Python GenerateSelfSignedX509Cert Examples

Programming Language: Python

Namespace/Package Name: ganeti.utils

Method/Function: GenerateSelfSignedX509Cert

Examples at hotexamples.com: 2

Python GenerateSelfSignedX509Cert - 2 examples found. These are the top rated real world Python examples of ganeti.utils.GenerateSelfSignedX509Cert extracted from open source projects. You can rate examples to help us improve the quality of examples.

Example #1

Show file

File: ganeti.utils.x509_unittest.py Project: badp/ganeti

  def test(self):
    for common_name in [None, ".", "Ganeti", "node1.example.com"]:
      (key_pem, cert_pem) = utils.GenerateSelfSignedX509Cert(common_name, 300)
      self._checkRsaPrivateKey(key_pem)
      self._checkCertificate(cert_pem)

      key = OpenSSL.crypto.load_privatekey(OpenSSL.crypto.FILETYPE_PEM,
                                           key_pem)
      self.assert_(key.bits() >= 1024)
      self.assertEqual(key.bits(), constants.RSA_KEY_BITS)
      self.assertEqual(key.type(), OpenSSL.crypto.TYPE_RSA)

      x509 = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM,
                                             cert_pem)
      self.failIf(x509.has_expired())
      self.assertEqual(x509.get_issuer().CN, common_name)
      self.assertEqual(x509.get_subject().CN, common_name)
      self.assertEqual(x509.get_pubkey().bits(), constants.RSA_KEY_BITS)

Example #2

Show file

    def test(self):
        # Generate certificate valid for 5 minutes
        (_, cert_pem) = utils.GenerateSelfSignedX509Cert(None, 300, 1)

        cert = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM,
                                               cert_pem)

        # No signature at all
        self.assertRaises(errors.GenericError, utils.LoadSignedX509Certificate,
                          cert_pem, self.KEY)

        # Invalid input
        self.assertRaises(errors.GenericError, utils.LoadSignedX509Certificate,
                          "", self.KEY)
        self.assertRaises(errors.GenericError, utils.LoadSignedX509Certificate,
                          "X-Ganeti-Signature: \n", self.KEY)
        self.assertRaises(errors.GenericError, utils.LoadSignedX509Certificate,
                          "X-Ganeti-Sign: $1234$abcdef\n", self.KEY)
        self.assertRaises(errors.GenericError, utils.LoadSignedX509Certificate,
                          "X-Ganeti-Signature: $1234567890$abcdef\n", self.KEY)
        self.assertRaises(errors.GenericError, utils.LoadSignedX509Certificate,
                          b"X-Ganeti-Signature: $1234$abc\n\n" + cert_pem,
                          self.KEY)

        # Invalid salt
        for salt in list("-_@$,:;/\\ \t\n"):
            self.assertRaises(errors.GenericError, utils.SignX509Certificate,
                              cert_pem, self.KEY, "foo%sbar" % salt)

        for salt in [
                "HelloWorld", "salt", string.ascii_letters, string.digits,
                utils.GenerateSecret(numbytes=4),
                utils.GenerateSecret(numbytes=16),
                "{123:456}".encode("ascii").hex()
        ]:
            signed_pem = utils.SignX509Certificate(cert, self.KEY, salt)

            self._Check(cert, salt, signed_pem)

            self._Check(cert, salt,
                        "X-Another-Header: with a value\n" + signed_pem)
            self._Check(cert, salt, (10 * "Hello World!\n") + signed_pem)
            self._Check(cert, salt, (signed_pem + "\n\na few more\n"
                                     "lines----\n------ at\nthe end!"))