update unit test

chenzhiwei · chenzhiwei · commit 20ab989a2480 · 2024-06-08T15:59:40.000+08:00
diff --git a/pkg/cert/common_test.go b/pkg/cert/common_test.go
@@ -5,6 +5,7 @@ import (
 	"crypto/x509/pkix"
 	"net"
 	"reflect"
+	"slices"
 	"testing"
 )
 
@@ -14,13 +15,15 @@ func TestNewCertInfo(t *testing.T) {
 		san      string
 		usage    string
 		extUsage string
+		isCA     bool
 		expect   *CertInfo
 	}{
 		{
 			subject:  "CN=root-ca/C=CN/ST=Beijing/L=Haidian/O=Root Inc",
 			san:      "localhost,127.0.0.1,1.1.1.1,china.com",
-			usage:    "cRLSign",
+			usage:    "cRLSign,keyCertSign,digitalSignature",
 			extUsage: "",
+			isCA:     true,
 			expect: &CertInfo{
 				Subject: &pkix.Name{
 					CommonName:   "root-ca",
@@ -31,15 +34,16 @@ func TestNewCertInfo(t *testing.T) {
 				},
 				DNSNames:    []string{"localhost", "china.com"},
 				IPAddrs:     []net.IP{net.IPv4(127, 0, 0, 1), net.IPv4(1, 1, 1, 1)},
-				KeyUsage:    x509.KeyUsageDigitalSignature | x509.KeyUsageKeyEncipherment | x509.KeyUsageCertSign | x509.KeyUsageCRLSign,
-				ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth, x509.ExtKeyUsageClientAuth},
+				KeyUsage:    x509.KeyUsageDigitalSignature | x509.KeyUsageCRLSign | x509.KeyUsageCertSign,
+				ExtKeyUsage: []x509.ExtKeyUsage{},
 			},
 		},
 		{
-			subject:  " CN= root-ca/ C =CN / ST = Beijing  / L= Haidian/ O = Root Inc  ",
-			san:      "DNS:localhost,IP: 127.0.0.1  , DNS: localhost,IP:1.1.1.1,  china.com, 127.0.0.1",
-			usage:    "cRLSign  , keyCertSign  ",
-			extUsage: " clientAuth  ,serverAuth  ",
+			subject:  "  CN  =  root-ca /C =CN  /ST  =   Beijing/L  =	Haidian/O=	Root Inc	",
+			san:      "localhost,127.0.0.1,1.1.1.1,china.com",
+			usage:    "cRLSign,keyCertSign,digitalSignature",
+			extUsage: "",
+			isCA:     true,
 			expect: &CertInfo{
 				Subject: &pkix.Name{
 					CommonName:   "root-ca",
@@ -50,65 +54,73 @@ func TestNewCertInfo(t *testing.T) {
 				},
 				DNSNames:    []string{"localhost", "china.com"},
 				IPAddrs:     []net.IP{net.IPv4(127, 0, 0, 1), net.IPv4(1, 1, 1, 1)},
-				KeyUsage:    x509.KeyUsageDigitalSignature | x509.KeyUsageKeyEncipherment | x509.KeyUsageCertSign | x509.KeyUsageCRLSign,
-				ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth, x509.ExtKeyUsageServerAuth},
+				KeyUsage:    x509.KeyUsageDigitalSignature | x509.KeyUsageCRLSign | x509.KeyUsageCertSign,
+				ExtKeyUsage: []x509.ExtKeyUsage{},
 			},
 		},
 		{
-			subject:  " CN= root-ca/ C = / ST = Beijing  / L= Haidian/ O = Root Inc /O=Union Inc ",
+			subject:  "CN=china/C=CN/ST=Beijing/L=Haidian/O=China Inc",
 			san:      "DNS:localhost,IP: 127.0.0.1  , DNS: localhost,IP:1.1.1.1,  china.com, 127.0.0.1",
-			usage:    "cRLSign  , keyCertSign  ",
+			usage:    "digitalSignature  , keyEncipherment  ",
 			extUsage: " clientAuth  ,serverAuth  ",
+			isCA:     false,
 			expect: &CertInfo{
 				Subject: &pkix.Name{
-					CommonName:   "root-ca",
+					CommonName:   "china",
+					Country:      []string{"CN"},
 					Province:     []string{"Beijing"},
 					Locality:     []string{"Haidian"},
-					Organization: []string{"Root Inc", "Union Inc"},
+					Organization: []string{"China Inc"},
 				},
 				DNSNames:    []string{"localhost", "china.com"},
 				IPAddrs:     []net.IP{net.IPv4(127, 0, 0, 1), net.IPv4(1, 1, 1, 1)},
-				KeyUsage:    x509.KeyUsageDigitalSignature | x509.KeyUsageKeyEncipherment | x509.KeyUsageCertSign | x509.KeyUsageCRLSign,
+				KeyUsage:    x509.KeyUsageDigitalSignature | x509.KeyUsageKeyEncipherment,
 				ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth, x509.ExtKeyUsageServerAuth},
 			},
 		},
 		{
-			subject:  " CN= Root-CA/ C = / ST = Beijing  / L= Haidian/ O = Root Inc /O=Union Inc ",
-			usage:    "cRLSign  , keyCertSign  ",
+			subject:  " CN= china/ C =CN / ST = Beijing  / L= Haidian/ O = China Inc  ",
+			san:      "DNS:localhost,IP: 127.0.0.1  , DNS: localhost,IP:1.1.1.1,  china.com, 127.0.0.1",
+			usage:    "digitalSignature  , keyEncipherment  ",
 			extUsage: " clientAuth  ,serverAuth  ",
+			isCA:     false,
 			expect: &CertInfo{
 				Subject: &pkix.Name{
-					CommonName:   "Root-CA",
+					CommonName:   "china",
+					Country:      []string{"CN"},
 					Province:     []string{"Beijing"},
 					Locality:     []string{"Haidian"},
-					Organization: []string{"Root Inc", "Union Inc"},
+					Organization: []string{"China Inc"},
 				},
-				DNSNames:    []string{"root-ca"},
-				KeyUsage:    x509.KeyUsageDigitalSignature | x509.KeyUsageKeyEncipherment | x509.KeyUsageCertSign | x509.KeyUsageCRLSign,
+				DNSNames:    []string{"localhost", "china.com"},
+				IPAddrs:     []net.IP{net.IPv4(127, 0, 0, 1), net.IPv4(1, 1, 1, 1)},
+				KeyUsage:    x509.KeyUsageDigitalSignature | x509.KeyUsageKeyEncipherment,
 				ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth, x509.ExtKeyUsageServerAuth},
 			},
 		},
 		{
-			subject:  " CN= 192.168.122.10/ C = / ST = Beijing  / L= Haidian/ O = Root Inc /O=Union Inc ",
-			usage:    "cRLSign  , keyCertSign  ",
+			subject:  " CN= Union/ C = / ST = Beijing  / L= Haidian/ O = Root Inc /O=Union Inc ",
+			san:      "192.168.122.10",
+			usage:    " , keyCertSign  ",
 			extUsage: " clientAuth  ,serverAuth  ",
+			isCA:     false,
 			expect: &CertInfo{
 				Subject: &pkix.Name{
-					CommonName:   "192.168.122.10",
+					CommonName:   "Union",
 					Province:     []string{"Beijing"},
 					Locality:     []string{"Haidian"},
 					Organization: []string{"Root Inc", "Union Inc"},
 				},
 				DNSNames:    nil, // either nil or remove this assignment
 				IPAddrs:     []net.IP{net.IPv4(192, 168, 122, 10)},
-				KeyUsage:    x509.KeyUsageDigitalSignature | x509.KeyUsageKeyEncipherment | x509.KeyUsageCertSign | x509.KeyUsageCRLSign,
+				KeyUsage:    x509.KeyUsageCertSign,
 				ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth, x509.ExtKeyUsageServerAuth},
 			},
 		},
 	}
 
 	for _, test := range tests {
-		certInfo, err := NewCertInfo(0, test.subject, test.san, test.usage, test.extUsage, true)
+		certInfo, err := NewCertInfo(0, test.subject, test.san, test.usage, test.extUsage, test.isCA)
 		if err != nil {
 			t.Errorf("something wrong")
 		}
@@ -129,7 +141,7 @@ func TestNewCertInfo(t *testing.T) {
 			t.Errorf("failed NewCertInfo.KeyUsage:\n\tactual: %v\n\texpect: %v\n", certInfo.KeyUsage, test.expect.KeyUsage)
 		}
 
-		if !reflect.DeepEqual(certInfo.ExtKeyUsage, test.expect.ExtKeyUsage) {
+		if !slices.Equal(certInfo.ExtKeyUsage, test.expect.ExtKeyUsage) {
 			t.Errorf("failed NewCertInfo.ExtKeyUsage:\n\tactual: %v\n\texpect: %v\n", certInfo.ExtKeyUsage, test.expect.ExtKeyUsage)
 		}
 	}
