def test_store_certificate_secret_assert_called(self, algorithm,
bit_length):
key_spec = secret_store.KeySpec(algorithm, bit_length)
secret_dto = secret_store.SecretDTO(
secret_store.SecretType.CERTIFICATE,
base64.b64encode(keys.get_certificate_pem()), key_spec,
'content_type')
self.secret_store.store_secret(secret_dto)
self.secret_store.client.proxy.register.assert_called_once_with(
enums.ObjectType.CERTIFICATE, mock.ANY, mock.ANY)
proxy = self.secret_store.client.proxy
register_call_args, _ = proxy.register.call_args
actual_secret = register_call_args[2]
self.assertEqual(keys.get_certificate_der(),
actual_secret.certificate_value.value)
def test_store_certificate_secret_assert_called(
self, algorithm, bit_length):
key_spec = secret_store.KeySpec(algorithm, bit_length)
secret_dto = secret_store.SecretDTO(
secret_store.SecretType.CERTIFICATE,
base64.b64encode(keys.get_certificate_pem()),
key_spec,
'content_type')
self.secret_store.store_secret(secret_dto)
self.secret_store.client.proxy.register.assert_called_once_with(
enums.ObjectType.CERTIFICATE,
mock.ANY,
mock.ANY)
proxy = self.secret_store.client.proxy
register_call_args, _ = proxy.register.call_args
actual_secret = register_call_args[2]
self.assertEqual(
keys.get_certificate_der(),
actual_secret.certificate_value.value)
def test_store_certificate_secret_assert_called(self, algorithm,
bit_length):
key_spec = secret_store.KeySpec(algorithm, bit_length)
secret_dto = secret_store.SecretDTO(
secret_store.SecretType.CERTIFICATE,
base64.b64encode(keys.get_certificate_pem()), key_spec,
'content_type')
self.secret_store.store_secret(secret_dto)
self.secret_store.client.register.assert_called_once_with(
object_type=enums.ObjectType.CERTIFICATE,
template_attribute=mock.ANY,
secret=mock.ANY,
credential=self.credential)
_, register_call_kwargs = self.secret_store.client.register.call_args
actual_secret = register_call_kwargs.get('secret')
self.assertEqual(enums.CertificateTypeEnum.X_509.value,
actual_secret.certificate_type.value)
self.assertEqual(keys.get_certificate_der(),
actual_secret.certificate_value.value)
def test_store_certificate_secret_assert_called(
self, algorithm, bit_length):
key_spec = secret_store.KeySpec(algorithm, bit_length)
secret_dto = secret_store.SecretDTO(
secret_store.SecretType.CERTIFICATE,
base64.b64encode(keys.get_certificate_pem()),
key_spec,
'content_type')
self.secret_store.store_secret(secret_dto)
self.secret_store.client.register.assert_called_once_with(
object_type=enums.ObjectType.CERTIFICATE,
template_attribute=mock.ANY,
secret=mock.ANY,
credential=self.credential)
_, register_call_kwargs = self.secret_store.client.register.call_args
actual_secret = register_call_kwargs.get('secret')
self.assertEqual(
enums.CertificateTypeEnum.X_509.value,
actual_secret.certificate_type.value)
self.assertEqual(
keys.get_certificate_der(),
actual_secret.certificate_value.value)
def setUp(self):
super(WhenTestingDogtagCAPlugin, self).setUp()
self.certclient_mock = mock.MagicMock(name="CertClient mock")
self.patcher = mock.patch('pki.crypto.NSSCryptoProvider')
self.patcher2 = mock.patch('pki.client.PKIConnection')
self.patcher.start()
self.patcher2.start()
# create nss db for test only
self.nss_dir = tempfile.mkdtemp()
# create expiration file for test
fh, self.expiration_data_path = tempfile.mkstemp()
exp_time = datetime.datetime.utcnow() + datetime.timedelta(days=2)
os.write(fh, exp_time.strftime(
"%Y-%m-%d %H:%M:%S.%f"))
os.close(fh)
# create host CA file for test
fh, self.host_ca_path = tempfile.mkstemp()
os.write(fh, "host_ca_aid")
os.close(fh)
self.approved_profile_id = "caServerCert"
CONF = dogtag_import.CONF
CONF.dogtag_plugin.nss_db_path = self.nss_dir
CONF.dogtag_plugin.ca_expiration_data_path = self.expiration_data_path
CONF.dogtag_plugin.ca_host_aid_path = self.host_ca_path
CONF.dogtag_plugin.auto_approved_profiles = [self.approved_profile_id]
CONF.dogtag_plugin.dogtag_host = "localhost"
CONF.dogtag_plugin.dogtag_port = "8443"
CONF.dogtag_plugin.simple_cmc_profile = "caOtherCert"
self.cfg = CONF
self.plugin = dogtag_import.DogtagCAPlugin(CONF)
self.plugin.certclient = self.certclient_mock
self.order_id = mock.MagicMock()
self.profile_id = mock.MagicMock()
# request generated
self.request_id_mock = mock.MagicMock()
self.request = dogtag_cert.CertRequestInfo()
self.request.request_id = self.request_id_mock
self.request.request_status = dogtag_cert.CertRequestStatus.COMPLETE
self.cert_id_mock = mock.MagicMock()
self.request.cert_id = self.cert_id_mock
# cert generated
self.cert = mock.MagicMock()
self.cert.encoded = keys.get_certificate_pem()
self.cert.pkcs7_cert_chain = keys.get_certificate_der()
# for cancel/modify
self.review_response = mock.MagicMock()
# modified request
self.modified_request = mock.MagicMock()
self.modified_request_id_mock = mock.MagicMock()
self.modified_request.request_id = self.modified_request_id_mock
self.modified_request.request_status = (
dogtag_cert.CertRequestStatus.COMPLETE)
self.modified_request.cert_id = self.cert_id_mock
self.barbican_meta_dto = cm.BarbicanMetaDTO()
def get_sample_certificate():
return objects.X509Certificate(keys.get_certificate_der())
def setUp(self):
super(WhenTestingDogtagCAPlugin, self).setUp()
self.certclient_mock = mock.MagicMock(name="CertClient mock")
self.patcher = mock.patch('pki.crypto.NSSCryptoProvider')
self.patcher2 = mock.patch('pki.client.PKIConnection')
self.patcher.start()
self.patcher2.start()
# create nss db for test only
self.nss_dir = tempfile.mkdtemp()
# create expiration file for test
fh, self.expiration_data_path = tempfile.mkstemp()
exp_time = datetime.datetime.utcnow() + datetime.timedelta(days=2)
os.write(fh, exp_time.strftime(
"%Y-%m-%d %H:%M:%S.%f"))
os.close(fh)
# create host CA file for test
fh, self.host_ca_path = tempfile.mkstemp()
os.write(fh, "host_ca_aid")
os.close(fh)
self.approved_profile_id = "caServerCert"
CONF = dogtag_import.CONF
CONF.dogtag_plugin.nss_db_path = self.nss_dir
CONF.dogtag_plugin.ca_expiration_data_path = self.expiration_data_path
CONF.dogtag_plugin.ca_host_aid_path = self.host_ca_path
CONF.dogtag_plugin.auto_approved_profiles = [self.approved_profile_id]
CONF.dogtag_plugin.dogtag_host = "localhost"
CONF.dogtag_plugin.dogtag_port = 8443
CONF.dogtag_plugin.simple_cmc_profile = "caOtherCert"
self.cfg = CONF
self.plugin = dogtag_import.DogtagCAPlugin(CONF)
self.plugin.certclient = self.certclient_mock
self.order_id = mock.MagicMock()
self.profile_id = mock.MagicMock()
# request generated
self.request_id_mock = mock.MagicMock()
self.request = dogtag_cert.CertRequestInfo()
self.request.request_id = self.request_id_mock
self.request.request_status = dogtag_cert.CertRequestStatus.COMPLETE
self.cert_id_mock = mock.MagicMock()
self.request.cert_id = self.cert_id_mock
# cert generated
self.cert = mock.MagicMock()
self.cert.encoded = keys.get_certificate_pem()
self.cert.pkcs7_cert_chain = keys.get_certificate_der()
# for cancel/modify
self.review_response = mock.MagicMock()
# modified request
self.modified_request = mock.MagicMock()
self.modified_request_id_mock = mock.MagicMock()
self.modified_request.request_id = self.modified_request_id_mock
self.modified_request.request_status = (
dogtag_cert.CertRequestStatus.COMPLETE)
self.modified_request.cert_id = self.cert_id_mock
self.barbican_meta_dto = cm.BarbicanMetaDTO()
def get_sample_certificate():
return secrets.Certificate(
certificate_type=enums.CertificateTypeEnum.X_509,
certificate_value=keys.get_certificate_der())
def test_passes_convert_certificate_der_to_pem(self):
der = keys.get_certificate_der()
expected_pem = keys.get_certificate_pem()
pem = translations.convert_der_to_pem(
der, s.SecretType.CERTIFICATE)
self.assertEqual(expected_pem, pem)
def test_passes_convert_certificate_pem_to_der(self):
pem = keys.get_certificate_pem()
expected_der = keys.get_certificate_der()
der = translations.convert_pem_to_der(
pem, s.SecretType.CERTIFICATE)
self.assertEqual(expected_der, der)
def test_passes_convert_certificate_der_to_pem(self):
der = keys.get_certificate_der()
expected_pem = keys.get_certificate_pem()
pem = translations.convert_der_to_pem(der, s.SecretType.CERTIFICATE)
self.assertEqual(expected_pem, pem)
def test_passes_convert_certificate_pem_to_der(self):
pem = keys.get_certificate_pem()
expected_der = keys.get_certificate_der()
der = translations.convert_pem_to_der(pem, s.SecretType.CERTIFICATE)
self.assertEqual(expected_der, der)