test: ✅ add test to check if cert chain is not included if set to false

dergecko · dergecko · commit 0393c0f8668a · 2024-12-15T09:19:22.000+01:00
diff --git a/test-certs/src/configuration/certificates.rs b/test-certs/src/configuration/certificates.rs
@@ -122,19 +122,25 @@ impl CertificateType {
 }
 
 impl ServerConfiguration {
-    fn default_export_key() -> bool {
+    /// Default value for the export_key property.
+    pub fn default_export_key() -> bool {
         true
     }
-    fn default_include_certificate_chain() -> bool {
+
+    /// Default value for the include_certificate_chain property.
+    pub fn default_include_certificate_chain() -> bool {
         true
     }
 }
 
 impl ClientConfiguration {
-    fn default_export_key() -> bool {
+    /// Default value for the export_key property.
+    pub fn default_export_key() -> bool {
         true
     }
-    fn default_include_certificate_chain() -> bool {
+
+    /// Default value for the include_certificate_chain property.
+    pub fn default_include_certificate_chain() -> bool {
         true
     }
 }
diff --git a/test-certs/src/generation.rs b/test-certs/src/generation.rs
@@ -164,6 +164,8 @@ fn certificate_params(
 
 #[cfg(test)]
 mod tests {
+    use std::net::{IpAddr, Ipv4Addr};
+
     use crate::configuration::certificates::fixtures::{
         ca_certificate_type, client_certificate_type, server_certificate_type,
     };
@@ -205,5 +207,21 @@ mod tests {
         assert_eq!(parent, ca_cert);
     }
 
+    #[test]
+    fn should_not_include_certificate_chain() {
+        let ca = ca_certificate_type();
+        let ca_cert = Issuer::new(ca.build("my-ca", None).unwrap());
+        let client = CertificateType::Client(ClientConfiguration {
+            subject_alternative_names: SubjectAlternativeNames {
+                ip: vec![IpAddr::V4(Ipv4Addr::LOCALHOST)],
+                dns_name: vec!["my-client.org".to_string()],
+            },
+            include_certificate_chain: false,
+            export_key: ClientConfiguration::default_export_key(),
+        });
+        let client_cert = client.build("client", Some(&ca_cert)).unwrap();
+        assert!(client_cert.issuer.is_none());
+    }
+
     // TODO: write test to check wether client/server certs are really issued by a ca
 }

Original file line number	Diff line number	Diff line change
`@@ -122,19 +122,25 @@ impl CertificateType {`
`122`	`122`	`}`
`123`	`123`
`124`	`124`	`impl ServerConfiguration {`
`125`		`- fn default_export_key() -> bool {`
	`125`	`+ /// Default value for the export_key property.`
	`126`	`+ pub fn default_export_key() -> bool {`
`126`	`127`	`true`
`127`	`128`	`}`
`128`		`- fn default_include_certificate_chain() -> bool {`
	`129`	`+`
	`130`	`+ /// Default value for the include_certificate_chain property.`
	`131`	`+ pub fn default_include_certificate_chain() -> bool {`
`129`	`132`	`true`
`130`	`133`	`}`
`131`	`134`	`}`
`132`	`135`
`133`	`136`	`impl ClientConfiguration {`
`134`		`- fn default_export_key() -> bool {`
	`137`	`+ /// Default value for the export_key property.`
	`138`	`+ pub fn default_export_key() -> bool {`
`135`	`139`	`true`
`136`	`140`	`}`
`137`		`- fn default_include_certificate_chain() -> bool {`
	`141`	`+`
	`142`	`+ /// Default value for the include_certificate_chain property.`
	`143`	`+ pub fn default_include_certificate_chain() -> bool {`
`138`	`144`	`true`
`139`	`145`	`}`
`140`	`146`	`}`