generateTestCertAndKey generates a self-signed certificate and key for testing
(t *testing.T)
| 211 | |
| 212 | // generateTestCertAndKey generates a self-signed certificate and key for testing |
| 213 | func generateTestCertAndKey(t *testing.T) (certPEM, keyPEM []byte) { |
| 214 | t.Helper() |
| 215 | |
| 216 | // Generate a new ECDSA private key |
| 217 | privateKey, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader) |
| 218 | require.NoError(t, err) |
| 219 | |
| 220 | // Create a certificate template |
| 221 | template := x509.Certificate{ |
| 222 | SerialNumber: big.NewInt(1), |
| 223 | Subject: pkix.Name{ |
| 224 | Organization: []string{"Task Org"}, |
| 225 | }, |
| 226 | NotBefore: time.Now(), |
| 227 | NotAfter: time.Now().Add(time.Hour), |
| 228 | KeyUsage: x509.KeyUsageDigitalSignature, |
| 229 | ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth}, |
| 230 | BasicConstraintsValid: true, |
| 231 | } |
| 232 | |
| 233 | // Create the certificate |
| 234 | certDER, err := x509.CreateCertificate(rand.Reader, &template, &template, &privateKey.PublicKey, privateKey) |
| 235 | require.NoError(t, err) |
| 236 | |
| 237 | // Encode certificate to PEM |
| 238 | certPEM = pem.EncodeToMemory(&pem.Block{ |
| 239 | Type: "CERTIFICATE", |
| 240 | Bytes: certDER, |
| 241 | }) |
| 242 | |
| 243 | // Encode private key to PEM |
| 244 | keyDER, err := x509.MarshalECPrivateKey(privateKey) |
| 245 | require.NoError(t, err) |
| 246 | keyPEM = pem.EncodeToMemory(&pem.Block{ |
| 247 | Type: "EC PRIVATE KEY", |
| 248 | Bytes: keyDER, |
| 249 | }) |
| 250 | |
| 251 | return certPEM, keyPEM |
| 252 | } |
| 253 | |
| 254 | // generateTestCACert generates a self-signed CA certificate for testing |
| 255 | func generateTestCACert(t *testing.T) []byte { |
no outgoing calls
no test coverage detected
searching dependent graphs…