1# Copyright 2015 gRPC authors. 2# 3# Licensed under the Apache License, Version 2.0 (the "License"); 4# you may not use this file except in compliance with the License. 5# You may obtain a copy of the License at 6# 7# http://www.apache.org/licenses/LICENSE-2.0 8# 9# Unless required by applicable law or agreed to in writing, software 10# distributed under the License is distributed on an "AS IS" BASIS, 11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12# See the License for the specific language governing permissions and 13# limitations under the License. 14 15require 'spec_helper' 16 17def load_test_certs 18 test_root = File.join(File.dirname(__FILE__), 'testdata') 19 files = ['ca.pem', 'server1.key', 'server1.pem'] 20 contents = files.map { |f| File.open(File.join(test_root, f)).read } 21 [contents[0], [{ private_key: contents[1], cert_chain: contents[2] }], false] 22end 23 24describe GRPC::Core::ServerCredentials do 25 Creds = GRPC::Core::ServerCredentials 26 XdsCreds = GRPC::Core::XdsServerCredentials 27 28 describe '#new' do 29 it 'can be constructed from a fake CA PEM, server PEM and a server key' do 30 creds = Creds.new('a', [{ private_key: 'a', cert_chain: 'b' }], false) 31 expect(creds).to_not be_nil 32 end 33 34 it 'can be constructed using the test certificates' do 35 certs = load_test_certs 36 expect { Creds.new(*certs) }.not_to raise_error 37 end 38 39 it 'cannot be constructed without a nil key_cert pair array' do 40 root_cert, _, _ = load_test_certs 41 blk = proc do 42 Creds.new(root_cert, nil, false) 43 end 44 expect(&blk).to raise_error 45 end 46 47 it 'cannot be constructed without any key_cert pairs' do 48 root_cert, _, _ = load_test_certs 49 blk = proc do 50 Creds.new(root_cert, [], false) 51 end 52 expect(&blk).to raise_error 53 end 54 55 it 'cannot be constructed without a server cert chain' do 56 root_cert, server_key, _ = load_test_certs 57 blk = proc do 58 Creds.new(root_cert, 59 [{ server_key: server_key, cert_chain: nil }], 60 false) 61 end 62 expect(&blk).to raise_error 63 end 64 65 it 'cannot be constructed without a server key' do 66 root_cert, _, _ = load_test_certs 67 blk = proc do 68 Creds.new(root_cert, 69 [{ server_key: nil, cert_chain: cert_chain }]) 70 end 71 expect(&blk).to raise_error 72 end 73 74 it 'can be constructed without a root_cret' do 75 _, cert_pairs, _ = load_test_certs 76 blk = proc { Creds.new(nil, cert_pairs, false) } 77 expect(&blk).to_not raise_error 78 end 79 80 it 'can be constructed with a fallback credential' do 81 _, cert_pairs, _ = load_test_certs 82 fallback = Creds.new(nil, cert_pairs, false) 83 blk = proc { XdsCreds.new(fallback) } 84 expect(&blk).to_not raise_error 85 end 86 87 it 'cannot be constructed with nil' do 88 blk = proc { XdsCreds.new(nil) } 89 expect(&blk).to raise_error TypeError, /expected grpc_server_credentials/ 90 end 91 92 it 'cannot be constructed with a non-C-extension object' do 93 not_a_fallback = 100 94 blk = proc { XdsCreds.new(not_a_fallback) } 95 expect(&blk).to raise_error TypeError, /expected grpc_server_credentials/ 96 end 97 98 it 'cannot be constructed with a non-ServerCredentials object' do 99 not_a_fallback = GRPC::Core::ChannelCredentials.new 100 blk = proc { XdsCreds.new(not_a_fallback) } 101 expect(&blk).to raise_error TypeError, /expected grpc_server_credentials/ 102 end 103 end 104end 105