예제 #1
0
def test_create_ca_conf_with_all(tmpdir):
    current_time = mount_efs.get_utc_now()
    tls_dict, full_config_body = _create_ca_conf_helper(tmpdir,
                                                        current_time,
                                                        iam=True,
                                                        ap=True)

    ca_extension_body = (
        '[ v3_ca ]\n'
        'subjectKeyIdentifier = hash\n'
        '1.3.6.1.4.1.4843.7.1 = ASN1:UTF8String:%s\n'
        '1.3.6.1.4.1.4843.7.2 = ASN1:SEQUENCE:efs_client_auth\n'
        '1.3.6.1.4.1.4843.7.3 = ASN1:UTF8String:%s\n'
        '1.3.6.1.4.1.4843.7.4 = ASN1:SEQUENCE:efs_client_info') % (AP_ID,
                                                                   FS_ID)
    efs_client_auth_body = mount_efs.efs_client_auth_builder(
        tls_dict['public_key'], CREDENTIALS['AccessKeyId'],
        CREDENTIALS['SecretAccessKey'], current_time, REGION, FS_ID,
        CREDENTIALS['Token'])
    efs_client_info_body = mount_efs.efs_client_info_builder(CLIENT_INFO)
    matching_config_body = mount_efs.CA_CONFIG_BODY % (
        tls_dict['mount_dir'], tls_dict['private_key'], COMMON_NAME,
        ca_extension_body, efs_client_auth_body, efs_client_info_body)

    assert full_config_body == matching_config_body
예제 #2
0
def test_create_ca_conf_with_iam_no_accesspoint(tmpdir):
    current_time = mount_efs.get_utc_now()
    tls_dict, full_config_body = _create_ca_conf_helper(tmpdir,
                                                        current_time,
                                                        iam=True,
                                                        ap=False,
                                                        client_info=True)

    ca_extension_body = (
        "[ v3_ca ]\n"
        "subjectKeyIdentifier = hash\n"
        "1.3.6.1.4.1.4843.7.2 = ASN1:SEQUENCE:efs_client_auth\n"
        "1.3.6.1.4.1.4843.7.3 = ASN1:UTF8String:%s\n"
        "1.3.6.1.4.1.4843.7.4 = ASN1:SEQUENCE:efs_client_info") % (FS_ID)
    efs_client_auth_body = mount_efs.efs_client_auth_builder(
        tls_dict["public_key"],
        CREDENTIALS["AccessKeyId"],
        CREDENTIALS["SecretAccessKey"],
        current_time,
        REGION,
        FS_ID,
        CREDENTIALS["Token"],
    )
    efs_client_info_body = mount_efs.efs_client_info_builder(CLIENT_INFO)
    matching_config_body = mount_efs.CA_CONFIG_BODY % (
        tls_dict["mount_dir"],
        tls_dict["private_key"],
        COMMON_NAME,
        ca_extension_body,
        efs_client_auth_body,
        efs_client_info_body,
    )

    assert full_config_body == matching_config_body
예제 #3
0
def test_create_ca_conf_with_iam_no_accesspoint(tmpdir):
    current_time = mount_efs.get_utc_now()
    tls_dict, full_config_body = _create_ca_conf_helper(tmpdir,
                                                        current_time,
                                                        iam=True,
                                                        ap=False)

    ca_extension_body = '[ v3_ca ]\nsubjectKeyIdentifier = hash\n1.3.6.1.4.1.4843.7.2 = ASN1:SEQUENCE:efs_client_auth' \
                        '\n1.3.6.1.4.1.4843.7.3 = ASN1:UTF8String:%s' % FS_ID
    efs_client_auth_body = mount_efs.efs_client_auth_builder(
        tls_dict['public_key'], CREDENTIALS['AccessKeyId'],
        CREDENTIALS['SecretAccessKey'], current_time, REGION, FS_ID,
        CREDENTIALS['Token'])
    matching_config_body = mount_efs.CA_CONFIG_BODY % (
        tls_dict['mount_dir'], tls_dict['private_key'], COMMON_NAME,
        ca_extension_body, efs_client_auth_body)

    assert full_config_body == matching_config_body