@@ -158,7 +158,15 @@ func TestCertificateAuthority_IssueCertificate(t *testing.T) {
158158 certPath := filepath .Join (tmpDir , "ca.pem" )
159159 keyPath := filepath .Join (tmpDir , "ca-key.pem" )
160160
161- ca , err := LoadOrCreateCA (certPath , keyPath , testCAName , time .Hour * 24 )
161+ const (
162+ testDeviceCN = "test-device"
163+ testDeviceOrg = "test-org"
164+ testDeviceURI = "spiffe://example.com/device/123"
165+ testDeviceDNS = "device.example.com"
166+ testDeviceTTLH = time .Hour
167+ )
168+
169+ ca , err := LoadOrCreateCA (certPath , keyPath , testCAName , 24 * time .Hour )
162170 if err != nil {
163171 t .Fatalf ("Failed to create CA: %v" , err )
164172 }
@@ -171,12 +179,12 @@ func TestCertificateAuthority_IssueCertificate(t *testing.T) {
171179
172180 t .Run ("issues valid certificate" , func (t * testing.T ) {
173181 subject := pkix.Name {
174- CommonName : "test-device" ,
175- Organization : []string {"test-org" },
182+ CommonName : testDeviceCN ,
183+ Organization : []string {testDeviceOrg },
176184 }
177- uris := []string {"spiffe://example.com/device/123" }
178- dnsNames := []string {"device.example.com" }
179- ttl := time . Hour
185+ uris := []string {testDeviceURI }
186+ dnsNames := []string {testDeviceDNS }
187+ ttl := testDeviceTTLH
180188
181189 certPEM , err := ca .IssueCertificate (subject , uris , dnsNames , ttl , & priv .PublicKey )
182190 if err != nil {
@@ -195,17 +203,17 @@ func TestCertificateAuthority_IssueCertificate(t *testing.T) {
195203 }
196204
197205 // Verify certificate properties
198- if cert .Subject .CommonName != "test-device" {
199- t .Errorf ("Expected CommonName 'test-device' , got %s" , cert .Subject .CommonName )
206+ if cert .Subject .CommonName != testDeviceCN {
207+ t .Errorf ("Expected CommonName %q , got %s" , testDeviceCN , cert .Subject .CommonName )
200208 }
201- if len (cert .Subject .Organization ) == 0 || cert .Subject .Organization [0 ] != "test-org" {
202- t .Errorf ("Expected Organization 'test-org' , got %v" , cert .Subject .Organization )
209+ if len (cert .Subject .Organization ) == 0 || cert .Subject .Organization [0 ] != testDeviceOrg {
210+ t .Errorf ("Expected Organization %q , got %v" , testDeviceOrg , cert .Subject .Organization )
203211 }
204- if len (cert .DNSNames ) != 1 || cert .DNSNames [0 ] != "device.example.com" {
205- t .Errorf ("Expected DNSNames [device.example.com ], got %v" , cert .DNSNames )
212+ if len (cert .DNSNames ) != 1 || cert .DNSNames [0 ] != testDeviceDNS {
213+ t .Errorf ("Expected DNSNames [%s ], got %v" , testDeviceDNS , cert .DNSNames )
206214 }
207- if len (cert .URIs ) != 1 || cert .URIs [0 ].String () != "spiffe://example.com/device/123" {
208- t .Errorf ("Expected URIs [spiffe://example.com/device/123 ], got %v" , cert .URIs )
215+ if len (cert .URIs ) != 1 || cert .URIs [0 ].String () != testDeviceURI {
216+ t .Errorf ("Expected URIs [%s ], got %v" , testDeviceURI , cert .URIs )
209217 }
210218
211219 // Verify the certificate is signed by the CA
@@ -254,7 +262,7 @@ func TestCertificateAuthority_SignCSR(t *testing.T) {
254262 certPath := filepath .Join (tmpDir , "ca.pem" )
255263 keyPath := filepath .Join (tmpDir , "ca-key.pem" )
256264
257- ca , err := LoadOrCreateCA (certPath , keyPath , testCAName , time .Hour * 24 )
265+ ca , err := LoadOrCreateCA (certPath , keyPath , testCAName , 24 * time .Hour )
258266 if err != nil {
259267 t .Fatalf ("Failed to create CA: %v" , err )
260268 }
0 commit comments