main
1# frozen_string_literal: true
2
3RSpec.describe Saml::Kit::Cli::Commands::Certificate do
4 describe 'keypair' do
5 let(:passphrase) { 'password' }
6
7 describe 'generating a pem' do
8 let(:command) { "certificate keypair --passphrase #{passphrase}" }
9
10 specify { expect(status).to be_success }
11 specify { expect(output).to include(passphrase) }
12 specify { expect(output).to include('-----BEGIN CERTIFICATE-----') }
13 specify { expect(output).to include('-----END CERTIFICATE-----') }
14 specify { expect(output).to include('-----BEGIN RSA PRIVATE KEY-----') }
15 specify { expect(output).to include('-----END RSA PRIVATE KEY-----') }
16 specify { expect(output).to include('Proc-Type: 4,ENCRYPTED') }
17 specify { expect(output).to include('DEK-Info: AES-256-CBC,') }
18 end
19
20 describe 'generating env format' do
21 let(:command) { "certificate keypair --passphrase #{passphrase} --format env" }
22
23 specify { expect(status).to be_success }
24 specify { expect(output).to include(passphrase) }
25 specify { expect(output).to include('X509_CERTIFICATE="-----BEGIN CERTIFICATE-----\n') }
26 specify { expect(output).to include('PRIVATE_KEY="-----BEGIN RSA PRIVATE KEY-----\nProc-Type: 4,ENCRYPTED\nDEK-Info: AES-256-CBC') }
27 end
28 end
29
30 describe 'dump' do
31 let(:command) { "certificate dump '#{base64_certificate}'" }
32 let(:base64_certificate) { x509.to_pem }
33 let(:x509) do
34 certificate = OpenSSL::X509::Certificate.new
35 key = OpenSSL::PKey::RSA.new(2048)
36 certificate.subject = certificate.issuer = OpenSSL::X509::Name.parse('/C=CA/ST=AB/L=Calgary/O=SamlKit/OU=SamlKit/CN=SamlKit')
37 certificate.not_before = Time.now
38 certificate.not_after = certificate.not_before + 30 * 24 * 60 * 60
39 certificate.public_key = key.public_key
40 certificate.serial = 0x0
41 certificate.version = 2
42 certificate.sign(key, OpenSSL::Digest::SHA256.new)
43 certificate
44 end
45
46 specify { expect(status).to be_success }
47 specify { expect(output).to include(x509.to_text) }
48 end
49end