Add tests

test/chronoscope/nts/key_establishment_client_test.exs

@@ -48,5 +48,84 @@ defmodule Chronoscope.NTS.KeyEstablishmentClientTest do
 
       key_establishment(%{host: "localhost", port: 2222})
     end
+
+    test "handles a full response" do
+      request = KeyEstablishmentRequest.create()
+
+      response =
+        [0x80, 0x01, 0x00, 0x02, 0x00, 0x00] ++
+          [0x80, 0x04, 0x00, 0x06, 0x00, 0x1E, 0x00, 0x01, 0x00, 0x0F] ++
+          [0x80, 0x05, 0x00, 0x01, ?c] ++
+          [0x00, 0x21, 0x00, 0x04, 0x00, 0x01, 0x02, 0x03] ++
+          [0x80, 0x06, 0x00, 0x09, ?1, ?2, ?7, ?., ?0, ?., ?0, ?., ?1] ++
+          [0x80, 0x07, 0x00, 0x02, 0x04, 0xCE] ++
+          [0x80, 0x00, 0x00, 0x00]
+
+      SSLMock
+      |> expect(:connect, fn ~c"localhost", 2222, _tls_options, @timeout -> {:ok, :socket} end)
+      |> expect(:send, fn :socket, ^request -> send_ssl_response(response) end)
+      |> expect(:peercert, fn :socket -> {:ok, peercert()} end)
+      |> expect(:close, fn :socket -> :ok end)
+
+      assert {:ok,
+              %{
+                cert_expiration: _expiration,
+                aead_algorithms: ["AEAD_AES_SIV_CMAC_256", "UNKNOWN", "AEAD_AES_128_GCM_SIV"],
+                cookie_length: 1,
+                cookies: [~c"c"],
+                next_protocols: ["NTPv4"],
+                port: 1230,
+                server: "127.0.0.1"
+              }} = key_establishment(%{host: "localhost", port: 2222})
+    end
+
+    test "handles a bad certificate hostname failure" do
+      SSLMock
+      |> expect(:connect, fn ~c"localhost", 2222, _tls_options, @timeout ->
+        {:error, {:tls_alert, {:handshake_failure, "connection failed {bad_cert,hostname_check_failed}"}}}
+      end)
+
+      assert key_establishment(%{host: "localhost", port: 2222}) ==
+               {:error, "The certificate is NOT trusted. The name in the certificate does not match the expected."}
+    end
+
+    test "handles a handshake failure" do
+      SSLMock
+      |> expect(:connect, fn ~c"localhost", 2222, _tls_options, @timeout ->
+        {:error, {:tls_alert, {:handshake_failure, "unsatisfactory handshake"}}}
+      end)
+
+      assert key_establishment(%{host: "localhost", port: 2222}) == {:error, "unsatisfactory handshake"}
+    end
+
+    test "handles a no application protocol failure" do
+      SSLMock
+      |> expect(:connect, fn ~c"localhost", 2222, _tls_options, @timeout ->
+        {:error, {:tls_alert, {:no_application_protocol, "unsatisfactory protocol"}}}
+      end)
+
+      assert key_establishment(%{host: "localhost", port: 2222}) == {:error, "unsatisfactory protocol"}
+    end
+
+    test "handles a timeout failure" do
+      SSLMock
+      |> expect(:connect, fn ~c"localhost", 2222, _tls_options, @timeout -> {:error, :timeout} end)
+
+      assert key_establishment(%{host: "localhost", port: 2222}) == {:error, :timeout}
+    end
+
+    test "handles an unknown error" do
+      SSLMock
+      |> expect(:connect, fn ~c"localhost", 2222, _tls_options, @timeout -> {:error, {:unsatisfactory, "client"}} end)
+
+      assert key_establishment(%{host: "localhost", port: 2222}) == {:error, "{:unsatisfactory, \"client\"}"}
+    end
+
+    test "handles an unexpected error" do
+      SSLMock
+      |> expect(:connect, fn ~c"localhost", 2222, _tls_options, @timeout -> {:unsatisfactory, "client"} end)
+
+      assert key_establishment(%{host: "localhost", port: 2222}) == {:error, "{:unsatisfactory, \"client\"}"}
+    end
   end
 end