From f6cef67c3dd1a1b7ac5f87d31c11b322e79411cf Mon Sep 17 00:00:00 2001 From: Marten Seemann Date: Fri, 11 Nov 2016 19:49:04 +0700 Subject: [PATCH] create interface for crypto.CertManager --- crypto/cert_manager.go | 18 +++++++++++++++--- crypto/cert_manager_test.go | 4 ++-- handshake/crypto_setup_client.go | 4 ++-- handshake/crypto_setup_client_test.go | 22 ++++++++++++++++++++-- 4 files changed, 39 insertions(+), 9 deletions(-) diff --git a/crypto/cert_manager.go b/crypto/cert_manager.go index 671c29859..79f97f06a 100644 --- a/crypto/cert_manager.go +++ b/crypto/cert_manager.go @@ -7,14 +7,26 @@ import ( ) // CertManager manages the certificates sent by the server -type CertManager struct { +type CertManager interface { + SetData([]byte) error + GetLeafCert() []byte +} + +type certManager struct { chain [][]byte } +var _ CertManager = &certManager{} + var errNoCertificateChain = errors.New("No certicifate chain loaded") +// NewCertManager creates a new CertManager +func NewCertManager() CertManager { + return &certManager{} +} + // SetData takes the byte-slice sent in the SHLO and decompresses it into the certificate chain -func (c *CertManager) SetData(data []byte) error { +func (c *certManager) SetData(data []byte) error { chain, err := decompressChain(data) if err != nil { return qerr.ProofInvalid @@ -26,7 +38,7 @@ func (c *CertManager) SetData(data []byte) error { // GetLeafCert returns the leaf certificate of the certificate chain // it errors if the certificate chain has not yet been set -func (c *CertManager) GetLeafCert() []byte { +func (c *certManager) GetLeafCert() []byte { if len(c.chain) == 0 { return nil } diff --git a/crypto/cert_manager_test.go b/crypto/cert_manager_test.go index 77192c6f5..53073043a 100644 --- a/crypto/cert_manager_test.go +++ b/crypto/cert_manager_test.go @@ -7,10 +7,10 @@ import ( ) var _ = Describe("Cert Manager", func() { - var cm *CertManager + var cm *certManager BeforeEach(func() { - cm = &CertManager{} + cm = NewCertManager().(*certManager) }) It("errors when given invalid data", func() { diff --git a/handshake/crypto_setup_client.go b/handshake/crypto_setup_client.go index d0fcc8e81..6d123f7c2 100644 --- a/handshake/crypto_setup_client.go +++ b/handshake/crypto_setup_client.go @@ -27,7 +27,7 @@ type cryptoSetupClient struct { nonc []byte diversificationNonce []byte lastSentCHLO []byte - certManager *crypto.CertManager + certManager crypto.CertManager } var _ crypto.AEAD = &cryptoSetupClient{} @@ -49,7 +49,7 @@ func NewCryptoSetupClient( connID: connID, version: version, cryptoStream: cryptoStream, - certManager: &crypto.CertManager{}, + certManager: crypto.NewCertManager(), }, nil } diff --git a/handshake/crypto_setup_client_test.go b/handshake/crypto_setup_client_test.go index 120992220..6b917482a 100644 --- a/handshake/crypto_setup_client_test.go +++ b/handshake/crypto_setup_client_test.go @@ -11,15 +11,32 @@ import ( . "github.com/onsi/gomega" ) +type mockCertManager struct { + setDataCalledWith []byte + leafCert []byte +} + +func (m *mockCertManager) SetData(data []byte) error { + m.setDataCalledWith = data + return nil +} + +func (m *mockCertManager) GetLeafCert() []byte { + return m.leafCert +} + var _ = Describe("Crypto setup", func() { var cs *cryptoSetupClient + var certManager *mockCertManager var stream *mockStream BeforeEach(func() { stream = &mockStream{} + certManager = &mockCertManager{} csInt, err := NewCryptoSetupClient(0, protocol.Version36, stream) Expect(err).ToNot(HaveOccurred()) cs = csInt.(*cryptoSetupClient) + cs.certManager = certManager }) Context("Reading SHLOs", func() { @@ -64,9 +81,10 @@ var _ = Describe("Crypto setup", func() { }) It("passes the certificates to the CertManager", func() { - tagMap[TagCERT] = []byte("invalid-cert") + tagMap[TagCERT] = []byte("cert") err := cs.handleREJMessage(tagMap) - Expect(err).To(MatchError(qerr.ProofInvalid)) + Expect(err).ToNot(HaveOccurred()) + Expect(certManager.setDataCalledWith).To(Equal(tagMap[TagCERT])) }) Context("Reading server configs", func() {