add more test

Author: nothinux

certify.go

@@ -15,6 +15,7 @@ import (
 	"time"
 )
 
+// Certificate hold certificate information
 type Certificate struct {
 	Subject          pkix.Name
 	NotBefore        time.Time
@@ -27,6 +28,7 @@ type Certificate struct {
 	ExtentedKeyUsage []x509.ExtKeyUsage
 }
 
+// Result hold created certificate in []byte format
 type Result struct {
 	Certificate []byte
 }
@@ -110,6 +112,7 @@ func ParseCertificate(cert []byte) (*x509.Certificate, error) {
 	return c, nil
 }
 
+// CertInfo returns certificate information
 func CertInfo(cert *x509.Certificate) string {
 	var buf bytes.Buffer
 
@@ -163,7 +166,7 @@ func CertInfo(cert *x509.Certificate) string {
 		}
 	}
 
-	buf.WriteString(fmt.Sprintf("%8sSignature Algorithm: %v\n", "", cert.SignatureAlgorithm))
+	buf.WriteString(fmt.Sprintf("%4sSignature Algorithm: %v\n", "", cert.SignatureAlgorithm))
 
 	return buf.String()
 }

cmd/certify/testdata/ca-cert.pem

@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE-----
+MIIBmDCCAT2gAwIBAgIQUjIMhHGW4CreYEIQOnPDdDAKBggqhkjOPQQDAjAkMRAw
+DgYDVQQKEwdjZXJ0aWZ5MRAwDgYDVQQDEwdjZXJ0aWZ5MB4XDTIyMDMxNzA4NDQx
+MloXDTIzMDMxNzE0NDQxMlowJDEQMA4GA1UEChMHY2VydGlmeTEQMA4GA1UEAxMH
+Y2VydGlmeTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABIPmsrI8hCLHryeWc0wz
+zrrbAXhohqMfFnZS95qM83p/EHHUO4yoi4LSZhZnvPhPYG+St4KBZj2mqZYs6nf8
+sTSjUTBPMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATAPBgNVHRMBAf8E
+BTADAQH/MB0GA1UdDgQWBBTuUKyfBpn78BTa2fodsucBYuApejAKBggqhkjOPQQD
+AgNJADBGAiEAlYCxixkXh6eI1nHBAhaUHajYF6ZWpK4tiDCWR5lHIA0CIQCpgqUp
++R8a3HBTIcrpgdoI2g11HmV9+qOysbuWNpTnMw==
+-----END CERTIFICATE-----

cmd/certify/testdata/ca-key.pem

@@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIOgIRqRHosbtIPpHON1XY8TSVg/U9K9tiw/xexfrGRJwoAoGCCqGSM49
+AwEHoUQDQgAEg+aysjyEIsevJ5ZzTDPOutsBeGiGox8WdlL3mozzen8QcdQ7jKiL
+gtJmFme8+E9gb5K3goFmPaaplizqd/yxNA==
+-----END EC PRIVATE KEY-----

helper_test.go

@@ -0,0 +1,104 @@
+package certify
+
+import (
+	"crypto/x509"
+	"os"
+	"testing"
+)
+
+func TestGetPublicKey(t *testing.T) {
+	expectedPubKey := `-----BEGIN PUBLIC KEY-----
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEg+aysjyEIsevJ5ZzTDPOutsBeGiG
+ox8WdlL3mozzen8QcdQ7jKiLgtJmFme8+E9gb5K3goFmPaaplizqd/yxNA==
+-----END PUBLIC KEY-----
+`
+
+	cert, err := readCertificateFile("./cmd/certify/testdata/ca-cert.pem")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	pubkey, err := GetPublicKey(cert.PublicKey)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if pubkey != expectedPubKey {
+		t.Fatalf("got %v, want %v", pubkey, expectedPubKey)
+	}
+}
+
+func TestParseExtKeyUsage(t *testing.T) {
+	t.Run("Test single eku", func(t *testing.T) {
+		result := parseExtKeyUsage([]x509.ExtKeyUsage{
+			x509.ExtKeyUsageServerAuth,
+		})
+
+		expectedResult := "TLS Web Server Authentication"
+
+		if result != expectedResult {
+			t.Fatalf("got %v, eant %v", result, expectedResult)
+		}
+	})
+
+	t.Run("Test multiple eku", func(t *testing.T) {
+		result := parseExtKeyUsage([]x509.ExtKeyUsage{
+			x509.ExtKeyUsageServerAuth,
+			x509.ExtKeyUsageClientAuth,
+		})
+
+		expectedResult := "TLS Web Server Authentication, TLS Web Client Authentication"
+
+		if result != expectedResult {
+			t.Fatalf("got %v, eant %v", result, expectedResult)
+		}
+	})
+
+	t.Run("Test all Eku", func(t *testing.T) {
+		result := parseExtKeyUsage([]x509.ExtKeyUsage{
+			x509.ExtKeyUsageServerAuth,
+			x509.ExtKeyUsageClientAuth,
+			x509.ExtKeyUsageAny,
+			x509.ExtKeyUsageCodeSigning,
+			x509.ExtKeyUsageEmailProtection,
+			x509.ExtKeyUsageIPSECEndSystem,
+			x509.ExtKeyUsageIPSECTunnel,
+			x509.ExtKeyUsageIPSECUser,
+			x509.ExtKeyUsageTimeStamping,
+			x509.ExtKeyUsageOCSPSigning,
+			x509.ExtKeyUsageMicrosoftServerGatedCrypto,
+			x509.ExtKeyUsageNetscapeServerGatedCrypto,
+			x509.ExtKeyUsageMicrosoftCommercialCodeSigning,
+			x509.ExtKeyUsageMicrosoftKernelCodeSigning,
+		})
+
+		expectedResult := "TLS Web Server Authentication, TLS Web Client Authentication, Any Extended Key Usage, Code Signing, E-mail Protection, IPSec End System, IPSec Tunnel, IPSec User, Time Stamping, OCSP Signing, Microsoft Server Gated Crypto, Netscape Server Gated Crypto, Microsoft Commercial Code Signing, 1.3.6.1.4.1.311.61.1.1"
+
+		if result != expectedResult {
+			t.Fatalf("got %v, eant %v", result, expectedResult)
+		}
+	})
+}
+
+func TestFormatKeyIDWithColon(t *testing.T) {
+	result := formatKeyIDWithColon([]byte{36, 44, 106, 165, 22, 233, 173, 100, 28, 6, 69, 211, 74, 214, 212, 162})
+	expectedResult := "24:2c:6a:a5:16:e9:ad:64:1c:06:45:d3:4a:d6:d4:a2"
+
+	if result != expectedResult {
+		t.Fatalf("got %v, want %v", result, expectedResult)
+	}
+}
+
+func readCertificateFile(path string) (*x509.Certificate, error) {
+	f, err := os.ReadFile(path)
+	if err != nil {
+		return nil, err
+	}
+
+	c, err := ParseCertificate(f)
+	if err != nil {
+		return nil, err
+	}
+
+	return c, nil
+}

key.go

@@ -10,11 +10,12 @@ import (
 	"fmt"
 )
 
+// PrivateKey hold private key
 type PrivateKey struct {
 	*ecdsa.PrivateKey
 }
 
-// getPrivateKey returns struct PrivateKey containing the private key
+// GetPrivateKey returns struct PrivateKey containing the private key
 func GetPrivateKey() (*PrivateKey, error) {
 	pkey, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
 	if err != nil {