def test_revoking_ca(): with intermediate_certificate_authority( 'root_ca', 'intermediate_ca') as (root_ca, intermediate_ca): cert = call('certificate.create', { 'name': 'cert_test', 'signedby': intermediate_ca['id'], 'create_type': 'CERTIFICATE_CREATE_INTERNAL', **get_cert_params(), }, job=True) try: assert intermediate_ca['can_be_revoked'] is True, intermediate_ca intermediate_ca = call('certificateauthority.update', intermediate_ca['id'], {'revoked': True}) assert intermediate_ca['revoked'] is True, intermediate_ca cert = call('certificate.get_instance', cert['id']) assert cert['revoked'] is True, cert root_ca = call('certificateauthority.get_instance', root_ca['id']) assert len(root_ca['revoked_certs']) == 2, root_ca assert len(intermediate_ca['revoked_certs']) == 2, intermediate_ca check_set = {intermediate_ca['certificate'], cert['certificate']} assert set( c['certificate'] for c in intermediate_ca['revoked_certs']) == check_set, intermediate_ca assert set(c['certificate'] for c in root_ca['revoked_certs']) == check_set, root_ca finally: call('certificate.delete', cert['id'], job=True)
def test_creating_root_ca(): root_ca = call( 'certificateauthority.create', { **get_cert_params(), 'name': 'test_root_ca', 'create_type': 'CA_CREATE_INTERNAL', }) try: assert root_ca['CA_type_internal'] is True, root_ca finally: call('certificateauthority.delete', root_ca['id'])
def test_creating_cert_from_root_ca(): with root_certificate_authority('root_ca_test') as root_ca: cert = call('certificate.create', { 'name': 'cert_test', 'signedby': root_ca['id'], 'create_type': 'CERTIFICATE_CREATE_INTERNAL', **get_cert_params(), }, job=True) try: assert cert['cert_type_internal'] is True, cert finally: call('certificate.delete', cert['id'], job=True)
def test_ca_intermediate_issuer_reported_correctly(): with root_certificate_authority('root_ca_test') as root_ca: intermediate_ca = call( 'certificateauthority.create', { **get_cert_params(), 'signedby': root_ca['id'], 'name': 'test_intermediate_ca', 'create_type': 'CA_CREATE_INTERMEDIATE', }) root_ca = call('certificateauthority.get_instance', root_ca['id']) try: assert intermediate_ca['issuer'] == root_ca, intermediate_ca finally: call('certificateauthority.delete', intermediate_ca['id'])
def test_creating_intermediate_ca(): with root_certificate_authority('root_ca_test') as root_ca: intermediate_ca = call( 'certificateauthority.create', { **get_cert_params(), 'signedby': root_ca['id'], 'name': 'test_intermediate_ca', 'create_type': 'CA_CREATE_INTERMEDIATE', }) try: assert intermediate_ca[ 'CA_type_intermediate'] is True, intermediate_ca finally: call('certificateauthority.delete', intermediate_ca['id'])
def test_cert_chain_of_intermediate_ca_reported_correctly(): with root_certificate_authority('root_ca_test') as root_ca: intermediate_ca = call( 'certificateauthority.create', { **get_cert_params(), 'signedby': root_ca['id'], 'name': 'test_intermediate_ca', 'create_type': 'CA_CREATE_INTERMEDIATE', }) try: assert intermediate_ca['chain_list'] == [ intermediate_ca['certificate'], root_ca['certificate'] ], intermediate_ca finally: call('certificateauthority.delete', intermediate_ca['id'])
def test_created_certs_exist_on_filesystem(): with intermediate_certificate_authority( 'root_ca', 'intermediate_ca') as (root_ca, intermediate_ca): with certificate_signing_request('csr_test') as csr: cert = call('certificate.create', { 'name': 'cert_test', 'signedby': intermediate_ca['id'], 'create_type': 'CERTIFICATE_CREATE_INTERNAL', **get_cert_params(), }, job=True) try: assert get_cert_current_files() == get_cert_expected_files() finally: call('certificate.delete', cert['id'], job=True)
def test_cert_chain_of_root_ca_reported_correctly(): with root_certificate_authority('root_ca_test') as root_ca: cert = call('certificate.create', { 'name': 'cert_test', 'signedby': root_ca['id'], 'create_type': 'CERTIFICATE_CREATE_INTERNAL', **get_cert_params(), }, job=True) try: assert cert['chain_list'] == [ cert['certificate'], root_ca['certificate'] ], cert finally: call('certificate.delete', cert['id'], job=True)
def test_cert_issuer_reported_correctly(): with intermediate_certificate_authority( 'root_ca', 'intermediate_ca') as (root_ca, intermediate_ca): cert = call('certificate.create', { 'name': 'cert_test', 'signedby': intermediate_ca['id'], 'create_type': 'CERTIFICATE_CREATE_INTERNAL', **get_cert_params(), }, job=True) intermediate_ca = call('certificateauthority.get_instance', intermediate_ca['id']) try: assert cert['issuer'] == intermediate_ca, cert finally: call('certificate.delete', cert['id'], job=True)