def setUp(self): self.USER_GNUPGHOME = tempfile.TemporaryDirectory() self.ADMIN_GNUPGHOME = tempfile.TemporaryDirectory() self.AUTHORITY_FOLDER = tempfile.TemporaryDirectory() config = ConfigParser() config.read_string(""" [ca] key = {authority_folder}/RootCA.key cert = {authority_folder}/RootCA.pem issuer = My Company Name alternate_name = *.myname.com [gnupg] user={user_gnupghome} admin={admin_gnupghome} [storage] engine=sqlite3 [storage.sqlite3] db_path=:memory: """.format( user_gnupghome=self.USER_GNUPGHOME.name, admin_gnupghome=self.ADMIN_GNUPGHOME.name, authority_folder=self.AUTHORITY_FOLDER.name, )) Config.init_config(config=config) self.common_name = "user@host" self.key = generate_key() self.engine = storage.SQLiteStorageEngine(Config) cur = self.engine.conn.cursor() cur.execute("DROP TABLE IF EXISTS certs") self.engine.conn.commit() self.engine.init_db() self.cert_processor = CertProcessor(Config) self.user_gpg = gnupg.GPG(gnupghome=self.USER_GNUPGHOME.name) self.admin_gpg = gnupg.GPG(gnupghome=self.ADMIN_GNUPGHOME.name) self.users = [ User("user@host", gen_passwd(), generate_key(), gpg=self.user_gpg), User("user2@host", gen_passwd(), generate_key(), gpg=self.user_gpg), User("user3@host", gen_passwd(), generate_key(), gpg=self.user_gpg), ] self.invalid_users = [ User("user4@host", gen_passwd(), generate_key(), gpg=self.user_gpg) ] self.admin_users = [ User("admin@host", gen_passwd(), generate_key(), gpg=self.admin_gpg) ] for user in self.users: self.user_gpg.import_keys( self.user_gpg.export_keys(user.fingerprint)) for user in self.admin_users: self.admin_gpg.import_keys( self.admin_gpg.export_keys(user.fingerprint))
def setUp(self): self.USER_GNUPGHOME = tempfile.TemporaryDirectory() self.ADMIN_GNUPGHOME = tempfile.TemporaryDirectory() self.NEW_USER_GNUPGHOME = tempfile.TemporaryDirectory() self.NEW_ADMIN_GNUPGHOME = tempfile.TemporaryDirectory() self.SEED_DIR = tempfile.TemporaryDirectory() self.config = ConfigParser() self.config.read_string( """ [mtls] min_lifetime=60 max_lifetime=0 seed_dir={seed_dir} [ca] key = secrets/certs/authority/RootCA.key cert = secrets/certs/authority/RootCA.pem issuer = My Company Name alternate_name = *.myname.com [gnupg] user={user_gnupghome} admin={admin_gnupghome} [storage] engine=sqlite3 [storage.sqlite3] db_path=:memory: """.format( seed_dir=self.SEED_DIR.name, user_gnupghome=self.USER_GNUPGHOME.name, admin_gnupghome=self.ADMIN_GNUPGHOME.name, ) ) Config.init_config(config=self.config) self.new_user_gpg = gnupg.GPG(gnupghome=self.NEW_USER_GNUPGHOME.name) self.new_admin_gpg = gnupg.GPG(gnupghome=self.NEW_ADMIN_GNUPGHOME.name) self.new_users = [ User( "user@host", gen_passwd(), generate_key(), gpg=self.new_user_gpg, ) ] self.new_admins = [ User( "admin@host", gen_passwd(), generate_key(), gpg=self.new_admin_gpg, ) ]
def setUp(self): self.USER_GNUPGHOME = tempfile.TemporaryDirectory() self.ADMIN_GNUPGHOME = tempfile.TemporaryDirectory() self.NEW_USER_GNUPGHOME = tempfile.TemporaryDirectory() self.NEW_ADMIN_GNUPGHOME = tempfile.TemporaryDirectory() self.SEED_DIR = tempfile.TemporaryDirectory() self.config = ConfigParser() self.config.read_string(""" [mtls] min_lifetime=60 max_lifetime=0 seed_dir={seed_dir} [ca] key = secrets/certs/authority/RootCA.key cert = secrets/certs/authority/RootCA.pem issuer = My Company Name alternate_name = *.myname.com [gnupg] user={user_gnupghome} admin={admin_gnupghome} [storage] engine=sqlite3 [storage.sqlite3] db_path=:memory: """.format( user_gnupghome=self.USER_GNUPGHOME.name, admin_gnupghome=self.ADMIN_GNUPGHOME.name, seed_dir=self.SEED_DIR.name, )) Config.init_config(config=self.config) self.common_name = "user@host" self.key = generate_key() self.engine = storage.SQLiteStorageEngine(Config) cur = self.engine.conn.cursor() cur.execute("DROP TABLE IF EXISTS certs") self.engine.conn.commit() self.engine.init_db() self.cert_processor = CertProcessor(Config) self.user_gpg = gnupg.GPG(gnupghome=self.USER_GNUPGHOME.name) self.admin_gpg = gnupg.GPG(gnupghome=self.ADMIN_GNUPGHOME.name) self.new_user_gpg = gnupg.GPG(gnupghome=self.NEW_USER_GNUPGHOME.name) self.new_admin_gpg = gnupg.GPG(gnupghome=self.NEW_ADMIN_GNUPGHOME.name) self.new_users = [ User( "user@host", gen_passwd(), generate_key(), gpg=self.new_user_gpg, ) ] self.new_admins = [ User( "admin@host", gen_passwd(), generate_key(), gpg=self.new_admin_gpg, ) ]
def setUp(self): self.USER_GNUPGHOME = tempfile.TemporaryDirectory() self.ADMIN_GNUPGHOME = tempfile.TemporaryDirectory() self.INVALID_GNUPGHOME = tempfile.TemporaryDirectory() self.NEW_USER_GNUPGHOME = tempfile.TemporaryDirectory() self.config = ConfigParser() self.config.read_string(""" [mtls] min_lifetime=60 max_lifetime=0 [ca] key = secrets/certs/authority/RootCA.key cert = secrets/certs/authority/RootCA.pem issuer = My Company Name alternate_name = *.myname.com [gnupg] user={user_gnupghome} admin={admin_gnupghome} [storage] engine=sqlite3 [storage.sqlite3] db_path=:memory: """.format( user_gnupghome=self.USER_GNUPGHOME.name, admin_gnupghome=self.ADMIN_GNUPGHOME.name, )) Config.init_config(config=self.config) self.common_name = "user@host" self.key = generate_key() self.engine = storage.SQLiteStorageEngine(Config) cur = self.engine.conn.cursor() cur.execute("DROP TABLE IF EXISTS certs") self.engine.conn.commit() self.engine.init_db() self.cert_processor = CertProcessor(Config) self.handler = Handler(Config) self.user_gpg = gnupg.GPG(gnupghome=self.USER_GNUPGHOME.name) self.admin_gpg = gnupg.GPG(gnupghome=self.ADMIN_GNUPGHOME.name) self.invalid_gpg = gnupg.GPG(gnupghome=self.INVALID_GNUPGHOME.name) self.new_user_gpg = gnupg.GPG(gnupghome=self.NEW_USER_GNUPGHOME.name) self.users = [ User("user@host", gen_passwd(), generate_key(), gpg=self.user_gpg), User("user2@host", gen_passwd(), generate_key(), gpg=self.user_gpg), User("user3@host", gen_passwd(), generate_key(), gpg=self.user_gpg), ] self.invalid_users = [ User( "user4@host", gen_passwd(), generate_key(), gpg=self.invalid_gpg, ) ] self.admin_users = [ User("admin@host", gen_passwd(), generate_key(), gpg=self.admin_gpg) ] self.new_users = [ User( "newuser@host", gen_passwd(), generate_key(), gpg=self.new_user_gpg, ), User( "newuser2@host", gen_passwd(), generate_key(), gpg=self.new_user_gpg, ), ] for user in self.users: self.user_gpg.import_keys( self.user_gpg.export_keys(user.fingerprint)) self.user_gpg.trust_keys([user.fingerprint], "TRUST_ULTIMATE") for user in self.admin_users: # Import to admin keychain self.admin_gpg.import_keys( self.admin_gpg.export_keys(user.fingerprint)) self.admin_gpg.trust_keys([user.fingerprint], "TRUST_ULTIMATE") # Import to user keychain self.user_gpg.import_keys( self.admin_gpg.export_keys(user.fingerprint)) self.user_gpg.trust_keys([user.fingerprint], "TRUST_ULTIMATE") for user in self.invalid_users: self.invalid_gpg.import_keys( self.invalid_gpg.export_keys(user.fingerprint)) self.invalid_gpg.trust_keys([user.fingerprint], "TRUST_ULTIMATE") for user in self.new_users: self.new_user_gpg.import_keys( self.new_user_gpg.export_keys(user.fingerprint)) self.new_user_gpg.trust_keys([user.fingerprint], "TRUST_ULTIMATE")
def test_generate_cert_with_password(self): os.environ["CA_KEY_PASSWORD"] = gen_passwd() self.generate_cert() del os.environ["CA_KEY_PASSWORD"]
def test_has_ca_key(self): os.environ["CA_KEY_PASSWORD"] = gen_passwd() self.has_ca_key() del os.environ["CA_KEY_PASSWORD"]
def test_get_ca_cert(self): os.environ["CA_KEY_PASSWORD"] = gen_passwd() self.get_ca_cert() del os.environ["CA_KEY_PASSWORD"]
def setUp(self): dir_path = os.path.dirname(os.path.realpath(__file__)).split("/")[:-1] dir_path = "/".join(dir_path) prefix = os.path.join(dir_path, "secrets/") self.USER_GNUPGHOME = tempfile.TemporaryDirectory(prefix=prefix) self.ADMIN_GNUPGHOME = tempfile.TemporaryDirectory(prefix=prefix) relative_user = "******" + self.USER_GNUPGHOME.name.split(dir_path)[1] relative_admin = "." + self.ADMIN_GNUPGHOME.name.split(dir_path)[1] config = ConfigParser() config.read_string(""" [ca] key = secrets/certs/authority/RootCA.key cert = secrets/certs/authority/RootCA.pem issuer = My Company Name alternate_name = *.myname.com [gnupg] user={user_gnupghome} admin={admin_gnupghome} [storage] engine=sqlite3 [storage.sqlite3] db_path=:memory: """.format(user_gnupghome=relative_user, admin_gnupghome=relative_admin)) Config.init_config(config=config) self.common_name = "user@host" self.key = generate_key() self.engine = storage.SQLiteStorageEngine(Config) cur = self.engine.conn.cursor() cur.execute("DROP TABLE IF EXISTS certs") self.engine.conn.commit() self.engine.init_db() self.cert_processor = CertProcessor(Config) self.user_gpg = gnupg.GPG(gnupghome=self.USER_GNUPGHOME.name) self.admin_gpg = gnupg.GPG(gnupghome=self.ADMIN_GNUPGHOME.name) self.users = [ User("user@host", gen_passwd(), generate_key(), gpg=self.user_gpg), User("user2@host", gen_passwd(), generate_key(), gpg=self.user_gpg), User("user3@host", gen_passwd(), generate_key(), gpg=self.user_gpg), ] self.invalid_users = [ User("user4@host", gen_passwd(), generate_key(), gpg=self.user_gpg) ] self.admin_users = [ User("admin@host", gen_passwd(), generate_key(), gpg=self.admin_gpg) ] for user in self.users: self.user_gpg.import_keys( self.user_gpg.export_keys(user.fingerprint)) for user in self.admin_users: self.admin_gpg.import_keys( self.admin_gpg.export_keys(user.fingerprint))
def setUp(self): self.USER_GNUPGHOME = tempfile.TemporaryDirectory() self.ADMIN_GNUPGHOME = tempfile.TemporaryDirectory() config = ConfigParser() config.read_string(""" [ca] key = secrets/certs/authority/RootCA.key cert = secrets/certs/authority/RootCA.pem issuer = My Company Name alternate_name = *.myname.com [gnupg] user={user_gnupghome} admin={admin_gnupghome} [storage] engine=postgres [storage.postgres] database = mtls user = postgres password = postgres host = localhost """.format( user_gnupghome=self.USER_GNUPGHOME.name, admin_gnupghome=self.ADMIN_GNUPGHOME.name, )) Config.init_config(config=config) self.common_name = "user@host" self.key = generate_key() self.engine = storage.PostgresqlStorageEngine(Config) cur = self.engine.conn.cursor() cur.execute("DROP TABLE IF EXISTS certs") self.engine.conn.commit() self.engine.init_db() self.cert_processor = CertProcessor(Config) self.user_gpg = gnupg.GPG(gnupghome=self.USER_GNUPGHOME.name) self.admin_gpg = gnupg.GPG(gnupghome=self.ADMIN_GNUPGHOME.name) self.users = [ User("user@host", gen_passwd(), generate_key(), gpg=self.user_gpg), User("user2@host", gen_passwd(), generate_key(), gpg=self.user_gpg), User("user3@host", gen_passwd(), generate_key(), gpg=self.user_gpg), ] self.invalid_users = [ User("user4@host", gen_passwd(), generate_key(), gpg=self.user_gpg) ] self.admin_users = [ User("admin@host", gen_passwd(), generate_key(), gpg=self.admin_gpg) ] for user in self.users: self.user_gpg.import_keys( self.user_gpg.export_keys(user.fingerprint)) for user in self.admin_users: self.admin_gpg.import_keys( self.admin_gpg.export_keys(user.fingerprint))