Fix unit tests.

authority/tls_test.go

@@ -17,6 +17,8 @@ import (
 	"testing"
 	"time"
 
+	"github.com/smallstep/certificates/cas/softcas"
+
 	"github.com/pkg/errors"
 	"github.com/smallstep/assert"
 	"github.com/smallstep/certificates/authority/provisioner"
@@ -277,7 +279,7 @@ func TestAuthority_Sign(t *testing.T) {
 		},
 		"fail create cert": func(t *testing.T) *signTest {
 			_a := testAuthority(t)
-			_a.x509Signer = nil
+			_a.x509CAService.(*softcas.SoftCAS).Signer = nil
 			csr := getCSR(t, priv)
 			return &signTest{
 				auth:      _a,
@@ -635,7 +637,7 @@ func TestAuthority_Renew(t *testing.T) {
 	tests := map[string]func() (*renewTest, error){
 		"fail/create-cert": func() (*renewTest, error) {
 			_a := testAuthority(t)
-			_a.x509Signer = nil
+			_a.x509CAService.(*softcas.SoftCAS).Signer = nil
 			return &renewTest{
 				auth: _a,
 				cert: cert,
@@ -661,6 +663,8 @@ func TestAuthority_Renew(t *testing.T) {
 			intCert, intSigner := generateIntermidiateCertificate(t, rootCert, rootSigner)
 
 			_a := testAuthority(t)
+			_a.x509CAService.(*softcas.SoftCAS).Issuer = intCert
+			_a.x509CAService.(*softcas.SoftCAS).Signer = intSigner
 			_a.x509Signer = intSigner
 			_a.x509Issuer = intCert
 			return &renewTest{
@@ -831,7 +835,7 @@ func TestAuthority_Rekey(t *testing.T) {
 	tests := map[string]func() (*renewTest, error){
 		"fail/create-cert": func() (*renewTest, error) {
 			_a := testAuthority(t)
-			_a.x509Signer = nil
+			_a.x509CAService.(*softcas.SoftCAS).Signer = nil
 			return &renewTest{
 				auth: _a,
 				cert: cert,
@@ -864,6 +868,8 @@ func TestAuthority_Rekey(t *testing.T) {
 			intCert, intSigner := generateIntermidiateCertificate(t, rootCert, rootSigner)
 
 			_a := testAuthority(t)
+			_a.x509CAService.(*softcas.SoftCAS).Issuer = intCert
+			_a.x509CAService.(*softcas.SoftCAS).Signer = intSigner
 			_a.x509Signer = intSigner
 			_a.x509Issuer = intCert
 			return &renewTest{
@@ -1107,6 +1113,9 @@ func TestAuthority_Revoke(t *testing.T) {
 				MUseToken: func(id, tok string) (bool, error) {
 					return true, nil
 				},
+				MGetCertificate: func(sn string) (*x509.Certificate, error) {
+					return nil, nil
+				},
 				Err: errors.New("force"),
 			}))
 
@@ -1143,6 +1152,9 @@ func TestAuthority_Revoke(t *testing.T) {
 				MUseToken: func(id, tok string) (bool, error) {
 					return true, nil
 				},
+				MGetCertificate: func(sn string) (*x509.Certificate, error) {
+					return nil, nil
+				},
 				Err: db.ErrAlreadyExists,
 			}))
 
@@ -1179,6 +1191,9 @@ func TestAuthority_Revoke(t *testing.T) {
 				MUseToken: func(id, tok string) (bool, error) {
 					return true, nil
 				},
+				MGetCertificate: func(sn string) (*x509.Certificate, error) {
+					return nil, errors.New("not found")
+				},
 			}))
 
 			cl := jwt.Claims{

cas/softcas/softcas.go

@@ -5,7 +5,6 @@ import (
 	"crypto"
 	"crypto/x509"
 	"errors"
-	"fmt"
 	"time"
 
 	"github.com/smallstep/certificates/cas/apiv1"
@@ -54,8 +53,12 @@ func (c *SoftCAS) CreateCertificate(req *apiv1.CreateCertificateRequest) (*apiv1
 	}
 
 	t := now()
+	if req.Template.NotBefore.IsZero() {
 		req.Template.NotBefore = t.Add(-1 * req.Backdate)
+	}
+	if req.Template.NotAfter.IsZero() {
 		req.Template.NotAfter = t.Add(req.Lifetime)
+	}
 	req.Template.Issuer = c.Issuer.Subject
 
 	cert, err := x509util.CreateCertificate(req.Template, c.Issuer, req.Template.PublicKey, c.Signer)
@@ -98,7 +101,14 @@ func (c *SoftCAS) RenewCertificate(req *apiv1.RenewCertificateRequest) (*apiv1.R
 	}, nil
 }
 
-// RevokeCertificate revokes the given certificate in step-ca.
+// RevokeCertificate revokes the given certificate in step-ca. In SoftCAS this
+// operation is a no-op as the actual revoke will happen when we store the entry
+// in the db.
 func (c *SoftCAS) RevokeCertificate(req *apiv1.RevokeCertificateRequest) (*apiv1.RevokeCertificateResponse, error) {
-	return nil, fmt.Errorf("not implemented")
+	return &apiv1.RevokeCertificateResponse{
+		Certificate: req.Certificate,
+		CertificateChain: []*x509.Certificate{
+			c.Issuer,
+		},
+	}, nil
 }