forked from TrueCloudLab/certificates
Add tests for sans()
This commit is contained in:
parent
64c15fde7e
commit
a6d33b7d06
1 changed files with 147 additions and 40 deletions
|
@ -1284,54 +1284,161 @@ func Test_canonicalize(t *testing.T) {
|
||||||
|
|
||||||
func TestOrder_sans(t *testing.T) {
|
func TestOrder_sans(t *testing.T) {
|
||||||
type fields struct {
|
type fields struct {
|
||||||
ID string
|
Identifiers []Identifier
|
||||||
AccountID string
|
|
||||||
ProvisionerID string
|
|
||||||
Status Status
|
|
||||||
ExpiresAt time.Time
|
|
||||||
Identifiers []Identifier
|
|
||||||
NotBefore time.Time
|
|
||||||
NotAfter time.Time
|
|
||||||
Error *Error
|
|
||||||
AuthorizationIDs []string
|
|
||||||
AuthorizationURLs []string
|
|
||||||
FinalizeURL string
|
|
||||||
CertificateID string
|
|
||||||
CertificateURL string
|
|
||||||
}
|
|
||||||
type args struct {
|
|
||||||
csr *x509.CertificateRequest
|
|
||||||
}
|
}
|
||||||
tests := []struct {
|
tests := []struct {
|
||||||
name string
|
name string
|
||||||
fields fields
|
fields fields
|
||||||
args args
|
csr *x509.CertificateRequest
|
||||||
want []x509util.SubjectAlternativeName
|
want []x509util.SubjectAlternativeName
|
||||||
wantErr bool
|
err error
|
||||||
}{
|
}{
|
||||||
// TODO: Add test cases.
|
{
|
||||||
|
name: "ok/dns",
|
||||||
|
fields: fields{
|
||||||
|
Identifiers: []Identifier{
|
||||||
|
{Type: "dns", Value: "example.com"},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
csr: &x509.CertificateRequest{
|
||||||
|
Subject: pkix.Name{
|
||||||
|
CommonName: "example.com",
|
||||||
|
},
|
||||||
|
},
|
||||||
|
want: []x509util.SubjectAlternativeName{
|
||||||
|
{Type: "dns", Value: "example.com"},
|
||||||
|
},
|
||||||
|
err: nil,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "fail/error-names-length-mismatch",
|
||||||
|
fields: fields{
|
||||||
|
Identifiers: []Identifier{
|
||||||
|
{Type: "dns", Value: "foo.internal"},
|
||||||
|
{Type: "dns", Value: "bar.internal"},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
csr: &x509.CertificateRequest{
|
||||||
|
Subject: pkix.Name{
|
||||||
|
CommonName: "foo.internal",
|
||||||
|
},
|
||||||
|
},
|
||||||
|
want: []x509util.SubjectAlternativeName{},
|
||||||
|
err: NewError(ErrorBadCSRType, "..."),
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "fail/error-names-mismatch",
|
||||||
|
fields: fields{
|
||||||
|
Identifiers: []Identifier{
|
||||||
|
{Type: "dns", Value: "foo.internal"},
|
||||||
|
{Type: "dns", Value: "bar.internal"},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
csr: &x509.CertificateRequest{
|
||||||
|
Subject: pkix.Name{
|
||||||
|
CommonName: "foo.internal",
|
||||||
|
},
|
||||||
|
DNSNames: []string{"zap.internal"},
|
||||||
|
},
|
||||||
|
want: []x509util.SubjectAlternativeName{},
|
||||||
|
err: NewError(ErrorBadCSRType, "..."),
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "ok/ipv4",
|
||||||
|
fields: fields{
|
||||||
|
Identifiers: []Identifier{
|
||||||
|
{Type: "ip", Value: "192.168.43.42"},
|
||||||
|
{Type: "ip", Value: "192.168.42.42"},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
csr: &x509.CertificateRequest{
|
||||||
|
IPAddresses: []net.IP{net.ParseIP("192.168.43.42"), net.ParseIP("192.168.42.42")},
|
||||||
|
},
|
||||||
|
want: []x509util.SubjectAlternativeName{
|
||||||
|
{Type: "ip", Value: "192.168.42.42"},
|
||||||
|
{Type: "ip", Value: "192.168.43.42"},
|
||||||
|
},
|
||||||
|
err: nil,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "fail/error-ips-length-mismatch",
|
||||||
|
fields: fields{
|
||||||
|
Identifiers: []Identifier{
|
||||||
|
{Type: "ip", Value: "192.168.42.42"},
|
||||||
|
{Type: "ip", Value: "192.168.43.42"},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
csr: &x509.CertificateRequest{
|
||||||
|
IPAddresses: []net.IP{net.ParseIP("192.168.42.42")},
|
||||||
|
},
|
||||||
|
want: []x509util.SubjectAlternativeName{},
|
||||||
|
err: NewError(ErrorBadCSRType, "..."),
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "fail/error-ips-mismatch",
|
||||||
|
fields: fields{
|
||||||
|
Identifiers: []Identifier{
|
||||||
|
{Type: "ip", Value: "192.168.42.42"},
|
||||||
|
{Type: "ip", Value: "192.168.43.42"},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
csr: &x509.CertificateRequest{
|
||||||
|
IPAddresses: []net.IP{net.ParseIP("192.168.42.42"), net.ParseIP("192.168.42.32")},
|
||||||
|
},
|
||||||
|
want: []x509util.SubjectAlternativeName{},
|
||||||
|
err: NewError(ErrorBadCSRType, "..."),
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "ok/mixed",
|
||||||
|
fields: fields{
|
||||||
|
Identifiers: []Identifier{
|
||||||
|
{Type: "dns", Value: "foo.internal"},
|
||||||
|
{Type: "dns", Value: "bar.internal"},
|
||||||
|
{Type: "ip", Value: "192.168.43.42"},
|
||||||
|
{Type: "ip", Value: "192.168.42.42"},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
csr: &x509.CertificateRequest{
|
||||||
|
Subject: pkix.Name{
|
||||||
|
CommonName: "bar.internal",
|
||||||
|
},
|
||||||
|
DNSNames: []string{"foo.internal"},
|
||||||
|
IPAddresses: []net.IP{net.ParseIP("192.168.43.42"), net.ParseIP("192.168.42.42")},
|
||||||
|
},
|
||||||
|
want: []x509util.SubjectAlternativeName{
|
||||||
|
{Type: "dns", Value: "bar.internal"},
|
||||||
|
{Type: "dns", Value: "foo.internal"},
|
||||||
|
{Type: "ip", Value: "192.168.42.42"},
|
||||||
|
{Type: "ip", Value: "192.168.43.42"},
|
||||||
|
},
|
||||||
|
err: nil,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "fail/unsupported-identifier-type",
|
||||||
|
fields: fields{
|
||||||
|
Identifiers: []Identifier{
|
||||||
|
{Type: "ipv4", Value: "192.168.42.42"},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
csr: &x509.CertificateRequest{
|
||||||
|
IPAddresses: []net.IP{net.ParseIP("192.168.42.42")},
|
||||||
|
},
|
||||||
|
want: []x509util.SubjectAlternativeName{},
|
||||||
|
err: NewError(ErrorServerInternalType, "..."),
|
||||||
|
},
|
||||||
}
|
}
|
||||||
for _, tt := range tests {
|
for _, tt := range tests {
|
||||||
t.Run(tt.name, func(t *testing.T) {
|
t.Run(tt.name, func(t *testing.T) {
|
||||||
o := &Order{
|
o := &Order{
|
||||||
ID: tt.fields.ID,
|
Identifiers: tt.fields.Identifiers,
|
||||||
AccountID: tt.fields.AccountID,
|
|
||||||
ProvisionerID: tt.fields.ProvisionerID,
|
|
||||||
Status: tt.fields.Status,
|
|
||||||
ExpiresAt: tt.fields.ExpiresAt,
|
|
||||||
Identifiers: tt.fields.Identifiers,
|
|
||||||
NotBefore: tt.fields.NotBefore,
|
|
||||||
NotAfter: tt.fields.NotAfter,
|
|
||||||
Error: tt.fields.Error,
|
|
||||||
AuthorizationIDs: tt.fields.AuthorizationIDs,
|
|
||||||
AuthorizationURLs: tt.fields.AuthorizationURLs,
|
|
||||||
FinalizeURL: tt.fields.FinalizeURL,
|
|
||||||
CertificateID: tt.fields.CertificateID,
|
|
||||||
CertificateURL: tt.fields.CertificateURL,
|
|
||||||
}
|
}
|
||||||
got, err := o.sans(tt.args.csr)
|
canonicalizedCSR := canonicalize(tt.csr)
|
||||||
if (err != nil) != tt.wantErr {
|
got, err := o.sans(canonicalizedCSR)
|
||||||
t.Errorf("Order.sans() error = %v, wantErr %v", err, tt.wantErr)
|
if err != nil && tt.err != nil {
|
||||||
|
if tt.err.Error() != err.Error() {
|
||||||
|
t.Errorf("Order.sans() error = %v, wantErr %v", err, tt.err)
|
||||||
|
return
|
||||||
|
}
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
if !reflect.DeepEqual(got, tt.want) {
|
if !reflect.DeepEqual(got, tt.want) {
|
||||||
|
|
Loading…
Reference in a new issue