本文整理汇总了Golang中crypto/x509.CertificateRequest.Signature方法的典型用法代码示例。如果您正苦于以下问题:Golang CertificateRequest.Signature方法的具体用法?Golang CertificateRequest.Signature怎么用?Golang CertificateRequest.Signature使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类crypto/x509.CertificateRequest
的用法示例。
在下文中一共展示了CertificateRequest.Signature方法的1个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Golang代码示例。
示例1: TestVerifyCSR
func TestVerifyCSR(t *testing.T) {
private, err := rsa.GenerateKey(rand.Reader, 2048)
test.AssertNotError(t, err, "error generating test key")
signedReqBytes, err := x509.CreateCertificateRequest(rand.Reader, &x509.CertificateRequest{PublicKey: private.PublicKey, SignatureAlgorithm: x509.SHA256WithRSA}, private)
test.AssertNotError(t, err, "error generating test CSR")
signedReq, err := x509.ParseCertificateRequest(signedReqBytes)
test.AssertNotError(t, err, "error parsing test CSR")
brokenSignedReq := new(x509.CertificateRequest)
*brokenSignedReq = *signedReq
brokenSignedReq.Signature = []byte{1, 1, 1, 1}
signedReqWithHosts := new(x509.CertificateRequest)
*signedReqWithHosts = *signedReq
signedReqWithHosts.DNSNames = []string{"a.com", "b.com"}
signedReqWithLongCN := new(x509.CertificateRequest)
*signedReqWithLongCN = *signedReq
signedReqWithLongCN.Subject.CommonName = strings.Repeat("a", maxCNLength+1)
signedReqWithBadName := new(x509.CertificateRequest)
*signedReqWithBadName = *signedReq
signedReqWithBadName.DNSNames = []string{"bad-name.com"}
cases := []struct {
csr *x509.CertificateRequest
maxNames int
keyPolicy *goodkey.KeyPolicy
pa core.PolicyAuthority
regID int64
expectedError error
}{
{
&x509.CertificateRequest{},
0,
testingPolicy,
&mockPA{},
0,
errors.New("invalid public key in CSR"),
},
{
&x509.CertificateRequest{PublicKey: private.PublicKey},
1,
testingPolicy,
&mockPA{},
0,
errors.New("signature algorithm not supported"),
},
{
brokenSignedReq,
1,
testingPolicy,
&mockPA{},
0,
errors.New("invalid signature on CSR"),
},
{
signedReq,
1,
testingPolicy,
&mockPA{},
0,
errors.New("at least one DNS name is required"),
},
{
signedReqWithLongCN,
1,
testingPolicy,
&mockPA{},
0,
errors.New("CN was longer than 64 bytes"),
},
{
signedReqWithHosts,
1,
testingPolicy,
&mockPA{},
0,
errors.New("CSR contains more than 1 DNS names"),
},
{
signedReqWithBadName,
1,
testingPolicy,
&mockPA{},
0,
errors.New("policy forbids issuing for: bad-name.com"),
},
}
for _, c := range cases {
err := VerifyCSR(c.csr, c.maxNames, c.keyPolicy, c.pa, false, c.regID)
test.AssertDeepEquals(t, c.expectedError, err)
}
}