[OOM-K8S-CERT-EXTERNAL-PROVIDER] Extend SANs support

- Extend support SANs: email, ip, uri - Fix logging filtered Csr issue Issue-ID: OOM-2559 Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com> Change-Id: Ib3f2ff2a6383ca46629e457df76c6a70f549ac1b
author: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com> 2020-11-18 11:50:11 +0100
committer: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com> 2020-11-18 13:56:47 +0100
commit: 37fd0c9c705fe467ffa9df6a1b3acec51e479392 (patch)
tree: 7ccb712477133c34eea731981ec64a2011402009 /certServiceK8sExternalProvider/src/cmpv2provisioner/csr
parent: 944cae91430e83ddd801386a80b5333f2bff6775 (diff)
2 files changed, 6 insertions, 3 deletions
diff --git a/certServiceK8sExternalProvider/src/cmpv2provisioner/csr/csr.go b/certServiceK8sExternalProvider/src/cmpv2provisioner/csr/csr.go
index 1a86866b..583d533e 100644
--- a/certServiceK8sExternalProvider/src/cmpv2provisioner/csr/csr.go
+++ b/certServiceK8sExternalProvider/src/cmpv2provisioner/csr/csr.go
@@ -45,6 +45,9 @@ func FilterFieldsFromCSR(csrBytes []byte, privateKeyBytes []byte) ([]byte, error
 	filteredCsr, err := x509.CreateCertificateRequest(rand.Reader, &x509.CertificateRequest{
 		Subject:  filteredSubject,
 		DNSNames: csr.DNSNames,
+		IPAddresses: csr.IPAddresses,
+		URIs: csr.URIs,
+		EmailAddresses: csr.EmailAddresses,
 	}, key)
 	if err != nil {
 		return nil, err
diff --git a/certServiceK8sExternalProvider/src/cmpv2provisioner/csr/csr_test.go b/certServiceK8sExternalProvider/src/cmpv2provisioner/csr/csr_test.go
index 08fb5538..ff9a799a 100644
--- a/certServiceK8sExternalProvider/src/cmpv2provisioner/csr/csr_test.go
+++ b/certServiceK8sExternalProvider/src/cmpv2provisioner/csr/csr_test.go
@@ -75,6 +75,9 @@ func assertNotFilteredFieldsNotChanged(t *testing.T, originalCsrBytes []byte, fi
 	filteredCsr := parseCsrBytes(filteredCsrBytes)
 
 	assert.Equal(t, originalCsr.DNSNames, filteredCsr.DNSNames)
+	assert.Equal(t, originalCsr.URIs, filteredCsr.URIs)
+	assert.Equal(t, originalCsr.EmailAddresses, filteredCsr.EmailAddresses)
+	assert.Equal(t, originalCsr.IPAddresses, filteredCsr.IPAddresses)
 	assert.Equal(t, originalCsr.PublicKey, filteredCsr.PublicKey)
 	assert.Equal(t, originalCsr.PublicKeyAlgorithm, filteredCsr.PublicKeyAlgorithm)
 	assert.Equal(t, originalCsr.SignatureAlgorithm, filteredCsr.SignatureAlgorithm)
@@ -88,9 +91,6 @@ func assertNotFilteredFieldsNotChanged(t *testing.T, originalCsrBytes []byte, fi
 
 func assertFilteredFieldsEmpty(t *testing.T, csrBytes []byte) {
 	csr := parseCsrBytes(csrBytes)
-	assert.Nil(t, csr.URIs)
-	assert.Nil(t, csr.EmailAddresses)
-	assert.Nil(t, csr.IPAddresses)
 	assert.Nil(t, csr.Subject.PostalCode)
 	assert.Equal(t, "", csr.Subject.SerialNumber)
 	assert.Nil(t, csr.Subject.StreetAddress)
author	Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com>	2020-11-18 11:50:11 +0100
committer	Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com>	2020-11-18 13:56:47 +0100
commit	37fd0c9c705fe467ffa9df6a1b3acec51e479392 (patch)
tree	7ccb712477133c34eea731981ec64a2011402009 /certServiceK8sExternalProvider/src/cmpv2provisioner/csr
parent	944cae91430e83ddd801386a80b5333f2bff6775 (diff)