MCPcopy
hub / github.com/ContainerSSH/ContainerSSH / TestMutuallyAuthenticatedFailure

Function TestMutuallyAuthenticatedFailure

http/integration_test.go:188–235  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

186}
187
188func TestMutuallyAuthenticatedFailure(t *testing.T) {
189 caPrivKey, caCert, caCertBytes, err := createCA()
190 if err != nil {
191 assert.Fail(t, "failed to create CA", err)
192 return
193 }
194 serverPrivKey, serverCert, err := createSignedCert(
195 []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
196 caPrivKey,
197 caCert,
198 )
199 if err != nil {
200 assert.Fail(t, "failed to create server cert", err)
201 return
202 }
203
204 clientCaPriv, clientCaCert, _, err := createCA()
205 if err != nil {
206 assert.Fail(t, "failed to create client CA", err)
207 return
208 }
209 clientPrivKey, clientCert, err := createSignedCert(
210 []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth},
211 clientCaPriv,
212 clientCaCert,
213 )
214 if err != nil {
215 assert.Fail(t, "failed to create server cert", err)
216 return
217 }
218
219 clientConfig, serverConfig := createClientServerConfig(t)
220 clientConfig.URL = "https://127.0.0.1:8080"
221 clientConfig.CACert = string(caCertBytes)
222 clientConfig.ClientCert = string(clientCert)
223 clientConfig.ClientKey = string(clientPrivKey)
224 serverConfig.Key = string(serverPrivKey)
225 serverConfig.Cert = string(serverCert)
226 //Pass wrong client CA cert to test failure
227 serverConfig.ClientCACert = string(caCertBytes)
228
229 message := "Hi"
230
231 if _, _, err = runRequest(clientConfig, serverConfig, t, message); err == nil {
232 assert.Fail(t, "Client request with invalid CA verification did not fail.")
233 return
234 }
235}
236
237func createCA() (*rsa.PrivateKey, *x509.Certificate, []byte, error) {
238 ca := &x509.Certificate{

Callers

nothing calls this directly

Calls 5

createCAFunction · 0.85
createSignedCertFunction · 0.85
createClientServerConfigFunction · 0.85
runRequestFunction · 0.85
FailMethod · 0.80

Tested by

no test coverage detected