Add command "nomad tls" (#14296)

testutil/tls.go

@@ -0,0 +1,49 @@
+package testutil
+
+import (
+	"crypto/x509"
+	"io/fs"
+	"os"
+	"testing"
+
+	"github.com/hashicorp/nomad/helper/tlsutil"
+	"github.com/stretchr/testify/require"
+)
+
+// Assert CA file exists and is a valid CA Returns the CA
+func IsValidCertificate(t *testing.T, caPath string) *x509.Certificate {
+	t.Helper()
+
+	require.FileExists(t, caPath)
+	caData, err := os.ReadFile(caPath)
+	require.NoError(t, err)
+
+	ca, err := tlsutil.ParseCert(string(caData))
+	require.NoError(t, err)
+	require.NotNil(t, ca)
+
+	return ca
+}
+
+// Assert key file exists and is a valid signer returns a bool
+func IsValidSigner(t *testing.T, keyPath string) bool {
+	t.Helper()
+
+	require.FileExists(t, keyPath)
+	fi, err := os.Stat(keyPath)
+	if err != nil {
+		t.Fatal("should not happen", err)
+	}
+	if want, have := fs.FileMode(0600), fi.Mode().Perm(); want != have {
+		t.Fatalf("private key file %s: permissions: want: %o; have: %o", keyPath, want, have)
+	}
+
+	keyData, err := os.ReadFile(keyPath)
+	require.NoError(t, err)
+
+	signer, err := tlsutil.ParseSigner(string(keyData))
+	require.NoError(t, err)
+	require.NotNil(t, signer)
+
+	return true
+}