diff options
Diffstat (limited to 'src/crypto/x509/x509_test.go')
| -rw-r--r-- | src/crypto/x509/x509_test.go | 24 |
1 files changed, 21 insertions, 3 deletions
diff --git a/src/crypto/x509/x509_test.go b/src/crypto/x509/x509_test.go index 354545ccbc..aa30d85b7d 100644 --- a/src/crypto/x509/x509_test.go +++ b/src/crypto/x509/x509_test.go @@ -850,17 +850,31 @@ func TestCRLCreation(t *testing.T) { block, _ = pem.Decode([]byte(pemCertificate)) cert, _ := ParseCertificate(block.Bytes) - now := time.Unix(1000, 0) + loc := time.FixedZone("Oz/Atlantis", int((2 * time.Hour).Seconds())) + + now := time.Unix(1000, 0).In(loc) + nowUTC := now.UTC() expiry := time.Unix(10000, 0) revokedCerts := []pkix.RevokedCertificate{ { SerialNumber: big.NewInt(1), + RevocationTime: nowUTC, + }, + { + SerialNumber: big.NewInt(42), + // RevocationTime should be converted to UTC before marshaling. RevocationTime: now, }, + } + expectedCerts := []pkix.RevokedCertificate{ + { + SerialNumber: big.NewInt(1), + RevocationTime: nowUTC, + }, { SerialNumber: big.NewInt(42), - RevocationTime: now, + RevocationTime: nowUTC, }, } @@ -869,10 +883,14 @@ func TestCRLCreation(t *testing.T) { t.Errorf("error creating CRL: %s", err) } - _, err = ParseDERCRL(crlBytes) + parsedCRL, err := ParseDERCRL(crlBytes) if err != nil { t.Errorf("error reparsing CRL: %s", err) } + if !reflect.DeepEqual(parsedCRL.TBSCertList.RevokedCertificates, expectedCerts) { + t.Errorf("RevokedCertificates mismatch: got %v; want %v.", + parsedCRL.TBSCertList.RevokedCertificates, expectedCerts) + } } func fromBase64(in string) []byte { |