github.com/letsencrypt/boulder@v0.20251208.0/cmd/boulder-wfe2/main_test.go

github.com/letsencrypt/boulder@v0.20251208.0/cmd/boulder-wfe2/main_test.go (about)

     1  package notmain
     2  
     3  import (
     4  	"crypto/x509"
     5  	"encoding/pem"
     6  	"testing"
     7  
     8  	"github.com/letsencrypt/boulder/test"
     9  )
    10  
    11  func TestLoadChain(t *testing.T) {
    12  	// Most of loadChain's logic is implemented in issuance.LoadChain, so this
    13  	// test only covers the construction of the PEM bytes.
    14  	_, chainPEM, err := loadChain([]string{
    15  		"../../test/hierarchy/int-e1.cert.pem",
    16  		"../../test/hierarchy/root-x2-cross.cert.pem",
    17  		"../../test/hierarchy/root-x1.cert.pem",
    18  	})
    19  	test.AssertNotError(t, err, "Should load valid chain")
    20  
    21  	// Parse the first certificate in the PEM blob.
    22  	certPEM, rest := pem.Decode(chainPEM)
    23  	test.AssertNotNil(t, certPEM, "Failed to decode chain PEM")
    24  	_, err = x509.ParseCertificate(certPEM.Bytes)
    25  	test.AssertNotError(t, err, "Failed to parse chain PEM")
    26  
    27  	// Parse the second certificate in the PEM blob.
    28  	certPEM, rest = pem.Decode(rest)
    29  	test.AssertNotNil(t, certPEM, "Failed to decode chain PEM")
    30  	_, err = x509.ParseCertificate(certPEM.Bytes)
    31  	test.AssertNotError(t, err, "Failed to parse chain PEM")
    32  
    33  	// The chain should contain nothing else.
    34  	certPEM, rest = pem.Decode(rest)
    35  	if certPEM != nil || len(rest) != 0 {
    36  		t.Error("Expected chain PEM to contain one cert and nothing else")
    37  	}
    38  }