Esempio n. 1
0
def test_rsa(kwargs):
    key_file, cert_file = remove_files()

    out = cryptography.generate_key(
        path=key_file, password=kwargs['password'], size=kwargs['size']
    )
    assert out == key_file

    out = cryptography.generate_certificate(
        path=cert_file, key_path=key_file, key_password=kwargs['password'],
        algorithm=kwargs['algorithm'], years_valid=kwargs['years_valid'],
    )
    assert out == cert_file

    cert = cryptography.load_certificate(cert_file)
    meta = cryptography.get_metadata(cert)
    assert meta['issuer']['common_name'] == HOSTNAME
    assert meta['subject']['common_name'] == HOSTNAME
    assert meta['key']['encryption'] == 'RSA'
    assert meta['key']['exponent'] == 65537
    assert meta['key']['size'] == kwargs['size']
    assert meta['fingerprint'] == cryptography.get_fingerprint(cert)
    duration = meta['valid_to'].year - meta['valid_from'].year
    if kwargs['years_valid'] is None:
        assert duration == DEFAULT_YEARS_VALID
    else:
        assert duration == kwargs['years_valid']
Esempio n. 2
0
def test_defaults():
    # do not specify any kwargs
    remove_files()
    assert not os.path.isfile(cryptography.get_default_key_path())
    assert not os.path.isfile(cryptography.get_default_cert_path())

    # a private key will automatically be created
    cert_path = cryptography.generate_certificate()
    assert os.path.isfile(cryptography.get_default_key_path())
    assert cert_path == cryptography.get_default_cert_path()

    cert = cryptography.load_certificate(cert_path)
    assert isinstance(cert, cryptography.x509.Certificate)

    meta = cryptography.get_metadata(cert)
    assert meta['issuer']['common_name'] == HOSTNAME
    assert meta['subject']['common_name'] == HOSTNAME
    assert meta['key']['encryption'] == 'RSA'
    assert meta['key']['exponent'] == 65537
    assert meta['key']['size'] == 2048
Esempio n. 3
0
def test_custom_subject_name():
    a = cryptography.x509.NameAttribute
    o = cryptography.x509.NameOID
    name = cryptography.x509.Name([
        a(o.COUNTRY_NAME, 'ZZ'),
        a(o.STATE_OR_PROVINCE_NAME, 'Here'),
        a(o.LOCALITY_NAME, 'City'),
        a(o.ORGANIZATION_NAME, 'ORG'),
        a(o.COMMON_NAME, 'MSLNZ12345'),
        a(o.EMAIL_ADDRESS, '*****@*****.**'),
    ])

    cert_path = cryptography.generate_certificate(name=name)
    meta = cryptography.get_metadata(cryptography.load_certificate(cert_path))
    assert meta['issuer'] == meta['subject']
    assert meta['subject']['country_name'] == 'ZZ'
    assert meta['subject']['state_or_province_name'] == 'Here'
    assert meta['subject']['locality_name'] == 'City'
    assert meta['subject']['organization_name'] == 'ORG'
    assert meta['subject']['common_name'] == 'MSLNZ12345'
    assert meta['subject']['email_address'] == '*****@*****.**'
Esempio n. 4
0
def test_years_valid_fractional():
    cert_path = cryptography.generate_certificate(years_valid=7.4)
    meta = cryptography.get_metadata(cryptography.load_certificate(cert_path))
    # this approximate calculation should be good enough to within a few days
    assert abs((meta['valid_to'] - meta['valid_from']).days - 7.4 * 365) < 5