Refactor tests and issuer code (#28)

* Change issuer tests to use static test certificate chain
Removes dependency from cert-creator

* Refactor issuer into smaller components
Issuer now accepts checked data. Introduced helper functions which
creates this checked data. Components can be tested separately. It returns a credential object instead of a string so the fields can be inspected during tests.

.gitignore

@@ -1,4 +1,4 @@
-*.pem
+/*.pem
 !ca.pem
 uzi-did-x509-issuer
 c.out

go.mod

@@ -5,7 +5,6 @@ go 1.23.1
 require (
 	github.com/alecthomas/kong v1.4.0
 	github.com/google/uuid v1.6.0
-	github.com/huandu/go-clone v1.7.2
 	github.com/lestrrat-go/jwx/v2 v2.1.2
 	github.com/nuts-foundation/go-did v0.15.0
 	github.com/stretchr/testify v1.9.0

go.sum

@@ -15,10 +15,6 @@ github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
 github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/hexops/gotextdiff v1.0.3 h1:gitA9+qJrrTCsiCl7+kh75nPqQt1cx4ZkudSTLoUqJM=
 github.com/hexops/gotextdiff v1.0.3/go.mod h1:pSWU5MAI3yDq+fZBTazCSJysOMbxWL1BSow5/V2vxeg=
-github.com/huandu/go-assert v1.1.5 h1:fjemmA7sSfYHJD7CUqs9qTwwfdNAx7/j2/ZlHXzNB3c=
-github.com/huandu/go-assert v1.1.5/go.mod h1:yOLvuqZwmcHIC5rIzrBhT7D3Q9c3GFnd0JrPVhn/06U=
-github.com/huandu/go-clone v1.7.2 h1:3+Aq0Ed8XK+zKkLjE2dfHg0XrpIfcohBE1K+c8Usxoo=
-github.com/huandu/go-clone v1.7.2/go.mod h1:ReGivhG6op3GYr+UY3lS6mxjKp7MIGTknuU5TbTVaXE=
 github.com/lestrrat-go/blackmagic v1.0.2 h1:Cg2gVSc9h7sz9NOByczrbUvLopQmXrfFx//N+AkAr5k=
 github.com/lestrrat-go/blackmagic v1.0.2/go.mod h1:UrEqBzIR2U6CnzVyUtfM6oZNMt/7O7Vohk2J0OGSAtU=
 github.com/lestrrat-go/httpcc v1.0.1 h1:ydWCStUeJLkpYyjLDHihupbn2tYmZ7m22BGkcvZZrIE=
@@ -48,7 +44,6 @@ github.com/segmentio/asm v1.2.0/go.mod h1:BqMnlJP91P8d+4ibuonYZw9mfnzI9HfxselHZr
 github.com/shengdoushi/base58 v1.0.0 h1:tGe4o6TmdXFJWoI31VoSWvuaKxf0Px3gqa3sUWhAxBs=
 github.com/shengdoushi/base58 v1.0.0/go.mod h1:m5uIILfzcKMw6238iWAhP4l3s5+uXyF3+bJKUNhAL9I=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
-github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
 github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
@@ -59,7 +54,6 @@ golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA=
 golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
-gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

main.go

@@ -50,6 +50,7 @@ func main() {
 			fmt.Println(err)
 			os.Exit(-1)
 		}
+		fmt.Println("VC result:")
 		err = printLineAndFlush(jwt)
 		if err != nil {
 			fmt.Println(err)
@@ -123,5 +124,28 @@ func printLineAndFlush(jwt string) error {
 }
 
 func issueVc(vc VC) (string, error) {
-	return uzi_vc_issuer.Issue(vc.CertificateFile, vc.SigningKey, vc.SubjectDID, vc.Test, vc.IncludePermanent, vc.SubjectAttributes)
+	chain, err := uzi_vc_issuer.NewValidCertificateChain(vc.CertificateFile)
+	if err != nil {
+		return "", err
+	}
+
+	key, err := uzi_vc_issuer.NewPrivateKey(vc.SigningKey)
+	if err != nil {
+		return "", err
+	}
+
+	subject, err := uzi_vc_issuer.NewSubjectDID(vc.SubjectDID)
+	if err != nil {
+		return "", err
+	}
+
+	credential, err := uzi_vc_issuer.Issue(chain, key, subject,
+		uzi_vc_issuer.SubjectAttributes(vc.SubjectAttributes...),
+		uzi_vc_issuer.AllowTestUraCa(vc.Test))
+
+	if err != nil {
+		return "", err
+	}
+
+	return credential.Raw(), nil
 }

uzi_vc_issuer/testdata/signing_key.pem

@@ -0,0 +1,27 @@
+-----BEGIN PRIVATE KEY-----
+MIIEpAIBAAKCAQEA0+LyiNeyaWUCHyzRDKG6+a+btQXCiuKX7cRzLWRp3Dc0v4Bv
+8GCgNNSHRwHz+KbadpGuBebvD6f4GvwDA9PjdJ3xjjRi0aF1hYmzPmnrsYxDtuZV
+A1IU0BTBbfQcQ9yXpUEtPZwDvf3/J9OlckNrEVOKZzG7Bw/0rk4OGt4D4lOkmhlg
+yvWHou59J9/ARrRaRl1b5bcjzrUnEbD6B8w3G6xino57/M2cvExFu3dChV6eABDD
+hwE+WsSK2CaijXMiCD25xg80nq9gzTIJEVlSEYilf4DthdyaRae4WV74/x5H3EZI
+wRHr+8A2rZmNXivpUuDXAtTH5BsJibujfeYfJQIDAQABAoIBAQCouZC+bVyR1rBA
+2PRC5cq5JyCLnuGSrOukl4nL/Kjbhk6HrCP3O0p3p0Ftxt1bBKr0Pf9gjcuSIQRN
+oJ5Z/vGiHF+NCKQkIDkwND26lqfrwzDsxS+vLD6Mj+qTvw5+73sGSgdXhxPnyAnV
+0hBuE8d/jZGpqQ0wi4EhB+DtfhuDrfp4ZdQXFynsTi/MuttOmiu4r/aVqYS4uhjh
+NO4EvnfDpyUVxpdy78t8H16+ghyAI5fnELqxq7Gk1EIrFYtUfnEfJKyB33ZLZrkL
+imIVc5Qt90zObFFljDrM26cr7OnKopApO98dREi13aLio2QeKX3OkUOIlcGgwAN0
+Fhpvv7jBAoGBAOodh925HBKiIJlE3C5oYwnalVLnr7fVffACuCyxE2oxPv7jl1qP
+XnJ1i5DIgwyqUBzLbgo6Jf9fVTK/0lzx0rMIDBTiMJE+YE7UZ1/BFsdql0AnkHP9
+S21E3vdVPl1vcQMbc9fokkGYayMDkLeToLKVIv/76IZkQ1iS6vpWwQqVAoGBAOex
+eNmXms9FSx2aw3IdAHnS11u+cvn60hYmvVod10kFzhO2l17WBtlWSzysWchEWzX3
+u0bW95LIuRerlj463jqw89ecEadmOsn382Icpsf2ZhtswyeAIa7u0/y965xX6j0+
+dbx1GQ8Ftdt9nozb/o41sF5/DjrYWmQFmOrvfy5RAoGAY0/9p7/zua/O9lWwtXsQ
+sEhqWc3wy6IkF2F/8W14l+6mE4hGV2NEJHfaqaN1fDTvYRem6W27WrZ9NNcMjOME
+h2/deCpvgd2dCzOtWoBVgmikGtHtxFZp3cN+dhtSJl606SWHIcsF6A+ZOzQy+r0E
+SV1ciIy7Ge+EZhmE1odgwnUCgYBatXa06c/oOh7Qdljygjw/dbZu6r8k83fwyDX1
+5Bz3L9igiyn0LSL9T/WgyXFVIL39AQJHF75Rr1gX1ku6DV4X6FNvJGEdAr8dd3/H
+96OsQeFz9z7oZhfJ3yMLnmdyDFFerOd3YvjukrPCPQon57Ffh9GHDYNKso2g/zgB
+Msa+IQKBgQDEpBtnP0+oJCAlUb3bOqJY7+5B4GsBCbNgV2rpa362Iyx5OPKLdGgV
+U/G3jdZeqrzLJsFPfU41jOFiL76pDsH0rCUK1fQJkAhrux/k/5rYWhgfziZYwiNT
+RccjKo7mMgg/vPjbw/wtLhvLTstfMQl5OLJ0f/vROR24ThAdNiFGWw==
+-----END PRIVATE KEY-----

uzi_vc_issuer/testdata/valid_chain.pem

@@ -0,0 +1,80 @@
+-----BEGIN CERTIFICATE-----
+MIIDjTCCAnWgAwIBAgICAMQwDQYJKoZIhvcNAQELBQAwIjEgMB4GA1UEChMXSW50
+ZXJtZWRpYXRlIENBIExldmVsIDIwHhcNMjQxMjAzMTQ1NTIyWhcNMjUwMTAyMTQ1
+NTIyWjAlMREwDwYDVQQKEwhGYXV4Q2FyZTEQMA4GA1UEBRMHMTExMTExMTCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANPi8ojXsmllAh8s0Qyhuvmvm7UF
+woril+3Ecy1kadw3NL+Ab/BgoDTUh0cB8/im2naRrgXm7w+n+Br8AwPT43Sd8Y40
+YtGhdYWJsz5p67GMQ7bmVQNSFNAUwW30HEPcl6VBLT2cA739/yfTpXJDaxFTimcx
+uwcP9K5ODhreA+JTpJoZYMr1h6LufSffwEa0WkZdW+W3I861JxGw+gfMNxusYp6O
+e/zNnLxMRbt3QoVengAQw4cBPlrEitgmoo1zIgg9ucYPNJ6vYM0yCRFZUhGIpX+A
+7YXcmkWnuFle+P8eR9xGSMER6/vANq2ZjV4r6VLg1wLUx+QbCYm7o33mHyUCAwEA
+AaOByTCBxjAOBgNVHQ8BAf8EBAMCB4AwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDAYD
+VR0TAQH/BAIwADAfBgNVHSMEGDAWgBQkmFoX/Ybgyfv2zOJ1cYtzyHWMWTBwBgNV
+HREEaTBnoEIGA1UFBaA7FjkyLjE2LjUyOC4xLjEwMDcuOTkuMjExMC0xLTExMTEx
+MTEtUy0yMjIyMjIyLTAwLjAwMC0zMzMzMzOgIQYIKwYBBQUHCAOgFTATEwcyMjIy
+MjIyBghghBABh28DAzANBgkqhkiG9w0BAQsFAAOCAQEActbKEDR5er6Yj21HHVSl
+XSanPuZsL3z516khvWJIihKWQ3ByPSVxBajQxY4YQAWQKw++fhkCwBrGTxo+7fHa
+warPLUXOr2Wx2QidKtxjndWnv2o9Wn0QCI3jIIJYfgnyfqXKWR5AFseEJIaPSuEK
+q02KhnYVL+gzyW4RVAvZoHSaFSALzS8D7uk51C0Z1hp4clueHkRSYy8GzShe/dJ5
+e3vVqsMCjV3/YOp/Z8bLGHk1xFViCX8jDYbM6+DWKWCk1IWJeDZoPwBN6cm6tkga
+Puhm/aAGxKWgio76j6Fw2h5u0W+oUp8FKzMSa/4VrWoFCO98uPowg0OMl6Cnqiji
+YQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDRDCCAiygAwIBAgICAMcwDQYJKoZIhvcNAQELBQAwIjEgMB4GA1UEChMXSW50
+ZXJtZWRpYXRlIENBIExldmVsIDEwHhcNMjQxMjAzMTQ1NTIyWhcNMjUwMTAyMTQ1
+NTIyWjAiMSAwHgYDVQQKExdJbnRlcm1lZGlhdGUgQ0EgTGV2ZWwgMjCCASIwDQYJ
+KoZIhvcNAQEBBQADggEPADCCAQoCggEBAKbwiYBkjgNHyyullehHoEf1BlKXjqKC
+KU49x1kcoqHk7K5jD4M1+f0Lzk6zgj509KIWFG2XxCkC7/omRxaDuwt2xjQQJC5J
+wxePma8yNbhHsEGjKyGHBParpJaiYjfPBGJwwKvxl7z4xLc8hMO7BW1fJFbU78zo
+1ZzXhPkOvYJQLKkFY7HR6EtvFTNztbO9fxY7eSjK49ot4WVIAo00iQ+N/uLiQPmW
+Ph/vpMxkvyVv95sbCYcX0r7jE0Hxm5+nDnV3G32Me6RTo7qR12zhEgP9+kneM9qT
+CajVHIkXxMIcNRn09LmsISq8P/7sDqQ5dV8fp9b1LZbxbLTpUi1/4p0CAwEAAaOB
+gzCBgDAOBgNVHQ8BAf8EBAMCAoQwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF
+BwMCMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFCSYWhf9huDJ+/bM4nVxi3PI
+dYxZMB8GA1UdIwQYMBaAFDI0sgMhu04pBJ7LaXEUAE1a4F3sMA0GCSqGSIb3DQEB
+CwUAA4IBAQAsYAwb1iyntORynMjUwtS37dTV8u8oQgLdCfPhf29I0HkT/QgJae/X
+XYTxTCHY8Ks8dyWqA6so0bscZLmGkOyoashufwhoiEuYTQJsAeneObNPPqdSjiM7
+aoqFHbtyQoAUd0sUFrCQ45Pgc9NsXf/0Nlo2WhOeq8JfjwjE5Ya2VP/5LSTM8jl7
+duZT8pqtQzClMTtGhs4Ie6ULMMwhy6p5tdRvIbzp3nYuexW4RDiW+sGZuJUeGDpz
+90eL9irIOQRfeM9fFg5EvKdx2e38QsdrUAwOPFWGCsTar9JNi4J/rrhNRMxLSTKt
+8UBYFp7OwV0DOa2hF4dpmZwIRtiSuuiC
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDEDCCAfigAwIBAgIBLTANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQKEwdSb290
+IENBMB4XDTI0MTIwMzE0NTUyMloXDTI1MDEwMjE0NTUyMlowIjEgMB4GA1UEChMX
+SW50ZXJtZWRpYXRlIENBIExldmVsIDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
+ggEKAoIBAQDBGDihUQ0osFYifpR3rBy39+OpDYJbSVqQ1jeNN7iF50HkqBzQ+QMS
+KgXnp9OF+o7yO4U+UDxwrEJaJfUtra+yQi8nltRmO/yimA3t4m/eXnGOB4puMyUH
+rRlKwClkH38wIUK07Zi4bT0EP3IJTNDAZysOQA7Y4pzbUpRN5gZtSwWu0Vf1B/bJ
+/aTKWOVJO0xA48UsmA3T5UM+jDBMwxPhwdrzP0CjngVhpnQtxEX8wPfjonEqeQ7q
+ipAvgFkElT+eUSE5Osz4i994OTVSNgpiGDHS13CVy/QPdNXGiQX1cdAip0fCe5Zh
+NEhT2v09U+DNZ7F3ChfeuD2PIi2jLYSrAgMBAAGjYTBfMA4GA1UdDwEB/wQEAwIC
+hDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDwYDVR0TAQH/BAUwAwEB
+/zAdBgNVHQ4EFgQUMjSyAyG7TikEnstpcRQATVrgXewwDQYJKoZIhvcNAQELBQAD
+ggEBANHq7JwEc8ohGLBTNYg3dkIcEw2T/yl0Dbs+XI6QtXOFswUDHLgOjYHeJulc
++BvnDx2N58X49Eqqq3PrSAdchECd/YDRU9RAZGzFAeZanoMkDwRv90F/hsblKRGO
+A5T7d310dU6L4NjNcZvI90ICahP6YLrD4ycR2OLCDi9pgqoFfAJF7rbMx39QhxqH
+PB9BHtbh2+G9ZgL3S4h2PUTipcTJfz3LisdP36kBDqKS4BaAi0kes3/iffEU3Q+X
+ZsHTnOoDztDi3I5OJipCkiwW8RJsojgZJBjSi+S9fuzg0MoapkXqActBXNGvAv7u
+0jq8yWL9HNVqFANOocePdku5AGA=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDATCCAemgAwIBAgICAN0wDQYJKoZIhvcNAQELBQAwEjEQMA4GA1UEChMHUm9v
+dCBDQTAeFw0yNDEyMDMxNDU1MjFaFw0yNTAxMDIxNDU1MjFaMBIxEDAOBgNVBAoT
+B1Jvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDj9RegDJEK
+LJ5CCyKtaGH4HeAripSik/eB46FYVFT2x5GzzSAB/0AgRe+yAEjCqDCe+a/AcC8q
+P5a1weguaqfyM+aK/wwXUwK6J/abSNkyFgF6XPY2IJEq9b6pRFI0DPWJ6TniIXAA
+7ehKFxGcBRGoRMgC47S9u8vrZzoQXgohO8A0Z3TdkajXy6BVdGuzWBhFqN9Ueqqi
+4KaUOmNYLjbcvaixC5CfFTn8yHWvZ9JIadnRdzhOpUcGaUjqGemRVdpZ2mShGP+4
+AoeqEoJpRwR7jUoW2oxmep4tCk3Xr/jI2vdsri/dOzo3QX6L+rLRP7LHyUhCYOnt
+pSaLdhEhsjtRAgMBAAGjYTBfMA4GA1UdDwEB/wQEAwIChDAdBgNVHSUEFjAUBggr
+BgEFBQcDAQYIKwYBBQUHAwIwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUykNy
+DzIzHIW+cmUmSedYkTmqID4wDQYJKoZIhvcNAQELBQADggEBAKEfcBmTu/oi5qA5
+BQRbk1HSZ23dmg1J2jiB7ObsY+4Gf0tIBknla5x0o4VWOfu2CeeocLF8oV1FuIwK
+msyXrUhZxmmTI+bsL01f1/VMgdXM1OJdjBtmdijmq+NSPyTZw0MMP6kGXjgoI/Ip
+nWfqC3bq3Tkxe2m/9SL3EXC3FHWWzb7c6PsZl5sgF6lurPGTyH6L+syYiKv2/uyc
+NBzSu6ED5rdaBV68oc/QrCPhorbHVgOUq0TBjniqtNAYOTbtK7nsult6Xf5hlFaS
++KkbO3eIgkiINOBDBZg6c9TUYIu+SP9/27j60xoHjumEmayi94smeJAQ5qqkjTY6
+O6Qln1c=
+-----END CERTIFICATE-----