r509-ca-http 0.1 → 0.2

data/spec/http_spec.rb

@@ -1,250 +1,258 @@
 require File.dirname(__FILE__) + '/spec_helper'
 require "openssl"
 
-describe R509::CertificateAuthority::Http::Server do
-    before :all do
-        #config_pool registry is in spec_helper because we need to register it
-        #BEFORE we include r509-ca-http
-        Dependo::Registry[:log] = Logger.new(nil)
-    end
+describe R509::CertificateAuthority::HTTP::Server do
+  before :all do
+    #config_pool registry is in spec_helper because we need to register it
+    #BEFORE we include r509-ca-http
+    Dependo::Registry[:log] = Logger.new(nil)
+  end
 
-    before :each do
-        @crls = { "test_ca" => double("crl") }
-        @certificate_authorities = { "test_ca" => double("test_ca") }
-        @subject_parser = double("subject parser")
-        @validity_period_converter = double("validity period converter")
-        @csr_factory = double("csr factory")
-        @spki_factory = double("spki factory")
-    end
+  before :each do
+    @crls = { "test_ca" => double("crl") }
+    @certificate_authorities = { "test_ca" => double("test_ca") }
+    @subject_parser = double("subject parser")
+    @validity_period_converter = double("validity period converter")
+    @csr_factory = double("csr factory")
+    @spki_factory = double("spki factory")
+  end
 
-    def app
-        @app ||= R509::CertificateAuthority::Http::Server
-        @app.send(:set, :crls, @crls)
-        @app.send(:set, :certificate_authorities, @certificate_authorities)
-        @app.send(:set, :subject_parser, @subject_parser)
-        @app.send(:set, :validity_period_converter, @validity_period_converter)
-        @app.send(:set, :csr_factory, @csr_factory)
-        @app.send(:set, :spki_factory, @spki_factory)
-    end
+  def app
+    @app ||= R509::CertificateAuthority::HTTP::Server
+    @app.send(:set, :crls, @crls)
+    @app.send(:set, :certificate_authorities, @certificate_authorities)
+    @app.send(:set, :subject_parser, @subject_parser)
+    @app.send(:set, :validity_period_converter, @validity_period_converter)
+    @app.send(:set, :csr_factory, @csr_factory)
+    @app.send(:set, :spki_factory, @spki_factory)
+  end
 
-    context "get CRL" do
-        it "gets the CRL" do
-            @crls["test_ca"].should_receive(:to_pem).and_return("generated crl")
-            get "/1/crl/test_ca/get"
-            last_response.should be_ok
-            last_response.content_type.should match /text\/plain/
-            last_response.body.should == "generated crl"
-        end
-        it "when CA is not found" do
-            get "/1/crl/bogus/get/"
-            last_response.status.should == 500
-            last_response.body.should == "#<ArgumentError: CA not found>"
-        end
+  context "get CRL" do
+    it "gets the CRL" do
+      @crls["test_ca"].should_receive(:to_pem).and_return("generated crl")
+      get "/1/crl/test_ca/get"
+      last_response.should be_ok
+      last_response.content_type.should match /text\/plain/
+      last_response.body.should == "generated crl"
+    end
+    it "when CA is not found" do
+      get "/1/crl/bogus/get/"
+      last_response.status.should == 500
+      last_response.body.should == "#<ArgumentError: CA not found>"
     end
+  end
 
-    context "generate CRL" do
-        it "generates the CRL" do
-            @crls["test_ca"].should_receive(:generate_crl).and_return("generated crl")
-            get "/1/crl/test_ca/generate"
-            last_response.should be_ok
-            last_response.body.should == "generated crl"
-        end
-        it "when CA is not found" do
-            get "/1/crl/bogus/generate/"
-            last_response.status.should == 500
-            last_response.body.should == "#<ArgumentError: CA not found>"
-        end
+  context "generate CRL" do
+    it "generates the CRL" do
+      @crls["test_ca"].should_receive(:generate_crl).and_return("generated crl")
+      get "/1/crl/test_ca/generate"
+      last_response.should be_ok
+      last_response.body.should == "generated crl"
     end
+    it "when CA is not found" do
+      get "/1/crl/bogus/generate/"
+      last_response.status.should == 500
+      last_response.body.should == "#<ArgumentError: CA not found>"
+    end
+  end
 
-    context "issue certificate" do
-        it "when no parameters are given" do
-            post "/1/certificate/issue"
-            last_response.should_not be_ok
-            last_response.body.should == "#<ArgumentError: Must provide a CA>"
-        end
-        it "when there's a profile, subject, CSR, validity period, but no ca" do
-            post "/1/certificate/issue", "profile" => "my profile", "subject" => "subject", "csr" => "my csr", "validityPeriod" => 365
-            last_response.should_not be_ok
-            last_response.body.should == "#<ArgumentError: Must provide a CA>"
-        end
-        it "when there's a ca, profile, subject, CSR, but no validity period" do
-            post "/1/certificate/issue", "ca" => "test_ca", "profile" => "my profile", "subject" => "subject", "csr" => "my csr"
-            last_response.should_not be_ok
-            last_response.body.should == "#<ArgumentError: Must provide a validity period>"
-        end
-        it "when there's a ca, profile, subject, validity period, but no CSR" do
-            post "/1/certificate/issue", "ca" => "test_ca", "profile" => "my profile", "subject" => "subject", "validityPeriod" => 365
-            last_response.should_not be_ok
-            last_response.body.should == "#<ArgumentError: Must provide a CSR or SPKI>"
-        end
-        it "when there's a ca, profile, CSR, validity period, but no subject" do
-            @subject_parser.should_receive(:parse).with(anything, "subject").and_return(R509::Subject.new)
-            post "/1/certificate/issue", "ca" => "test_ca", "profile" => "profile", "validityPeriod" => 365, "csr" => "csr"
-            last_response.should_not be_ok
-            last_response.body.should == "#<ArgumentError: Must provide a subject>"
-        end
-        it "when there's a ca, subject, CSR, validity period, but no profile" do
-            post "/1/certificate/issue", "ca" => "test_ca", "subject" => "subject", "validityPeriod" => 365, "csr" => "csr"
-            last_response.should_not be_ok
-            last_response.body.should == "#<ArgumentError: Must provide a CA profile>"
-        end
-        it "when the given CA is not found" do
-            post "/1/certificate/issue", "ca" => "some bogus CA"
-            last_response.should_not be_ok
-            last_response.body.should == "#<ArgumentError: CA not found>"
-        end
-        it "fails to issue" do
-            csr = double("csr")
-            @csr_factory.should_receive(:build).with({:csr => "csr"}).and_return(csr)
-            @validity_period_converter.should_receive(:convert).with("365").and_return({:not_before => 1, :not_after => 2})
-            subject = R509::Subject.new [["CN", "domain.com"]]
-            @subject_parser.should_receive(:parse).with(anything, "subject").and_return(subject)
-            @certificate_authorities["test_ca"].should_receive(:sign).with(:csr => csr, :profile_name => "profile", :data_hash => {:subject => subject, :san_names => []}, :not_before => 1, :not_after => 2).and_raise(R509::R509Error.new("failed to issue because of: good reason"))
+  context "issue certificate" do
+    it "when no parameters are given" do
+      post "/1/certificate/issue"
+      last_response.should_not be_ok
+      last_response.body.should == "#<ArgumentError: Must provide a CA>"
+    end
+    it "when there's a profile, subject, CSR, validity period, but no ca" do
+      post "/1/certificate/issue", "profile" => "my profile", "subject" => "subject", "csr" => "my csr", "validityPeriod" => 365
+      last_response.should_not be_ok
+      last_response.body.should == "#<ArgumentError: Must provide a CA>"
+    end
+    it "when there's a ca, profile, subject, CSR, but no validity period" do
+      post "/1/certificate/issue", "ca" => "test_ca", "profile" => "my profile", "subject" => "subject", "csr" => "my csr"
+      last_response.should_not be_ok
+      last_response.body.should == "#<ArgumentError: Must provide a validity period>"
+    end
+    it "when there's a ca, profile, subject, validity period, but no CSR" do
+      post "/1/certificate/issue", "ca" => "test_ca", "profile" => "my profile", "subject" => "subject", "validityPeriod" => 365
+      last_response.should_not be_ok
+      last_response.body.should == "#<ArgumentError: Must provide a CSR or SPKI>"
+    end
+    it "when there's a ca, profile, CSR, validity period, but no subject" do
+      @subject_parser.should_receive(:parse).with(anything, "subject").and_return(R509::Subject.new)
+      post "/1/certificate/issue", "ca" => "test_ca", "profile" => "profile", "validityPeriod" => 365, "csr" => "csr"
+      last_response.should_not be_ok
+      last_response.body.should == "#<ArgumentError: Must provide a subject>"
+    end
+    it "when there's a ca, subject, CSR, validity period, but no profile" do
+      post "/1/certificate/issue", "ca" => "test_ca", "subject" => "subject", "validityPeriod" => 365, "csr" => "csr"
+      last_response.should_not be_ok
+      last_response.body.should == "#<ArgumentError: Must provide a CA profile>"
+    end
+    it "when the given CA is not found" do
+      post "/1/certificate/issue", "ca" => "some bogus CA"
+      last_response.should_not be_ok
+      last_response.body.should == "#<ArgumentError: CA not found>"
+    end
+    it "fails to issue" do
+      csr = double("csr")
+      @csr_factory.should_receive(:build).with({:csr => "csr"}).and_return(csr)
+      @validity_period_converter.should_receive(:convert).with("365").and_return({:not_before => 1, :not_after => 2})
+      subject = R509::Subject.new [["CN", "domain.com"]]
+      @subject_parser.should_receive(:parse).with(anything, "subject").and_return(subject)
+      @certificate_authorities["test_ca"].should_receive(:sign).with(:csr => csr, :profile_name => "profile", :subject => subject, :san_names => [], :not_before => 1, :not_after => 2).and_raise(R509::R509Error.new("failed to issue because of: good reason"))
 
-            post "/1/certificate/issue", "ca" => "test_ca", "profile" => "profile", "subject" => "subject", "validityPeriod" => 365, "csr" => "csr"
-            last_response.should_not be_ok
-            last_response.body.should == "#<R509::R509Error: failed to issue because of: good reason>"
-        end
-        it "issues a CSR with no SAN extensions" do
-            csr = double("csr")
-            @csr_factory.should_receive(:build).with(:csr => "csr").and_return(csr)
-            @validity_period_converter.should_receive(:convert).with("365").and_return({:not_before => 1, :not_after => 2})
-            subject = R509::Subject.new [["CN", "domain.com"]]
-            @subject_parser.should_receive(:parse).with(anything, "subject").and_return(subject)
-            cert = double("cert")
-            @certificate_authorities["test_ca"].should_receive(:sign).with(:csr => csr, :profile_name => "profile", :data_hash => {:subject => subject, :san_names => []}, :not_before => 1, :not_after => 2).and_return(cert)
-            cert.should_receive(:to_pem).and_return("signed cert")
+      post "/1/certificate/issue", "ca" => "test_ca", "profile" => "profile", "subject" => "subject", "validityPeriod" => 365, "csr" => "csr"
+      last_response.should_not be_ok
+      last_response.body.should == "#<R509::R509Error: failed to issue because of: good reason>"
+    end
+    it "issues a CSR with no SAN extensions" do
+      csr = double("csr")
+      @csr_factory.should_receive(:build).with(:csr => "csr").and_return(csr)
+      @validity_period_converter.should_receive(:convert).with("365").and_return({:not_before => 1, :not_after => 2})
+      subject = R509::Subject.new [["CN", "domain.com"]]
+      @subject_parser.should_receive(:parse).with(anything, "subject").and_return(subject)
+      cert = double("cert")
+      @certificate_authorities["test_ca"].should_receive(:sign).with(:csr => csr, :profile_name => "profile", :subject => subject, :san_names => [], :not_before => 1, :not_after => 2).and_return(cert)
+      cert.should_receive(:to_pem).and_return("signed cert")
 
-            post "/1/certificate/issue", "ca" => "test_ca", "profile" => "profile", "subject" => "subject", "validityPeriod" => 365, "csr" => "csr"
-            last_response.should be_ok
-            last_response.body.should == "signed cert"
-        end
-        it "issues a CSR with SAN extensions" do
-            csr = double("csr")
-            @csr_factory.should_receive(:build).with(:csr => "csr").and_return(csr)
-            @validity_period_converter.should_receive(:convert).with("365").and_return({:not_before => 1, :not_after => 2})
-            subject = R509::Subject.new [["CN", "domain.com"]]
-            @subject_parser.should_receive(:parse).with(anything, "subject").and_return(subject)
-            cert = double("cert")
-            @certificate_authorities["test_ca"].should_receive(:sign).with(:csr => csr, :profile_name => "profile", :data_hash => {:subject => subject, :san_names => ["domain1.com", "domain2.com"]}, :not_before => 1, :not_after => 2).and_return(cert)
-            cert.should_receive(:to_pem).and_return("signed cert")
+      post "/1/certificate/issue", "ca" => "test_ca", "profile" => "profile", "subject" => "subject", "validityPeriod" => 365, "csr" => "csr"
+      last_response.should be_ok
+      last_response.body.should == "signed cert"
+    end
+    it "issues a CSR with SAN extensions" do
+      csr = double("csr")
+      @csr_factory.should_receive(:build).with(:csr => "csr").and_return(csr)
+      @validity_period_converter.should_receive(:convert).with("365").and_return({:not_before => 1, :not_after => 2})
+      subject = R509::Subject.new [["CN", "domain.com"]]
+      @subject_parser.should_receive(:parse).with(anything, "subject").and_return(subject)
+      cert = double("cert")
+      @certificate_authorities["test_ca"].should_receive(:sign).with(:csr => csr, :profile_name => "profile", :subject => subject, :san_names => ["domain1.com", "domain2.com"], :not_before => 1, :not_after => 2).and_return(cert)
+      cert.should_receive(:to_pem).and_return("signed cert")
 
-            post "/1/certificate/issue", "ca" => "test_ca", "profile" => "profile", "subject" => "subject", "validityPeriod" => 365, "csr" => "csr", "extensions[subjectAlternativeName][]" => ["domain1.com","domain2.com"]
-            last_response.should be_ok
-            last_response.body.should == "signed cert"
-        end
-        it "issues an SPKI without SAN extensions" do
-            @validity_period_converter.should_receive(:convert).with("365").and_return({:not_before => 1, :not_after => 2})
-            subject = R509::Subject.new [["CN", "domain.com"]]
-            @subject_parser.should_receive(:parse).with(anything, "subject").and_return(subject)
-            spki = double("spki")
-            @spki_factory.should_receive(:build).with(:spki => "spki", :subject => subject).and_return(spki)
-            cert = double("cert")
-            @certificate_authorities["test_ca"].should_receive(:sign).with(:spki => spki, :profile_name => "profile", :data_hash => {:subject => subject, :san_names => []}, :not_before => 1, :not_after => 2).and_return(cert)
-            cert.should_receive(:to_pem).and_return("signed cert")
+      post "/1/certificate/issue", "ca" => "test_ca", "profile" => "profile", "subject" => "subject", "validityPeriod" => 365, "csr" => "csr", "extensions[subjectAlternativeName][]" => ["domain1.com","domain2.com"]
+      last_response.should be_ok
+      last_response.body.should == "signed cert"
+    end
+    it "issues an SPKI without SAN extensions" do
+      @validity_period_converter.should_receive(:convert).with("365").and_return({:not_before => 1, :not_after => 2})
+      subject = R509::Subject.new [["CN", "domain.com"]]
+      @subject_parser.should_receive(:parse).with(anything, "subject").and_return(subject)
+      spki = double("spki")
+      @spki_factory.should_receive(:build).with(:spki => "spki", :subject => subject).and_return(spki)
+      cert = double("cert")
+      @certificate_authorities["test_ca"].should_receive(:sign).with(:spki => spki, :profile_name => "profile", :subject => subject, :san_names => [], :not_before => 1, :not_after => 2).and_return(cert)
+      cert.should_receive(:to_pem).and_return("signed cert")
 
-            post "/1/certificate/issue", "ca" => "test_ca", "profile" => "profile", "subject" => "subject", "validityPeriod" => 365, "spki" => "spki"
-            last_response.should be_ok
-            last_response.body.should == "signed cert"
-        end
-        it "issues an SPKI with SAN extensions" do
-            @validity_period_converter.should_receive(:convert).with("365").and_return({:not_before => 1, :not_after => 2})
-            subject = R509::Subject.new [["CN", "domain.com"]]
-            @subject_parser.should_receive(:parse).with(anything, "subject").and_return(subject)
-            spki = double("spki")
-            @spki_factory.should_receive(:build).with(:spki => "spki", :subject => subject).and_return(spki)
-            cert = double("cert")
-            @certificate_authorities["test_ca"].should_receive(:sign).with(:spki => spki, :profile_name => "profile", :data_hash => {:subject => subject, :san_names => ["domain1.com", "domain2.com"]}, :not_before => 1, :not_after => 2).and_return(cert)
-            cert.should_receive(:to_pem).and_return("signed cert")
+      post "/1/certificate/issue", "ca" => "test_ca", "profile" => "profile", "subject" => "subject", "validityPeriod" => 365, "spki" => "spki"
+      last_response.should be_ok
+      last_response.body.should == "signed cert"
+    end
+    it "issues an SPKI with SAN extensions" do
+      @validity_period_converter.should_receive(:convert).with("365").and_return({:not_before => 1, :not_after => 2})
+      subject = R509::Subject.new [["CN", "domain.com"]]
+      @subject_parser.should_receive(:parse).with(anything, "subject").and_return(subject)
+      spki = double("spki")
+      @spki_factory.should_receive(:build).with(:spki => "spki", :subject => subject).and_return(spki)
+      cert = double("cert")
+      @certificate_authorities["test_ca"].should_receive(:sign).with(:spki => spki, :profile_name => "profile", :subject => subject, :san_names => ["domain1.com", "domain2.com"], :not_before => 1, :not_after => 2).and_return(cert)
+      cert.should_receive(:to_pem).and_return("signed cert")
 
-            post "/1/certificate/issue", "ca" => "test_ca", "profile" => "profile", "subject" => "subject", "validityPeriod" => 365, "spki" => "spki", "extensions[subjectAlternativeName][]" => ["domain1.com","domain2.com"]
-            last_response.should be_ok
-            last_response.body.should == "signed cert"
-        end
-        it "when there are empty SAN names" do
-            csr = double("csr")
-            @csr_factory.should_receive(:build).with(:csr => "csr").and_return(csr)
-            @validity_period_converter.should_receive(:convert).with("365").and_return({:not_before => 1, :not_after => 2})
-            subject = R509::Subject.new [["CN", "domain.com"]]
-            @subject_parser.should_receive(:parse).with(anything, "subject").and_return(subject)
-            cert = double("cert")
-            @certificate_authorities["test_ca"].should_receive(:sign).with(:csr => csr, :profile_name => "profile", :data_hash => {:subject => subject, :san_names => ["domain1.com", "domain2.com"]}, :not_before => 1, :not_after => 2).and_return(cert)
-            cert.should_receive(:to_pem).and_return("signed cert")
+      post "/1/certificate/issue", "ca" => "test_ca", "profile" => "profile", "subject" => "subject", "validityPeriod" => 365, "spki" => "spki", "extensions[subjectAlternativeName][]" => ["domain1.com","domain2.com"]
+      last_response.should be_ok
+      last_response.body.should == "signed cert"
+    end
+    it "when there are empty SAN names" do
+      csr = double("csr")
+      @csr_factory.should_receive(:build).with(:csr => "csr").and_return(csr)
+      @validity_period_converter.should_receive(:convert).with("365").and_return({:not_before => 1, :not_after => 2})
+      subject = R509::Subject.new [["CN", "domain.com"]]
+      @subject_parser.should_receive(:parse).with(anything, "subject").and_return(subject)
+      cert = double("cert")
+      @certificate_authorities["test_ca"].should_receive(:sign).with(:csr => csr, :profile_name => "profile", :subject => subject, :san_names => ["domain1.com", "domain2.com"], :not_before => 1, :not_after => 2).and_return(cert)
+      cert.should_receive(:to_pem).and_return("signed cert")
 
-            post "/1/certificate/issue", "ca" => "test_ca", "profile" => "profile", "subject" => "subject", "validityPeriod" => 365, "csr" => "csr", "extensions[subjectAlternativeName][]" => ["domain1.com","domain2.com","",""]
-            last_response.should be_ok
-            last_response.body.should == "signed cert"
-        end
+      post "/1/certificate/issue", "ca" => "test_ca", "profile" => "profile", "subject" => "subject", "validityPeriod" => 365, "csr" => "csr", "extensions[subjectAlternativeName][]" => ["domain1.com","domain2.com","",""]
+      last_response.should be_ok
+      last_response.body.should == "signed cert"
     end
+  end
 
-    context "revoke certificate" do
-        it "when no CA is given" do
-            post "/1/certificate/revoke", "serial" => "foo"
-            last_response.status.should == 500
-            last_response.body.should == "#<ArgumentError: CA must be provided>"
-        end
-        it "when CA is not found" do
-            post "/1/certificate/revoke", "ca" => "bogus ca name", "serial" => "foo"
-            last_response.status.should == 500
-            last_response.body.should == "#<ArgumentError: CA not found>"
-        end
-        it "when no serial is given" do
-            post "/1/certificate/revoke", "ca" => "test_ca"
-            last_response.should_not be_ok
-            last_response.body.should == "#<ArgumentError: Serial must be provided>"
-        end
-        it "when serial is given but not reason" do
-            @crls["test_ca"].should_receive(:revoke_cert).with(12345, 0).and_return(nil)
-            @crls["test_ca"].should_receive(:to_pem).and_return("generated crl")
-            post "/1/certificate/revoke", "ca" => "test_ca", "serial" => "12345"
-            last_response.should be_ok
-            last_response.body.should == "generated crl"
-        end
-        it "when serial and reason are given" do
-            @crls["test_ca"].should_receive(:revoke_cert).with(12345, 1).and_return(nil)
-            @crls["test_ca"].should_receive(:to_pem).and_return("generated crl")
-            post "/1/certificate/revoke", "ca" => "test_ca", "serial" => "12345", "reason" => "1"
-            last_response.should be_ok
-            last_response.body.should == "generated crl"
-        end
-        it "when serial is not an integer" do
-            @crls["test_ca"].should_receive(:revoke_cert).with(0, 0).and_raise(R509::R509Error.new("some r509 error"))
-            post "/1/certificate/revoke", "ca" => "test_ca", "serial" => "foo"
-            last_response.should_not be_ok
-            last_response.body.should == "#<R509::R509Error: some r509 error>"
-        end
-        it "when reason is not an integer" do
-            @crls["test_ca"].should_receive(:revoke_cert).with(12345, 0).and_return(nil)
-            @crls["test_ca"].should_receive(:to_pem).and_return("generated crl")
-            post "/1/certificate/revoke", "ca" => "test_ca", "serial" => "12345", "reason" => "foo"
-            last_response.should be_ok
-            last_response.body.should == "generated crl"
-        end
+  context "revoke certificate" do
+    it "when no CA is given" do
+      post "/1/certificate/revoke", "serial" => "foo"
+      last_response.status.should == 500
+      last_response.body.should == "#<ArgumentError: CA must be provided>"
+    end
+    it "when CA is not found" do
+      post "/1/certificate/revoke", "ca" => "bogus ca name", "serial" => "foo"
+      last_response.status.should == 500
+      last_response.body.should == "#<ArgumentError: CA not found>"
+    end
+    it "when no serial is given" do
+      post "/1/certificate/revoke", "ca" => "test_ca"
+      last_response.should_not be_ok
+      last_response.body.should == "#<ArgumentError: Serial must be provided>"
+    end
+    it "when serial is given but not reason" do
+      @crls["test_ca"].should_receive(:revoke_cert).with(12345, 0).and_return(nil)
+      crl_list = double("crl-list")
+      @crls["test_ca"].should_receive(:crl).and_return(crl_list)
+      crl_list.should_receive(:to_pem).and_return("generated crl")
+      post "/1/certificate/revoke", "ca" => "test_ca", "serial" => "12345"
+      last_response.should be_ok
+      last_response.body.should == "generated crl"
     end
+    it "when serial and reason are given" do
+      @crls["test_ca"].should_receive(:revoke_cert).with(12345, 1).and_return(nil)
+      crl_list = double("crl-list")
+      @crls["test_ca"].should_receive(:crl).and_return(crl_list)
+      crl_list.should_receive(:to_pem).and_return("generated crl")
+      post "/1/certificate/revoke", "ca" => "test_ca", "serial" => "12345", "reason" => "1"
+      last_response.should be_ok
+      last_response.body.should == "generated crl"
+    end
+    it "when serial is not an integer" do
+      @crls["test_ca"].should_receive(:revoke_cert).with(0, 0).and_raise(R509::R509Error.new("some r509 error"))
+      post "/1/certificate/revoke", "ca" => "test_ca", "serial" => "foo"
+      last_response.should_not be_ok
+      last_response.body.should == "#<R509::R509Error: some r509 error>"
+    end
+    it "when reason is not an integer" do
+      @crls["test_ca"].should_receive(:revoke_cert).with(12345, 0).and_return(nil)
+      crl_list = double("crl-list")
+      @crls["test_ca"].should_receive(:crl).and_return(crl_list)
+      crl_list.should_receive(:to_pem).and_return("generated crl")
+      post "/1/certificate/revoke", "ca" => "test_ca", "serial" => "12345", "reason" => "foo"
+      last_response.should be_ok
+      last_response.body.should == "generated crl"
+    end
+  end
 
-    context "unrevoke certificate" do
-        it "when no CA is given" do
-            post "/1/certificate/unrevoke", "serial" => "foo"
-            last_response.status.should == 500
-            last_response.body.should == "#<ArgumentError: CA must be provided>"
-        end
-        it "when CA is not found" do
-            post "/1/certificate/unrevoke", "ca" => "bogus ca", "serial" => "foo"
-            last_response.status.should == 500
-            last_response.body.should == "#<ArgumentError: CA not found>"
-        end
-        it "when no serial is given" do
-            post "/1/certificate/unrevoke", "ca" => "test_ca"
-            last_response.should_not be_ok
-            last_response.body.should == "#<ArgumentError: Serial must be provided>"
-        end
-        it "when serial is given" do
-            @crls["test_ca"].should_receive(:unrevoke_cert).with(12345).and_return(nil)
-            @crls["test_ca"].should_receive(:to_pem).and_return("generated crl")
-            post "/1/certificate/unrevoke", "ca" => "test_ca", "serial" => "12345"
-            last_response.should be_ok
-            last_response.body.should == "generated crl"
-        end
+  context "unrevoke certificate" do
+    it "when no CA is given" do
+      post "/1/certificate/unrevoke", "serial" => "foo"
+      last_response.status.should == 500
+      last_response.body.should == "#<ArgumentError: CA must be provided>"
+    end
+    it "when CA is not found" do
+      post "/1/certificate/unrevoke", "ca" => "bogus ca", "serial" => "foo"
+      last_response.status.should == 500
+      last_response.body.should == "#<ArgumentError: CA not found>"
+    end
+    it "when no serial is given" do
+      post "/1/certificate/unrevoke", "ca" => "test_ca"
+      last_response.should_not be_ok
+      last_response.body.should == "#<ArgumentError: Serial must be provided>"
+    end
+    it "when serial is given" do
+      @crls["test_ca"].should_receive(:unrevoke_cert).with(12345).and_return(nil)
+      crl_list = double("crl-list")
+      @crls["test_ca"].should_receive(:crl).and_return(crl_list)
+      crl_list.should_receive(:to_pem).and_return("generated crl")
+      post "/1/certificate/unrevoke", "ca" => "test_ca", "serial" => "12345"
+      last_response.should be_ok
+      last_response.body.should == "generated crl"
     end
+  end
 
 end

data/spec/spec_helper.rb

@@ -13,7 +13,7 @@ require 'r509'
 require 'dependo'
 require 'logger'
 
-Dependo::Registry[:config_pool] = R509::Config::CaConfigPool.from_yaml("certificate_authorities", File.read(File.dirname(__FILE__)+"/fixtures/test_config.yaml"), {:ca_root_path => "#{File.dirname(__FILE__)}/fixtures"})
+Dependo::Registry[:config_pool] = R509::Config::CAConfigPool.from_yaml("certificate_authorities", File.read(File.dirname(__FILE__)+"/fixtures/test_config.yaml"), {:ca_root_path => "#{File.dirname(__FILE__)}/fixtures"})
 
 require 'r509/certificateauthority/http/server'
 

data/spec/subject_parser_spec.rb

@@ -1,8 +1,8 @@
 require File.dirname(__FILE__) + '/spec_helper'
 
-describe R509::CertificateAuthority::Http::SubjectParser do
+describe R509::CertificateAuthority::HTTP::SubjectParser do
     before :all do
-        @parser = R509::CertificateAuthority::Http::SubjectParser.new
+        @parser = R509::CertificateAuthority::HTTP::SubjectParser.new
     end
 
     it "when the query string is nil" do

data/spec/validity_period_converter_spec.rb

@@ -1,8 +1,8 @@
 require File.dirname(__FILE__) + "/spec_helper"
 
-describe R509::CertificateAuthority::Http::ValidityPeriodConverter do
+describe R509::CertificateAuthority::HTTP::ValidityPeriodConverter do
     before :all do
-        @converter = R509::CertificateAuthority::Http::ValidityPeriodConverter.new
+        @converter = R509::CertificateAuthority::HTTP::ValidityPeriodConverter.new
     end
 
     it "when validity period is nil" do