示例#1
0
 def _check_account_key(self, name):
     # read encryption key
     md_store = json.loads(open(TestEnv.path_store_json(), 'r').read())
     encryptKey = base64.urlsafe_b64decode(str(md_store['key']))
     # check: key file is encrypted PEM
     md = TestEnv.a2md(["list", name])['jout']['output'][0]
     acc = md['ca']['account']
     CertUtil.validate_privkey(TestEnv.path_account_key(acc),
                               lambda *args: encryptKey)
示例#2
0
 def check_md_credentials(cls, domain):
     if isinstance(domain, list):
         domains = domain
         domain = domains[0]
     # check private key, validate certificate, etc
     CertUtil.validate_privkey(cls.store_domain_file(domain, 'privkey.pem'))
     cert = CertUtil(cls.store_domain_file(domain, 'pubcert.pem'))
     cert.validate_cert_matches_priv_key(
         cls.store_domain_file(domain, 'privkey.pem'))
     # check SANs and CN
     assert cert.get_cn() == domain
     # compare lists twice in opposite directions: SAN may not respect ordering
     sanList = list(cert.get_san_list())
     assert len(sanList) == len(domains)
     assert set(sanList).issubset(domains)
     assert set(domains).issubset(sanList)
     # check valid dates interval
     notBefore = cert.get_not_before()
     notAfter = cert.get_not_after()
     assert notBefore < datetime.now(notBefore.tzinfo)
     assert notAfter > datetime.now(notAfter.tzinfo)