76 lines
1.8 KiB
Go
76 lines
1.8 KiB
Go
package pki
|
|
|
|
import (
|
|
"crypto/elliptic"
|
|
"crypto/x509/pkix"
|
|
"math/big"
|
|
"reflect"
|
|
"testing"
|
|
)
|
|
|
|
var (
|
|
TestCertificateData = CertificateData{
|
|
Subject: pkix.Name{CommonName: "foobar"},
|
|
DNSNames: []string{"foo.bar", "example.com"},
|
|
}
|
|
)
|
|
|
|
func TestCertificateCreation(t *testing.T) {
|
|
ed25519Key, err := NewPrivateKeyEd25519()
|
|
if err != nil {
|
|
t.Errorf("cert: creating private key ed25519 failed: %s", err)
|
|
}
|
|
ecdsaKey, err := NewPrivateKeyEcdsa(elliptic.P224())
|
|
if err != nil {
|
|
t.Errorf("cert: creating private key ecdsa failed: %s", err)
|
|
}
|
|
rsaKey, err := NewPrivateKeyRsa(1024)
|
|
if err != nil {
|
|
t.Errorf("cert: creating private key rsa failed: %s", err)
|
|
}
|
|
|
|
for _, pk := range []PrivateKey{rsaKey, ecdsaKey, ed25519Key} {
|
|
csr, err := TestCertificateData.ToCertificateRequest(pk)
|
|
if err != nil {
|
|
t.Errorf("cert: creating csr failed: %s", err)
|
|
}
|
|
|
|
cert_opts := CertificateOptions{
|
|
// KeyUsage: x509.KeyUsageEncipherOnly | x509.KeyUsageKeyEncipherment | x509.KeyUsageCertSign,
|
|
SerialNumber: big.NewInt(1),
|
|
CALength: -1,
|
|
}
|
|
|
|
cert, err := csr.ToCertificate(pk, cert_opts, nil)
|
|
if err != nil {
|
|
t.Errorf("cert: creating cert failed: %s", err)
|
|
}
|
|
|
|
if !fieldsAreSame(TestCertificateData, cert) {
|
|
t.Errorf("cert: Fields are not the same")
|
|
}
|
|
}
|
|
}
|
|
|
|
func fieldsAreSame(data CertificateData, cert *Certificate) bool {
|
|
if cert == nil {
|
|
return false
|
|
}
|
|
if data.Subject.CommonName != cert.Subject.CommonName {
|
|
return false
|
|
}
|
|
if !reflect.DeepEqual(data.Subject.Country, cert.Subject.Country) {
|
|
return false
|
|
}
|
|
if !reflect.DeepEqual(data.DNSNames, cert.DNSNames) {
|
|
return false
|
|
}
|
|
if !reflect.DeepEqual(data.IPAddresses, cert.IPAddresses) {
|
|
return false
|
|
}
|
|
if !reflect.DeepEqual(data.EmailAddresses, cert.EmailAddresses) {
|
|
return false
|
|
}
|
|
return true
|
|
}
|