示例#1
0
 def test_store_certificate_secret_assert_called(self, algorithm,
                                                 bit_length):
     key_spec = secret_store.KeySpec(algorithm, bit_length)
     secret_dto = secret_store.SecretDTO(
         secret_store.SecretType.CERTIFICATE,
         base64.b64encode(keys.get_certificate_pem()), key_spec,
         'content_type')
     self.secret_store.store_secret(secret_dto)
     self.secret_store.client.proxy.register.assert_called_once_with(
         enums.ObjectType.CERTIFICATE, mock.ANY, mock.ANY)
     proxy = self.secret_store.client.proxy
     register_call_args, _ = proxy.register.call_args
     actual_secret = register_call_args[2]
     self.assertEqual(keys.get_certificate_der(),
                      actual_secret.certificate_value.value)
示例#2
0
 def test_store_certificate_secret_assert_called(
         self, algorithm, bit_length):
     key_spec = secret_store.KeySpec(algorithm, bit_length)
     secret_dto = secret_store.SecretDTO(
         secret_store.SecretType.CERTIFICATE,
         base64.b64encode(keys.get_certificate_pem()),
         key_spec,
         'content_type')
     self.secret_store.store_secret(secret_dto)
     self.secret_store.client.proxy.register.assert_called_once_with(
         enums.ObjectType.CERTIFICATE,
         mock.ANY,
         mock.ANY)
     proxy = self.secret_store.client.proxy
     register_call_args, _ = proxy.register.call_args
     actual_secret = register_call_args[2]
     self.assertEqual(
         keys.get_certificate_der(),
         actual_secret.certificate_value.value)
示例#3
0
 def test_store_certificate_secret_assert_called(self, algorithm,
                                                 bit_length):
     key_spec = secret_store.KeySpec(algorithm, bit_length)
     secret_dto = secret_store.SecretDTO(
         secret_store.SecretType.CERTIFICATE,
         base64.b64encode(keys.get_certificate_pem()), key_spec,
         'content_type')
     self.secret_store.store_secret(secret_dto)
     self.secret_store.client.register.assert_called_once_with(
         object_type=enums.ObjectType.CERTIFICATE,
         template_attribute=mock.ANY,
         secret=mock.ANY,
         credential=self.credential)
     _, register_call_kwargs = self.secret_store.client.register.call_args
     actual_secret = register_call_kwargs.get('secret')
     self.assertEqual(enums.CertificateTypeEnum.X_509.value,
                      actual_secret.certificate_type.value)
     self.assertEqual(keys.get_certificate_der(),
                      actual_secret.certificate_value.value)
示例#4
0
 def test_store_certificate_secret_assert_called(
         self, algorithm, bit_length):
     key_spec = secret_store.KeySpec(algorithm, bit_length)
     secret_dto = secret_store.SecretDTO(
         secret_store.SecretType.CERTIFICATE,
         base64.b64encode(keys.get_certificate_pem()),
         key_spec,
         'content_type')
     self.secret_store.store_secret(secret_dto)
     self.secret_store.client.register.assert_called_once_with(
         object_type=enums.ObjectType.CERTIFICATE,
         template_attribute=mock.ANY,
         secret=mock.ANY,
         credential=self.credential)
     _, register_call_kwargs = self.secret_store.client.register.call_args
     actual_secret = register_call_kwargs.get('secret')
     self.assertEqual(
         enums.CertificateTypeEnum.X_509.value,
         actual_secret.certificate_type.value)
     self.assertEqual(
         keys.get_certificate_der(),
         actual_secret.certificate_value.value)
示例#5
0
    def setUp(self):
        super(WhenTestingDogtagCAPlugin, self).setUp()
        self.certclient_mock = mock.MagicMock(name="CertClient mock")
        self.patcher = mock.patch('pki.crypto.NSSCryptoProvider')
        self.patcher2 = mock.patch('pki.client.PKIConnection')
        self.patcher.start()
        self.patcher2.start()

        # create nss db for test only
        self.nss_dir = tempfile.mkdtemp()

        # create expiration file for test
        fh, self.expiration_data_path = tempfile.mkstemp()
        exp_time = datetime.datetime.utcnow() + datetime.timedelta(days=2)
        os.write(fh, exp_time.strftime(
            "%Y-%m-%d %H:%M:%S.%f"))
        os.close(fh)

        # create host CA file for test
        fh, self.host_ca_path = tempfile.mkstemp()
        os.write(fh, "host_ca_aid")
        os.close(fh)

        self.approved_profile_id = "caServerCert"
        CONF = dogtag_import.CONF
        CONF.dogtag_plugin.nss_db_path = self.nss_dir
        CONF.dogtag_plugin.ca_expiration_data_path = self.expiration_data_path
        CONF.dogtag_plugin.ca_host_aid_path = self.host_ca_path
        CONF.dogtag_plugin.auto_approved_profiles = [self.approved_profile_id]
        CONF.dogtag_plugin.dogtag_host = "localhost"
        CONF.dogtag_plugin.dogtag_port = "8443"
        CONF.dogtag_plugin.simple_cmc_profile = "caOtherCert"
        self.cfg = CONF

        self.plugin = dogtag_import.DogtagCAPlugin(CONF)
        self.plugin.certclient = self.certclient_mock
        self.order_id = mock.MagicMock()
        self.profile_id = mock.MagicMock()

        # request generated
        self.request_id_mock = mock.MagicMock()
        self.request = dogtag_cert.CertRequestInfo()
        self.request.request_id = self.request_id_mock
        self.request.request_status = dogtag_cert.CertRequestStatus.COMPLETE
        self.cert_id_mock = mock.MagicMock()
        self.request.cert_id = self.cert_id_mock

        # cert generated
        self.cert = mock.MagicMock()
        self.cert.encoded = keys.get_certificate_pem()
        self.cert.pkcs7_cert_chain = keys.get_certificate_der()

        # for cancel/modify
        self.review_response = mock.MagicMock()

        # modified request
        self.modified_request = mock.MagicMock()
        self.modified_request_id_mock = mock.MagicMock()
        self.modified_request.request_id = self.modified_request_id_mock
        self.modified_request.request_status = (
            dogtag_cert.CertRequestStatus.COMPLETE)
        self.modified_request.cert_id = self.cert_id_mock

        self.barbican_meta_dto = cm.BarbicanMetaDTO()
示例#6
0
def get_sample_certificate():
    return objects.X509Certificate(keys.get_certificate_der())
示例#7
0
    def setUp(self):
        super(WhenTestingDogtagCAPlugin, self).setUp()
        self.certclient_mock = mock.MagicMock(name="CertClient mock")
        self.patcher = mock.patch('pki.crypto.NSSCryptoProvider')
        self.patcher2 = mock.patch('pki.client.PKIConnection')
        self.patcher.start()
        self.patcher2.start()

        # create nss db for test only
        self.nss_dir = tempfile.mkdtemp()

        # create expiration file for test
        fh, self.expiration_data_path = tempfile.mkstemp()
        exp_time = datetime.datetime.utcnow() + datetime.timedelta(days=2)
        os.write(fh, exp_time.strftime(
            "%Y-%m-%d %H:%M:%S.%f"))
        os.close(fh)

        # create host CA file for test
        fh, self.host_ca_path = tempfile.mkstemp()
        os.write(fh, "host_ca_aid")
        os.close(fh)

        self.approved_profile_id = "caServerCert"
        CONF = dogtag_import.CONF
        CONF.dogtag_plugin.nss_db_path = self.nss_dir
        CONF.dogtag_plugin.ca_expiration_data_path = self.expiration_data_path
        CONF.dogtag_plugin.ca_host_aid_path = self.host_ca_path
        CONF.dogtag_plugin.auto_approved_profiles = [self.approved_profile_id]
        CONF.dogtag_plugin.dogtag_host = "localhost"
        CONF.dogtag_plugin.dogtag_port = 8443
        CONF.dogtag_plugin.simple_cmc_profile = "caOtherCert"
        self.cfg = CONF

        self.plugin = dogtag_import.DogtagCAPlugin(CONF)
        self.plugin.certclient = self.certclient_mock
        self.order_id = mock.MagicMock()
        self.profile_id = mock.MagicMock()

        # request generated
        self.request_id_mock = mock.MagicMock()
        self.request = dogtag_cert.CertRequestInfo()
        self.request.request_id = self.request_id_mock
        self.request.request_status = dogtag_cert.CertRequestStatus.COMPLETE
        self.cert_id_mock = mock.MagicMock()
        self.request.cert_id = self.cert_id_mock

        # cert generated
        self.cert = mock.MagicMock()
        self.cert.encoded = keys.get_certificate_pem()
        self.cert.pkcs7_cert_chain = keys.get_certificate_der()

        # for cancel/modify
        self.review_response = mock.MagicMock()

        # modified request
        self.modified_request = mock.MagicMock()
        self.modified_request_id_mock = mock.MagicMock()
        self.modified_request.request_id = self.modified_request_id_mock
        self.modified_request.request_status = (
            dogtag_cert.CertRequestStatus.COMPLETE)
        self.modified_request.cert_id = self.cert_id_mock

        self.barbican_meta_dto = cm.BarbicanMetaDTO()
示例#8
0
def get_sample_certificate():
    return secrets.Certificate(
        certificate_type=enums.CertificateTypeEnum.X_509,
        certificate_value=keys.get_certificate_der())
示例#9
0
 def test_passes_convert_certificate_der_to_pem(self):
     der = keys.get_certificate_der()
     expected_pem = keys.get_certificate_pem()
     pem = translations.convert_der_to_pem(
         der, s.SecretType.CERTIFICATE)
     self.assertEqual(expected_pem, pem)
示例#10
0
 def test_passes_convert_certificate_pem_to_der(self):
     pem = keys.get_certificate_pem()
     expected_der = keys.get_certificate_der()
     der = translations.convert_pem_to_der(
         pem, s.SecretType.CERTIFICATE)
     self.assertEqual(expected_der, der)
示例#11
0
 def test_passes_convert_certificate_der_to_pem(self):
     der = keys.get_certificate_der()
     expected_pem = keys.get_certificate_pem()
     pem = translations.convert_der_to_pem(der, s.SecretType.CERTIFICATE)
     self.assertEqual(expected_pem, pem)
示例#12
0
 def test_passes_convert_certificate_pem_to_der(self):
     pem = keys.get_certificate_pem()
     expected_der = keys.get_certificate_der()
     der = translations.convert_pem_to_der(pem, s.SecretType.CERTIFICATE)
     self.assertEqual(expected_der, der)