Python parse_csr 예제들

예제 #1

파일: __init__.py 프로젝트: agh/anchor

    def post(self):
        ra_name = self.ra_name

        logger.debug("processing signing request in registration authority %s",
                     ra_name)
        try:
            auth_result = auth.validate(ra_name,
                                        pecan.request.POST.get('user'),
                                        pecan.request.POST.get('secret'))
            audit.emit_auth_event(ra_name, pecan.request.POST.get('user'),
                                  auth_result)
        except http_status.HTTPUnauthorized:
            audit.emit_auth_event(ra_name, pecan.request.POST.get('user'),
                                  None)
            raise

        try:
            csr = certificate_ops.parse_csr(pecan.request.POST.get('csr'),
                                            pecan.request.POST.get('encoding'))
            certificate_ops.validate_csr(ra_name, auth_result, csr,
                                         pecan.request)
            csr = certificate_ops.fixup_csr(ra_name, csr, pecan.request)

            cert, fingerprint = certificate_ops.dispatch_sign(ra_name, csr)
            audit.emit_signing_event(ra_name, pecan.request.POST.get('user'),
                                     auth_result, fingerprint=fingerprint)
        except Exception:
            audit.emit_signing_event(ra_name, pecan.request.POST.get('user'),
                                     auth_result)
            raise
        return cert

예제 #2

파일: __init__.py 프로젝트: college-prep/gunnhacks7

    def post(self):
        ra_name = self.ra_name

        logger.debug("processing signing request in registration authority %s",
                     ra_name)
        try:
            auth_result = auth.validate(ra_name,
                                        pecan.request.POST.get('user'),
                                        pecan.request.POST.get('secret'))
            audit.emit_auth_event(ra_name, pecan.request.POST.get('user'),
                                  auth_result)
        except http_status.HTTPUnauthorized:
            audit.emit_auth_event(ra_name, pecan.request.POST.get('user'),
                                  None)
            raise

        try:
            csr = certificate_ops.parse_csr(pecan.request.POST.get('csr'),
                                            pecan.request.POST.get('encoding'))
            certificate_ops.validate_csr(ra_name, auth_result, csr,
                                         pecan.request)
            csr = certificate_ops.fixup_csr(ra_name, csr, pecan.request)

            cert, fingerprint = certificate_ops.dispatch_sign(ra_name, csr)
            audit.emit_signing_event(ra_name,
                                     pecan.request.POST.get('user'),
                                     auth_result,
                                     fingerprint=fingerprint)
        except Exception:
            audit.emit_signing_event(ra_name, pecan.request.POST.get('user'),
                                     auth_result)
            raise
        return cert

예제 #3

파일: test_certificate_ops.py 프로젝트: agh/anchor

 def test_parse_csr_success1(self):
     """Test basic success path for parse_csr."""
     result = certificate_ops.parse_csr(self.csr_sample, 'pem')
     subject = result.get_subject()
     actual_cn = subject.get_entries_by_oid(
         x509_name.OID_commonName)[0].get_value()
     self.assertEqual(actual_cn, self.csr_sample_cn)

예제 #4

파일: test_certificate_ops.py 프로젝트: rtmorgan/anchor

 def test_parse_csr_success2(self):
     """Test basic success path for parse_csr."""
     result = certificate_ops.parse_csr(self.csr, 'PEM')
     subject = result.get_subject()
     actual_cn = subject.get_entries_by_nid(
         x509_name.NID_commonName)[0].get_value()
     self.assertEqual(actual_cn, self.expected_cn)

예제 #5

파일: test_certificate_ops.py 프로젝트: Daviey/anchor

 def test_parse_csr_success1(self):
     """Test basic success path for parse_csr."""
     result = certificate_ops.parse_csr(self.csr, 'pem')
     subject = result.get_subject()
     actual_cn = subject.get_entries_by_nid(
         x509_name.NID_commonName)[0].get_value()
     self.assertEqual(actual_cn, self.expected_cn)

예제 #6

 def test_parse_csr_success2(self):
     """Test basic success path for parse_csr."""
     result = certificate_ops.parse_csr(self.csr_sample, 'PEM')
     subject = result.get_subject()
     actual_cn = subject.get_entries_by_oid(
         x509_name.OID_commonName)[0].get_value()
     self.assertEqual(actual_cn, self.csr_sample_cn)

예제 #7

파일: test_certificate_ops.py 프로젝트: Daviey/anchor

    def test_validate_csr_bypass(self):
        """Test empty validator set for validate_csr."""
        csr_obj = certificate_ops.parse_csr(self.csr, 'pem')
        config = "anchor.jsonloader.conf._config"
        data = {'validators': {}}

        with mock.patch.dict(config, data):
            # this should work, it allows people to bypass validation
            certificate_ops.validate_csr(None, csr_obj, None)

예제 #8

파일: test_certificate_ops.py 프로젝트: Daviey/anchor

    def test_validate_csr_success(self):
        """Test basic success path for validate_csr."""
        csr_obj = certificate_ops.parse_csr(self.csr, 'pem')
        config = "anchor.jsonloader.conf._config"
        validators = {'steps': {'extensions': {'allowed_extensions': []}}}
        data = {'validators': validators}

        with mock.patch.dict(config, data):
            certificate_ops.validate_csr(None, csr_obj, None)

예제 #9

파일: test_certificate_ops.py 프로젝트: rtmorgan/anchor

    def test_validate_csr_bypass(self):
        """Test empty validator set for validate_csr."""
        csr_obj = certificate_ops.parse_csr(self.csr, 'pem')
        config = "anchor.jsonloader.conf._config"
        data = {'validators': {}}

        with mock.patch.dict(config, data):
            # this should work, it allows people to bypass validation
            certificate_ops.validate_csr(None, csr_obj, None)

예제 #10

파일: test_certificate_ops.py 프로젝트: rtmorgan/anchor

    def test_validate_csr_success(self):
        """Test basic success path for validate_csr."""
        csr_obj = certificate_ops.parse_csr(self.csr, 'pem')
        config = "anchor.jsonloader.conf._config"
        validators = {'steps': {'extensions': {'allowed_extensions': []}}}
        data = {'validators': validators}

        with mock.patch.dict(config, data):
            certificate_ops.validate_csr(None, csr_obj, None)

예제 #11

파일: test_certificate_ops.py 프로젝트: agh/anchor

    def test_validate_csr_success(self):
        """Test basic success path for validate_csr."""
        csr_obj = certificate_ops.parse_csr(self.csr_sample, 'pem')
        config = "anchor.jsonloader.conf._config"
        self.sample_conf_ra['default_ra']['validators'] = {'extensions': {
            'allowed_extensions': ['basicConstraints', 'keyUsage']}}
        data = self.sample_conf

        with mock.patch.dict(config, data):
            certificate_ops.validate_csr('default_ra', None, csr_obj, None)

예제 #12

파일: test_certificate_ops.py 프로젝트: agh/anchor

    def test_validate_csr_bypass(self):
        """Test empty validator set for validate_csr."""
        csr_obj = certificate_ops.parse_csr(self.csr_sample, 'pem')
        config = "anchor.jsonloader.conf._config"
        self.sample_conf_ra['default_ra']['validators'] = {}
        data = self.sample_conf

        with mock.patch.dict(config, data):
            # this should work, it allows people to bypass validation
            certificate_ops.validate_csr('default_ra', None, csr_obj, None)

예제 #13

파일: __init__.py 프로젝트: rtmorgan/anchor

    def post(self):
        auth_result = auth.validate(pecan.request.POST.get('user'),
                                    pecan.request.POST.get('secret'))

        csr = certificate_ops.parse_csr(pecan.request.POST.get('csr'),
                                        pecan.request.POST.get('encoding'))

        certificate_ops.validate_csr(auth_result, csr, pecan.request)

        return certificate_ops.sign(csr)

예제 #14

파일: test_certificate_ops.py 프로젝트: rtmorgan/anchor

    def test_ca_key_read_failure(self):
        """Test CA key read failure."""
        csr_obj = certificate_ops.parse_csr(self.csr, 'pem')
        config = "anchor.jsonloader.conf._config"
        data = {'ca': {'cert_path': 'tests/CA/root-ca.crt',
                       'key_path': '/xxx/not/a/valid/path'}}

        with mock.patch.dict(config, data):
            with self.assertRaises(http_status.HTTPServerError):
                certificate_ops.sign(csr_obj)

예제 #15

    def post(self):
        auth_result = auth.validate(pecan.request.POST.get('user'),
                                    pecan.request.POST.get('secret'))

        csr = certificate_ops.parse_csr(pecan.request.POST.get('csr'),
                                        pecan.request.POST.get('encoding'))

        certificate_ops.validate_csr(auth_result, csr, pecan.request)

        return certificate_ops.sign(csr)

예제 #16

    def test_validate_csr_bypass(self):
        """Test empty validator set for validate_csr."""
        csr_obj = certificate_ops.parse_csr(self.csr_sample, 'pem')
        config = "anchor.jsonloader.conf._config"
        self.sample_conf_ra['default_ra']['validators'] = {}
        data = self.sample_conf

        with mock.patch.dict(config, data):
            # this should work, it allows people to bypass validation
            certificate_ops.validate_csr('default_ra', None, csr_obj, None)

예제 #17

파일: test_certificate_ops.py 프로젝트: rtmorgan/anchor

    def test_validate_csr_fail(self):
        """Test failure path for validate_csr."""
        csr_obj = certificate_ops.parse_csr(self.csr, 'pem')
        config = "anchor.jsonloader.conf._config"
        validators = {'steps': {'common_name': {'allowed_domains':
                                                ['.testing.com']}}}
        data = {'validators': validators}

        with mock.patch.dict(config, data):
            with self.assertRaises(http_status.HTTPClientError):
                certificate_ops.validate_csr(None, csr_obj, None)

예제 #18

    def test_ca_key_read_failure(self):
        """Test CA key read failure."""
        csr_obj = certificate_ops.parse_csr(self.csr_sample, 'pem')
        config = "anchor.jsonloader.conf._config"
        self.sample_conf_ca['default_ca']['cert_path'] = 'tests/CA/root-ca.crt'
        self.sample_conf_ca['default_ca']['key_path'] = '/xxx/not/a/valid/path'
        data = self.sample_conf

        with mock.patch.dict(config, data):
            with self.assertRaises(http_status.HTTPException) as cm:
                certificate_ops.dispatch_sign('default_ra', csr_obj)
        self.assertEqual(cm.exception.code, 500)

예제 #19

파일: __init__.py 프로젝트: jqxin2006/anchor

    def post(self):
        ra_name = self.ra_name

        logger.debug("processing signing request in registration authority %s",
                     ra_name)
        auth_result = auth.validate(ra_name, pecan.request.POST.get('user'),
                                    pecan.request.POST.get('secret'))
        csr = certificate_ops.parse_csr(pecan.request.POST.get('csr'),
                                        pecan.request.POST.get('encoding'))
        certificate_ops.validate_csr(ra_name, auth_result, csr, pecan.request)

        return certificate_ops.dispatch_sign(ra_name, csr)

예제 #20

파일: test_certificate_ops.py 프로젝트: agh/anchor

    def test_ca_key_read_failure(self):
        """Test CA key read failure."""
        csr_obj = certificate_ops.parse_csr(self.csr_sample, 'pem')
        config = "anchor.jsonloader.conf._config"
        self.sample_conf_ca['default_ca']['cert_path'] = 'tests/CA/root-ca.crt'
        self.sample_conf_ca['default_ca']['key_path'] = '/xxx/not/a/valid/path'
        data = self.sample_conf

        with mock.patch.dict(config, data):
            with self.assertRaises(http_status.HTTPException) as cm:
                certificate_ops.dispatch_sign('default_ra', csr_obj)
        self.assertEqual(cm.exception.code, 500)

예제 #21

    def test_validate_csr_success(self):
        """Test basic success path for validate_csr."""
        csr_obj = certificate_ops.parse_csr(self.csr_sample, 'pem')
        config = "anchor.jsonloader.conf._config"
        self.sample_conf_ra['default_ra']['validators'] = {
            'extensions': {
                'allowed_extensions': ['basicConstraints', 'keyUsage']
            }
        }
        data = self.sample_conf

        with mock.patch.dict(config, data):
            certificate_ops.validate_csr('default_ra', None, csr_obj, None)

예제 #22

파일: __init__.py 프로젝트: jqxin2006/anchor

    def post(self):
        ra_name = self.ra_name

        logger.debug("processing signing request in registration authority %s",
                     ra_name)
        auth_result = auth.validate(ra_name,
                                    pecan.request.POST.get('user'),
                                    pecan.request.POST.get('secret'))
        csr = certificate_ops.parse_csr(pecan.request.POST.get('csr'),
                                        pecan.request.POST.get('encoding'))
        certificate_ops.validate_csr(ra_name, auth_result, csr, pecan.request)

        return certificate_ops.dispatch_sign(ra_name, csr)

예제 #23

파일: test_certificate_ops.py 프로젝트: Daviey/anchor

    def test_ca_key_read_failure(self):
        """Test CA key read failure."""
        csr_obj = certificate_ops.parse_csr(self.csr, 'pem')
        config = "anchor.jsonloader.conf._config"
        data = {
            'ca': {
                'cert_path': 'tests/CA/root-ca.crt',
                'key_path': '/xxx/not/a/valid/path'
            }
        }

        with mock.patch.dict(config, data):
            with self.assertRaises(http_status.HTTPServerError):
                certificate_ops.sign(csr_obj)

예제 #24

파일: test_certificate_ops.py 프로젝트: agh/anchor

    def test_validate_csr_fail(self):
        """Test failure path for validate_csr."""
        csr_obj = certificate_ops.parse_csr(self.csr_sample, 'pem')
        config = "anchor.jsonloader.conf._config"
        self.sample_conf_ra['default_ra']['validators'] = {
            'common_name': {
                'allowed_domains': ['.testing.example.com']
            }
        }
        data = self.sample_conf

        with mock.patch.dict(config, data):
            with self.assertRaises(http_status.HTTPException) as cm:
                certificate_ops.validate_csr('default_ra', None, csr_obj, None)
        self.assertEqual(cm.exception.code, 400)

예제 #25

    def test_validate_csr_fail(self):
        """Test failure path for validate_csr."""
        csr_obj = certificate_ops.parse_csr(self.csr_sample, 'pem')
        config = "anchor.jsonloader.conf._config"
        self.sample_conf_ra['default_ra']['validators'] = {
            'common_name': {
                'allowed_domains': ['.testing.example.com']
            }
        }
        data = self.sample_conf

        with mock.patch.dict(config, data):
            with self.assertRaises(http_status.HTTPException) as cm:
                certificate_ops.validate_csr('default_ra', None, csr_obj, None)
        self.assertEqual(cm.exception.code, 400)

예제 #26

파일: test_certificate_ops.py 프로젝트: Daviey/anchor

    def test_validate_csr_fail(self):
        """Test failure path for validate_csr."""
        csr_obj = certificate_ops.parse_csr(self.csr, 'pem')
        config = "anchor.jsonloader.conf._config"
        validators = {
            'steps': {
                'common_name': {
                    'allowed_domains': ['.testing.com']
                }
            }
        }
        data = {'validators': validators}

        with mock.patch.dict(config, data):
            with self.assertRaises(http_status.HTTPClientError):
                certificate_ops.validate_csr(None, csr_obj, None)

예제 #27

파일: test_certificate_ops.py 프로젝트: rtmorgan/anchor

 def test_parse_csr_fail4(self):
     """Test invalid CSR (wrong value) format for parse_csr."""
     with self.assertRaises(http_status.HTTPClientError):
         certificate_ops.parse_csr('invalid csr input', 'pem')

예제 #28

파일: test_certificate_ops.py 프로젝트: rtmorgan/anchor

 def test_parse_csr_fail3(self):
     """Test invalid CSR (None) format for parse_csr."""
     with self.assertRaises(http_status.HTTPClientError):
         certificate_ops.parse_csr(None, 'pem')

예제 #29

파일: test_certificate_ops.py 프로젝트: rtmorgan/anchor

 def test_parse_csr_fail2(self):
     """Test invalid CSR format (wrong type) for parse_csr."""
     with self.assertRaises(http_status.HTTPClientError):
         certificate_ops.parse_csr(self.csr, True)

예제 #30

파일: test_certificate_ops.py 프로젝트: agh/anchor

 def test_parse_csr_fail1(self):
     """Test invalid CSR format (wrong value) for parse_csr."""
     with self.assertRaises(http_status.HTTPClientError):
         certificate_ops.parse_csr(self.csr_sample, 'blah')

예제 #31

파일: test_certificate_ops.py 프로젝트: viraptor/anchor

 def test_parse_csr_success1(self):
     """Test basic success path for parse_csr."""
     result = certificate_ops.parse_csr(self.csr, 'pem')
     subject = result.get_subject()
     actual_cn = subject.get_entries_by_nid_name('CN')[0].get_value()
     self.assertEqual(actual_cn, self.expected_cn)

예제 #32

 def test_parse_csr_fail1(self):
     """Test invalid CSR format (wrong value) for parse_csr."""
     with self.assertRaises(http_status.HTTPClientError):
         certificate_ops.parse_csr(self.csr, 'blah')

예제 #33

 def test_parse_csr_fail2(self):
     """Test invalid CSR format (wrong type) for parse_csr."""
     with self.assertRaises(http_status.HTTPClientError):
         certificate_ops.parse_csr(self.csr_sample, True)

예제 #34

 def test_parse_csr_fail4(self):
     """Test invalid CSR (wrong value) format for parse_csr."""
     with self.assertRaises(http_status.HTTPClientError):
         certificate_ops.parse_csr('invalid csr input', 'pem')

예제 #35

 def test_parse_csr_fail3(self):
     """Test invalid CSR (None) format for parse_csr."""
     with self.assertRaises(http_status.HTTPClientError):
         certificate_ops.parse_csr(None, 'pem')