test files for the exported functions in the 'util' package TestTLSCertGeneration tests certificate generation from the util package
(t *testing.T)
| 41 | // test files for the exported functions in the 'util' package |
| 42 | // TestTLSCertGeneration tests certificate generation from the util package |
| 43 | func TestTLSCertGeneration(t *testing.T) { |
| 44 | // Setup |
| 45 | //serial |
| 46 | serial := big.NewInt(1337) |
| 47 | //subject |
| 48 | cnString := "It's in that place where I put that thing that time" |
| 49 | subj := pkix.Name{ |
| 50 | CommonName: cnString, |
| 51 | } |
| 52 | //dnsNames |
| 53 | dnsName := "HackThePlanet.org" |
| 54 | dnsNames := []string{dnsName} |
| 55 | //time (before and after) |
| 56 | notBefore := time.Now().AddDate(0, 0, -5) // 5 days ago |
| 57 | notAfter := time.Now().AddDate(13, 3, 7) //13 years, 3 months, 7 days |
| 58 | //privKey |
| 59 | ecpk, err := ecdsa.GenerateKey(elliptic.P521(), rand.Reader) |
| 60 | if err != nil { |
| 61 | t.Fatal("Couldn't generate EC key", err) |
| 62 | } |
| 63 | pk := crypto.PrivateKey(ecpk) |
| 64 | |
| 65 | // Create certificate |
| 66 | certSetVals, err := GenerateTLSCert(serial, &subj, dnsNames, ¬Before, ¬After, pk, false) |
| 67 | if err != nil { |
| 68 | t.Fatal("Certificate generation[1] error:" + err.Error()) |
| 69 | } |
| 70 | |
| 71 | // Tests |
| 72 | x5certSetVals, err := x509.ParseCertificate(certSetVals.Certificate[0]) |
| 73 | if err != nil { |
| 74 | t.Fatal("Could not parse X509 certificate") |
| 75 | } |
| 76 | //serial |
| 77 | if x5certSetVals.SerialNumber.Cmp(serial) != 0 { |
| 78 | t.Error("Serial number mismatch") |
| 79 | } |
| 80 | //subject |
| 81 | if x5certSetVals.Subject.CommonName != cnString { |
| 82 | t.Error("cn mismatch in subject: \n" + x5certSetVals.Subject.CommonName + "\n should be \n" + cnString) |
| 83 | } |
| 84 | |
| 85 | //dnsNames |
| 86 | if len(x5certSetVals.DNSNames) < 1 || x5certSetVals.DNSNames[0] != dnsName { |
| 87 | t.Error(fmt.Sprintf("dnsnames failed assignment: should be a length 1 string slice with the only "+ |
| 88 | "contents:\n%s\nbut is:\n%v", dnsName, x5certSetVals.DNSNames)) |
| 89 | } |
| 90 | |
| 91 | //times |
| 92 | expectYear, expectMonth, expectDay := notBefore.Date() |
| 93 | certYear, certMonth, certDay := x5certSetVals.NotBefore.Date() |
| 94 | if expectYear != certYear || expectMonth != certMonth || expectDay != certDay { |
| 95 | t.Error(fmt.Errorf( |
| 96 | "before date invalid:\nYear:%v (expected %v)\nMonth:%v (expected %v)\nDay:%v (expected %v)", |
| 97 | certYear, |
| 98 | expectYear, |
| 99 | certMonth, |
| 100 | expectMonth, |
nothing calls this directly
no test coverage detected