testenv

package
v0.0.0-...-2920ad6 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 1, 2023 License: MIT Imports: 22 Imported by: 0

Documentation

Overview

Package testenv with managing certificates for testing

Package testenv for creating mosquitto testing environment This requires that the mosquitto broker is installed.

Package testenv with simulated services for authentication and directory

Index

Constants

View Source
const (
	MqttPortUnpw = 9883
	MqttPortCert = 9884
	MqttPortWS   = 9885
)

MQTT ports for test environment in the 9xxx range

View Source
const OUDevice = "iotdevice"
View Source
const OUPlugin = "plugin"

FIXME: These OU names must match that in certsetup on the server side

View Source
const ServerAddress = "127.0.0.1"

Variables

This section is empty.

Functions

func CreateCA

func CreateCA() (caCert *x509.Certificate, caKey *ecdsa.PrivateKey)

CreateCA generates the CA keys with certificate for testing not intended for production

func CreateTlsCert

func CreateTlsCert(cn string, ou string, isServer bool, clientKey *ecdsa.PrivateKey,
	caCert *x509.Certificate, caKey *ecdsa.PrivateKey) (tlscert *tls.Certificate)

CreateTlsCert generates the certificate with keys, signed by the CA, valid for 127.0.0.1 intended for testing, not for production

cn is the certificate common name, usually the client ID or server hostname
ou the organization
isServer if set allow key usage of ServerAuth instead of ClientAuth
clientKey is the client's private key for this certificate
caCert and caKey is the signing CA

func CreateX509Cert

func CreateX509Cert(cn string, ou string, isServer bool, pubKey *ecdsa.PublicKey,
	caCert *x509.Certificate, caKey *ecdsa.PrivateKey) (cert *x509.Certificate, derBytes []byte, err error)

CreateX509Cert generates a x509 certificate with keys, signed by the CA, valid for 127.0.0.1 intended for testing, not for production

cn is the certificate common name, usually the client ID or server hostname
ou the organization
isServer if set allow key usage of ServerAuth instead of ClientAuth
pubKey is the owner public key for this certificate
caCert and caKey is the signing CA

func SaveCerts

func SaveCerts(testCerts *TestCerts, certFolder string)

SaveCerts saves the given CA and mosquitto server key and certificates as PEM files If the certFolder doesn't exist it will be created with permissions 700

func StartMosquitto

func StartMosquitto(testCerts *TestCerts, configFolder string) (mqCmd *exec.Cmd, err error)

StartMosquitto create a test environment with a mosquitto broker on localhost for the given home folder This:

  1. Set logging to info
  2. create the cert/config folder if it doesn't exist
  3. Saves the CA, server and client certificates in the cert/config folder
  4. Generates a mosquitto configuration in the cert/config folder
  5. Launches a mosquitto broker for testing.

mqCmd.Process.Kill() to end the mosquitto broker

testCerts are the certificates to use.
configFolder to store certificates and configuration. Will be created if it doesn't exist.

Returns the mosquitto process, the temp folder for cleanup and error code in case of failure

func StartServices

func StartServices(certs *TestCerts) *http.Server

StartServices starts a TLS server and listens for auth and dir requests

func StopMosquitto

func StopMosquitto(cmd *exec.Cmd, tempFolder string)

StopMosquitto stops the mosquitto broker and cleans up the test environment

cmd is the command returned by StartMosquitto
tempFolder is the folder returned by StartMosquitto. This will be deleted. Use "" to keep it

Types

type TestCerts

type TestCerts struct {
	CaCert    *x509.Certificate
	CaKey     *ecdsa.PrivateKey
	ServerKey *ecdsa.PrivateKey
	DeviceKey *ecdsa.PrivateKey
	PluginKey *ecdsa.PrivateKey

	ServerCert *tls.Certificate
	PluginCert *tls.Certificate
	DeviceCert *tls.Certificate
}

TestCerts contain test certificates for CA, server and plugin (client)

func CreateCertBundle

func CreateCertBundle() TestCerts

CreateCertBundle creates new certificates for CA, Server, Plugin and Thing Device testing The server cert is valid for localhost only

this returns the x509 and tls certificates

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL