def test_sign_serial_increment(self): ezbakeca.EzbakeCA.setup(store=MemoryPersist()) ca = ezbakeca.EzbakeCA() # first cert pkey = ezbakeca.private_key() req = ezbakeca.csr(pkey, CN="App", O="Ezbake", OU="Ezbake Apps", C="US") cert = ca.sign_csr(req) nt.assert_equal(cert.get_subject(), req.get_subject()) nt.assert_equal(cert.get_serial_number(), 2) # second cert pkey = ezbakeca.private_key() req = ezbakeca.csr(pkey, CN="App2", O="Ezbake", OU="Ezbake Apps", C="US") cert = ca.sign_csr(req) nt.assert_equal(cert.get_subject(), req.get_subject()) nt.assert_equal(cert.get_serial_number(), 3)
def __init__(self): self.pkey = ezbakeca.private_key() req = ezbakeca.csr(self.pkey, CN="EzCA", O="Ezbake", OU="Ezbake Core", C="US") self.ca = ezbakeca.create_ca_certificate(req, self.pkey) self.appKey = ezbakeca.private_key() req = ezbakeca.csr(self.appKey, CN="APP") self.appCert = ezbakeca.create_certificate(req, (self.ca, self.pkey), 2)
def test_create_ca(self): # Create new CA baseCa = ezbakeca.EzbakeCA("TestCA") # Sign 2 certs baseCa.sign_csr(ezbakeca.csr(ezbakeca.private_key(), CN="App", O="Ezbake", OU="Ezbake Apps", C="US")) baseCa.sign_csr(ezbakeca.csr(ezbakeca.private_key(), CN="App", O="Ezbake", OU="Ezbake Apps", C="US")) baseCa.save() # Load the CA from persistence ca = ezbakeca.EzbakeCA.get_named("TestCA") # Next serial should be 3 nt.assert_equal(3, ca.serial)
def test_csr_signing(self): pkey = ca.private_key() req = ca.csr(pkey, CN="App", O="Ezbake", OU="Ezbake Apps", C="US") cert = self.get_client(5049).csr(self.get_token(), ca.pem_csr(req)) cert = crypto.load_certificate(crypto.FILETYPE_PEM, cert) nt.assert_is_instance(cert, crypto.X509) nt.assert_equal(req.get_subject(), cert.get_subject())
def test_csr(self): pkey = ezbakeca.private_key() csr = ezbakeca.csr(pkey, CN="Test") nt.assert_is_instance(csr, crypto.X509Req) nt.assert_equal(csr.get_subject().CN, "Test") nt.assert_true(csr.verify(ezbakeca.openssl_key(pkey)))
def test_create_ca(self): pkey = ezbakeca.private_key() req = ezbakeca.csr(pkey, CN="EzCA", O="Ezbake", OU="Ezbake Core", C="US") ca = ezbakeca.create_ca_certificate(req, pkey) nt.assert_is_instance(ca, crypto.X509) nt.assert_equal(ca.get_subject(), req.get_subject()) nt.assert_equal(ca.get_issuer(), req.get_subject()) nt.assert_equal(ca.get_serial_number(), 1)
def test_create_cert(self): pkey = ezbakeca.private_key() req = ezbakeca.csr(pkey, CN="App", O="Ezbake", OU="Ezbake Apps", C="US") cert = ezbakeca.create_certificate(req, (self.ca, self.pkey), 2) nt.assert_is_instance(cert, crypto.X509) nt.assert_equal(cert.get_subject(), req.get_subject()) nt.assert_equal(cert.get_issuer(), self.ca.get_subject()) nt.assert_equal(cert.get_serial_number(), 2) nt.assert_equal(cert.get_version(), 2)
def issue_n_certs(ca, r): if isinstance(ca, basestring): ca = ezbakeca.EzbakeCA(ca) serials = [] for i in r: cert = ca.sign_csr(ezbakeca.csr(ezbakeca.private_key(), CN="App{0}".format(i), O="Ezbake", OU="Ezbake Apps", C="US")) serials.append(cert.get_serial_number()) return serials
def issue_n_certs(ca, r): if isinstance(ca, basestring): ca = ezbakeca.EzbakeCA(ca) serials = [] for i in r: cert = ca.sign_csr( ezbakeca.csr(ezbakeca.private_key(), CN="App{0}".format(i), O="Ezbake", OU="Ezbake Apps", C="US")) serials.append(cert.get_serial_number()) return serials
def test_sign_csr(self): ca = ezbakeca.EzbakeCA() pkey = ezbakeca.private_key() req = ezbakeca.csr(pkey, CN="App", O="Ezbake", OU="Ezbake Apps", C="US") cert = ca.sign_csr(req) nt.assert_is_instance(cert, crypto.X509) nt.assert_equal(cert.get_subject(), req.get_subject()) nt.assert_equal(cert.get_issuer(), ca.ca_cert.get_subject()) nt.assert_equal(cert.get_serial_number(), 2) nt.assert_equal(cert.get_version(), 2)
def test_create_ca(self): # Create new CA baseCa = ezbakeca.EzbakeCA("TestCA") # Sign 2 certs baseCa.sign_csr( ezbakeca.csr(ezbakeca.private_key(), CN="App", O="Ezbake", OU="Ezbake Apps", C="US")) baseCa.sign_csr( ezbakeca.csr(ezbakeca.private_key(), CN="App", O="Ezbake", OU="Ezbake Apps", C="US")) baseCa.save() # Load the CA from persistence ca = ezbakeca.EzbakeCA.get_named("TestCA") # Next serial should be 3 nt.assert_equal(3, ca.serial)