def test_cn_only_ip(self): csr = self._csr_with_cn("1.2.3.4") new_csr = fixups.enforce_alternative_names_present(csr=csr) self.assertEqual(1, len(new_csr.get_extensions())) ext = new_csr.get_extensions(extension.X509ExtensionSubjectAltName)[0] self.assertEqual([netaddr.IPAddress("1.2.3.4")], ext.get_ips())
def test_cn_only_dns(self): csr = self._csr_with_cn("example.com") new_csr = fixups.enforce_alternative_names_present(csr=csr) self.assertEqual(1, len(new_csr.get_extensions())) ext = new_csr.get_extensions(extension.X509ExtensionSubjectAltName)[0] self.assertEqual(["example.com"], ext.get_dns_ids())
def test_no_cn(self): csr = signing_request.X509Csr() subject = name.X509Name() subject.add_name_entry(name.OID_localityName, "somewhere") csr.set_subject(subject) new_csr = fixups.enforce_alternative_names_present(csr=csr) self.assertEqual(0, len(new_csr.get_extensions()))
def test_cn_extra_dns(self): csr = self._csr_with_cn("example.com") san = extension.X509ExtensionSubjectAltName() san.add_dns_id("other.example.com") csr.add_extension(san) new_csr = fixups.enforce_alternative_names_present(csr=csr) self.assertEqual(1, len(new_csr.get_extensions())) ext = new_csr.get_extensions(extension.X509ExtensionSubjectAltName)[0] ids = ext.get_dns_ids() self.assertIn("example.com", ids) self.assertIn("other.example.com", ids)
def test_cn_extra_ip(self): csr = self._csr_with_cn("1.2.3.4") san = extension.X509ExtensionSubjectAltName() san.add_ip(netaddr.IPAddress("2.3.4.5")) csr.add_extension(san) new_csr = fixups.enforce_alternative_names_present(csr=csr) self.assertEqual(1, len(new_csr.get_extensions())) ext = new_csr.get_extensions(extension.X509ExtensionSubjectAltName)[0] ips = ext.get_ips() self.assertIn(netaddr.IPAddress("1.2.3.4"), ips) self.assertIn(netaddr.IPAddress("2.3.4.5"), ips)