Adding canned CSRs, tests

Signed-off-by: Richard Zak <richard@profian.com>
enarx · Oct 17, 2022 · ea1ce69 · ea1ce69
1 parent 828415b
commit ea1ce69
Show file tree

Hide file tree

Showing 3 changed files with 33 additions and 3 deletions.
diff --git a/src/ext/sgx/icelake.csr b/src/ext/sgx/icelake.csr
diff --git a/src/ext/snp/milan.csr b/src/ext/snp/milan.csr
diff --git a/src/main.rs b/src/main.rs
@@ -511,15 +511,14 @@ mod tests {
         use der::{AnyRef, Encode};
         use x509::attr::Attribute;
         use x509::request::{CertReq, CertReqInfo, ExtensionReq};
-        #[cfg(feature = "insecure")]
         use x509::PkiPath;
         use x509::{ext::Extension, name::RdnSequence};
 
-        #[cfg(feature = "insecure")]
         use axum::response::Response;
         use http::header::CONTENT_TYPE;
         use http::Request;
         use hyper::Body;
+        #[cfg(feature = "insecure")]
         use rstest::rstest;
         use tower::ServiceExt; // for `app.oneshot()`
 
@@ -586,7 +585,6 @@ mod tests {
             }
         }
 
-        #[cfg(feature = "insecure")]
         async fn attest_response(state: State, response: Response, multi: bool) {
             let body = hyper::body::to_bytes(response.into_body()).await.unwrap();
 
@@ -714,6 +712,22 @@ mod tests {
             assert_eq!(output.issued.len(), five_crs.len());
         }
 
+        #[tokio::test]
+        async fn sgx_canned_csr() {
+            let csr = include_bytes!("ext/sgx/icelake.csr");
+
+            let request = Request::builder()
+                .method("POST")
+                .uri("/")
+                .header(CONTENT_TYPE, PKCS10)
+                .body(Body::from(Bytes::from(csr.as_slice())))
+                .unwrap();
+
+            let response = app(certificates_state()).oneshot(request).await.unwrap();
+            assert_eq!(response.status(), StatusCode::OK);
+            attest_response(certificates_state(), response, false).await;
+        }
+
         #[cfg(feature = "insecure")]
         #[rstest]
         #[case(PKCS10, false)]
@@ -773,6 +787,22 @@ mod tests {
             }
         }
 
+        #[tokio::test]
+        async fn snp_canned_csr() {
+            let csr = include_bytes!("ext/snp/milan.csr");
+
+            let request = Request::builder()
+                .method("POST")
+                .uri("/")
+                .header(CONTENT_TYPE, PKCS10)
+                .body(Body::from(Bytes::from(csr.as_slice())))
+                .unwrap();
+
+            let response = app(certificates_state()).oneshot(request).await.unwrap();
+            assert_eq!(response.status(), StatusCode::OK);
+            attest_response(certificates_state(), response, false).await;
+        }
+
         #[cfg(feature = "insecure")]
         #[rstest]
         #[case(PKCS10, false)]