fix maximum path len for certificatesHEAD master

When no maximum ca length was given, it was interpreted as a free for all and blocked the certificate generation for normal certificates.
author: Gibheer <gibheer+git@zero-knowledge.org> 2026-06-10 18:32:28 +0200
committer: Gibheer <gibheer+git@zero-knowledge.org> 2026-06-10 18:32:28 +0200
commit: cfd9759c4fb32b65dfe075427983207327a03469 (patch)
tree: a5251837e31177cd3e2ac00722c8f5df1cce43ce /certificate_test.go
parent: 0380f7f91c831af18e37414afcdf30935b4b4ee9 (diff)
1 files changed, 18 insertions, 0 deletions
diff --git a/certificate_test.go b/certificate_test.go
index 14b1279..39e25c0 100644
--- a/certificate_test.go
+++ b/certificate_test.go
@@ -3,6 +3,7 @@ package pki
 import (
 	"crypto/elliptic"
 	"crypto/x509/pkix"
+	"fmt"
 	"math/big"
 	"reflect"
 	"testing"
@@ -52,6 +53,23 @@ func TestCertificateCreation(t *testing.T) {
 	}
 }
 
+func TestCertificateMaxLength(t *testing.T) {
+	pk, err := NewPrivateKeyRsa(1024)
+	if err != nil {
+		t.Errorf("cert: creating private key rsa failed: %s", err)
+	}
+	csr, err := TestCertificateData.ToCertificateRequest(pk)
+	cert_opts := CertificateOptions{SerialNumber: big.NewInt(1)}
+	fmt.Println("create cert")
+	cert, err := csr.ToCertificate(pk, cert_opts, nil)
+	if err != nil {
+		t.Errorf("cert: creating cert failed: %s", err)
+	}
+	if !fieldsAreSame(TestCertificateData, cert) {
+		t.Errorf("cert: Fields are not the same")
+	}
+}
+
 func fieldsAreSame(data CertificateData, cert *Certificate) bool {
 	if cert == nil {
 		return false
author	Gibheer <gibheer+git@zero-knowledge.org>	2026-06-10 18:32:28 +0200
committer	Gibheer <gibheer+git@zero-knowledge.org>	2026-06-10 18:32:28 +0200
commit	cfd9759c4fb32b65dfe075427983207327a03469 (patch)
tree	a5251837e31177cd3e2ac00722c8f5df1cce43ce /certificate_test.go
parent	0380f7f91c831af18e37414afcdf30935b4b4ee9 (diff)