def setUp(self): self.response = mock.MagicMock(ok=True, status_code=http_client.OK, headers={}, links={}) self.net = mock.MagicMock() self.net.post.return_value = self.response self.net.get.return_value = self.response self.directory = messages.Directory({ messages.NewRegistration: 'https://www.letsencrypt-demo.org/acme/new-reg', messages.Revocation: 'https://www.letsencrypt-demo.org/acme/revoke-cert', }) from acme.client import Client self.client = Client(directory=self.directory, key=KEY, alg=jose.RS256, net=self.net) self.identifier = messages.Identifier(typ=messages.IDENTIFIER_FQDN, value='example.com') # Registration self.contact = ('mailto:[email protected]', 'tel:+12025551212') reg = messages.Registration(contact=self.contact, key=KEY.public_key()) self.new_reg = messages.NewRegistration(**dict(reg)) self.regr = messages.RegistrationResource( body=reg, uri='https://www.letsencrypt-demo.org/acme/reg/1', new_authzr_uri='https://www.letsencrypt-demo.org/acme/new-reg', terms_of_service='https://www.letsencrypt-demo.org/tos') # Authorization authzr_uri = 'https://www.letsencrypt-demo.org/acme/authz/1' challb = messages.ChallengeBody( uri=(authzr_uri + '/1'), status=messages.STATUS_VALID, chall=challenges.DNS(token=jose.b64decode( 'evaGxfADs6pSRb2LAv9IZf17Dt3juxGJ-PCt92wr-oA'))) self.challr = messages.ChallengeResource(body=challb, authzr_uri=authzr_uri) self.authz = messages.Authorization(identifier=messages.Identifier( typ=messages.IDENTIFIER_FQDN, value='example.com'), challenges=(challb, ), combinations=None) self.authzr = messages.AuthorizationResource( body=self.authz, uri=authzr_uri, new_cert_uri='https://www.letsencrypt-demo.org/acme/new-cert') # Request issuance self.certr = messages.CertificateResource( body=messages_test.CERT, authzrs=(self.authzr, ), uri='https://www.letsencrypt-demo.org/acme/cert/1', cert_chain_uri='https://www.letsencrypt-demo.org/ca')
def get_directory(self, acme_directory_uri): try: acme_directory_uri = acme_directory_uri.rstrip('/') response = requests.get(acme_directory_uri).json() return messages.Directory({ key: response[key] for key in ['newAccount', 'newNonce', 'newOrder', 'revokeCert'] }) except (requests.ConnectionError, requests.Timeout, json.JSONDecodeError, KeyError) as e: raise CallError(f'Unable to retrieve directory : {e}')
def get_directory(self, acme_directory_uri): self.middleware.call_sync('network.general.will_perform_activity', 'acme') try: acme_directory_uri = acme_directory_uri.rstrip('/') response = requests.get(acme_directory_uri).json() return messages.Directory({ key: response[key] for key in ['newAccount', 'newNonce', 'newOrder', 'revokeCert'] }) except (requests.ConnectionError, requests.Timeout, json.JSONDecodeError, KeyError) as e: raise CallError(f'Unable to retrieve directory : {e}')
def test_new_account_v2(self): directory = messages.Directory({ "newAccount": 'https://www.letsencrypt-demo.org/acme/new-account', }) from acme.client import ClientV2 client = ClientV2(directory, self.net) self.response.status_code = http_client.CREATED self.response.json.return_value = self.regr.body.to_json() self.response.headers['Location'] = self.regr.uri self.regr = messages.RegistrationResource( body=messages.Registration(contact=self.contact, key=KEY.public_key()), uri='https://www.letsencrypt-demo.org/acme/reg/1') self.assertEqual(self.regr, client.new_account(self.regr))
def get_acme_client_and_key(self, acme_directory_uri, tos=False): data = self.middleware.call_sync('acme.registration.query', [['directory', '=', acme_directory_uri]]) if not data: data = self.middleware.call_sync( 'acme.registration.create', {'tos': tos, 'acme_directory_uri': acme_directory_uri} ) else: data = data[0] # Making key now key = jose.JWKRSA.fields_from_json(json.loads(data['body']['key'])) key_dict = key.fields_to_partial_json() # Making registration resource now registration = messages.RegistrationResource.from_json({ 'uri': data['uri'], 'terms_of_service': data['tos'], 'body': { 'contact': [data['body']['contact']], 'status': data['body']['status'], 'key': { 'e': key_dict['e'], 'kty': 'RSA', 'n': key_dict['n'] } } }) return client.ClientV2( messages.Directory({ 'newAccount': data['new_account_uri'], 'newNonce': data['new_nonce_uri'], 'newOrder': data['new_order_uri'], 'revokeCert': data['revoke_cert_uri'] }), client.ClientNetwork(key, account=registration) ), key
from acme import messages from acme import messages_test from acme import test_util CERT_DER = test_util.load_vector('cert.der') CERT_SAN_PEM = test_util.load_vector('cert-san.pem') CSR_SAN_PEM = test_util.load_vector('csr-san.pem') KEY = jose.JWKRSA.load(test_util.load_vector('rsa512_key.pem')) KEY2 = jose.JWKRSA.load(test_util.load_vector('rsa256_key.pem')) DIRECTORY_V1 = messages.Directory({ messages.NewRegistration: 'https://www.letsencrypt-demo.org/acme/new-reg', messages.Revocation: 'https://www.letsencrypt-demo.org/acme/revoke-cert', messages.NewAuthorization: 'https://www.letsencrypt-demo.org/acme/new-authz', messages.CertificateRequest: 'https://www.letsencrypt-demo.org/acme/new-cert', }) DIRECTORY_V2 = messages.Directory({ 'newAccount': 'https://www.letsencrypt-demo.org/acme/new-account', 'newNonce': 'https://www.letsencrypt-demo.org/acme/new-nonce', 'newOrder': 'https://www.letsencrypt-demo.org/acme/new-order', }) class ClientTestBase(unittest.TestCase): """Base for tests in acme.client."""