Change api of functions Authority.Sign, Authority.Renew

Returns certificate chain instead of 2 members. Implements #126
2019-10-09 21:57:12 +02:00 · 2019-10-09 21:57:12 +02:00 · bc6074f596
commit bc6074f596
parent e2858e17b0
10 changed files with 109 additions and 61 deletions
--- a/authority/tls_test.go
+++ b/authority/tls_test.go
@ -276,7 +276,7 @@ ttnEF4Rq8zqzr4fbv+AF451Mx36AkfgZr9XWGzxidrH+fBCNWXWNR+ymhrL6UFTG
 		t.Run(name, func(t *testing.T) {
 			tc := genTestCase(t)

-			leaf, intermediate, err := tc.auth.Sign(tc.csr, tc.signOpts, tc.extraOpts...)
+			certChain, err := tc.auth.Sign(tc.csr, tc.signOpts, tc.extraOpts...)
 			if err != nil {
 				if assert.NotNil(t, tc.err) {
 					switch v := err.(type) {
@ -289,6 +289,8 @@ ttnEF4Rq8zqzr4fbv+AF451Mx36AkfgZr9XWGzxidrH+fBCNWXWNR+ymhrL6UFTG
 					}
 				}
 			} else {
+				leaf := certChain[0]
+				intermediate := certChain[1]
 				if assert.Nil(t, tc.err) {
 					assert.Equals(t, leaf.NotBefore, signOpts.NotBefore.Time().Truncate(time.Second))
 					assert.Equals(t, leaf.NotAfter, signOpts.NotAfter.Time().Truncate(time.Second))
@ -453,11 +455,11 @@ func TestRenew(t *testing.T) {
 			tc, err := genTestCase()
 			assert.FatalError(t, err)

-			var leaf, intermediate *x509.Certificate
+			var certChain []*x509.Certificate
 			if tc.auth != nil {
-				leaf, intermediate, err = tc.auth.Renew(tc.crt)
+				certChain, err = tc.auth.Renew(tc.crt)
 			} else {
-				leaf, intermediate, err = a.Renew(tc.crt)
+				certChain, err = a.Renew(tc.crt)
 			}
 			if err != nil {
 				if assert.NotNil(t, tc.err) {
@ -471,6 +473,8 @@ func TestRenew(t *testing.T) {
 					}
 				}
 			} else {
+				leaf := certChain[0]
+				intermediate := certChain[1]
 				if assert.Nil(t, tc.err) {
 					assert.Equals(t, leaf.NotAfter.Sub(leaf.NotBefore), tc.crt.NotAfter.Sub(crt.NotBefore))