def test_sysca():
# create ca key and cert
ca_key = sysca.new_ec_key()
ca_pub_key = ca_key.public_key()
ca_info = sysca.CertInfo(subject={'CN': 'TestCA'}, ca=True)
ca_cert = sysca.create_x509_cert(ca_key, ca_pub_key, ca_info, ca_info, 365)
# srv key
srv_key = sysca.new_rsa_key()
srv_info = sysca.CertInfo(subject={'CN': 'Server1'})
srv_req = sysca.create_x509_req(srv_key, srv_info)
# ca signs
srv_info2 = sysca.CertInfo(load=srv_req)
srv_cert = sysca.create_x509_cert(ca_key, srv_req.public_key(), srv_info2, ca_info, 365)
def test_sysca():
# create ca key and cert
ca_key = sysca.new_ec_key()
ca_pub_key = ca_key.public_key()
ca_info = sysca.CertInfo(subject={'CN': 'TestCA'}, ca=True)
ca_cert = sysca.create_x509_cert(ca_key, ca_pub_key, ca_info, ca_info, 365)
# srv key
srv_key = sysca.new_rsa_key()
srv_info = sysca.CertInfo(subject={'CN': 'Server1'})
srv_req = sysca.create_x509_req(srv_key, srv_info)
# ca signs
srv_info2 = sysca.CertInfo(load=srv_req)
srv_cert = sysca.create_x509_cert(ca_key, srv_req.public_key(), srv_info2, ca_info, 365)
eq_(1, 1)
def test_passthrough():
key = sysca.new_ec_key()
info = sysca.CertInfo(
subject={'CN': 'Passing'},
ca=True,
path_length=3,
alt_names=[
'dns:*.www.com',
'email:[email protected]',
'ip:127.0.0.1',
'uri:http://www.com',
'dn:/CN=sub-dn/',
],
usage=[
'digital_signature',
'content_commitment',
'key_encipherment',
'data_encipherment',
'key_agreement',
'key_cert_sign',
'crl_sign',
# xku
'server',
'client',
'code',
'email',
'time',
'ocsp',
'any',
],
ocsp_urls=['http://localhost'],
issuer_urls=['http://localhost'],
permit_subtrees=['dns:*.www.com'],
exclude_subtrees=['dns:*.www.net'],
)
req = sysca.create_x509_req(key, info)
info2 = sysca.CertInfo(load=req)
lst1 = []
lst2 = []
info.show(lst1.append)
info2.show(lst2.append)
eq_(lst1, lst2)
def test_passthrough():
key = sysca.new_ec_key()
info = sysca.CertInfo(
subject={
'CN': 'Passing',
'O': 'OrgName',
'OU': 'OrgUnit',
'C': 'CA',
'L': 'Location',
'ST': 'State',
'SN': 'Surname',
'GN': 'GivenName',
'T': 'Title',
'P': 'Pseudonym',
'GQ': 'GEN_QUAL',
'DQ': 'DN_QUAL',
'UID': 'UID',
'XUID': 'XUID',
'EMAIL': 'e@mail',
'SERIAL': 'EV_SERIAL',
'SA': 'StreetAddr',
'PA': 'PostalAddr',
'PC': 'PostalCode',
'JC': 'CA',
'JL': 'JurLocation',
'JST': 'JurState',
},
ca=True,
path_length=3,
alt_names=[
'dns:*.www.com',
'email:[email protected]',
'ip:127.0.0.1',
'uri:http://www.com',
'dn:/CN=sub-dn/BC=foo/BC=bar/',
],
usage=[
'digital_signature',
'content_commitment',
'key_encipherment',
'data_encipherment',
'key_agreement',
'key_cert_sign',
'crl_sign',
# xku
'server',
'client',
'code',
'email',
'time',
'ocsp',
'any',
],
ocsp_must_staple=True,
ocsp_must_staple_v2=True,
ocsp_nocheck=True,
ocsp_urls=['http://localhost'],
issuer_urls=['http://localhost'],
permit_subtrees=['dns:*.www.com'],
exclude_subtrees=['dns:*.www.net'],
)
req = sysca.create_x509_req(key, info)
info2 = sysca.CertInfo(load=req)
lst1 = []
lst2 = []
info.show(lst1.append)
info2.show(lst2.append)
assert lst1 == lst2
