aboutsummaryrefslogblamecommitdiff
path: root/certificate_test.go
blob: 861664123d3275d1dcb845f514f2de3c12489771 (plain) (tree) 
362fe8f ^



301d931 ^





362fe8f ^



301d931 ^




362fe8f ^



301d931 ^























362fe8f ^



301d931 ^
















362fe8f ^

1
2
3

4
5
6
7
8

9
10
11

12
13
14
15

16
17
18

19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41

42
43
44

45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60

61



           




                          


     



                                                             


                                            






















                                                                                                               


                                                                  















                                                                           
 
package pki

import (
	"crypto/elliptic"
	"crypto/x509/pkix"
	"math/big"
	"reflect"
	"testing"
)

var (
	TestCertificateData = CertificateData{
		Subject:  pkix.Name{CommonName: "foobar"},
		DNSNames: []string{"foo.bar", "example.com"},
	}
)

func TestCertificateCreation(t *testing.T) {
	pk, err := NewPrivateKeyEcdsa(elliptic.P224())
	if err != nil {
		t.Errorf("cert: creating private key failed: %s", err)
	}

	csr, err := TestCertificateData.ToCertificateRequest(pk)
	if err != nil {
		t.Errorf("cert: creating csr failed: %s", err)
	}

	cert_opts := CertificateOptions{
		// KeyUsage:  x509.KeyUsageEncipherOnly | x509.KeyUsageKeyEncipherment | x509.KeyUsageCertSign,
		SerialNumber: big.NewInt(1),
	}

	cert, err := csr.ToCertificate(pk, cert_opts, nil)
	if err != nil {
		t.Errorf("cert: creating cert failed: %s", err)
	}

	if !fieldsAreSame(TestCertificateData, cert) {
		t.Errorf("cert: Fields are not the same")
	}
}

func fieldsAreSame(data CertificateData, cert *Certificate) bool {
	if data.Subject.CommonName != cert.Subject.CommonName {
		return false
	}
	if !reflect.DeepEqual(data.Subject.Country, cert.Subject.Country) {
		return false
	}
	if !reflect.DeepEqual(data.DNSNames, cert.DNSNames) {
		return false
	}
	if !reflect.DeepEqual(data.IPAddresses, cert.IPAddresses) {
		return false
	}
	if !reflect.DeepEqual(data.EmailAddresses, cert.EmailAddresses) {
		return false
	}
	return true
}
generated by cgit v1.2.3-70-g09d2 (git 2.47.0) at 2024-11-01 06:30:32 +0000