2018-11-14 14:07:10 +00:00
|
|
|
package pki
|
|
|
|
|
|
|
|
import (
|
|
|
|
"crypto/x509"
|
|
|
|
"crypto/x509/pkix"
|
|
|
|
"testing"
|
|
|
|
"time"
|
|
|
|
)
|
|
|
|
|
|
|
|
func TestCA(t *testing.T) {
|
|
|
|
|
2018-11-19 13:33:55 +00:00
|
|
|
DefaultProvince = []string{"CO"}
|
|
|
|
DefaultLocality = []string{"Denver"}
|
2018-11-14 14:07:10 +00:00
|
|
|
|
|
|
|
// Create a root CA.
|
2018-11-19 13:33:55 +00:00
|
|
|
root := New(IsCA, Subject(pkix.Name{
|
2018-11-14 14:07:10 +00:00
|
|
|
CommonName: "root.myorg.com",
|
|
|
|
}))
|
|
|
|
|
|
|
|
// Create an intermediate CA under the root.
|
2018-11-19 13:33:55 +00:00
|
|
|
intermediate := root.Issue(IsCA, Subject(pkix.Name{
|
2018-11-14 14:07:10 +00:00
|
|
|
CommonName: "intermediate.myorg.com",
|
|
|
|
}))
|
|
|
|
|
|
|
|
// Create a leaf certificate under the intermediate.
|
2018-11-19 13:33:55 +00:00
|
|
|
leaf := intermediate.Issue(Subject(pkix.Name{
|
2018-11-14 14:07:10 +00:00
|
|
|
CommonName: "leaf.myorg.com",
|
|
|
|
}))
|
|
|
|
|
|
|
|
Intermediate := x509.NewCertPool()
|
|
|
|
Intermediate.AddCert(intermediate.Certificate)
|
|
|
|
|
|
|
|
roots := x509.NewCertPool()
|
|
|
|
roots.AddCert(root.Certificate)
|
|
|
|
|
|
|
|
Opts := x509.VerifyOptions{
|
|
|
|
Intermediates: Intermediate,
|
|
|
|
Roots: roots,
|
|
|
|
CurrentTime: time.Now(),
|
|
|
|
KeyUsages: []x509.ExtKeyUsage{x509.ExtKeyUsageAny},
|
|
|
|
}
|
|
|
|
|
|
|
|
_, err := leaf.Certificate.Verify(Opts)
|
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
t.Error(err)
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|