コード例 #1
0
func TestLoadSigner(t *testing.T) {
	lca := &CA{}
	certPEM, csrPEM, keyPEM, err := initca.New(ExampleRequest())
	assert.NoErrorT(t, err)

	_, err = lca.CACertificate()
	assert.ErrorEqT(t, errNotSetup, err)

	_, err = lca.SignCSR(csrPEM)
	assert.ErrorEqT(t, errNotSetup, err)

	lca.KeyFile, err = tempName()
	assert.NoErrorT(t, err)
	defer os.Remove(lca.KeyFile)

	lca.CertFile, err = tempName()
	assert.NoErrorT(t, err)
	defer os.Remove(lca.CertFile)

	err = ioutil.WriteFile(lca.KeyFile, keyPEM, 0644)
	assert.NoErrorT(t, err)

	err = ioutil.WriteFile(lca.CertFile, certPEM, 0644)
	assert.NoErrorT(t, err)

	err = Load(lca, ExampleSigningConfig())
	assert.NoErrorT(t, err)
}
コード例 #2
0
func TestNewSigner(t *testing.T) {
	req := ExampleRequest()
	lca, err := New(req, ExampleSigningConfig())
	assert.NoErrorT(t, err)

	csrPEM, _, err := csr.ParseRequest(testRequest)
	assert.NoErrorT(t, err)

	certPEM, err := lca.SignCSR(csrPEM)
	assert.NoErrorT(t, err)

	_, err = helpers.ParseCertificatePEM(certPEM)
	assert.NoErrorT(t, err)

	certPEM, err = lca.CACertificate()
	assert.NoErrorT(t, err)

	cert, err := helpers.ParseCertificatePEM(certPEM)
	assert.NoErrorT(t, err)

	assert.BoolT(t, cert.Subject.CommonName == req.CN,
		"common names don't match")

	lca.Toggle()
	_, err = lca.SignCSR(csrPEM)
	assert.ErrorEqT(t, errDisabled, err)
	lca.Toggle()

	_, err = lca.SignCSR(certPEM)
	assert.ErrorT(t, err, "shouldn't be able to sign non-CSRs")

	p := &pem.Block{
		Type:  "CERTIFICATE REQUEST",
		Bytes: []byte(`¯\_(ツ)_/¯`),
	}
	junkCSR := pem.EncodeToMemory(p)

	_, err = lca.SignCSR(junkCSR)
	assert.ErrorT(t, err, "signing a junk CSR should fail")
	t.Logf("error: %s", err)
}