+49
-6
lines changedFilter options
+49
-6
lines changed Original file line number Diff line number Diff line change
@@ -3,6 +3,7 @@ package gencert
3 3
import (
4 4
"io/ioutil"
5 5
"os"
6 +
"strings"
6 7
"testing"
7 8 8 9
"github.com/cloudflare/cfssl/cli"
@@ -215,3 +216,17 @@ func TestBadGencertMain(t *testing.T) {
215 216
}
216 217 217 218
}
219 + 220 +
func TestOidMain(t *testing.T) {
221 +
c := cli.Config{
222 +
CAFile: "../testdata/ca.pem",
223 +
CAKeyFile: "../testdata/ca-key.pem",
224 +
}
225 +
err := gencertMain([]string{"../testdata/bad_oid_csr.json"}, c)
226 +
if err == nil {
227 +
t.Fatal("Expected error")
228 +
}
229 +
if !strings.Contains(err.Error(), "invalid OID part abc") {
230 +
t.Fatalf("Unexpected error: %s", err.Error())
231 +
}
232 +
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
1 +
{
2 +
"hosts": [
3 +
"cloudflare.com",
4 +
"www.cloudflare.com"
5 +
],
6 +
"key": {
7 +
"algo": "rsa",
8 +
"size": 2048
9 +
},
10 +
"names": [
11 +
{
12 +
"C": "US",
13 +
"L": "San Francisco",
14 +
"O": "CloudFlare",
15 +
"OU": "Systems Engineering",
16 +
"ST": "California",
17 +
"OID": {
18 +
"abc": "abc"
19 +
}
20 +
}
21 +
]
22 +
}
Original file line number Diff line number Diff line change
@@ -13,7 +13,10 @@
13 13
"L": "San Francisco",
14 14
"O": "CloudFlare",
15 15
"OU": "Systems Engineering",
16 -
"ST": "California"
16 +
"ST": "California",
17 +
"OID": {
18 +
"1.2.3.4.5": "abc"
19 +
}
17 20
}
18 21
]
19 -
}
22 +
}
Original file line number Diff line number Diff line change
@@ -160,6 +160,7 @@ func appendIf(s string, a *[]string) {
160 160
}
161 161
}
162 162 163 +
// OIDFromString creates an ASN1 ObjectIdentifier from its string representation
163 164
func OIDFromString(s string) (asn1.ObjectIdentifier, error) {
164 165
var oid []int
165 166
parts := strings.Split(s, ".")
@@ -260,7 +261,6 @@ func ParseRequest(req *CertificateRequest) (csr, key []byte, err error) {
260 261
// from an existing certificate. For a root certificate, the CA expiry
261 262
// length is calculated as the duration between cert.NotAfter and cert.NotBefore.
262 263
func ExtractCertificateRequest(cert *x509.Certificate) *CertificateRequest {
263 -
fmt.Printf("ExctractCertificateRequest %+v\n", *cert)
264 264
req := New()
265 265
req.CN = cert.Subject.CommonName
266 266
req.Names = getNames(cert.Subject)
@@ -72,7 +72,10 @@ func TestPKIXName(t *testing.T) {
72 72
KeyRequest: NewKeyRequest(),
73 73
}
74 74 75 -
name := cr.Name()
75 +
name, err := cr.Name()
76 +
if err != nil {
77 +
t.Fatalf("Error getting name: %s", err.Error())
78 +
}
76 79
if len(name.Country) != 2 {
77 80
t.Fatal("Expected two countries in SubjInfo.")
78 81
} else if len(name.Province) != 2 {
@@ -113,7 +116,7 @@ func TestParseRequest(t *testing.T) {
113 116
KeyRequest: NewKeyRequest(),
114 117
Extensions: []pkix.Extension{
115 118
pkix.Extension{
116 -
Id: asn1.ObjectIdentifier{1, 2, 3, 4, 5},
119 +
Id: asn1.ObjectIdentifier{1, 2, 3, 4, 5},
117 120
Value: []byte("AgEB"),
118 121
},
119 122
},
@@ -123,7 +126,7 @@ func TestParseRequest(t *testing.T) {
123 126
if err != nil {
124 127
t.Fatalf("%v", err)
125 128
}
126 - 129 + 127 130
block, _ := pem.Decode(csrBytes)
128 131
if block == nil {
129 132
t.Fatalf("%v", err)
You can’t perform that action at this time.
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4