forked from TrueCloudLab/certificates
Fix unit tests.
This commit is contained in:
parent
507a272b4d
commit
b9beab071d
3 changed files with 11 additions and 11 deletions
|
@ -77,12 +77,12 @@ func Test_defaultPublicKeyValidator_Valid(t *testing.T) {
|
||||||
{
|
{
|
||||||
"fail/unrecognized-key-type",
|
"fail/unrecognized-key-type",
|
||||||
&x509.CertificateRequest{PublicKey: "foo"},
|
&x509.CertificateRequest{PublicKey: "foo"},
|
||||||
errors.New("unrecognized public key of type 'string' in CSR"),
|
errors.New("certificate request key of type 'string' is not supported"),
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"fail/rsa/too-short",
|
"fail/rsa/too-short",
|
||||||
shortRSA,
|
shortRSA,
|
||||||
errors.New("rsa key in CSR must be at least 2048 bits (256 bytes)"),
|
errors.New("certificate request RSA key must be at least 2048 bits (256 bytes)"),
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"ok/rsa",
|
"ok/rsa",
|
||||||
|
@ -303,14 +303,14 @@ func Test_defaultSANsValidator_Valid(t *testing.T) {
|
||||||
return test{
|
return test{
|
||||||
csr: &x509.CertificateRequest{EmailAddresses: []string{"max@fx.com", "mariano@fx.com"}},
|
csr: &x509.CertificateRequest{EmailAddresses: []string{"max@fx.com", "mariano@fx.com"}},
|
||||||
expectedSANs: []string{"dcow@fx.com"},
|
expectedSANs: []string{"dcow@fx.com"},
|
||||||
err: errors.New("certificate request does not contain the valid Email Addresses"),
|
err: errors.New("certificate request does not contain the valid email addresses"),
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"fail/ipAddressesValidator": func() test {
|
"fail/ipAddressesValidator": func() test {
|
||||||
return test{
|
return test{
|
||||||
csr: &x509.CertificateRequest{IPAddresses: []net.IP{net.ParseIP("1.1.1.1"), net.ParseIP("127.0.0.1")}},
|
csr: &x509.CertificateRequest{IPAddresses: []net.IP{net.ParseIP("1.1.1.1"), net.ParseIP("127.0.0.1")}},
|
||||||
expectedSANs: []string{"127.0.0.1"},
|
expectedSANs: []string{"127.0.0.1"},
|
||||||
err: errors.New("IP Addresses claim failed"),
|
err: errors.New("certificate request does not contain the valid IP addresses"),
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"fail/urisValidator": func() test {
|
"fail/urisValidator": func() test {
|
||||||
|
@ -321,7 +321,7 @@ func Test_defaultSANsValidator_Valid(t *testing.T) {
|
||||||
return test{
|
return test{
|
||||||
csr: &x509.CertificateRequest{URIs: []*url.URL{u1, u2}},
|
csr: &x509.CertificateRequest{URIs: []*url.URL{u1, u2}},
|
||||||
expectedSANs: []string{"urn:uuid:ddfe62ba-7e99-4bc1-83b3-8f57fe3e9959"},
|
expectedSANs: []string{"urn:uuid:ddfe62ba-7e99-4bc1-83b3-8f57fe3e9959"},
|
||||||
err: errors.New("URIs claim failed"),
|
err: errors.New("certificate request does not contain the valid URIs"),
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"ok": func() test {
|
"ok": func() test {
|
||||||
|
@ -512,7 +512,7 @@ func Test_forceCN_Option(t *testing.T) {
|
||||||
Subject: pkix.Name{},
|
Subject: pkix.Name{},
|
||||||
DNSNames: []string{},
|
DNSNames: []string{},
|
||||||
},
|
},
|
||||||
err: errors.New("Cannot force CN, DNSNames is empty"),
|
err: errors.New("cannot force common name, DNS names is empty"),
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
|
@ -323,7 +323,7 @@ func TestAuthority_Sign(t *testing.T) {
|
||||||
extraOpts: extraOpts,
|
extraOpts: extraOpts,
|
||||||
signOpts: signOpts,
|
signOpts: signOpts,
|
||||||
err: errors.New("authority.Sign: certificate request does not contain the valid DNS names - got [test.smallstep.com smallstep test], want [test.smallstep.com]"),
|
err: errors.New("authority.Sign: certificate request does not contain the valid DNS names - got [test.smallstep.com smallstep test], want [test.smallstep.com]"),
|
||||||
code: http.StatusUnauthorized,
|
code: http.StatusBadRequest,
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"fail rsa key too short": func(t *testing.T) *signTest {
|
"fail rsa key too short": func(t *testing.T) *signTest {
|
||||||
|
@ -348,8 +348,8 @@ ZYtQ9Ot36qc=
|
||||||
csr: csr,
|
csr: csr,
|
||||||
extraOpts: extraOpts,
|
extraOpts: extraOpts,
|
||||||
signOpts: signOpts,
|
signOpts: signOpts,
|
||||||
err: errors.New("authority.Sign: rsa key in CSR must be at least 2048 bits (256 bytes)"),
|
err: errors.New("authority.Sign: certificate request RSA key must be at least 2048 bits (256 bytes)"),
|
||||||
code: http.StatusUnauthorized,
|
code: http.StatusForbidden,
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"fail store cert in db": func(t *testing.T) *signTest {
|
"fail store cert in db": func(t *testing.T) *signTest {
|
||||||
|
|
|
@ -200,8 +200,8 @@ ZEp7knvU2psWRw==
|
||||||
return &signTest{
|
return &signTest{
|
||||||
ca: ca,
|
ca: ca,
|
||||||
body: string(body),
|
body: string(body),
|
||||||
status: http.StatusUnauthorized,
|
status: http.StatusBadRequest,
|
||||||
errMsg: errs.UnauthorizedDefaultMsg,
|
errMsg: errs.BadRequestPrefix,
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"ok": func(t *testing.T) *signTest {
|
"ok": func(t *testing.T) *signTest {
|
||||||
|
|
Loading…
Reference in a new issue