github.com/letsencrypt/boulder@v0.20251208.0/linter/lints/rfc/lint_crl_has_aki_test.go

github.com/letsencrypt/boulder@v0.20251208.0/linter/lints/rfc/lint_crl_has_aki_test.go (about)

     1  package rfc
     2  
     3  import (
     4  	"fmt"
     5  	"strings"
     6  	"testing"
     7  
     8  	"github.com/zmap/zlint/v3/lint"
     9  
    10  	"github.com/letsencrypt/boulder/linter/lints/test"
    11  )
    12  
    13  func TestCrlHasAKI(t *testing.T) {
    14  	t.Parallel()
    15  
    16  	testCases := []struct {
    17  		name       string
    18  		want       lint.LintStatus
    19  		wantSubStr string
    20  	}{
    21  		{
    22  			name: "good",
    23  			want: lint.Pass,
    24  		},
    25  		{
    26  			name:       "no_aki",
    27  			want:       lint.Error,
    28  			wantSubStr: "MUST include the authority key identifier",
    29  		},
    30  		{
    31  			name:       "aki_name_and_serial",
    32  			want:       lint.Error,
    33  			wantSubStr: "MUST use the key identifier method",
    34  		},
    35  	}
    36  
    37  	for _, tc := range testCases {
    38  		t.Run(tc.name, func(t *testing.T) {
    39  			l := NewCrlHasAKI()
    40  			c := test.LoadPEMCRL(t, fmt.Sprintf("testdata/crl_%s.pem", tc.name))
    41  			r := l.Execute(c)
    42  
    43  			if r.Status != tc.want {
    44  				t.Errorf("expected %q, got %q", tc.want, r.Status)
    45  			}
    46  			if !strings.Contains(r.Details, tc.wantSubStr) {
    47  				t.Errorf("expected %q, got %q", tc.wantSubStr, r.Details)
    48  			}
    49  		})
    50  	}
    51  }