From 020abccf79c437429fd97ed840597072c465fab7 Mon Sep 17 00:00:00 2001
From: c0repwn3r <core@coredoes.dev>
Date: Mon, 27 Feb 2023 10:24:30 -0500
Subject: [PATCH] cert ser/deser worky worky now

---
 trifid-pki/bad.hex.crt    |  1 -
 trifid-pki/hex.crt        |  1 -
 trifid-pki/known_good.crt |  5 -----
 trifid-pki/src/cert.rs    |  3 +--
 trifid-pki/src/test.rs    | 27 +++++++++++++++++----------
 trifid-pki/test_cert.crt  |  7 -------
 6 files changed, 18 insertions(+), 26 deletions(-)
 delete mode 100644 trifid-pki/bad.hex.crt
 delete mode 100644 trifid-pki/hex.crt
 delete mode 100644 trifid-pki/known_good.crt
 delete mode 100644 trifid-pki/test_cert.crt

diff --git a/trifid-pki/bad.hex.crt b/trifid-pki/bad.hex.crt
deleted file mode 100644
index a491a28..0000000
--- a/trifid-pki/bad.hex.crt
+++ /dev/null
@@ -1 +0,0 @@
-0aaa010a0774657374696e67121b8182845080feffff0f828284508080fcff0f83828450808080f80f1a1b8182844880ffffff0f8282844880feffff0f838284488080fcff0f220b746573742d67726f757031220b746573742d67726f757032220b746573742d67726f75703328888cf39f0630808df39f063a20313233343536373839306162636564666768696a3132333435363738393061624a101234567890abcedfabcd1234567890ab1220313233343536373839306162636564666768696a313233343536373839306162
\ No newline at end of file
diff --git a/trifid-pki/hex.crt b/trifid-pki/hex.crt
deleted file mode 100644
index 7fbc9ac..0000000
--- a/trifid-pki/hex.crt
+++ /dev/null
@@ -1 +0,0 @@
-0a490a1765337465616d20496e7465726e616c204e6574776f726b28959ebf9c06309585c4ab063a20afa70a07c8a639f10e7ed97c438eda027ffce5358fc451d07c6f05d04b0128e740011240740f1efa96432a7372321f9fa697674a8d3caf078262c3ac7769b7f961971ff2b0ee544810a6f15d266a37c49c886f70bdbca67a917b14c63c3ab3525d5a0900
\ No newline at end of file
diff --git a/trifid-pki/known_good.crt b/trifid-pki/known_good.crt
deleted file mode 100644
index 3969915..0000000
--- a/trifid-pki/known_good.crt
+++ /dev/null
@@ -1,5 +0,0 @@
------BEGIN NEBULA CERTIFICATE-----
-CkkKF2UzdGVhbSBJbnRlcm5hbCBOZXR3b3JrKJWev5wGMJWFxKsGOiCvpwoHyKY5
-8Q5+2XxDjtoCf/zlNY/EUdB8bwXQSwEo50ABEkB0Dx76lkMqc3IyH5+ml2dKjTyv
-B4Jiw6x3abf5YZcf8rDuVEgQpvFdJmo3xJyIb3C9vKZ6kXsUxjw6s1JdWgkA
------END NEBULA CERTIFICATE-----
\ No newline at end of file
diff --git a/trifid-pki/src/cert.rs b/trifid-pki/src/cert.rs
index 257715f..4be50b8 100644
--- a/trifid-pki/src/cert.rs
+++ b/trifid-pki/src/cert.rs
@@ -111,6 +111,7 @@ fn map_cidr_pairs(pairs: &[u32]) -> Result<Vec<Ipv4Net>, Box<dyn Error>> {
 }
 
 impl Display for NebulaCertificate {
+    #[allow(clippy::unwrap_used)]
     fn fmt(&self, f: &mut Formatter<'_>) -> std::fmt::Result {
         writeln!(f, "NebulaCertificate {{")?;
         writeln!(f, "   Details {{")?;
@@ -467,8 +468,6 @@ impl NebulaCertificate {
         let mut writer = Writer::new(&mut out);
         raw_cert.write_message(&mut writer)?;
 
-        println!("{:?}", hex::encode(out.clone()));
-
         Ok(out)
     }
 
diff --git a/trifid-pki/src/test.rs b/trifid-pki/src/test.rs
index d24127f..35b662e 100644
--- a/trifid-pki/src/test.rs
+++ b/trifid-pki/src/test.rs
@@ -1,7 +1,6 @@
 #![allow(clippy::unwrap_used)]
 #![allow(clippy::expect_used)]
 
-use std::fs;
 use crate::netmask;
 use std::net::Ipv4Addr;
 use std::ops::Add;
@@ -44,21 +43,29 @@ fn certificate_serialization() {
 
     let bytes = cert.serialize().unwrap();
 
-    fs::write("bad.hex.crt", hex::encode(bytes.clone())).unwrap();
-
     let deserialized = deserialize_nebula_certificate(&bytes).unwrap();
-/*
-assert.Equal(t, nc.Details.Name, nc2.Details.Name)
-	assert.Equal(t, nc.Details.NotBefore, nc2.Details.NotBefore)
-	assert.Equal(t, nc.Details.NotAfter, nc2.Details.NotAfter)
-	assert.Equal(t, nc.Details.PublicKey, nc2.Details.PublicKey)
-	assert.Equal(t, nc.Details.IsCA, nc2.Details.IsCA)
- */
+
     assert_eq!(cert.signature, deserialized.signature);
     assert_eq!(cert.details.name, deserialized.details.name);
     assert_eq!(cert.details.not_before, deserialized.details.not_before);
     assert_eq!(cert.details.not_after, deserialized.details.not_after);
     assert_eq!(cert.details.public_key, deserialized.details.public_key);
+    assert_eq!(cert.details.is_ca, deserialized.details.is_ca);
+
+    assert_eq!(cert.details.ips.len(), deserialized.details.ips.len());
+    for item in &cert.details.ips {
+        assert!(deserialized.details.ips.contains(item), "deserialized does not contain from source");
+    }
+
+    assert_eq!(cert.details.subnets.len(), deserialized.details.subnets.len());
+    for item in &cert.details.subnets {
+        assert!(deserialized.details.subnets.contains(item), "deserialized does not contain from source");
+    }
+
+    assert_eq!(cert.details.groups.len(), deserialized.details.groups.len());
+    for item in &cert.details.groups {
+        assert!(deserialized.details.groups.contains(item), "deserialized does not contain from source");
+    }
 }
 
 #[macro_export]
diff --git a/trifid-pki/test_cert.crt b/trifid-pki/test_cert.crt
deleted file mode 100644
index 451ee14..0000000
--- a/trifid-pki/test_cert.crt
+++ /dev/null
@@ -1,7 +0,0 @@
------BEGIN NEBULA CERTIFICATE-----
-zwEKqgEKB3Rlc3RpbmcSG4GChFCA/v//D4KChFCAgPz/D4OChFCAgID4DxobgYKE
-SID///8PgoKESID+//8Pg4KESICA/P8PIgt0ZXN0LWdyb3VwMSILdGVzdC1ncm91
-cDIiC3Rlc3QtZ3JvdXAzKLDU8p8GMKjV8p8GOiAxMjM0NTY3ODkwYWJjZWRmZ2hp
-ajEyMzQ1Njc4OTBhYkoQEjRWeJCrzt+rzRI0VniQqxIgMTIzNDU2Nzg5MGFiY2Vk
-ZmdoaWoxMjM0NTY3ODkwYWI=
------END NEBULA CERTIFICATE-----