Ejemplo n.º 1
0
 def test_invalid_auth2(self):
     cloud_conn = CloudConnection(token='invalid-format-token',
                                  url=CLOUDURL)
     with self.assertRaises(Exception):
         cloud_conn.auth()
Ejemplo n.º 2
0
class TestCloudMethods(unittest.TestCase):
    def __init__(self, *args, **kwargs):
        self.cloud_zone = environ['CLOUD_ZONE']
        self.cloud_conn = CloudConnection(token=TOKEN, url=CLOUDURL)
        super(TestCloudMethods, self).__init__(*args, **kwargs)

    def test_cloud_enroll(self):
        cn = randomword(10) + ".venafi.example.com"
        enroll(self.cloud_conn, self.cloud_zone, cn)

    def test_cloud_enroll_with_custom_csr(self):
        key = open("/tmp/csr-test.key.pem").read()
        csr = open("/tmp/csr-test.csr.csr").read()
        enroll(self.cloud_conn, self.cloud_zone, private_key=key, csr=csr)

    def test_cloud_renew(self):
        cn = randomword(10) + ".venafi.example.com"
        cert_id, pkey, cert, _ = enroll(self.cloud_conn, self.cloud_zone, cn)
        time.sleep(5)
        renew(self.cloud_conn, cert_id, pkey, cert.serial_number, cn)

    def test_cloud_renew_twice(self):
        cn = randomword(10) + ".venafi.example.com"
        cert_id, pkey, cert, _ = enroll(self.cloud_conn, self.cloud_zone, cn)
        time.sleep(5)
        renew(self.cloud_conn, cert_id, pkey, cert.serial_number, cn)
        time.sleep(5)
        renew(self.cloud_conn, cert_id, pkey, cert.serial_number, cn)

    def test_cloud_renew_by_thumbprint(self):
        cn = randomword(10) + ".venafi.example.com"
        cert_id, pkey, cert, _ = enroll(self.cloud_conn, self.cloud_zone, cn)
        time.sleep(5)
        renew_by_thumbprint(self.cloud_conn, cert)

    def test_cloud_renew_without_key_reuse(self):
        renew_without_key_reuse(self, self.cloud_conn, self.cloud_zone)

    def test_cloud_read_zone_config(self):
        zone = self.cloud_conn.read_zone_conf(self.cloud_zone)
        self.assertEqual(zone.key_type.key_type, KeyType.RSA)
        self.assertEqual(zone.key_type.option, 2048)
        p = zone.policy
        self.assertListEqual(p.SubjectCNRegexes, [
            '.*.example.com', '.*.example.org', '.*.example.net', '.*.invalid',
            '.*.local', '.*.localhost', '.*.test', '.*.vfidev.com'
        ])
        self.assertListEqual(p.SubjectCRegexes, [".*"])
        self.assertListEqual(p.SubjectLRegexes, [".*"])
        self.assertListEqual(p.SubjectORegexes, [".*"])
        self.assertListEqual(p.SubjectOURegexes, [".*"])
        self.assertEqual(p.key_types[0].option, 2048)
        self.assertEqual(p.key_types[1].option, 4096)

    def test_cloud_read_zone_unknown_zone(self):
        with self.assertRaises(Exception):
            self.cloud_conn.read_zone_conf(
                "4d806fbc-06bb-4a2a-b224-9e58a7e996f5")

    def test_cloud_read_zone_invalud_zone(self):
        with self.assertRaises(Exception):
            self.cloud_conn.read_zone_conf("fdsfsfa")

    def test_cloud_retrieve_non_issued(self):
        req = CertificateRequest(
            cert_id="4d806fbc-06bb-4a2a-b224-9e58a7e996f5")
        with self.assertRaises(Exception):
            self.cloud_conn.retrieve_cert(req)

    def test_cloud_search_by_thumbpint(self):
        req, cert = simple_enroll(self.cloud_conn, self.cloud_zone)
        cert = x509.load_pem_x509_certificate(cert.cert.encode(),
                                              default_backend())
        fingerprint = binascii.hexlify(cert.fingerprint(
            hashes.SHA1())).decode()
        time.sleep(1)
        found = self.cloud_conn.search_by_thumbprint(fingerprint)
        self.assertEqual(found.manage_id, req.manage_id)

    def test_auth(self):
        self.cloud_conn.auth()

    def test_invalid_auth(self):
        cloud_conn = CloudConnection(
            token='5eebed3b-0542-4c0d-a42e-b1e6e4630c3d', url=CLOUDURL)
        with self.assertRaises(Exception):
            cloud_conn.auth()

    def test_invalid_auth2(self):
        cloud_conn = CloudConnection(token='invalid-format-token',
                                     url=CLOUDURL)
        with self.assertRaises(Exception):
            cloud_conn.auth()
Ejemplo n.º 3
0
 def test_invalid_auth(self):
     cloud_conn = CloudConnection(
         token='5eebed3b-0542-4c0d-a42e-b1e6e4630c3d', url=CLOUDURL)
     with self.assertRaises(Exception):
         cloud_conn.auth()