Fix sign ssh options tests.

2021-11-23 18:06:18 -08:00 · 2021-11-23 18:06:18 -08:00 · a33709ce8d
commit a33709ce8d
parent 1da7ea6646
2 changed files with 9 additions and 9 deletions
--- a/authority/provisioner/sign_ssh_options.go
+++ b/authority/provisioner/sign_ssh_options.go
@ -56,7 +56,7 @@ type SignSSHOptions struct {
 // Validate validates the given SignSSHOptions.
 func (o SignSSHOptions) Validate() error {
 	if o.CertType != "" && o.CertType != SSHUserCert && o.CertType != SSHHostCert {
-		return errs.BadRequest("unknown certificate type '%s'", o.CertType)
+		return errs.BadRequest("certType '%s' is not valid", o.CertType)
 	}
 	for _, p := range o.Principals {
 		if p == "" {
@ -359,7 +359,7 @@ func (v *sshCertValidityValidator) Valid(cert *ssh.Certificate, opts SignSSHOpti
 	case 0:
 		return errs.BadRequest("ssh certificate type has not been set")
 	default:
-		return errs.BadRequest("unknown ssh certificate type '%d'", cert.CertType)
+		return errs.BadRequest("ssh certificate has an unknown type '%d'", cert.CertType)
 	}

 	// To not take into account the backdate, time.Now() will be used to
--- a/authority/provisioner/sign_ssh_options_test.go
+++ b/authority/provisioner/sign_ssh_options_test.go
@ -49,14 +49,14 @@ func TestSSHOptions_Modify(t *testing.T) {
 			return test{
 				so:   SignSSHOptions{CertType: "foo"},
 				cert: new(ssh.Certificate),
-				err:  errors.Errorf("ssh certificate has an unknown type - foo"),
+				err:  errors.Errorf("ssh certificate has an unknown type 'foo'"),
 			}
 		},
 		"fail/validAfter-greater-validBefore": func() test {
 			return test{
 				so:   SignSSHOptions{CertType: "user"},
 				cert: &ssh.Certificate{ValidAfter: uint64(15), ValidBefore: uint64(10)},
-				err:  errors.Errorf("ssh certificate valid after cannot be greater than valid before"),
+				err:  errors.Errorf("ssh certificate validAfter cannot be greater than validBefore"),
 			}
 		},
 		"ok/user-cert": func() test {
@ -136,14 +136,14 @@ func TestSSHOptions_Match(t *testing.T) {
 			return test{
 				so:  SignSSHOptions{ValidAfter: NewTimeDuration(time.Now().Add(1 * time.Minute))},
 				cmp: SignSSHOptions{ValidAfter: NewTimeDuration(time.Now().Add(5 * time.Minute))},
-				err: errors.Errorf("ssh certificate valid after does not match"),
+				err: errors.Errorf("ssh certificate validAfter does not match"),
 			}
 		},
 		"fail/validBefore": func() test {
 			return test{
 				so:  SignSSHOptions{ValidBefore: NewTimeDuration(time.Now().Add(1 * time.Minute))},
 				cmp: SignSSHOptions{ValidBefore: NewTimeDuration(time.Now().Add(5 * time.Minute))},
-				err: errors.Errorf("ssh certificate valid before does not match"),
+				err: errors.Errorf("ssh certificate validBefore does not match"),
 			}
 		},
 		"ok/original-empty": func() test {
@ -394,7 +394,7 @@ func Test_sshDefaultExtensionModifier_Modify(t *testing.T) {
 			return test{
 				modifier: sshDefaultExtensionModifier{},
 				cert:     cert,
-				err:      errors.New("ssh certificate type has not been set or is invalid"),
+				err:      errors.New("ssh certificate has an unknown type '3'"),
 			}
 		},
 		"ok/host": func() test {
@ -518,7 +518,7 @@ func Test_sshCertDefaultValidator_Valid(t *testing.T) {
 			"fail/unexpected-cert-type",
 			// UserCert = 1, HostCert = 2
 			&ssh.Certificate{Nonce: []byte("foo"), Key: sshPub, CertType: 3, Serial: 1},
-			errors.New("ssh certificate has an unknown type: 3"),
+			errors.New("ssh certificate has an unknown type '3'"),
 		},
 		{
 			"fail/empty-cert-key-id",
@ -725,7 +725,7 @@ func Test_sshCertValidityValidator(t *testing.T) {
 				ValidBefore: uint64(now().Add(10 * time.Minute).Unix()),
 			},
 			SignSSHOptions{},
-			errors.New("unknown ssh certificate type 3"),
+			errors.New("ssh certificate has an unknown type '3'"),
 		},
 		{
 			"fail/duration<min",