add more test

README.md

@@ -1,5 +1,5 @@
 # Certify
-[![Go Reference](https://pkg.go.dev/badge/github.com/nothinux/certify.svg)](https://pkg.go.dev/github.com/nothinux/certify)  [![Go Report Card](https://goreportcard.com/badge/github.com/nothinux/certify)](https://goreportcard.com/report/github.com/nothinux/certify)  ![test status](https://github.com/nothinux/go-ps/actions/workflows/test.yml/badge.svg?branch=master)  [![codecov](https://codecov.io/gh/nothinux/certify/branch/master/graph/badge.svg?token=iR3c5Zwo3F)](https://codecov.io/gh/nothinux/certify)  
+[![Go Reference](https://pkg.go.dev/badge/github.com/nothinux/certify.svg)](https://pkg.go.dev/github.com/nothinux/certify)  [![Go Report Card](https://goreportcard.com/badge/github.com/nothinux/certify)](https://goreportcard.com/report/github.com/nothinux/certify)  ![test status](https://github.com/nothinux/certify/actions/workflows/test.yml/badge.svg?branch=master)  [![codecov](https://codecov.io/gh/nothinux/certify/branch/master/graph/badge.svg?token=iR3c5Zwo3F)](https://codecov.io/gh/nothinux/certify)  
 Certify can be used for creating a private CA (Certificate Authority) and issuing certificates signed by the pre-created CA.
 
 Certify is easy to use and can be used as an alternative to OpenSSL.

cmd/certify/command.go

@@ -86,7 +86,7 @@ func readRemoteCertificate(args []string) (string, error) {
 // matchCertificate math certificate with private key
 func matchCertificate(args []string) error {
 	if len(args) < 4 {
-		return fmt.Errorf("you must provide pkey and cert.\n")
+		return fmt.Errorf("you must provide pkey and cert")
 	}
 
 	pubkey, pubcert, err := matcher(args[2], args[3])

cmd/certify/command_test.go

@@ -174,6 +174,11 @@ func TestReadRemoteCertificate(t *testing.T) {
 			Args:          []string{"certify", "-connect", "1.1.1.1"},
 			ExpectedError: "missing port in address",
 		},
+		{
+			Name:          "Test no Host",
+			Args:          []string{"certify", "-connect"},
+			ExpectedError: "you must provide remote host",
+		},
 	}
 
 	for _, tt := range tests {
@@ -191,12 +196,32 @@ func TestReadRemoteCertificate(t *testing.T) {
 }
 
 func TestMatchCertificate(t *testing.T) {
-	if err := matchCertificate([]string{
-		"certify",
-		"-match",
-		"testdata/ca-key.pem",
-		"testdata/ca-cert.pem",
-	}); err != nil {
-		t.Fatal("private key and public key must match")
+	tests := []struct {
+		Name          string
+		Args          []string
+		expectedError string
+	}{
+		{
+			Name: "Test when certificate and private key match",
+			Args: []string{"certify", "-match", "testdata/ca-key.pem", "testdata/ca-cert.pem"},
+		},
+		{
+			Name:          "Test when certificate and private key doesnt match",
+			Args:          []string{"certify", "-match", "testdata/ca-key.pem", "testdata/nothinux.pem"},
+			expectedError: "private key doesn't match with given certificate",
+		},
+		{
+			Name:          "Test when no private key",
+			Args:          []string{"certify", "-match", "testdata/ca-cert.pem"},
+			expectedError: "you must provide pkey and cert",
+		},
+	}
+
+	for _, tt := range tests {
+		if err := matchCertificate(tt.Args); err != nil {
+			if !strings.Contains(err.Error(), tt.expectedError) {
+				t.Fatalf("got %v, want %v", err.Error(), tt.expectedError)
+			}
+		}
 	}
 }

cmd/certify/testdata/nothinux.pem

@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE-----
+MIIBlDCCATqgAwIBAgIQO/OgP7myWY17hJKsJNj72jAKBggqhkjOPQQDAjAhMRAw
+DgYDVQQKEwdjZXJ0aWZ5MQ0wCwYDVQQDEwRzYXlhMB4XDTIyMDQzMDE0MDI1NVoX
+DTIzMDQzMDIwMDI1NVowJTEQMA4GA1UEChMHY2VydGlmeTERMA8GA1UEAxMIbm90
+aGludXgwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASXbA1GfHG/O1Xr+wESBbde
+zrtRNfBB+3axMRV69lzZoEQrgbxDSlxZS+H7MW/pPEe/4wOLrk0NiubOV6nl2a2A
+o1AwTjAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwDAYDVR0TAQH/BAIw
+ADAfBgNVHSMEGDAWgBQe3V/CQc9PpcXWl4FPqF4A4V2QcDAKBggqhkjOPQQDAgNI
+ADBFAiEA2v4pDfFdtp8fX5thZtJNVQUELfDOUuVfItHuSFN2BIcCIAU5Asjr1vvm
+1XpLNN1xCzZrb/GauMb6AvDkpKV6hX89
+-----END CERTIFICATE-----