Python validate_csr примеры использования

Пример #1

Файл: __init__.py Проект: agh/anchor

    def post(self):
        ra_name = self.ra_name

        logger.debug("processing signing request in registration authority %s",
                     ra_name)
        try:
            auth_result = auth.validate(ra_name,
                                        pecan.request.POST.get('user'),
                                        pecan.request.POST.get('secret'))
            audit.emit_auth_event(ra_name, pecan.request.POST.get('user'),
                                  auth_result)
        except http_status.HTTPUnauthorized:
            audit.emit_auth_event(ra_name, pecan.request.POST.get('user'),
                                  None)
            raise

        try:
            csr = certificate_ops.parse_csr(pecan.request.POST.get('csr'),
                                            pecan.request.POST.get('encoding'))
            certificate_ops.validate_csr(ra_name, auth_result, csr,
                                         pecan.request)
            csr = certificate_ops.fixup_csr(ra_name, csr, pecan.request)

            cert, fingerprint = certificate_ops.dispatch_sign(ra_name, csr)
            audit.emit_signing_event(ra_name, pecan.request.POST.get('user'),
                                     auth_result, fingerprint=fingerprint)
        except Exception:
            audit.emit_signing_event(ra_name, pecan.request.POST.get('user'),
                                     auth_result)
            raise
        return cert

Пример #2

Файл: __init__.py Проект: college-prep/gunnhacks7

    def post(self):
        ra_name = self.ra_name

        logger.debug("processing signing request in registration authority %s",
                     ra_name)
        try:
            auth_result = auth.validate(ra_name,
                                        pecan.request.POST.get('user'),
                                        pecan.request.POST.get('secret'))
            audit.emit_auth_event(ra_name, pecan.request.POST.get('user'),
                                  auth_result)
        except http_status.HTTPUnauthorized:
            audit.emit_auth_event(ra_name, pecan.request.POST.get('user'),
                                  None)
            raise

        try:
            csr = certificate_ops.parse_csr(pecan.request.POST.get('csr'),
                                            pecan.request.POST.get('encoding'))
            certificate_ops.validate_csr(ra_name, auth_result, csr,
                                         pecan.request)
            csr = certificate_ops.fixup_csr(ra_name, csr, pecan.request)

            cert, fingerprint = certificate_ops.dispatch_sign(ra_name, csr)
            audit.emit_signing_event(ra_name,
                                     pecan.request.POST.get('user'),
                                     auth_result,
                                     fingerprint=fingerprint)
        except Exception:
            audit.emit_signing_event(ra_name, pecan.request.POST.get('user'),
                                     auth_result)
            raise
        return cert

Пример #3

Файл: test_certificate_ops.py Проект: rtmorgan/anchor

    def test_validate_csr_success(self):
        """Test basic success path for validate_csr."""
        csr_obj = certificate_ops.parse_csr(self.csr, 'pem')
        config = "anchor.jsonloader.conf._config"
        validators = {'steps': {'extensions': {'allowed_extensions': []}}}
        data = {'validators': validators}

        with mock.patch.dict(config, data):
            certificate_ops.validate_csr(None, csr_obj, None)

Пример #4

Файл: test_certificate_ops.py Проект: Daviey/anchor

    def test_validate_csr_bypass(self):
        """Test empty validator set for validate_csr."""
        csr_obj = certificate_ops.parse_csr(self.csr, 'pem')
        config = "anchor.jsonloader.conf._config"
        data = {'validators': {}}

        with mock.patch.dict(config, data):
            # this should work, it allows people to bypass validation
            certificate_ops.validate_csr(None, csr_obj, None)

Пример #5

Файл: test_certificate_ops.py Проект: Daviey/anchor

    def test_validate_csr_success(self):
        """Test basic success path for validate_csr."""
        csr_obj = certificate_ops.parse_csr(self.csr, 'pem')
        config = "anchor.jsonloader.conf._config"
        validators = {'steps': {'extensions': {'allowed_extensions': []}}}
        data = {'validators': validators}

        with mock.patch.dict(config, data):
            certificate_ops.validate_csr(None, csr_obj, None)

Пример #6

Файл: test_certificate_ops.py Проект: rtmorgan/anchor

    def test_validate_csr_bypass(self):
        """Test empty validator set for validate_csr."""
        csr_obj = certificate_ops.parse_csr(self.csr, 'pem')
        config = "anchor.jsonloader.conf._config"
        data = {'validators': {}}

        with mock.patch.dict(config, data):
            # this should work, it allows people to bypass validation
            certificate_ops.validate_csr(None, csr_obj, None)

Пример #7

Файл: test_certificate_ops.py Проект: agh/anchor

    def test_validate_csr_success(self):
        """Test basic success path for validate_csr."""
        csr_obj = certificate_ops.parse_csr(self.csr_sample, 'pem')
        config = "anchor.jsonloader.conf._config"
        self.sample_conf_ra['default_ra']['validators'] = {'extensions': {
            'allowed_extensions': ['basicConstraints', 'keyUsage']}}
        data = self.sample_conf

        with mock.patch.dict(config, data):
            certificate_ops.validate_csr('default_ra', None, csr_obj, None)

Пример #8

    def test_validate_csr_bypass(self):
        """Test empty validator set for validate_csr."""
        csr_obj = certificate_ops.parse_csr(self.csr_sample, 'pem')
        config = "anchor.jsonloader.conf._config"
        self.sample_conf_ra['default_ra']['validators'] = {}
        data = self.sample_conf

        with mock.patch.dict(config, data):
            # this should work, it allows people to bypass validation
            certificate_ops.validate_csr('default_ra', None, csr_obj, None)

Пример #9

    def post(self):
        auth_result = auth.validate(pecan.request.POST.get('user'),
                                    pecan.request.POST.get('secret'))

        csr = certificate_ops.parse_csr(pecan.request.POST.get('csr'),
                                        pecan.request.POST.get('encoding'))

        certificate_ops.validate_csr(auth_result, csr, pecan.request)

        return certificate_ops.sign(csr)

Пример #10

Файл: test_certificate_ops.py Проект: agh/anchor

    def test_validate_csr_bypass(self):
        """Test empty validator set for validate_csr."""
        csr_obj = certificate_ops.parse_csr(self.csr_sample, 'pem')
        config = "anchor.jsonloader.conf._config"
        self.sample_conf_ra['default_ra']['validators'] = {}
        data = self.sample_conf

        with mock.patch.dict(config, data):
            # this should work, it allows people to bypass validation
            certificate_ops.validate_csr('default_ra', None, csr_obj, None)

Пример #11

Файл: __init__.py Проект: rtmorgan/anchor

    def post(self):
        auth_result = auth.validate(pecan.request.POST.get('user'),
                                    pecan.request.POST.get('secret'))

        csr = certificate_ops.parse_csr(pecan.request.POST.get('csr'),
                                        pecan.request.POST.get('encoding'))

        certificate_ops.validate_csr(auth_result, csr, pecan.request)

        return certificate_ops.sign(csr)

Пример #12

Файл: test_certificate_ops.py Проект: rtmorgan/anchor

    def test_validate_csr_fail(self):
        """Test failure path for validate_csr."""
        csr_obj = certificate_ops.parse_csr(self.csr, 'pem')
        config = "anchor.jsonloader.conf._config"
        validators = {'steps': {'common_name': {'allowed_domains':
                                                ['.testing.com']}}}
        data = {'validators': validators}

        with mock.patch.dict(config, data):
            with self.assertRaises(http_status.HTTPClientError):
                certificate_ops.validate_csr(None, csr_obj, None)

Пример #13

Файл: __init__.py Проект: jqxin2006/anchor

    def post(self):
        ra_name = self.ra_name

        logger.debug("processing signing request in registration authority %s",
                     ra_name)
        auth_result = auth.validate(ra_name, pecan.request.POST.get('user'),
                                    pecan.request.POST.get('secret'))
        csr = certificate_ops.parse_csr(pecan.request.POST.get('csr'),
                                        pecan.request.POST.get('encoding'))
        certificate_ops.validate_csr(ra_name, auth_result, csr, pecan.request)

        return certificate_ops.dispatch_sign(ra_name, csr)

Пример #14

Файл: __init__.py Проект: jqxin2006/anchor

    def post(self):
        ra_name = self.ra_name

        logger.debug("processing signing request in registration authority %s",
                     ra_name)
        auth_result = auth.validate(ra_name,
                                    pecan.request.POST.get('user'),
                                    pecan.request.POST.get('secret'))
        csr = certificate_ops.parse_csr(pecan.request.POST.get('csr'),
                                        pecan.request.POST.get('encoding'))
        certificate_ops.validate_csr(ra_name, auth_result, csr, pecan.request)

        return certificate_ops.dispatch_sign(ra_name, csr)

Пример #15

    def test_validate_csr_success(self):
        """Test basic success path for validate_csr."""
        csr_obj = certificate_ops.parse_csr(self.csr_sample, 'pem')
        config = "anchor.jsonloader.conf._config"
        self.sample_conf_ra['default_ra']['validators'] = {
            'extensions': {
                'allowed_extensions': ['basicConstraints', 'keyUsage']
            }
        }
        data = self.sample_conf

        with mock.patch.dict(config, data):
            certificate_ops.validate_csr('default_ra', None, csr_obj, None)

Пример #16

Файл: test_certificate_ops.py Проект: agh/anchor

    def test_validate_csr_fail(self):
        """Test failure path for validate_csr."""
        csr_obj = certificate_ops.parse_csr(self.csr_sample, 'pem')
        config = "anchor.jsonloader.conf._config"
        self.sample_conf_ra['default_ra']['validators'] = {
            'common_name': {
                'allowed_domains': ['.testing.example.com']
            }
        }
        data = self.sample_conf

        with mock.patch.dict(config, data):
            with self.assertRaises(http_status.HTTPException) as cm:
                certificate_ops.validate_csr('default_ra', None, csr_obj, None)
        self.assertEqual(cm.exception.code, 400)

Пример #17

    def test_validate_csr_fail(self):
        """Test failure path for validate_csr."""
        csr_obj = certificate_ops.parse_csr(self.csr_sample, 'pem')
        config = "anchor.jsonloader.conf._config"
        self.sample_conf_ra['default_ra']['validators'] = {
            'common_name': {
                'allowed_domains': ['.testing.example.com']
            }
        }
        data = self.sample_conf

        with mock.patch.dict(config, data):
            with self.assertRaises(http_status.HTTPException) as cm:
                certificate_ops.validate_csr('default_ra', None, csr_obj, None)
        self.assertEqual(cm.exception.code, 400)

Пример #18

Файл: test_certificate_ops.py Проект: Daviey/anchor

    def test_validate_csr_fail(self):
        """Test failure path for validate_csr."""
        csr_obj = certificate_ops.parse_csr(self.csr, 'pem')
        config = "anchor.jsonloader.conf._config"
        validators = {
            'steps': {
                'common_name': {
                    'allowed_domains': ['.testing.com']
                }
            }
        }
        data = {'validators': validators}

        with mock.patch.dict(config, data):
            with self.assertRaises(http_status.HTTPClientError):
                certificate_ops.validate_csr(None, csr_obj, None)