsWith("-----BEGIN CERTIFICATE")); } @Test |