weiguoqiang/cert-manager
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

add new testcase that generates a non-critical SAN extension to the GenerateCSR tests

Browse Source 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
This commit is contained in:
Tim Ramlot 2024-02-07 09:39:36 +01:00
parent 895c10c303
commit ed80c5be90
No known key found for this signature in database
GPG Key ID: 47428728E0C2878D
1 changed files with 27 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
pkg/util/pki/csr_test.go
View File

@ -435,6 +435,33 @@ func TestGenerateCSR(t *testing.T) {
RawSubject: subjectGenerator(t, pkix.Name{}), RawSubject: subjectGenerator(t, pkix.Name{}),
}, },
}, },
{
name: "Generate CSR from certificate with subject and DNS",
crt: &cmapi.Certificate{Spec: cmapi.CertificateSpec{
Subject: &cmapi.X509Subject{Organizations: []string{"example inc."}},
DNSNames: []string{"example.org"},
}},
want: &x509.CertificateRequest{
Version: 0,
SignatureAlgorithm: x509.SHA256WithRSA,
PublicKeyAlgorithm: x509.RSA,
ExtraExtensions: []pkix.Extension{
sansGenerator(
t,
[]asn1.RawValue{
{Tag: nameTypeDNSName, Class: 2, Bytes: []byte("example.org")},
},
false, // SAN is NOT critical as the Subject is not empty
),
{
Id: OIDExtensionKeyUsage,
Value: asn1DefaultKeyUsage,
Critical: true,
},
},
RawSubject: subjectGenerator(t, pkix.Name{Organization: []string{"example inc."}}),
},
},
{ {
name: "Generate CSR from certificate with only CN", name: "Generate CSR from certificate with only CN",
crt: &cmapi.Certificate{Spec: cmapi.CertificateSpec{CommonName: "example.org"}}, crt: &cmapi.Certificate{Spec: cmapi.CertificateSpec{CommonName: "example.org"}},