ZeroTierOne/cmd/zt_service_tests/certificate.go

/*
 * Copyright (C)2013-2020 ZeroTier, Inc.
 *
 * Use of this software is governed by the Business Source License included
 * in the LICENSE.TXT file in the project's root directory.
 *
 * Change Date: 2024-01-01
 *
 * On the date above, in accordance with the Business Source License, use
 * of this software will be governed by version 2.0 of the Apache License.
 */
/****/

package main

import (
	"bytes"
	"encoding/json"
	"fmt"
	"zerotier/pkg/zerotier"
)

func TestCertificate() bool {
	fmt.Println("Checking Certificate conversion to/from C ZT_Certificate structure...")

	id, err := zerotier.NewIdentityFromString("8e4df28b72:0:ac3d46abe0c21f3cfe7a6c8d6a85cfcffcb82fbd55af6a4d6350657c68200843fa2e16f9418bbd9702cae365f2af5fb4c420908b803a681d4daef6114d78a2d7:bd8dd6e4ce7022d2f812797a80c6ee8ad180dc4ebf301dec8b06d1be08832bddd63a2f1cfa7b2c504474c75bdc8898ba476ef92e8e2d0509f8441985171ff16e")
	if err != nil {
		fmt.Printf("  Error deserializing test identity: %s\n", err.Error())
		return false
	}

	var c zerotier.Certificate

	c.SerialNo = make([]byte, 48)
	for i := 0; i < 48 ;i++ {
		c.SerialNo[i] = byte(i)
	}
	c.Flags = 1234
	c.Timestamp = 5678
	c.Validity[0] = 1010
	c.Validity[1] = 2020
	c.Subject.Timestamp = 31337
	c.Subject.Identities = append(c.Subject.Identities, zerotier.CertificateIdentity{
		Identity: id,
		Locator: nil,
	})
	c.Subject.Networks = append(c.Subject.Networks, zerotier.CertificateNetwork{
		ID: 1111,
		Controller: zerotier.Fingerprint{
			Address: zerotier.Address(2222),
			Hash: c.SerialNo,
		},
	})
	c.Subject.Certificates = append(c.Subject.Certificates, c.SerialNo)
	c.Subject.UpdateURLs = append(c.Subject.UpdateURLs, "https://www.zerotier.com/asdfasdf")
	c.Subject.Name.SerialNo = "a"
	c.Subject.Name.CommonName = "b"
	c.Subject.Name.StreetAddress = "c"
	c.Subject.Name.Locality = "d"
	c.Subject.Name.Province = "e"
	c.Subject.Name.PostalCode = "f"
	c.Subject.Name.Country = "g"
	c.Subject.Name.Organization = "h"
	c.Subject.Name.Unit = "i"
	c.Subject.Name.Email = "j"
	c.Subject.Name.URL = "k"
	c.Subject.Name.Host = "l"
	c.Subject.UniqueID = []byte("asdf")
	c.Subject.UniqueIDProofSignature = []byte("ghij")
	c.Issuer = id
	c.IssuerName.SerialNo = "m"
	c.IssuerName.CommonName = "n"
	c.IssuerName.StreetAddress = "o"
	c.IssuerName.Locality = "p"
	c.IssuerName.Province = "q"
	c.IssuerName.PostalCode = "r"
	c.IssuerName.Country = "s"
	c.IssuerName.Organization = "t"
	c.IssuerName.Unit = "u"
	c.IssuerName.Email = "v"
	c.IssuerName.URL = "w"
	c.IssuerName.Host = "x"
	c.ExtendedAttributes = c.SerialNo
	c.MaxPathLength = 9999
	c.Signature = []byte("qwerty")

	cc := c.CCertificate()
	if cc == nil {
		fmt.Println("  Error converting Certificate to ZT_Certificate")
		return false
	}

	c2 := zerotier.NewCertificateFromCCertificate(cc.C)
	if c2 == nil {
		fmt.Println("  Error converting ZT_Certificate to Certificate")
		return false
	}

	j, _ := json.MarshalIndent(c, "", "  ")
	j2, _ := json.MarshalIndent(c2, "", "  ")

	if !bytes.Equal(j, j2) {
		j, _ = json.MarshalIndent(c, "", "  ")
		fmt.Print("  Deep equality test failed: certificates do not match! (see dumps below)\n\n")
		fmt.Println(string(j))
		fmt.Println(string(j2))
		return false
	}

	fmt.Printf("Checking certificate marshal/unmarshal... ")
	cb, err := c.Marshal()
	if err != nil {
		fmt.Printf("marshal FAILED (%s)\n", err.Error())
		return false
	}
	fmt.Printf("marshal: %d bytes ", len(cb))
	c2, err = zerotier.NewCertificateFromBytes(cb, false)
	if err != nil {
		fmt.Printf("unmarshal FAILED (%s)\n", err.Error())
		return false
	}
	cb2, err := c2.Marshal()
	if err != nil {
		fmt.Printf("second marshal FAILED (%s)\n", err.Error())
		return false
	}
	if !bytes.Equal(cb, cb2) {
		fmt.Printf("FAILED (results not equal)\n")
		return false
	}
	fmt.Println("OK")

	return true
}