-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathrequest_test.go
54 lines (42 loc) · 1.21 KB
/
request_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
// Copyright 2020 Canonical Ltd.
// Licensed under the AGPLv3, see LICENCE file for details.
package pki_test
import (
"crypto"
"crypto/x509"
"crypto/x509/pkix"
jc "github.com/juju/testing/checkers"
gc "gopkg.in/check.v1"
"github.com/juju/juju/pki"
)
type RequestSigner struct {
ca *x509.Certificate
signer crypto.Signer
}
var _ = gc.Suite(&RequestSigner{})
func (r *RequestSigner) SetUpTest(c *gc.C) {
signer, err := pki.DefaultKeyProfile()
c.Assert(err, jc.ErrorIsNil)
r.signer = signer
commonName := "juju-test-ca"
ca, err := pki.NewCA(commonName, r.signer)
c.Assert(err, jc.ErrorIsNil)
r.ca = ca
}
func (r *RequestSigner) TestDefaultRequestSigning(c *gc.C) {
requestSigner := pki.NewDefaultRequestSigner(r.ca, []*x509.Certificate{}, r.signer)
leafSigner, err := pki.DefaultKeyProfile()
c.Assert(err, jc.ErrorIsNil)
dnsNames := []string{"test.juju.is"}
leafCSR := x509.CertificateRequest{
DNSNames: dnsNames,
PublicKey: leafSigner.Public(),
Subject: pkix.Name{
CommonName: "test",
},
}
leafCert, _, err := requestSigner.SignCSR(&leafCSR)
c.Assert(err, jc.ErrorIsNil)
c.Assert(leafCert.DNSNames, gc.DeepEquals, dnsNames)
c.Assert(leafCert.Subject.CommonName, gc.Equals, "test")
}