Skip to content

Commit

Permalink
Merge pull request #2001 from JonathanLevi/bTCertSubjectCommonName
Browse files Browse the repository at this point in the history 
Set the Subject.CommonName of each TCert to 'Transaction Certificate'
  • Loading branch information
@srderson
srderson committed Jun 27, 2016
2 parents 6e3d2e3 + 5cbd76d commit d31b656
Show file tree
Hide file tree
Showing 2 changed files with 16 additions and 1 deletion.
3 changes: 2 additions & 1 deletion membersrvc/ca/tca.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -360,6 +360,7 @@ func (tcap *TCAP) createCertificateSet(ctx context.Context, raw []byte, in *pb.T
var err error
var id = in.Id.Id
var timestamp = in.Ts.Seconds
const TCERT_SUBJECT_COMMON_NAME_VALUE string = "Transaction Certificate"

if in.Attributes != nil && viper.GetBool("aca.enabled") {
attrs, err = tcap.requestAttributes(id, raw, in.Attributes)
Expand Down Expand Up @@ -444,7 +445,7 @@ func (tcap *TCAP) createCertificateSet(ctx context.Context, raw []byte, in *pb.T
return nil, err
}

spec := NewDefaultPeriodCertificateSpec(id, tcertid, &txPub, x509.KeyUsageDigitalSignature, extensions...)
spec := NewDefaultPeriodCertificateSpecWithCommonName(id, TCERT_SUBJECT_COMMON_NAME_VALUE, tcertid, &txPub, x509.KeyUsageDigitalSignature, extensions...)
if raw, err = tcap.tca.createCertificateFromSpec(spec, timestamp, kdfKey, false); err != nil {
Error.Println(err)
return nil, err
Expand Down
14 changes: 14 additions & 0 deletions membersrvc/ca/tca_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -68,6 +68,7 @@ func TestCreateCertificateSet(t *testing.T) {
t.Fatal(err)
}

const EXPECTED_TCERT_SUBJECT_COMMON_NAME_VALUE string = "Transaction Certificate"
ncerts := 1
for nattributes := -1; nattributes < 1; nattributes++ {
certificateSetRequest, err := buildCertificateSetRequest(enrollmentID, priv, ncerts, nattributes)
Expand Down Expand Up @@ -103,6 +104,19 @@ func TestCreateCertificateSet(t *testing.T) {
if len(tcerts.Certs) != ncerts {
t.Fatal(fmt.Errorf("Invalid tcert size. Expected: %v, Actual: %v", ncerts, len(tcerts.Certs)))
}

for pos, eachTCert := range tcerts.Certs {
tcert, err := x509.ParseCertificate(eachTCert.Cert)
if err != nil {
t.Fatalf("Error: %v\nCould not x509.ParseCertificate %v", err, eachTCert.Cert)
}

t.Logf("Examining TCert[%d]'s Subject: %v", pos, tcert.Subject)
if tcert.Subject.CommonName != EXPECTED_TCERT_SUBJECT_COMMON_NAME_VALUE {
t.Fatalf("The TCert's Subject.CommonName is '%s' which is different than '%s'", tcert.Subject.CommonName, EXPECTED_TCERT_SUBJECT_COMMON_NAME_VALUE)
}
t.Logf("Successfully verified that TCert[%d].Subject.CommonName == '%s'", pos, tcert.Subject.CommonName)
}
}
}

Expand Down

0 comments on commit d31b656

Please sign in to comment.