def test_deep_clone(self): orig = x509_name.X509Name() orig.add_name_entry(x509_name.OID_countryName, "UK") clone = x509_name.X509Name(orig._name_obj) self.assertEqual(str(orig), str(clone)) clone.add_name_entry(x509_name.OID_stateOrProvinceName, "test_ST") self.assertNotEqual(str(orig), str(clone))
def get_issuer(self): """Get the issuer name field value. :return: An X509Name object instance """ val = self._cert['tbsCertificate']['issuer'][0] return name.X509Name(val)
def get_subject(self): """Get the subject name field value. :return: An X509Name object instance """ val = self._cert['tbsCertificate']['subject'][0] return name.X509Name(val)
def test_csr_require_cn(self): common_name = utils.csr_require_cn(self.csr) self.assertEqual(common_name, self.csr_sample_cn) self.csr.set_subject(name.X509Name()) with self.assertRaises(errors.ValidationError): utils.csr_require_cn(self.csr)
def test_no_cn(self): csr = signing_request.X509Csr() subject = name.X509Name() subject.add_name_entry(name.OID_localityName, "somewhere") csr.set_subject(subject) new_csr = fixups.enforce_alternative_names_present(csr=csr) self.assertEqual(0, len(new_csr.get_extensions()))
def test_with_subject_san_not_critical(self): csr = signing_request.X509Csr() subject = name.X509Name() subject.add_name_entry(name.OID_commonName, "example.com") csr.set_subject(subject) ext = extension.X509ExtensionSubjectAltName() ext.set_critical(False) ext.add_dns_id('example.com') csr.add_extension(ext) standards._critical_flags(csr)
def test_set_issuer(self): name = x509_name.X509Name() name.add_name_entry(x509_name.OID_countryName, 'UK') self.cert.set_issuer(name) name = self.cert.get_issuer() entries = name.get_entries_by_oid(x509_name.OID_countryName) self.assertEqual(len(entries), 1) self.assertEqual(entries[0].get_name(), "countryName") self.assertEqual(entries[0].get_value(), "UK")
def get_issuer(self): """Get the issuer name field value. :return: An X509Name object instance """ val = self._lib.X509_get_issuer_name(self._certObj) if val == self._ffi.NULL: raise X509CertificateError("Could not get subject from X509 " "certificate.") # pragma: no cover return name.X509Name(val)
def get_subject(self): """Get the subject name field from the CSR :return: an X509Name object """ subs = self._lib.X509_REQ_get_subject_name(self._csrObj) if subs == self._ffi.NULL: raise X509CsrError( "Could not get subject from X509 CSR.") # pragma: no cover return name.X509Name(subs)
def get_subject(self): """Get the subject name field from the CSR :return: an X509Name object """ ri = self.get_request_info() if ri['subject'] is None: ri['subject'] = None # setup first RDN sequence ri['subject'][0] = None subject = ri['subject'][0] return name.X509Name(subject)
def test_common_name_bad_ip_CN(self): name = x509_name.X509Name() name.add_name_entry(x509_name.NID_commonName, '12.0.0.1') csr_mock = mock.MagicMock() csr_mock.get_subject.return_value = name with self.assertRaises(validators.ValidationError) as e: validators.common_name( csr=csr_mock, allowed_domains=[], allowed_networks=['10/8']) self.assertEqual("Network '12.0.0.1' not allowed (does not match " "known networks)", str(e.exception))
def setUp(self): super(TestX509Name, self).setUp() self.name = x509_name.X509Name() self.name.add_name_entry(x509_name.NID_countryName, "UK") # must be 2 chars self.name.add_name_entry(x509_name.NID_stateOrProvinceName, "test_ST") self.name.add_name_entry(x509_name.NID_localityName, "test_L") self.name.add_name_entry(x509_name.NID_organizationName, "test_O") self.name.add_name_entry(x509_name.NID_organizationalUnitName, "test_OU") self.name.add_name_entry(x509_name.NID_commonName, "test_CN") self.name.add_name_entry(x509_name.NID_pkcs9_emailAddress, "test_Email") self.name.add_name_entry(x509_name.NID_surname, "test_SN") self.name.add_name_entry(x509_name.NID_givenName, "test_GN")
def test_common_name_bad_CN(self, gethostbyname_ex): gethostbyname_ex.return_value = ('master.test.com', [], ['10.0.0.1']) name = x509_name.X509Name() name.add_name_entry(x509_name.NID_commonName, 'test.baddomain.com') csr_mock = mock.MagicMock() csr_mock.get_subject.return_value = name with self.assertRaises(validators.ValidationError) as e: validators.common_name( csr=csr_mock, allowed_domains=['.test.com'], allowed_networks=['10/8']) self.assertEqual("Domain 'test.baddomain.com' not allowed (does not " "match known domains)", str(e.exception))
def _csr_with_cn(self, cn): csr = signing_request.X509Csr() subject = name.X509Name() subject.add_name_entry(name.OID_commonName, cn) csr.set_subject(subject) return csr