def testItShouldCreateACertificate(self): ca = CA() ca.create_ca() key, certificate = ca.create_certificate() assert isinstance(key, OpenSSL.crypto.PKey) assert isinstance(certificate, OpenSSL.crypto.X509)
def testItShouldLoadACA(self): old_ca = CA() old_ca.create_ca() key_pem = CA.pkey_to_pem(old_ca.ca_key) cert_pem = CA.certificate_to_pem(old_ca.ca_cert) ca = CA() assert ca.load(key_pem, cert_pem)
def testItShouldHaveACAAfterLoading(self): old_ca = CA() old_ca.create_ca() key_pem = CA.pkey_to_pem(old_ca.ca_key) cert_pem = CA.certificate_to_pem(old_ca.ca_cert) ca = CA() ca.load(key_pem, cert_pem) assert ca.has_ca()
def testItShouldNotLoadACAFromInvalidKeyMaterial(self): old_ca = CA() old_ca.create_ca() key_pem = CA.pkey_to_pem(old_ca.ca_key) old_ca.create_ca() cert_pem = CA.certificate_to_pem(old_ca.ca_cert) ca = CA() assert not ca.load(key_pem, cert_pem) assert not ca.has_ca()
def testTheCAKeyMaterialShouldBeValid(self): ca = CA() ca.create_ca() ctx = OpenSSL.SSL.Context(OpenSSL.SSL.TLSv1_METHOD) ctx.use_privatekey(ca.ca_key) ctx.use_certificate(ca.ca_cert) try: ctx.check_privatekey() except OpenSSL.SSL.Error: assert False, "key does not match certificate" except: pass
def testItShouldCreateACA(self): ca = CA() assert ca.create_ca()
def testItShouldHaveACAAfterCreation(self): ca = CA() ca.create_ca() assert ca.has_ca()
def testItShouldGetTheCAPrivateKey(self): ca = CA() ca.create_ca() assert isinstance(ca.ca_key, OpenSSL.crypto.PKey)
def testItShouldSerializeACertificateToPEM(self): ca = CA() ca.create_ca() assert CA.certificate_to_pem(ca.ca_cert).find(b"CERTIFICATE") >= 0
def testItShouldSerializeAPrivateKeyToPEM(self): ca = CA() ca.create_ca() assert CA.pkey_to_pem(ca.ca_key).find(b"PRIVATE KEY") >= 0
def testItShouldGetTheCACertificate(self): ca = CA() ca.create_ca() assert isinstance(ca.ca_cert, OpenSSL.crypto.X509)