Tests verify url (#9)

Closes #8 
* fix typo
* add another CA certificate for testing
* add tests for verifying urls
* Update README.md

Author: hionay

.gitignore

@@ -1,5 +1,3 @@
 dist
 gossl
-*.pem
-*.key
-.vscode
+.vscode

README.md

@@ -129,4 +129,3 @@ gossl ssh-copy --pubkey /home/user/.ssh/id_rsa.pub remoteUser@remoteIP
 1. Add generate command for generating private key, root ca and x509 certificates in one command
 2. Add cert template format read from yaml file
 3. Add certificate converter command like DER to PEM etc.
-4. Add test for verify URL

commands/verify/verify.go

@@ -183,7 +183,7 @@ func verifyURLWithCA(c *cli.Context, url string, roots *x509.CertPool) error {
 
 	_, err := client.Get(url)
 	if err != nil {
-		log.Printf("Failed to sen Get request to URL %s error: %v", url, err)
+		log.Printf("Failed to send Get request to URL %s error: %v", url, err)
 		return err
 	}
 

commands/verify/verify_test.go

@@ -1,6 +1,10 @@
 package verify_test
 
 import (
+	"crypto/tls"
+	"fmt"
+	"net/http"
+	"net/http/httptest"
 	"os"
 	"testing"
 
@@ -87,7 +91,80 @@ func TestVerify(t *testing.T) {
 
 	for _, tC := range testCases {
 		t.Run(tC.name, func(t *testing.T) {
-			testArgs := []string{execName, verify.CmdVerify, "-dns", tC.dns, "-cafile", tC.cafile, "-certfile", tC.certfile}
+			testArgs := []string{
+				execName, verify.CmdVerify,
+				"-dns", tC.dns,
+				"-cafile", tC.cafile,
+				"-certfile", tC.certfile,
+			}
+			if tC.shouldErr {
+				require.Error(t, app.Run(testArgs))
+			} else {
+				require.NoError(t, app.Run(testArgs))
+			}
+		})
+	}
+}
+
+func TestVerifyURL(t *testing.T) {
+	const (
+		// Certificate paths
+		serverCert = "../../testdata/server-cert.pem"
+		serverKey  = "../../testdata/server-key.pem"
+		caCert     = "../../testdata/ca-cert.pem"
+		caCert2    = "../../testdata/ca-cert-2.pem"
+	)
+
+	ts := httptest.NewUnstartedServer(
+		http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			fmt.Fprintln(w, "hello!")
+		}),
+	)
+
+	cert, err := tls.LoadX509KeyPair(serverCert, serverKey)
+	require.NoError(t, err)
+
+	ts.TLS = &tls.Config{
+		Certificates: []tls.Certificate{cert},
+	}
+
+	ts.StartTLS()
+	defer ts.Close()
+
+	app := &cli.App{
+		Commands: []*cli.Command{
+			verify.Command(),
+		},
+	}
+
+	execName, err := os.Executable()
+	require.NoError(t, err)
+
+	testCases := []struct {
+		name      string
+		cafile    string
+		shouldErr bool
+	}{
+		{
+			name:      "valid cert and ca",
+			cafile:    caCert,
+			shouldErr: false,
+		},
+		{
+			name:      "bad certificate",
+			cafile:    caCert2,
+			shouldErr: true,
+		},
+	}
+
+	for _, tC := range testCases {
+		t.Run(tC.name, func(t *testing.T) {
+			testArgs := []string{
+				execName, verify.CmdVerify,
+				"--cafile", tC.cafile,
+				"--url", ts.URL,
+			}
+
 			if tC.shouldErr {
 				require.Error(t, app.Run(testArgs))
 			} else {

testdata/ca-cert-2.pem

@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE-----
+MIICmDCCAYACCQC2Phk4n8m/JDANBgkqhkiG9w0BAQsFADANMQswCQYDVQQGEwJ0
+cjAgFw0yMjA0MTQxNjAyNTZaGA8zMDIxMDgxNTE2MDI1NlowDTELMAkGA1UEBhMC
+dHIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcIoJP1ylhMNLG7e8r
+mVqBWxEqPoaGhdpwJ08n7myJ9qiwMIcf9qDMVDag26Q38gQeOMu/15MX6c4rig4T
+SUB9KuBernX1Gv0KkD0/vXH3SyvVLH79LyP+x5VthdxP0c/MqypXteNgLZU+1oJ0
+nZtIqUJZABE2fQ8kNFxSvL5ZPcYqBXwkgj17Qd08xl2MASfT80hfeW4Kj9txyFye
+e3mIIgF7r787SJu7JAEHj0C2j52yM1inUDiAOAJ+xushqhAZvp4nNyEnCM2rvqoJ
+5j8QuLdpO8PVHGWfqHNG8CrMuUyGWaLaYZSozqAWsNCPckjLxErRertIAvJGsguU
+0LrDAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAI3d6TxZPndLDJ2aYEZ1QtLAQbch
+O/srZ5GnbwALBdK3zFG41oV6RJX/pnLrNwsCvySkTX2X7Vyf687jkR6qGfNAbxVB
+Ckeg+6K7sDomD9EQsDD7juX/lT2TSsZQwPBO2Agqh4IkYnvUP+XDjmxPmpEN8/Jf
+hWZAN4mI1EQhFdUdpTfATpea+gs3HhwW13tSEr9AIstS5Ef1/5veEeTvNMDqHuxC
+YgNhCz+Fd7FWuKxUGsEFx7fSt96hy30rOjtextqphiRzXMpzgKd8xtPcPzQx2fxj
+EqiKsvALSDAmq38WpykrV13LuKpIizghJRqCB+hklWpJkWN7StrYv+2qPbk=
+-----END CERTIFICATE-----

testdata/ca-key-2.pem

@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEA3CKCT9cpYTDSxu3vK5lagVsRKj6GhoXacCdPJ+5sifaosDCH
+H/agzFQ2oNukN/IEHjjLv9eTF+nOK4oOE0lAfSrgXq519Rr9CpA9P71x90sr1Sx+
+/S8j/seVbYXcT9HPzKsqV7XjYC2VPtaCdJ2bSKlCWQARNn0PJDRcUry+WT3GKgV8
+JII9e0HdPMZdjAEn0/NIX3luCo/bcchcnnt5iCIBe6+/O0ibuyQBB49Ato+dsjNY
+p1A4gDgCfsbrIaoQGb6eJzchJwjNq76qCeY/ELi3aTvD1Rxln6hzRvAqzLlMhlmi
+2mGUqM6gFrDQj3JIy8RK0Xq7SALyRrILlNC6wwIDAQABAoIBAAQCtPETcHOO2ig5
+qYPX1WhJ6nQkk3rb8XDdpnmJxHx2+/fJyoxwh9lxJ1Wi6skCJcUPL9cc7FchMVpl
+t3/uc7hUEaZn80o15apNmnAQ2YSx3+iQWPfv5e38YOKP78Wcgvatn6XdcHkOG4v7
+iIDrZiraupS4hZfCi4YTViNDwQwLJWxmDhWqT7+RZFiRTI+wjC4x/aW5ya+a+dyP
+cuiuosPdAHiLLzYuNVBe+p4yLyrcWA8+2XZ55YS2T4ElkiB+98u4dEm78AYMrBTp
+e8KGBKqAMyXLPiY44EImHwuHpRthbAxvTHpfUsSuJ4Y3VslKjMbaMDwKyqJIcHCI
+jprX98ECgYEA8UaswxHfUWczI6iEPnu19Dw6Dn1dYpxfHANNm0Jok/qWQYlZMQiV
+jtF6m0rGXs++aZLxlGZjcRJz86zz8x2tSi3Nm0XZIQ1M4CwTAJdeARxYzuQlszCu
+8Din/s6j3+Onf7R4bU/lw1H6MNR+wFRq15wrWruAlKz5oOr1iX454bECgYEA6ZGO
+OH1TSgOEqpRVmscofudyE8ek9h637/yQT0SWOzVCx8M+KmvbCclwJ07WT+HGtv9U
+e4AY8puvbbQBb6Oy9IOv1IdEwKOpdfMdJxZirjEUg1JnH1YqCEPCBXuUoAYdgBfq
+coCp4n2nXZkPHWN6xxOEjPsrv3XtuBB7FbpFrLMCgYBjfzOrVelz1kz+fXXbloSY
+bWW7p/MkwTtvf+U3C5G4xHPGHu/LCrEyLiyTcaiQXLc3LkO1YOvNK0Dp0f7f2PMn
+TfAmAg3iVWvIXiSP79vyNVBiMS9iz8a0hYixyWFG6MigHzoySeqEO4AjNt32Tlmp
+BFvUlNIXfaWLuJj81DLmYQKBgQC+X7ZFEtlVRWLXykmv+05liW3w81Pgi48u23Qg
+N+4fWj0RJ3E/EGQbKQXx9A84UvUt6RVKCFHNRNoLF6HoBcxyAffJyWtffMY97ic/
+2b4a7sQieYK2BvwBeoDlCSJOAE4BPv0H0RknE3XcE0o/kPrc0mrComK5Dnzw/vXj
+8syhgwKBgE/tm46Fh3jCVk5LlxcO/iTYiUGK6zu6UDf8atTxgaDojZekbihK4RFo
+qqvLa1UFj+bzWGlLGWTyQrb02Q+fuwJmM+Y5jUOuPLjcnxapu3Lv8faXPv84YVIC
+bm+QgZSPrCgKIJYUN8JK3SlfZ877tHEz+z/Q4sWjHIQ+f/wLOz/A
+-----END RSA PRIVATE KEY-----