Example #1
0
    def setUp(self):
        self.USER_GNUPGHOME = tempfile.TemporaryDirectory()
        self.ADMIN_GNUPGHOME = tempfile.TemporaryDirectory()
        self.AUTHORITY_FOLDER = tempfile.TemporaryDirectory()
        config = ConfigParser()
        config.read_string("""
            [ca]
            key = {authority_folder}/RootCA.key
            cert = {authority_folder}/RootCA.pem
            issuer = My Company Name
            alternate_name = *.myname.com

            [gnupg]
            user={user_gnupghome}
            admin={admin_gnupghome}

            [storage]
            engine=sqlite3

            [storage.sqlite3]
            db_path=:memory:
            """.format(
            user_gnupghome=self.USER_GNUPGHOME.name,
            admin_gnupghome=self.ADMIN_GNUPGHOME.name,
            authority_folder=self.AUTHORITY_FOLDER.name,
        ))
        Config.init_config(config=config)
        self.common_name = "user@host"
        self.key = generate_key()
        self.engine = storage.SQLiteStorageEngine(Config)
        cur = self.engine.conn.cursor()
        cur.execute("DROP TABLE IF EXISTS certs")
        self.engine.conn.commit()
        self.engine.init_db()
        self.cert_processor = CertProcessor(Config)
        self.user_gpg = gnupg.GPG(gnupghome=self.USER_GNUPGHOME.name)
        self.admin_gpg = gnupg.GPG(gnupghome=self.ADMIN_GNUPGHOME.name)
        self.users = [
            User("user@host", gen_passwd(), generate_key(), gpg=self.user_gpg),
            User("user2@host", gen_passwd(), generate_key(),
                 gpg=self.user_gpg),
            User("user3@host", gen_passwd(), generate_key(),
                 gpg=self.user_gpg),
        ]
        self.invalid_users = [
            User("user4@host", gen_passwd(), generate_key(), gpg=self.user_gpg)
        ]
        self.admin_users = [
            User("admin@host",
                 gen_passwd(),
                 generate_key(),
                 gpg=self.admin_gpg)
        ]
        for user in self.users:
            self.user_gpg.import_keys(
                self.user_gpg.export_keys(user.fingerprint))
        for user in self.admin_users:
            self.admin_gpg.import_keys(
                self.admin_gpg.export_keys(user.fingerprint))
Example #2
0
    def setUp(self):
        self.USER_GNUPGHOME = tempfile.TemporaryDirectory()
        self.ADMIN_GNUPGHOME = tempfile.TemporaryDirectory()
        self.NEW_USER_GNUPGHOME = tempfile.TemporaryDirectory()
        self.NEW_ADMIN_GNUPGHOME = tempfile.TemporaryDirectory()
        self.SEED_DIR = tempfile.TemporaryDirectory()
        self.config = ConfigParser()
        self.config.read_string(
            """
            [mtls]
            min_lifetime=60
            max_lifetime=0
            seed_dir={seed_dir}

            [ca]
            key = secrets/certs/authority/RootCA.key
            cert = secrets/certs/authority/RootCA.pem
            issuer = My Company Name
            alternate_name = *.myname.com

            [gnupg]
            user={user_gnupghome}
            admin={admin_gnupghome}

            [storage]
            engine=sqlite3

            [storage.sqlite3]
            db_path=:memory:
            """.format(
                seed_dir=self.SEED_DIR.name,
                user_gnupghome=self.USER_GNUPGHOME.name,
                admin_gnupghome=self.ADMIN_GNUPGHOME.name,
            )
        )
        Config.init_config(config=self.config)
        self.new_user_gpg = gnupg.GPG(gnupghome=self.NEW_USER_GNUPGHOME.name)
        self.new_admin_gpg = gnupg.GPG(gnupghome=self.NEW_ADMIN_GNUPGHOME.name)
        self.new_users = [
            User(
                "user@host",
                gen_passwd(),
                generate_key(),
                gpg=self.new_user_gpg,
            )
        ]
        self.new_admins = [
            User(
                "admin@host",
                gen_passwd(),
                generate_key(),
                gpg=self.new_admin_gpg,
            )
        ]
Example #3
0
    def setUp(self):
        self.USER_GNUPGHOME = tempfile.TemporaryDirectory()
        self.ADMIN_GNUPGHOME = tempfile.TemporaryDirectory()
        self.NEW_USER_GNUPGHOME = tempfile.TemporaryDirectory()
        self.NEW_ADMIN_GNUPGHOME = tempfile.TemporaryDirectory()
        self.SEED_DIR = tempfile.TemporaryDirectory()
        self.config = ConfigParser()
        self.config.read_string("""
            [mtls]
            min_lifetime=60
            max_lifetime=0
            seed_dir={seed_dir}

            [ca]
            key = secrets/certs/authority/RootCA.key
            cert = secrets/certs/authority/RootCA.pem
            issuer = My Company Name
            alternate_name = *.myname.com

            [gnupg]
            user={user_gnupghome}
            admin={admin_gnupghome}

            [storage]
            engine=sqlite3

            [storage.sqlite3]
            db_path=:memory:
            """.format(
            user_gnupghome=self.USER_GNUPGHOME.name,
            admin_gnupghome=self.ADMIN_GNUPGHOME.name,
            seed_dir=self.SEED_DIR.name,
        ))
        Config.init_config(config=self.config)
        self.common_name = "user@host"
        self.key = generate_key()
        self.engine = storage.SQLiteStorageEngine(Config)
        cur = self.engine.conn.cursor()
        cur.execute("DROP TABLE IF EXISTS certs")
        self.engine.conn.commit()
        self.engine.init_db()
        self.cert_processor = CertProcessor(Config)
        self.user_gpg = gnupg.GPG(gnupghome=self.USER_GNUPGHOME.name)
        self.admin_gpg = gnupg.GPG(gnupghome=self.ADMIN_GNUPGHOME.name)
        self.new_user_gpg = gnupg.GPG(gnupghome=self.NEW_USER_GNUPGHOME.name)
        self.new_admin_gpg = gnupg.GPG(gnupghome=self.NEW_ADMIN_GNUPGHOME.name)
        self.new_users = [
            User(
                "user@host",
                gen_passwd(),
                generate_key(),
                gpg=self.new_user_gpg,
            )
        ]
        self.new_admins = [
            User(
                "admin@host",
                gen_passwd(),
                generate_key(),
                gpg=self.new_admin_gpg,
            )
        ]
Example #4
0
    def setUp(self):
        self.USER_GNUPGHOME = tempfile.TemporaryDirectory()
        self.ADMIN_GNUPGHOME = tempfile.TemporaryDirectory()
        self.INVALID_GNUPGHOME = tempfile.TemporaryDirectory()
        self.NEW_USER_GNUPGHOME = tempfile.TemporaryDirectory()
        self.config = ConfigParser()
        self.config.read_string("""
            [mtls]
            min_lifetime=60
            max_lifetime=0

            [ca]
            key = secrets/certs/authority/RootCA.key
            cert = secrets/certs/authority/RootCA.pem
            issuer = My Company Name
            alternate_name = *.myname.com

            [gnupg]
            user={user_gnupghome}
            admin={admin_gnupghome}

            [storage]
            engine=sqlite3

            [storage.sqlite3]
            db_path=:memory:
            """.format(
            user_gnupghome=self.USER_GNUPGHOME.name,
            admin_gnupghome=self.ADMIN_GNUPGHOME.name,
        ))
        Config.init_config(config=self.config)
        self.common_name = "user@host"
        self.key = generate_key()
        self.engine = storage.SQLiteStorageEngine(Config)
        cur = self.engine.conn.cursor()
        cur.execute("DROP TABLE IF EXISTS certs")
        self.engine.conn.commit()
        self.engine.init_db()
        self.cert_processor = CertProcessor(Config)
        self.handler = Handler(Config)
        self.user_gpg = gnupg.GPG(gnupghome=self.USER_GNUPGHOME.name)
        self.admin_gpg = gnupg.GPG(gnupghome=self.ADMIN_GNUPGHOME.name)
        self.invalid_gpg = gnupg.GPG(gnupghome=self.INVALID_GNUPGHOME.name)
        self.new_user_gpg = gnupg.GPG(gnupghome=self.NEW_USER_GNUPGHOME.name)
        self.users = [
            User("user@host", gen_passwd(), generate_key(), gpg=self.user_gpg),
            User("user2@host", gen_passwd(), generate_key(),
                 gpg=self.user_gpg),
            User("user3@host", gen_passwd(), generate_key(),
                 gpg=self.user_gpg),
        ]
        self.invalid_users = [
            User(
                "user4@host",
                gen_passwd(),
                generate_key(),
                gpg=self.invalid_gpg,
            )
        ]
        self.admin_users = [
            User("admin@host",
                 gen_passwd(),
                 generate_key(),
                 gpg=self.admin_gpg)
        ]
        self.new_users = [
            User(
                "newuser@host",
                gen_passwd(),
                generate_key(),
                gpg=self.new_user_gpg,
            ),
            User(
                "newuser2@host",
                gen_passwd(),
                generate_key(),
                gpg=self.new_user_gpg,
            ),
        ]
        for user in self.users:
            self.user_gpg.import_keys(
                self.user_gpg.export_keys(user.fingerprint))
            self.user_gpg.trust_keys([user.fingerprint], "TRUST_ULTIMATE")
        for user in self.admin_users:
            # Import to admin keychain
            self.admin_gpg.import_keys(
                self.admin_gpg.export_keys(user.fingerprint))
            self.admin_gpg.trust_keys([user.fingerprint], "TRUST_ULTIMATE")
            # Import to user keychain
            self.user_gpg.import_keys(
                self.admin_gpg.export_keys(user.fingerprint))
            self.user_gpg.trust_keys([user.fingerprint], "TRUST_ULTIMATE")
        for user in self.invalid_users:
            self.invalid_gpg.import_keys(
                self.invalid_gpg.export_keys(user.fingerprint))
            self.invalid_gpg.trust_keys([user.fingerprint], "TRUST_ULTIMATE")
        for user in self.new_users:
            self.new_user_gpg.import_keys(
                self.new_user_gpg.export_keys(user.fingerprint))
            self.new_user_gpg.trust_keys([user.fingerprint], "TRUST_ULTIMATE")
Example #5
0
 def test_generate_cert_with_password(self):
     os.environ["CA_KEY_PASSWORD"] = gen_passwd()
     self.generate_cert()
     del os.environ["CA_KEY_PASSWORD"]
Example #6
0
 def test_has_ca_key(self):
     os.environ["CA_KEY_PASSWORD"] = gen_passwd()
     self.has_ca_key()
     del os.environ["CA_KEY_PASSWORD"]
Example #7
0
 def test_get_ca_cert(self):
     os.environ["CA_KEY_PASSWORD"] = gen_passwd()
     self.get_ca_cert()
     del os.environ["CA_KEY_PASSWORD"]
Example #8
0
    def setUp(self):
        dir_path = os.path.dirname(os.path.realpath(__file__)).split("/")[:-1]
        dir_path = "/".join(dir_path)
        prefix = os.path.join(dir_path, "secrets/")
        self.USER_GNUPGHOME = tempfile.TemporaryDirectory(prefix=prefix)
        self.ADMIN_GNUPGHOME = tempfile.TemporaryDirectory(prefix=prefix)

        relative_user = "******" + self.USER_GNUPGHOME.name.split(dir_path)[1]
        relative_admin = "." + self.ADMIN_GNUPGHOME.name.split(dir_path)[1]
        config = ConfigParser()
        config.read_string("""
            [ca]
            key = secrets/certs/authority/RootCA.key
            cert = secrets/certs/authority/RootCA.pem
            issuer = My Company Name
            alternate_name = *.myname.com

            [gnupg]
            user={user_gnupghome}
            admin={admin_gnupghome}

            [storage]
            engine=sqlite3

            [storage.sqlite3]
            db_path=:memory:
            """.format(user_gnupghome=relative_user,
                       admin_gnupghome=relative_admin))
        Config.init_config(config=config)
        self.common_name = "user@host"
        self.key = generate_key()
        self.engine = storage.SQLiteStorageEngine(Config)
        cur = self.engine.conn.cursor()
        cur.execute("DROP TABLE IF EXISTS certs")
        self.engine.conn.commit()
        self.engine.init_db()
        self.cert_processor = CertProcessor(Config)
        self.user_gpg = gnupg.GPG(gnupghome=self.USER_GNUPGHOME.name)
        self.admin_gpg = gnupg.GPG(gnupghome=self.ADMIN_GNUPGHOME.name)
        self.users = [
            User("user@host", gen_passwd(), generate_key(), gpg=self.user_gpg),
            User("user2@host", gen_passwd(), generate_key(),
                 gpg=self.user_gpg),
            User("user3@host", gen_passwd(), generate_key(),
                 gpg=self.user_gpg),
        ]
        self.invalid_users = [
            User("user4@host", gen_passwd(), generate_key(), gpg=self.user_gpg)
        ]
        self.admin_users = [
            User("admin@host",
                 gen_passwd(),
                 generate_key(),
                 gpg=self.admin_gpg)
        ]
        for user in self.users:
            self.user_gpg.import_keys(
                self.user_gpg.export_keys(user.fingerprint))
        for user in self.admin_users:
            self.admin_gpg.import_keys(
                self.admin_gpg.export_keys(user.fingerprint))
Example #9
0
    def setUp(self):
        self.USER_GNUPGHOME = tempfile.TemporaryDirectory()
        self.ADMIN_GNUPGHOME = tempfile.TemporaryDirectory()
        config = ConfigParser()
        config.read_string("""
            [ca]
            key = secrets/certs/authority/RootCA.key
            cert = secrets/certs/authority/RootCA.pem
            issuer = My Company Name
            alternate_name = *.myname.com

            [gnupg]
            user={user_gnupghome}
            admin={admin_gnupghome}

            [storage]
            engine=postgres

            [storage.postgres]
            database = mtls
            user = postgres
            password = postgres
            host = localhost
            """.format(
            user_gnupghome=self.USER_GNUPGHOME.name,
            admin_gnupghome=self.ADMIN_GNUPGHOME.name,
        ))
        Config.init_config(config=config)
        self.common_name = "user@host"
        self.key = generate_key()
        self.engine = storage.PostgresqlStorageEngine(Config)
        cur = self.engine.conn.cursor()
        cur.execute("DROP TABLE IF EXISTS certs")
        self.engine.conn.commit()
        self.engine.init_db()

        self.cert_processor = CertProcessor(Config)
        self.user_gpg = gnupg.GPG(gnupghome=self.USER_GNUPGHOME.name)
        self.admin_gpg = gnupg.GPG(gnupghome=self.ADMIN_GNUPGHOME.name)
        self.users = [
            User("user@host", gen_passwd(), generate_key(), gpg=self.user_gpg),
            User("user2@host", gen_passwd(), generate_key(),
                 gpg=self.user_gpg),
            User("user3@host", gen_passwd(), generate_key(),
                 gpg=self.user_gpg),
        ]
        self.invalid_users = [
            User("user4@host", gen_passwd(), generate_key(), gpg=self.user_gpg)
        ]
        self.admin_users = [
            User("admin@host",
                 gen_passwd(),
                 generate_key(),
                 gpg=self.admin_gpg)
        ]
        for user in self.users:
            self.user_gpg.import_keys(
                self.user_gpg.export_keys(user.fingerprint))
        for user in self.admin_users:
            self.admin_gpg.import_keys(
                self.admin_gpg.export_keys(user.fingerprint))