From b093d0f68c76f3efd156f2a9ad920a9f98549066 Mon Sep 17 00:00:00 2001
From: Roland Groen <roland@headease.nl>
Date: Tue, 15 Oct 2024 00:12:19 +0200
Subject: [PATCH] Update test-cert CLI to include UZI, URA, and AGB parameters

Improved the test-cert command to specify UZI, URA, and AGB parameters instead of a single identifier. This change enhances flexibility and allows for a more precise definition of test certificates. Updated help text for better clarity and added comments to explain the format of the otherName field.
---
 main.go | 17 +++++++++++------
 1 file changed, 11 insertions(+), 6 deletions(-)

diff --git a/main.go b/main.go
index 5a1be53..ae49d22 100644
--- a/main.go
+++ b/main.go
@@ -9,14 +9,16 @@ import (
 )
 
 type VC struct {
-	CertificateFile string `arg:"" name:"certificate_file" help:"Certificate PEM file." type:"existingfile"`
+	CertificateFile string `arg:"" name:"certificate_file" help:"Certificate PEM file. If the file contains a chain, the chain will be used for signing." type:"existingfile"`
 	SigningKey      string `arg:"" name:"signing_key" help:"PEM key for signing." type:"existingfile"`
 	SubjectDID      string `arg:"" name:"subject_did" help:"The subject DID of the VC." type:"key"`
-	Test            bool   `short:"t" help:"Allow test certificates."`
+	Test            bool   `short:"t" help:"Allow for certificates signed by the TEST UZI Root CA."`
 }
 
 type TestCert struct {
-	Identifier string `arg:"" name:"identifier" help:"Identifier for the test certificate such as an URA or UZI number."`
+	Uzi string `arg:"" name:"uzi" help:"The UZI number for the test certificate."`
+	Ura string `arg:"" name:"ura" help:"The URA number for the test certificate."`
+	Agb string `arg:"" name:"agb" help:"The AGB code for the test certificate."`
 }
 
 var CLI struct {
@@ -45,10 +47,13 @@ func main() {
 			os.Exit(-1)
 		}
 		println(jwt)
-	case "test-cert <identifier>":
-		otherName := fmt.Sprintf("2.16.528.1.1007.1.%s", cli.TestCert.Identifier)
+	case "test-cert <uzi> <ura> <agb>":
+		// Format is 2.16.528.1.1007.99.2110-1-900030787-S-90000380-00.000-11223344
+		// <OID CA>-<versie-nr>-<UZI-nr>-<pastype>-<Abonnee-nr>-<rol>-<AGB-code>
+		// 2.16.528.1.1007.99.2110-1-<UZI-nr>-S-<Abonnee-nr>-00.000-<AGB-code>
+		otherName := fmt.Sprintf("2.16.528.1.1007.99.2110-1-%s-S-%s-00.000-%s", cli.TestCert.Uzi, cli.TestCert.Ura, cli.TestCert.Agb)
 		fmt.Println("Building certificate chain for identifier:", otherName)
-		chain, _, _, privKey, _, err := x509_cert.BuildCertChain(cli.TestCert.Identifier)
+		chain, _, _, privKey, _, err := x509_cert.BuildCertChain(otherName)
 		if err != nil {
 			fmt.Println(err)
 			os.Exit(-1)