Add unit tests and fix rootcerts creation bug

2 files changed, 177 insertions, 0 deletions

diff --git a/tests/lib/security/certificate.php b/tests/lib/security/certificate.php
new file mode 100644
index 00000000000..694d1f27011
--- /dev/null
+++ b/tests/lib/security/certificate.php
@@ -0,0 +1,90 @@
+<?php
+/**
+ * Copyright (c) 2014 Lukas Reschke <lukas@owncloud.com>
+ * This file is licensed under the Affero General Public License version 3 or
+ * later.
+ * See the COPYING-README file.
+*/
+
+use \OC\Security\Certificate;
+
+class CertificateTest extends \PHPUnit_Framework_TestCase {
+
+	/** @var Certificate That contains a valid certificate */
+	protected $goodCertificate;
+	/** @var Certificate That contains an invalid certificate */
+	protected $invalidCertificate;
+	/** @var Certificate That contains an expired certificate */
+	protected $expiredCertificate;
+
+	function setUp() {
+		$goodCertificate = file_get_contents(__DIR__.'/../../data/certificates/goodCertificate.crt');
+		$this->goodCertificate = new Certificate($goodCertificate, 'GoodCertificate');
+		$badCertificate = file_get_contents(__DIR__.'/../../data/certificates/badCertificate.crt');
+		$this->invalidCertificate = new Certificate($badCertificate, 'BadCertificate');
+		$expiredCertificate = file_get_contents(__DIR__.'/../../data/certificates/expiredCertificate.crt');
+		$this->expiredCertificate = new Certificate($expiredCertificate, 'ExpiredCertificate');
+	}
+
+	/**
+	 * @expectedException \Exception
+	 * @expectedExceptionMessage Certificate could not get parsed.
+	 */
+	function testBogusData() {
+		new Certificate('foo', 'bar');
+	}
+
+	function testGetName() {
+		$this->assertSame('GoodCertificate', $this->goodCertificate->getName());
+		$this->assertSame('BadCertificate', $this->invalidCertificate->getName());
+	}
+
+	function testGetCommonName() {
+		$this->assertSame('security.owncloud.com', $this->goodCertificate->getCommonName());
+		$this->assertSame(null, $this->invalidCertificate->getCommonName());
+	}
+
+	function testGetOrganization() {
+		$this->assertSame('ownCloud Inc.', $this->goodCertificate->getOrganization());
+		$this->assertSame('Internet Widgits Pty Ltd', $this->invalidCertificate->getOrganization());
+	}
+
+	function testGetSerial() {
+		$this->assertSame('7F:FF:FF:FF:FF:FF:FF:FF', $this->goodCertificate->getSerial());
+		$this->assertSame('7F:FF:FF:FF:FF:FF:FF:FF', $this->invalidCertificate->getSerial());
+	}
+
+	function testGetIssueDate() {
+		$this->assertEquals(new DateTime('2014-08-27 08:45:52'), $this->goodCertificate->getIssueDate());
+		$this->assertEquals(new DateTime('2014-08-27 08:48:51'), $this->invalidCertificate->getIssueDate());
+	}
+
+	function testGetExpireDate() {
+		$this->assertEquals(new DateTime('2015-08-27 08:45:52'), $this->goodCertificate->getExpireDate());
+		$this->assertEquals(new DateTime('2015-08-27 08:48:51'), $this->invalidCertificate->getExpireDate());
+		$this->assertEquals(new DateTime('2014-08-28 09:12:43'), $this->expiredCertificate->getExpireDate());
+	}
+
+	/**
+	 * Obviously the following test case might fail after 2015-08-27, just create a new certificate with longer validity then
+	 */
+	function testIsExpired() {
+		$this->assertSame(false, $this->goodCertificate->isExpired());
+		$this->assertSame(false, $this->invalidCertificate->isExpired());
+
+		// TODO: Change to false after tomorrow
+		$this->assertSame(false, $this->expiredCertificate->isExpired());
+	}
+
+	function testGetIssuerName() {
+		$this->assertSame('security.owncloud.com', $this->goodCertificate->getIssuerName());
+		$this->assertSame(null, $this->invalidCertificate->getIssuerName());
+		$this->assertSame(null, $this->expiredCertificate->getIssuerName());
+	}
+
+	function testGetIssuerOrganization() {
+		$this->assertSame('ownCloud Inc.', $this->goodCertificate->getIssuerOrganization());
+		$this->assertSame('Internet Widgits Pty Ltd', $this->invalidCertificate->getIssuerOrganization());
+		$this->assertSame('Internet Widgits Pty Ltd', $this->expiredCertificate->getIssuerOrganization());
+	}
+}
\ No newline at end of file
diff --git a/tests/lib/security/certificatemanager.php b/tests/lib/security/certificatemanager.php
new file mode 100644
index 00000000000..5baf9e16e81
--- /dev/null
+++ b/tests/lib/security/certificatemanager.php
@@ -0,0 +1,87 @@
+<?php
+/**
+ * Copyright (c) 2014 Lukas Reschke <lukas@owncloud.com>
+ * This file is licensed under the Affero General Public License version 3 or
+ * later.
+ * See the COPYING-README file.
+ */
+
+use \OC\Security\CertificateManager;
+
+class CertificateManagerTest extends \PHPUnit_Framework_TestCase {
+
+	/** @var CertificateManager */
+	private $certificateManager;
+	/** @var String */
+	private $username;
+	/** @var  \OC\User\User */
+	private $user;
+
+	function setUp() {
+		$this->username = OC_Util::generateRandomBytes(20);
+		OC_User::createUser($this->username, OC_Util::generateRandomBytes(20));
+
+		\OC_Util::tearDownFS();
+		\OC_User::setUserId('');
+		\OC\Files\Filesystem::tearDown();
+		\OC_Util::setupFS($this->username);
+
+		$this->user = \OC::$server->getUserManager()->get($this->username);
+
+		$this->certificateManager = new CertificateManager($this->user);
+	}
+
+	function tearDown() {
+		\OC_User::deleteUser($this->username);
+	}
+
+	protected function assertEqualsArrays($expected, $actual) {
+		sort($expected);
+		sort($actual);
+
+		$this->assertEquals($expected, $actual);
+	}
+
+	function testListCertificates() {
+		// Test empty certificate bundle
+		$this->assertSame(array(), $this->certificateManager->listCertificates());
+
+		// Add some certificates
+		$this->certificateManager->addCertificate(file_get_contents(__DIR__.'/../../data/certificates/goodCertificate.crt'), 'GoodCertificate');
+		$certificateStore = array();
+		$certificateStore[] =  new \OC\Security\Certificate(file_get_contents(__DIR__.'/../../data/certificates/goodCertificate.crt'), 'GoodCertificate');
+		$this->assertEqualsArrays($certificateStore, $this->certificateManager->listCertificates());
+
+		// Add another certificates
+		$this->certificateManager->addCertificate(file_get_contents(__DIR__.'/../../data/certificates/expiredCertificate.crt'), 'ExpiredCertificate');
+		$certificateStore[] =  new \OC\Security\Certificate(file_get_contents(__DIR__.'/../../data/certificates/expiredCertificate.crt'), 'ExpiredCertificate');
+		$this->assertEqualsArrays($certificateStore, $this->certificateManager->listCertificates());
+	}
+
+	/**
+	 * @expectedException \Exception
+	 * @expectedExceptionMessage Certificate could not get parsed.
+	 */
+	function testAddInvalidCertificate() {
+		$this->certificateManager->addCertificate('InvalidCertificate', 'invalidCertificate');
+	}
+
+	function testAddDangerousFile() {
+		$this->assertFalse($this->certificateManager->addCertificate(file_get_contents(__DIR__.'/../../data/certificates/expiredCertificate.crt'), '.htaccess'));
+		$this->assertFalse($this->certificateManager->addCertificate(file_get_contents(__DIR__.'/../../data/certificates/expiredCertificate.crt'), '../../foo.txt'));
+	}
+
+	function testRemoveDangerousFile() {
+		$this->assertFalse($this->certificateManager->removeCertificate('../../foo.txt'));
+	}
+
+	function testRemoveExistingFile() {
+		$this->certificateManager->addCertificate(file_get_contents(__DIR__.'/../../data/certificates/goodCertificate.crt'), 'GoodCertificate');
+		$this->assertTrue($this->certificateManager->removeCertificate('GoodCertificate'));
+	}
+
+	function testGetCertificateBundle() {
+		$this->assertSame($this->user->getHome().'/files_external/rootcerts.crt', $this->certificateManager->getCertificateBundle());
+	}
+
+}
\ No newline at end of file