def test_ca_status_bad(self): csr = x509_csr.X509Csr() ext = x509_ext.X509ExtensionBasicConstraints() ext.set_ca(False) csr.add_extension(ext) with self.assertRaises(validators.ValidationError) as e: validators.ca_status(csr=csr, ca_requested=True) self.assertEqual("CA flags required", str(e.exception))
def test_ca_status_forbidden(self): csr = x509_csr.X509Csr() ext = x509_ext.X509ExtensionBasicConstraints() ext.set_ca(True) csr.add_extension(ext) with self.assertRaises(validators.ValidationError) as e: validators.ca_status(csr=csr, ca_requested=False) self.assertEqual("CA status requested, but not allowed", str(e.exception))
def test_ca_status_key_usage_bad2(self): csr = x509_csr.X509Csr() ext = x509_ext.X509ExtensionKeyUsage() ext.set_usage('cRLSign', True) csr.add_extension(ext) with self.assertRaises(validators.ValidationError) as e: validators.ca_status(csr=csr, ca_requested=False) self.assertEqual( "Key usage doesn't match requested CA status " "(keyCertSign/cRLSign: False/True)", str(e.exception))
def test_ca_status_key_usage_bad2(self): csr = x509_csr.X509Csr() ext = x509_ext.X509ExtensionKeyUsage() ext.set_usage('cRLSign', True) csr.add_extension(ext) with self.assertRaises(validators.ValidationError) as e: validators.ca_status( csr=csr, ca_requested=False) self.assertEqual("Key usage doesn't match requested CA status " "(keyCertSign/cRLSign: False/True)", str(e.exception))
def test_ca_status_forbidden(self): csr = x509_csr.X509Csr() ext = x509_ext.X509ExtensionBasicConstraints() ext.set_ca(True) csr.add_extension(ext) with self.assertRaises(validators.ValidationError) as e: validators.ca_status( csr=csr, ca_requested=False) self.assertEqual("CA status requested, but not allowed", str(e.exception))
def test_ca_status_bad(self): csr = x509_csr.X509Csr() ext = x509_ext.X509ExtensionBasicConstraints() ext.set_ca(False) csr.add_extension(ext) with self.assertRaises(validators.ValidationError) as e: validators.ca_status( csr=csr, ca_requested=True) self.assertEqual("CA flags required", str(e.exception))
def test_ca_status_bad_value(self): ext_mock = mock.MagicMock() ext_mock.get_name.return_value = 'basicConstraints' ext_mock.get_value.return_value = 'BAD:VALUE' csr_mock = mock.MagicMock() csr_mock.get_extensions.return_value = [ext_mock] with self.assertRaises(validators.ValidationError) as e: validators.ca_status( csr=csr_mock, ca_requested=False) self.assertEqual("Invalid basic constraints option", str(e.exception))
def test_ca_status_key_usage_good2(self): ext_mock = mock.MagicMock() ext_mock.get_name.return_value = 'keyUsage' ext_mock.get_value.return_value = 'CRL Sign' csr_mock = mock.MagicMock() csr_mock.get_extensions.return_value = [ext_mock] with self.assertRaises(validators.ValidationError) as e: validators.ca_status( csr=csr_mock, ca_requested=True) self.assertEqual("Key usage doesn't match requested CA status " "(keyCertSign/cRLSign: False/True)", str(e.exception))
def test_ca_status_bad(self): ext_mock = mock.MagicMock() ext_mock.get_name.return_value = 'basicConstraints' ext_mock.get_value.return_value = 'CA:FALSE' csr_mock = mock.MagicMock() csr_mock.get_extensions.return_value = [ext_mock] with self.assertRaises(validators.ValidationError) as e: validators.ca_status( csr=csr_mock, ca_requested=True) self.assertEqual("Invalid CA status, 'CA:FALSE' requested", str(e.exception))
def test_ca_status_good1(self): csr = x509_csr.X509Csr() ext = x509_ext.X509ExtensionBasicConstraints() ext.set_ca(True) csr.add_extension(ext) self.assertEqual(None, validators.ca_status(csr=csr, ca_requested=True))
def test_ca_status_pathlen(self): csr = x509_csr.X509Csr() ext = x509_ext.X509ExtensionBasicConstraints() ext.set_path_len_constraint(1) csr.add_extension(ext) self.assertEqual(None, validators.ca_status(csr=csr, ca_requested=False))
def test_ca_status_key_usage_good2(self): csr = x509_csr.X509Csr() ext = x509_ext.X509ExtensionKeyUsage() ext.set_usage('cRLSign', True) csr.add_extension(ext) self.assertEqual(None, validators.ca_status(csr=csr, ca_requested=True))
def test_ca_status_key_usage_good2(self): csr = x509_csr.X509Csr() ext = x509_ext.X509ExtensionKeyUsage() ext.set_usage('cRLSign', True) csr.add_extension(ext) self.assertEqual( None, validators.ca_status( csr=csr, ca_requested=True ) )
def test_ca_status_pathlen(self): csr = x509_csr.X509Csr() ext = x509_ext.X509ExtensionBasicConstraints() ext.set_path_len_constraint(1) csr.add_extension(ext) self.assertEqual( None, validators.ca_status( csr=csr, ca_requested=False ) )
def test_ca_status_good1(self): csr = x509_csr.X509Csr() ext = x509_ext.X509ExtensionBasicConstraints() ext.set_ca(True) csr.add_extension(ext) self.assertEqual( None, validators.ca_status( csr=csr, ca_requested=True ) )
def test_ca_status_pathlen(self): ext_mock = mock.MagicMock() ext_mock.get_name.return_value = 'basicConstraints' ext_mock.get_value.return_value = 'pathlen:somthing' csr_mock = mock.MagicMock() csr_mock.get_extensions.return_value = [ext_mock] self.assertEqual( None, validators.ca_status( csr=csr_mock, ca_requested=False ) )
def test_ca_status_good1(self): ext_mock = mock.MagicMock() ext_mock.get_name.return_value = 'basicConstraints' ext_mock.get_value.return_value = 'CA:TRUE' csr_mock = mock.MagicMock() csr_mock.get_extensions.return_value = [ext_mock] self.assertEqual( None, validators.ca_status( csr=csr_mock, ca_requested=True ) )