add unit test

cmd/certify/command.go

@@ -3,13 +3,10 @@ package main
 import (
 	"fmt"
 	"io"
-	"log"
 	"os"
 	"strings"
-	"syscall"
 
 	"github.com/nothinux/certify"
-	"golang.org/x/term"
 )
 
 // initCA create private key and certificate for certificate authority
@@ -72,7 +69,7 @@ func readCertificate(args []string, stdin *os.File) (string, error) {
 // readRemoteCertificate read certificate from remote host
 func readRemoteCertificate(args []string) (string, error) {
 	if len(args) < 3 {
-		return "", fmt.Errorf("you must provide remote host.\n")
+		return "", fmt.Errorf("you must provide remote host")
 	}
 
 	result, err := tlsDial(args[2])
@@ -106,22 +103,11 @@ func matchCertificate(args []string) error {
 }
 
 // exportCertificate export certificate to pkcs12 format
-func exportCertificate(args []string) {
-	if len(args) < 5 {
-		fmt.Println("you must provide [key-path] [cert-path] and [ca-path]")
-		os.Exit(1)
-	}
-
-	fmt.Print("enter password: ")
-	bytePass, err := term.ReadPassword(int(syscall.Stdin))
-	if err != nil {
-		log.Fatal(err)
-	}
-
+func exportCertificate(args []string, bytePass []byte) error {
 	// verify if cert and key has same public key
-	_, _, err = matcher(args[2], args[3])
+	_, _, err := matcher(args[2], args[3])
 	if err != nil {
-		log.Fatal("\n", err)
+		return err
 	}
 
 	pfxData, err := getPfxData(
@@ -131,13 +117,14 @@ func exportCertificate(args []string) {
 		string(bytePass),
 	)
 	if err != nil {
-		log.Fatal(err)
+		return err
 	}
 
 	if err := os.WriteFile("client.p12", pfxData, 0644); err != nil {
-		log.Fatal(err)
+		return err
 	}
 	fmt.Println("\ncertificate exported to client.p12")
+	return nil
 }
 
 // createCertificate generate certificate and signed with existing CA

cmd/certify/command_test.go

@@ -267,3 +267,51 @@ func TestCreateIntermediateCertificate(t *testing.T) {
 		os.Remove(caInterKeyPath)
 	})
 }
+
+func TestExportCertificate(t *testing.T) {
+	tests := []struct {
+		Name          string
+		Args          []string
+		Password      string
+		expectedError string
+	}{
+		{
+			Name:     "Test export certificate",
+			Args:     []string{"certify", "-match", "testdata/server-key.pem", "testdata/server.pem", "testdata/ca-cert.pem"},
+			Password: "password",
+		},
+		{
+			Name:          "Test export certificate with invalid private key",
+			Args:          []string{"certify", "-match", "testdata/key.pem", "testdata/server.pem", "testdata/ca-cert.pem"},
+			Password:      "password",
+			expectedError: "no such file or directory",
+		},
+		{
+			Name:          "Test export certificate doesn't match with private key",
+			Args:          []string{"certify", "-match", "testdata/server-key.pem", "testdata/nothinux.pem", "testdata/ca-cert.pem"},
+			Password:      "password",
+			expectedError: "private key doesn't match with given certificate",
+		},
+		{
+			Name:          "Test export with wrong argument",
+			Args:          []string{"certify", "-match", "testdata/server.pem", "testdata/server-key.pem", "testdata/ca-cert.pem"},
+			Password:      "password",
+			expectedError: "failed to parse EC private key",
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.Name, func(t *testing.T) {
+			if err := exportCertificate(tt.Args, []byte(tt.Password)); err != nil {
+				if !strings.Contains(err.Error(), tt.expectedError) {
+					t.Fatalf("the error must be contain %s, got %v", tt.expectedError, err)
+				}
+			}
+		})
+
+		t.Cleanup(func() {
+			os.Remove("client.p12")
+		})
+	}
+
+}

cmd/certify/main.go

@@ -5,6 +5,9 @@ import (
 	"fmt"
 	"log"
 	"os"
+	"syscall"
+
+	"golang.org/x/term"
 )
 
 var usage = `             _   _ ___     
@@ -104,7 +107,21 @@ func runMain() error {
 	}
 
 	if *epkcs12 {
-		exportCertificate(os.Args)
+		if len(os.Args) < 5 {
+			fmt.Println("you must provide [key-path] [cert-path] and [ca-path]")
+			os.Exit(1)
+		}
+
+		fmt.Print("enter password: ")
+		bytePass, err := term.ReadPassword(int(syscall.Stdin))
+		if err != nil {
+			log.Fatal(err)
+		}
+
+		if err := exportCertificate(os.Args, bytePass); err != nil {
+			return err
+		}
+
 		return nil
 	}