зеркало из https://github.com/github/smimesign.git
131 строка
2.5 KiB
Go
131 строка
2.5 KiB
Go
package certstore
|
|
|
|
import (
|
|
"crypto/ecdsa"
|
|
"crypto/elliptic"
|
|
"crypto/rand"
|
|
"crypto/rsa"
|
|
"crypto/x509"
|
|
"crypto/x509/pkix"
|
|
"testing"
|
|
|
|
"github.com/github/smimesign/fakeca"
|
|
)
|
|
|
|
var (
|
|
root = fakeca.New(fakeca.IsCA, fakeca.Subject(pkix.Name{
|
|
Organization: []string{"certstore"},
|
|
CommonName: "root",
|
|
}))
|
|
|
|
intermediate = root.Issue(fakeca.IsCA, fakeca.Subject(pkix.Name{
|
|
Organization: []string{"certstore"},
|
|
CommonName: "intermediate",
|
|
}))
|
|
|
|
leafKeyRSA, _ = rsa.GenerateKey(rand.Reader, 2048)
|
|
leafRSA = intermediate.Issue(fakeca.PrivateKey(leafKeyRSA), fakeca.Subject(pkix.Name{
|
|
Organization: []string{"certstore"},
|
|
CommonName: "leaf-rsa",
|
|
}))
|
|
|
|
leafKeyEC, _ = ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
|
|
leafEC = intermediate.Issue(fakeca.PrivateKey(leafKeyEC), fakeca.Subject(pkix.Name{
|
|
Organization: []string{"certstore"},
|
|
CommonName: "leaf-ec",
|
|
}))
|
|
)
|
|
|
|
func init() {
|
|
// delete any fixtures from a previous test run.
|
|
clearFixtures()
|
|
}
|
|
|
|
func withStore(t *testing.T, cb func(Store)) {
|
|
store, err := Open()
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
defer store.Close()
|
|
|
|
cb(store)
|
|
}
|
|
|
|
func withIdentity(t *testing.T, i *fakeca.Identity, cb func(Identity)) {
|
|
withStore(t, func(store Store) {
|
|
// Import an identity
|
|
if err := store.Import(i.PFX("asdf"), "asdf"); err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
|
|
// Look for our imported identity
|
|
idents, err := store.Identities()
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
for _, ident := range idents {
|
|
defer ident.Close()
|
|
}
|
|
|
|
var found Identity
|
|
for _, ident := range idents {
|
|
crt, err := ident.Certificate()
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
|
|
if i.Certificate.Equal(crt) {
|
|
if found != nil {
|
|
t.Fatal("duplicate identity imported")
|
|
}
|
|
found = ident
|
|
}
|
|
}
|
|
if found == nil {
|
|
t.Fatal("imported identity not found")
|
|
}
|
|
|
|
// Clean up after ourselves.
|
|
defer func(f Identity) {
|
|
if err := f.Delete(); err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
}(found)
|
|
|
|
cb(found)
|
|
})
|
|
}
|
|
|
|
func clearFixtures() {
|
|
store, err := Open()
|
|
if err != nil {
|
|
panic(err)
|
|
}
|
|
defer store.Close()
|
|
|
|
idents, err := store.Identities()
|
|
if err != nil {
|
|
panic(err)
|
|
}
|
|
for _, ident := range idents {
|
|
defer ident.Close()
|
|
}
|
|
|
|
for _, ident := range idents {
|
|
crt, err := ident.Certificate()
|
|
if err != nil {
|
|
panic(err)
|
|
}
|
|
|
|
if isFixture(crt) {
|
|
if err := ident.Delete(); err != nil {
|
|
panic(err)
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
func isFixture(crt *x509.Certificate) bool {
|
|
return len(crt.Subject.Organization) == 1 && crt.Subject.Organization[0] == "certstore"
|
|
}
|