def test_sign_serial_increment(self):
ezbakeca.EzbakeCA.setup(store=MemoryPersist())
ca = ezbakeca.EzbakeCA()
# first cert
pkey = ezbakeca.private_key()
req = ezbakeca.csr(pkey,
CN="App",
O="Ezbake",
OU="Ezbake Apps",
C="US")
cert = ca.sign_csr(req)
nt.assert_equal(cert.get_subject(), req.get_subject())
nt.assert_equal(cert.get_serial_number(), 2)
# second cert
pkey = ezbakeca.private_key()
req = ezbakeca.csr(pkey,
CN="App2",
O="Ezbake",
OU="Ezbake Apps",
C="US")
cert = ca.sign_csr(req)
nt.assert_equal(cert.get_subject(), req.get_subject())
nt.assert_equal(cert.get_serial_number(), 3)
def __init__(self):
self.pkey = ezbakeca.private_key()
req = ezbakeca.csr(self.pkey,
CN="EzCA", O="Ezbake", OU="Ezbake Core", C="US")
self.ca = ezbakeca.create_ca_certificate(req, self.pkey)
self.appKey = ezbakeca.private_key()
req = ezbakeca.csr(self.appKey, CN="APP")
self.appCert = ezbakeca.create_certificate(req, (self.ca, self.pkey), 2)
def __init__(self):
self.pkey = ezbakeca.private_key()
req = ezbakeca.csr(self.pkey,
CN="EzCA",
O="Ezbake",
OU="Ezbake Core",
C="US")
self.ca = ezbakeca.create_ca_certificate(req, self.pkey)
self.appKey = ezbakeca.private_key()
req = ezbakeca.csr(self.appKey, CN="APP")
self.appCert = ezbakeca.create_certificate(req, (self.ca, self.pkey),
2)
def test_create_ca(self):
# Create new CA
baseCa = ezbakeca.EzbakeCA("TestCA")
# Sign 2 certs
baseCa.sign_csr(ezbakeca.csr(ezbakeca.private_key(),
CN="App", O="Ezbake", OU="Ezbake Apps", C="US"))
baseCa.sign_csr(ezbakeca.csr(ezbakeca.private_key(),
CN="App", O="Ezbake", OU="Ezbake Apps", C="US"))
baseCa.save()
# Load the CA from persistence
ca = ezbakeca.EzbakeCA.get_named("TestCA")
# Next serial should be 3
nt.assert_equal(3, ca.serial)
def test_csr_signing(self):
pkey = ca.private_key()
req = ca.csr(pkey, CN="App", O="Ezbake", OU="Ezbake Apps", C="US")
cert = self.get_client(5049).csr(self.get_token(), ca.pem_csr(req))
cert = crypto.load_certificate(crypto.FILETYPE_PEM, cert)
nt.assert_is_instance(cert, crypto.X509)
nt.assert_equal(req.get_subject(), cert.get_subject())
def test_csr(self):
pkey = ezbakeca.private_key()
csr = ezbakeca.csr(pkey, CN="Test")
nt.assert_is_instance(csr, crypto.X509Req)
nt.assert_equal(csr.get_subject().CN, "Test")
nt.assert_true(csr.verify(ezbakeca.openssl_key(pkey)))
def test_csr(self):
pkey = ezbakeca.private_key()
csr = ezbakeca.csr(pkey, CN="Test")
nt.assert_is_instance(csr, crypto.X509Req)
nt.assert_equal(csr.get_subject().CN, "Test")
nt.assert_true(csr.verify(ezbakeca.openssl_key(pkey)))
def test_csr_signing(self):
pkey = ca.private_key()
req = ca.csr(pkey, CN="App", O="Ezbake", OU="Ezbake Apps", C="US")
cert = self.get_client(5049).csr(self.get_token(), ca.pem_csr(req))
cert = crypto.load_certificate(crypto.FILETYPE_PEM, cert)
nt.assert_is_instance(cert, crypto.X509)
nt.assert_equal(req.get_subject(), cert.get_subject())
def test_create_ca(self):
pkey = ezbakeca.private_key()
req = ezbakeca.csr(pkey,
CN="EzCA", O="Ezbake", OU="Ezbake Core", C="US")
ca = ezbakeca.create_ca_certificate(req, pkey)
nt.assert_is_instance(ca, crypto.X509)
nt.assert_equal(ca.get_subject(), req.get_subject())
nt.assert_equal(ca.get_issuer(), req.get_subject())
nt.assert_equal(ca.get_serial_number(), 1)
def test_sign_serial_increment(self):
ezbakeca.EzbakeCA.setup(store=MemoryPersist())
ca = ezbakeca.EzbakeCA()
# first cert
pkey = ezbakeca.private_key()
req = ezbakeca.csr(pkey,
CN="App", O="Ezbake", OU="Ezbake Apps", C="US")
cert = ca.sign_csr(req)
nt.assert_equal(cert.get_subject(), req.get_subject())
nt.assert_equal(cert.get_serial_number(), 2)
# second cert
pkey = ezbakeca.private_key()
req = ezbakeca.csr(pkey,
CN="App2", O="Ezbake", OU="Ezbake Apps", C="US")
cert = ca.sign_csr(req)
nt.assert_equal(cert.get_subject(), req.get_subject())
nt.assert_equal(cert.get_serial_number(), 3)
def test_create_cert(self):
pkey = ezbakeca.private_key()
req = ezbakeca.csr(pkey,
CN="App", O="Ezbake", OU="Ezbake Apps", C="US")
cert = ezbakeca.create_certificate(req, (self.ca, self.pkey), 2)
nt.assert_is_instance(cert, crypto.X509)
nt.assert_equal(cert.get_subject(), req.get_subject())
nt.assert_equal(cert.get_issuer(), self.ca.get_subject())
nt.assert_equal(cert.get_serial_number(), 2)
nt.assert_equal(cert.get_version(), 2)
def issue_n_certs(ca, r):
if isinstance(ca, basestring):
ca = ezbakeca.EzbakeCA(ca)
serials = []
for i in r:
cert = ca.sign_csr(ezbakeca.csr(ezbakeca.private_key(),
CN="App{0}".format(i),
O="Ezbake",
OU="Ezbake Apps",
C="US"))
serials.append(cert.get_serial_number())
return serials
def issue_n_certs(ca, r):
if isinstance(ca, basestring):
ca = ezbakeca.EzbakeCA(ca)
serials = []
for i in r:
cert = ca.sign_csr(
ezbakeca.csr(ezbakeca.private_key(),
CN="App{0}".format(i),
O="Ezbake",
OU="Ezbake Apps",
C="US"))
serials.append(cert.get_serial_number())
return serials
def test_create_ca(self):
pkey = ezbakeca.private_key()
req = ezbakeca.csr(pkey,
CN="EzCA",
O="Ezbake",
OU="Ezbake Core",
C="US")
ca = ezbakeca.create_ca_certificate(req, pkey)
nt.assert_is_instance(ca, crypto.X509)
nt.assert_equal(ca.get_subject(), req.get_subject())
nt.assert_equal(ca.get_issuer(), req.get_subject())
nt.assert_equal(ca.get_serial_number(), 1)
def test_sign_csr(self):
ca = ezbakeca.EzbakeCA()
pkey = ezbakeca.private_key()
req = ezbakeca.csr(pkey,
CN="App", O="Ezbake", OU="Ezbake Apps", C="US")
cert = ca.sign_csr(req)
nt.assert_is_instance(cert, crypto.X509)
nt.assert_equal(cert.get_subject(), req.get_subject())
nt.assert_equal(cert.get_issuer(), ca.ca_cert.get_subject())
nt.assert_equal(cert.get_serial_number(), 2)
nt.assert_equal(cert.get_version(), 2)
def test_create_ca(self):
# Create new CA
baseCa = ezbakeca.EzbakeCA("TestCA")
# Sign 2 certs
baseCa.sign_csr(
ezbakeca.csr(ezbakeca.private_key(),
CN="App",
O="Ezbake",
OU="Ezbake Apps",
C="US"))
baseCa.sign_csr(
ezbakeca.csr(ezbakeca.private_key(),
CN="App",
O="Ezbake",
OU="Ezbake Apps",
C="US"))
baseCa.save()
# Load the CA from persistence
ca = ezbakeca.EzbakeCA.get_named("TestCA")
# Next serial should be 3
nt.assert_equal(3, ca.serial)
def test_create_cert(self):
pkey = ezbakeca.private_key()
req = ezbakeca.csr(pkey,
CN="App",
O="Ezbake",
OU="Ezbake Apps",
C="US")
cert = ezbakeca.create_certificate(req, (self.ca, self.pkey), 2)
nt.assert_is_instance(cert, crypto.X509)
nt.assert_equal(cert.get_subject(), req.get_subject())
nt.assert_equal(cert.get_issuer(), self.ca.get_subject())
nt.assert_equal(cert.get_serial_number(), 2)
nt.assert_equal(cert.get_version(), 2)
def test_sign_csr(self):
ca = ezbakeca.EzbakeCA()
pkey = ezbakeca.private_key()
req = ezbakeca.csr(pkey,
CN="App",
O="Ezbake",
OU="Ezbake Apps",
C="US")
cert = ca.sign_csr(req)
nt.assert_is_instance(cert, crypto.X509)
nt.assert_equal(cert.get_subject(), req.get_subject())
nt.assert_equal(cert.get_issuer(), ca.ca_cert.get_subject())
nt.assert_equal(cert.get_serial_number(), 2)
nt.assert_equal(cert.get_version(), 2)
