From 75850d98d9a01d67b81e0932e3336af9b034aec4 Mon Sep 17 00:00:00 2001 From: Tero Saarni Date: Wed, 24 Jan 2024 09:35:46 +0200 Subject: [PATCH] Replace deprecated CRL methods (#50) --- Makefile | 4 ++-- crl_test.go | 8 ++++---- internal/manifest/manifest_test.go | 12 ++++++------ 3 files changed, 12 insertions(+), 12 deletions(-) diff --git a/Makefile b/Makefile index c3a8248..8056ea0 100644 --- a/Makefile +++ b/Makefile @@ -14,8 +14,8 @@ install: go install -v ./cmd/certyaml install-tools: - go install github.com/golangci/golangci-lint/cmd/golangci-lint@v1.51.2 - go install github.com/securego/gosec/v2/cmd/gosec@v2.15.0 + go install github.com/golangci/golangci-lint/cmd/golangci-lint@v1.55.2 + go install github.com/securego/gosec/v2/cmd/gosec@v2.18.2 update-modules: go get -u -t ./... && go mod tidy diff --git a/crl_test.go b/crl_test.go index 05976ec..3e6ff78 100644 --- a/crl_test.go +++ b/crl_test.go @@ -38,10 +38,10 @@ func TestRevocation(t *testing.T) { assert.Nil(t, err) certList, err := x509.ParseRevocationList(crlBytes) assert.Nil(t, err) - assert.Equal(t, 2, len(certList.RevokedCertificates)) + assert.Equal(t, 2, len(certList.RevokedCertificateEntries)) assert.Equal(t, "CN=ca", certList.Issuer.String()) - assert.Equal(t, big.NewInt(123), certList.RevokedCertificates[0].SerialNumber) - assert.Equal(t, big.NewInt(456), certList.RevokedCertificates[1].SerialNumber) + assert.Equal(t, big.NewInt(123), certList.RevokedCertificateEntries[0].SerialNumber) + assert.Equal(t, big.NewInt(456), certList.RevokedCertificateEntries[1].SerialNumber) } func TestInvalidSelfSigned(t *testing.T) { @@ -91,7 +91,7 @@ func TestEmptyCRL(t *testing.T) { certList, err := x509.ParseRevocationList(crlBytes) assert.Nil(t, err) - assert.Equal(t, 0, len(certList.RevokedCertificates)) + assert.Equal(t, 0, len(certList.RevokedCertificateEntries)) assert.Equal(t, "CN=ca", certList.Issuer.String()) // Empty CRL with no issuer cannot be created. diff --git a/internal/manifest/manifest_test.go b/internal/manifest/manifest_test.go index c9ca222..99b71d1 100644 --- a/internal/manifest/manifest_test.go +++ b/internal/manifest/manifest_test.go @@ -86,7 +86,7 @@ func TestStateHandling(t *testing.T) { err = GenerateCertificates(&output, "testdata/certs-state-1.yaml", path.Join(dir, "state.yaml"), dir) assert.Nil(t, err) - // Check that calling generate again does not alter the state. + // Check stable hashing: calling generate again on same manifest does not alter the state. h1, err := dirhash.HashDir(dir, "", dirhash.Hash1) assert.Nil(t, err) err = GenerateCertificates(&output, "testdata/certs-state-1.yaml", path.Join(dir, "state.yaml"), dir) @@ -260,8 +260,8 @@ func TestRevocation(t *testing.T) { certList, err := x509.ParseRevocationList(block.Bytes) assert.Nil(t, err) assert.Equal(t, "CN=ca1", certList.Issuer.String()) - assert.Equal(t, 1, len(certList.RevokedCertificates)) - assert.Equal(t, big.NewInt(123), certList.RevokedCertificates[0].SerialNumber) + assert.Equal(t, 1, len(certList.RevokedCertificateEntries)) + assert.Equal(t, big.NewInt(123), certList.RevokedCertificateEntries[0].SerialNumber) crlFile = path.Join(dir, "ca2-crl.pem") pemBuffer, err = os.ReadFile(crlFile) @@ -273,9 +273,9 @@ func TestRevocation(t *testing.T) { certList, err = x509.ParseRevocationList(block.Bytes) assert.Nil(t, err) assert.Equal(t, "CN=ca2", certList.Issuer.String()) - assert.Equal(t, 2, len(certList.RevokedCertificates)) - assert.Equal(t, big.NewInt(123), certList.RevokedCertificates[0].SerialNumber) - assert.Equal(t, big.NewInt(456), certList.RevokedCertificates[1].SerialNumber) + assert.Equal(t, 2, len(certList.RevokedCertificateEntries)) + assert.Equal(t, big.NewInt(123), certList.RevokedCertificateEntries[0].SerialNumber) + assert.Equal(t, big.NewInt(456), certList.RevokedCertificateEntries[1].SerialNumber) } func TestInvalidRevocation(t *testing.T) {