def test_ca_status_key_usage_good2(self): csr = x509_csr.X509Csr() ext = x509_ext.X509ExtensionKeyUsage() ext.set_usage('cRLSign', True) csr.add_extension(ext) self.assertEqual(None, validators.ca_status(csr=csr, ca_requested=True))
def test_extensions_good(self): csr = x509_csr.X509Csr() ext = x509_ext.X509ExtensionKeyUsage() ext.set_usage('keyCertSign', True) csr.add_extension(ext) self.assertEqual( None, validators.extensions( csr=csr, allowed_extensions=['basicConstraints', 'keyUsage']))
def test_ca_status_key_usage_bad2(self): csr = x509_csr.X509Csr() ext = x509_ext.X509ExtensionKeyUsage() ext.set_usage('cRLSign', True) csr.add_extension(ext) with self.assertRaises(errors.ValidationError) as e: internal.ca_status(csr=csr) self.assertEqual("Request contains CRL signing usage flag", str(e.exception))
def test_ca_status_key_usage_bad2(self): csr = x509_csr.X509Csr() ext = x509_ext.X509ExtensionKeyUsage() ext.set_usage('cRLSign', True) csr.add_extension(ext) with self.assertRaises(validators.ValidationError) as e: validators.ca_status(csr=csr, ca_requested=False) self.assertEqual( "Key usage doesn't match requested CA status " "(keyCertSign/cRLSign: False/True)", str(e.exception))
def test_extensions_bad(self): csr = x509_csr.X509Csr() ext = x509_ext.X509ExtensionKeyUsage() ext.set_usage('keyCertSign', True) csr.add_extension(ext) with self.assertRaises(validators.ValidationError) as e: validators.extensions( csr=csr, allowed_extensions=['basicConstraints', 'nameConstraints']) self.assertEqual("Extension 'keyUsage' not allowed", str(e.exception))
def test_key_usage_good(self): allowed_usage = [ 'Digital Signature', 'Non Repudiation', 'Key Encipherment' ] csr = x509_csr.X509Csr() ext = x509_ext.X509ExtensionKeyUsage() ext.set_usage('keyEncipherment', True) ext.set_usage('digitalSignature', True) csr.add_extension(ext) self.assertEqual( None, validators.key_usage(csr=csr, allowed_usage=allowed_usage))
def test_key_usage_bad(self): allowed_usage = [ 'Digital Signature', 'Non Repudiation', 'Key Encipherment' ] csr = x509_csr.X509Csr() ext = x509_ext.X509ExtensionKeyUsage() ext.set_usage('keyCertSign', True) csr.add_extension(ext) with self.assertRaises(validators.ValidationError) as e: validators.key_usage(csr=csr, allowed_usage=allowed_usage) self.assertEqual("Found some not allowed key usages: " "keyCertSign", str(e.exception))
def setUp(self): self.ext = extension.X509ExtensionKeyUsage()