Beispiel #1
0
    def test_create_ca(self):
        ca_path = self.create_tempdir()
        common_name = "Acme Root CA"
        ca = CA(ca_path=ca_path, openssl_path=self._openssl_path)
        res = ca.initialize(dn=dict(cn=common_name),
                            newkey='rsa:512',
                            alt_names=[
                                'acme.com',
                                'www.acme.com',
                                '192.168.56.100',
                                '*****@*****.**',
                                'http://www.example.com',
                            ])
        self.assertTrue(
            res.get('success'),
            "Message: {}\nConf: {}\n".format(res.get('message'),
                                             res.get("conf")))

        res_parsed = self.extractor.get_x509_as_json(text=res.get('cert'), )

        san = get_san_from_extensions(res_parsed['extensions'])

        self.assertEqual(len(san), 5)
        self.assertEqual(
            sorted(san),
            sorted([
                "DNS:acme.com", "DNS:www.acme.com",
                "IP Address:192.168.56.100", "email:[email protected]",
                "URI:http://www.example.com"
            ]))
Beispiel #2
0
 def init_ca(self):
     ca_path = self.create_tempdir()
     common_name = "Acme Root CA"
     ca = CA(ca_path=ca_path, openssl_path=self._openssl_path)
     res_ca = ca.initialize(
         dn=dict(cn=common_name),
         newkey='rsa:512',
         alt_names=[
             'example.com',
         ],
     )
     self.assertTrue(res_ca.get('success'))
     return ca
Beispiel #3
0
    def test_get_csr_san(self):
        """Create a CA and sign certificates with it"""
        ca_path = self.create_tempdir()
        common_name = "Acme Root CA"
        ca = CA(ca_path=ca_path, openssl_path=self._openssl_path)
        res_ca = ca.initialize(
            dn=dict(cn=common_name),
            newkey='rsa:512',
            alt_names=[
                'example.com',
                'www.example.com',
                '192.168.56.100',
                '*****@*****.**',
                'http://www.example.com',
            ],
        )
        self.assertTrue(
            res_ca.get('success'),
            "Message: {}\nConf: {}\n".format(res_ca.get('message'),
                                             res_ca.get("conf")))

        # SAN certificate
        res_cert_san = ca.sign_request(CSR_SAN)
        self.assertTrue(res_cert_san.get('success'),
                        "Message: {}\n".format(res_cert_san.get('message')))

        csrs = ca.list_requests()
        self.assertEqual(len(csrs), 1)

        server_csr = ca.get_request(csrs[0]['id'])
        self.assertTrue('subject' in server_csr)
        self.assertEqual(server_csr['subject']['CN'], 'acme.org')

        res_parsed = self.extractor.get_x509_as_json(
            text=res_cert_san.get('cert'))

        self.assertEqual(res_parsed['issuer']['CN'], common_name)
        self.assertEqual(res_parsed['subject']['O'], 'Acme Machines INC')

        san = get_san_from_extensions(res_parsed['extensions'])
        expected_san = [
            'DNS:acme.org', 'DNS:cdn1.far-away.com', 'DNS:www.acme.org',
            'IP Address:192.168.56.100'
        ]
        self.assertEqual(sorted(san), expected_san)

        requests = ca.list_requests()
        self.assertEqual(len(requests), 1)

        certs = ca.list_certificates()
        self.assertTrue(len(certs) > 0)

        for cert in certs:
            cert_res = ca.get_certificate(serial=cert['id'])
            self.assertTrue(cert_res is not None)
Beispiel #4
0
    def test_create_ca_utf8_higher_codepoint(self):
        ca_path = self.create_tempdir()
        ca = CA(ca_path=ca_path, openssl_path=self._openssl_path)
        res_ca = ca.initialize(
            dn=dict(
                cn='Ragnarr Lođbrok',
                c='no',
                st='Kattegatt',
            ),
            newkey='rsa:512',
        )
        self.assertTrue(res_ca.get('success'))
        info = ca.get_info()

        cn = info['rootca']['subject']['CN']

        self.assertEqual(cn, 'Ragnarr Lođbrok')
Beispiel #5
0
    def test_create_ca_utf8(self):
        ca_path = self.create_tempdir()
        ca = CA(ca_path=ca_path, openssl_path=self._openssl_path)
        res_ca = ca.initialize(
            dn=dict(
                cn='example.com',
                c='se',
                st='Östergötlands Län',
            ),
            newkey='rsa:512',
        )
        self.assertTrue(res_ca.get('success'))
        info = ca.get_info()
        print(info)

        st = info['rootca']['subject']['ST']

        self.assertEqual(st, 'Östergötlands Län')
Beispiel #6
0
    def test_get_csr(self):
        """Create a CA and sign certificates with it"""
        ca_path = self.create_tempdir()
        common_name = "Acme Root CA"
        ca = CA(ca_path=ca_path, openssl_path=self._openssl_path)
        res_ca = ca.initialize(
            dn=dict(cn=common_name),
            newkey='rsa:512',
            alt_names=[
                'example.com',
                'www.example.com',
                '192.168.56.100',
                '*****@*****.**',
                'http://www.example.com',
            ],
        )
        self.assertTrue(
            res_ca.get('success'),
            "Message: {}\nConf: {}\n".format(res_ca.get('message'),
                                             res_ca.get("conf")))

        # CN certificate
        res_cert = ca.sign_request(CSR_CN)
        self.assertTrue(res_cert.get('success'),
                        "Message: {}\n".format(res_cert.get('message')))

        csrs = ca.list_requests()
        self.assertEqual(len(csrs), 1)

        server_csr = ca.get_request(csrs[0]['id'])
        self.assertTrue('subject' in server_csr)
        self.assertEqual(server_csr['subject']['CN'], 'example.com')