From eb07f2f679e7073d359c465dcb09088b2eee271b Mon Sep 17 00:00:00 2001
From: Daniel McCarney <daniel@binaryparadox.net>
Date: Wed, 6 Sep 2023 10:24:01 -0400
Subject: [PATCH] verify_cert: pull out `make_end_entity` test helper

---
 src/verify_cert.rs | 34 ++++++++++++++++------------------
 1 file changed, 16 insertions(+), 18 deletions(-)

diff --git a/src/verify_cert.rs b/src/verify_cert.rs
index e2afedbe..103dba7b 100644
--- a/src/verify_cert.rs
+++ b/src/verify_cert.rs
@@ -449,8 +449,6 @@ mod tests {
         use crate::ECDSA_P256_SHA256;
         use crate::{EndEntityCert, Time};
 
-        let alg = &rcgen::PKCS_ECDSA_P256_SHA256;
-
         let ca_cert = make_issuer("Bogus Subject");
         let ca_cert_der = ca_cert.serialize_der().unwrap();
 
@@ -463,15 +461,10 @@ mod tests {
             issuer = intermediate;
         }
 
-        let mut ee_params = rcgen::CertificateParams::new(vec!["example.com".to_string()]);
-        ee_params.is_ca = rcgen::IsCa::ExplicitNoCa;
-        ee_params.alg = alg;
-        let ee_cert = rcgen::Certificate::from_params(ee_params).unwrap();
-        let ee_cert_der = ee_cert.serialize_der_with_signer(&issuer).unwrap();
-
+        let ee_cert_der = make_end_entity(&issuer);
+        let cert = EndEntityCert::try_from(&ee_cert_der[..]).unwrap();
         let anchors = &[TrustAnchor::try_from_cert_der(&ca_cert_der).unwrap()];
         let time = Time::from_seconds_since_unix_epoch(0x1fed_f00d);
-        let cert = EndEntityCert::try_from(&ee_cert_der[..]).unwrap();
         let mut intermediate_certs = intermediates.iter().map(|x| x.as_ref()).collect::<Vec<_>>();
 
         if let TrustAnchorIsActualIssuer::No = trust_anchor_is_actual_issuer {
@@ -512,8 +505,6 @@ mod tests {
         use crate::ECDSA_P256_SHA256;
         use crate::{EndEntityCert, Time};
 
-        let alg = &rcgen::PKCS_ECDSA_P256_SHA256;
-
         let ca_cert = make_issuer(format!("Bogus Subject {chain_length}"));
         let ca_cert_der = ca_cert.serialize_der().unwrap();
 
@@ -526,15 +517,10 @@ mod tests {
             issuer = intermediate;
         }
 
-        let mut ee_params = rcgen::CertificateParams::new(vec!["example.com".to_string()]);
-        ee_params.is_ca = rcgen::IsCa::ExplicitNoCa;
-        ee_params.alg = alg;
-        let ee_cert = rcgen::Certificate::from_params(ee_params).unwrap();
-        let ee_cert_der = ee_cert.serialize_der_with_signer(&issuer).unwrap();
-
+        let ee_cert_der = make_end_entity(&issuer);
+        let cert = EndEntityCert::try_from(&ee_cert_der[..]).unwrap();
         let anchors = &[TrustAnchor::try_from_cert_der(&ca_cert_der).unwrap()];
         let time = Time::from_seconds_since_unix_epoch(0x1fed_f00d);
-        let cert = EndEntityCert::try_from(&ee_cert_der[..]).unwrap();
         let intermediates_der = intermediates.iter().map(|x| x.as_ref()).collect::<Vec<_>>();
 
         build_chain(
@@ -581,4 +567,16 @@ mod tests {
         ca_params.alg = &rcgen::PKCS_ECDSA_P256_SHA256;
         rcgen::Certificate::from_params(ca_params).unwrap()
     }
+
+    #[cfg(feature = "alloc")]
+    fn make_end_entity(issuer: &rcgen::Certificate) -> Vec<u8> {
+        let mut ee_params = rcgen::CertificateParams::new(vec!["example.com".to_string()]);
+        ee_params.is_ca = rcgen::IsCa::ExplicitNoCa;
+        ee_params.alg = &rcgen::PKCS_ECDSA_P256_SHA256;
+
+        rcgen::Certificate::from_params(ee_params)
+            .unwrap()
+            .serialize_der_with_signer(issuer)
+            .unwrap()
+    }
 }