aboutsummaryrefslogtreecommitdiff
path: root/certificate_test.go
blob: 3cb4a6495dacfcdc70d0b394326ebaafdce64644 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
package pki

import (
  "crypto/elliptic"
//  "crypto/x509"
  "crypto/x509/pkix"
  "math/big"
  "reflect"
  "testing"
)

var (
  TestCertificateData = CertificateData{
    Subject:  pkix.Name{CommonName: "foobar"},
    DNSNames: []string{"foo.bar", "example.com"},
  }
)

func TestCertificateCreation(t *testing.T) {
  pk, err := NewPrivateKeyEcdsa(elliptic.P224())
  if err != nil { t.Errorf("cert: creating private key failed: %s", err) }

  csr, err := TestCertificateData.ToCertificateRequest(pk)
  if err != nil { t.Errorf("cert: creating csr failed: %s", err) }

  cert_opts := CertificateOptions{
    // KeyUsage:  x509.KeyUsageEncipherOnly | x509.KeyUsageKeyEncipherment | x509.KeyUsageCertSign,
    SerialNumber: big.NewInt(1),
  }

  cert, err := csr.ToCertificate(pk, cert_opts, nil)
  if err != nil { t.Errorf("cert: creating cert failed: %s", err) }

  if !fieldsAreSame(TestCertificateData, cert) {
    t.Errorf("cert: Fields are not the same")
  }
}

func fieldsAreSame(data CertificateData, cert *Certificate) bool {
  if data.Subject.CommonName != cert.Subject.CommonName             { return false }
  if !reflect.DeepEqual(data.Subject.Country, cert.Subject.Country) { return false }
  if !reflect.DeepEqual(data.DNSNames, cert.DNSNames)               { return false }
  if !reflect.DeepEqual(data.IPAddresses, cert.IPAddresses)         { return false }
  if !reflect.DeepEqual(data.EmailAddresses, cert.EmailAddresses)   { return false }
  return true
}