net/bakedroots: add LetsEncrypt ISRG Root X2

Updates #14690

Change-Id: Ib85e318d48450fc6534f7b0c1d4cc4335de7c0ff
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
This commit is contained in:
Brad Fitzpatrick
2025-01-21 17:19:42 -08:00
committed by Brad Fitzpatrick
parent 150cd30b1d
commit 042ed6bf69
2 changed files with 48 additions and 4 deletions
+20 -3
View File
@@ -3,13 +3,30 @@
package bakedroots
import "testing"
import (
"slices"
"testing"
)
func TestBakedInRoots(t *testing.T) {
ResetForTest(t, nil)
p := Get()
got := p.Subjects()
if len(got) != 1 {
t.Errorf("subjects = %v; want 1", len(got))
if len(got) != 2 {
t.Errorf("subjects = %v; want 2", len(got))
}
// TODO(bradfitz): is there a way to easily make this test prettier without
// writing a DER decoder? I'm not seeing how.
var name []string
for _, der := range got {
name = append(name, string(der))
}
want := []string{
"0O1\v0\t\x06\x03U\x04\x06\x13\x02US1)0'\x06\x03U\x04\n\x13 Internet Security Research Group1\x150\x13\x06\x03U\x04\x03\x13\fISRG Root X1",
"0O1\v0\t\x06\x03U\x04\x06\x13\x02US1)0'\x06\x03U\x04\n\x13 Internet Security Research Group1\x150\x13\x06\x03U\x04\x03\x13\fISRG Root X2",
}
if !slices.Equal(name, want) {
t.Errorf("subjects = %q; want %q", name, want)
}
}