MCPcopy
hub / github.com/kubernetes/client-go / genClientCert

Function genClientCert

plugin/pkg/client/auth/exec/exec_test.go:718–748  ·  view source on GitHub ↗

genClientCert generates an x509 certificate for testing. Certificate and key are returned in PEM encoding.

(t *testing.T)

Source from the content-addressed store, hash-verified

716// genClientCert generates an x509 certificate for testing. Certificate and key
717// are returned in PEM encoding.
718func genClientCert(t *testing.T) ([]byte, []byte) {
719 key, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
720 if err != nil {
721 t.Fatal(err)
722 }
723 keyRaw, err := x509.MarshalECPrivateKey(key)
724 if err != nil {
725 t.Fatal(err)
726 }
727 serialNumberLimit := new(big.Int).Lsh(big.NewInt(1), 128)
728 serialNumber, err := rand.Int(rand.Reader, serialNumberLimit)
729 if err != nil {
730 t.Fatal(err)
731 }
732 cert := &x509.Certificate{
733 SerialNumber: serialNumber,
734 Subject: pkix.Name{Organization: []string{"Acme Co"}},
735 NotBefore: time.Now(),
736 NotAfter: time.Now().Add(24 * time.Hour),
737
738 KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature,
739 ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth},
740 BasicConstraintsValid: true,
741 }
742 certRaw, err := x509.CreateCertificate(rand.Reader, cert, cert, key.Public(), key)
743 if err != nil {
744 t.Fatal(err)
745 }
746 return pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: certRaw}),
747 pem.EncodeToMemory(&pem.Block{Type: "PRIVATE KEY", Bytes: keyRaw})
748}

Callers 1

TestTLSCredentialsFunction · 0.85

Calls 2

NowMethod · 0.65
AddMethod · 0.65

Tested by

no test coverage detected