def testItShouldNotCreateACertificateWithoutACA(self):
ca = CA()
try:
ca.create_certificate()
assert False, "expected NoKeyMaterialError"
except NoKeyMaterialError:
pass
except:
assert False, "expected NoKeyMaterialError"
def testItShouldCreateACertificate(self):
ca = CA()
ca.create_ca()
key, certificate = ca.create_certificate()
assert isinstance(key, OpenSSL.crypto.PKey)
assert isinstance(certificate, OpenSSL.crypto.X509)
def testTheCertificateKeyMaterialShouldBeValid(self):
ca = CA()
ca.create_ca()
key, certificate = ca.create_certificate()
ctx = OpenSSL.SSL.Context(OpenSSL.SSL.TLSv1_METHOD)
ctx.use_privatekey(key)
ctx.use_certificate(certificate)
try:
ctx.check_privatekey()
except OpenSSL.SSL.Error:
assert False, "key does not match certificate"
except:
pass