diff options
| author | Brice Figureau <brice-puppet@daysofwonder.com> | 2009-12-28 19:41:24 +0100 |
|---|---|---|
| committer | James Turnbull <james@lovedthanlost.net> | 2010-01-18 23:17:21 +1100 |
| commit | a9fb82b0026e75a670fec553b17de3b0f091c2a5 (patch) | |
| tree | 26ef68872617a636115ff10dea90e1f71d776a88 /spec/unit/ssl/certificate_authority.rb | |
| parent | a967b93a51ce509cf8631d78b8be8d4ab6da5657 (diff) | |
| download | puppet-a9fb82b0026e75a670fec553b17de3b0f091c2a5.tar.gz puppet-a9fb82b0026e75a670fec553b17de3b0f091c2a5.tar.xz puppet-a9fb82b0026e75a670fec553b17de3b0f091c2a5.zip | |
Feature #2839 - fingerprint certificate
This patch adds two things:
* certificate fingerprinting in --list mode
* a puppetca action called "--fingerprint" to display fingerprints
of given certificates
It is also possible to use --digest to specify a specific digest
algorithm.
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
Diffstat (limited to 'spec/unit/ssl/certificate_authority.rb')
| -rwxr-xr-x | spec/unit/ssl/certificate_authority.rb | 38 |
1 files changed, 35 insertions, 3 deletions
diff --git a/spec/unit/ssl/certificate_authority.rb b/spec/unit/ssl/certificate_authority.rb index 80114300e..6c917ff2d 100755 --- a/spec/unit/ssl/certificate_authority.rb +++ b/spec/unit/ssl/certificate_authority.rb @@ -532,9 +532,9 @@ describe Puppet::SSL::CertificateAuthority do lambda { @ca.apply(:generate) }.should raise_error(ArgumentError) end - it "should create an Interface instance with the specified method and the subjects" do - Puppet::SSL::CertificateAuthority::Interface.expects(:new).with(:generate, :hosts).returns(stub('applier', :apply => nil)) - @ca.apply(:generate, :to => :hosts) + it "should create an Interface instance with the specified method and the options" do + Puppet::SSL::CertificateAuthority::Interface.expects(:new).with(:generate, :to => :host).returns(stub('applier', :apply => nil)) + @ca.apply(:generate, :to => :host) end it "should apply the Interface with itself as the argument" do @@ -583,6 +583,38 @@ describe Puppet::SSL::CertificateAuthority do end end + describe "and fingerprinting certificates" do + before :each do + @der = stub 'der', :to_der => "DER" + @cert = stub 'cert', :name => "cert", :content => @der + Puppet::SSL::Certificate.stubs(:find).with("myhost").returns @cert + OpenSSL::Digest.stubs(:constants).returns ["MD5", "DIGEST"] + end + + it "should raise an error if the certificate cannot be found" do + Puppet::SSL::Certificate.expects(:find).with("myhost").returns nil + lambda { @ca.fingerprint("myhost") }.should raise_error + end + + it "should digest the certificate DER value and return a ':' seperated nibblet string" do + OpenSSL::Digest.expects(:hexdigest).with("MD5", "DER").returns "digest" + + @ca.fingerprint("myhost").should == "DI:GE:ST" + end + + it "should raise an error if the digest algorithm is not defined" do + OpenSSL::Digest.expects(:constants).returns [] + + lambda { @ca.fingerprint("myhost") }.should raise_error + end + + it "should use the given digest algorithm" do + OpenSSL::Digest.expects(:hexdigest).with("DIGEST", "DER").returns "digest" + + @ca.fingerprint("myhost", :digest).should == "DI:GE:ST" + end + end + describe "and verifying certificates" do before do @store = stub 'store', :verify => true, :add_file => nil, :purpose= => nil, :add_crl => true, :flags= => nil |