def test_key_update(self):
first_cert = signing.crypto.get_certificate()
first_receipt = signing.crypto.sign_jwt(stamp())
#self.assert_(signing.crypto.verify_jwt(first_receipt))
self.assert_(
jwt.decode(first_receipt, signing.crypto.KEYSTORE.key.get_rsa()))
# Generate a replacement key, BABY
cmd = "--environment dev newcert --signing-key=%s " \
"--issuer=%s --keyid=dev-testing" % (ROOT_PRIV_PATH, ISSUER_URL)
run(cmd.split())
# Fudge our last stat() time
l = signing.crypto.KEYSTORE.last_stat
p = signing.crypto.KEYSTORE.poll_interval + 5
signing.crypto.KEYSTORE.last_stat = l - p
# Sign first to force a stat() check
second_receipt = signing.crypto.sign_jwt(stamp())
second_cert = signing.crypto.get_certificate()
#self.assert_(signing.crypto.verify_jwt(first_receipt))
self.assert_(
jwt.decode(second_receipt, signing.crypto.KEYSTORE.key.get_rsa()))
c1 = jwt.decode(first_cert, verify=False)
c2 = jwt.decode(second_cert, verify=False)
self.assertNotEqual(c1["jwk"][0]["mod"],
c2["jwk"][0]["mod"],
msg="certificate unchanged")
def test_key_update(self):
first_cert = signing.crypto.get_certificate()
first_receipt = signing.crypto.sign_jwt(stamp())
# self.assert_(signing.crypto.verify_jwt(first_receipt))
self.assert_(jwt.decode(first_receipt, signing.crypto.KEYSTORE.key.get_rsa()))
# Generate a replacement key, BABY
cmd = "--environment dev newcert --signing-key=%s " "--issuer=%s --keyid=dev-testing" % (
ROOT_PRIV_PATH,
ISSUER_URL,
)
run(cmd.split())
# Fudge our last stat() time
l = signing.crypto.KEYSTORE.last_stat
p = signing.crypto.KEYSTORE.poll_interval + 5
signing.crypto.KEYSTORE.last_stat = l - p
# Sign first to force a stat() check
second_receipt = signing.crypto.sign_jwt(stamp())
second_cert = signing.crypto.get_certificate()
# self.assert_(signing.crypto.verify_jwt(first_receipt))
self.assert_(jwt.decode(second_receipt, signing.crypto.KEYSTORE.key.get_rsa()))
c1 = jwt.decode(first_cert, verify=False)
c2 = jwt.decode(second_cert, verify=False)
self.assertNotEqual(c1["jwk"][0]["mod"], c2["jwk"][0]["mod"], msg="certificate unchanged")
def test_3_pem2jwk(self):
cmd = "pem2jwk --keyid=test-%s-pem2jwk --jwk=test-%s-pem2jwk " \
"test-%s.pem" % tuple([time.strftime('%F') for i in (0, 1, 2)])
self.assertEqual(run(cmd.split()), None, msg=cmd)
def test_2_newcert(self):
cmd = "--environment dev newcert --signing-key=%s " \
"--issuer=%s --keyid=dev-testing" % (ROOT_PRIV_PATH, ISSUER_URL)
self.assertEqual(run(cmd.split()), None, msg=cmd)
def test_1_certify(self):
cmd = "--environment dev certify --signing-key=%s --issuer=%s " \
"--keyid=test_1_certify test-%s.pem" % (ROOT_PRIV_PATH, ISSUER_URL,
time.strftime('%F'))
self.assertEqual(run(cmd.split()), None, msg=cmd)
def test_0_newkey(self):
cmd = 'newkey test-%s' % time.strftime('%F')
self.assertEqual(run(cmd.split()), None, msg=cmd)
def test_3_pem2jwk(self):
cmd = "pem2jwk --keyid=test-%s-pem2jwk --jwk=test-%s-pem2jwk " \
"test-%s.pem" % tuple([time.strftime('%F') for i in (0, 1, 2)])
self.assertEqual(run(cmd.split()), None, msg=cmd)
def test_2_newcert(self):
cmd = "--environment dev newcert --signing-key=%s " \
"--issuer=%s --keyid=dev-testing" % (ROOT_PRIV_PATH, ISSUER_URL)
self.assertEqual(run(cmd.split()), None, msg=cmd)
def test_1_certify(self):
cmd = "--environment dev certify --signing-key=%s --issuer=%s " \
"--keyid=test_1_certify test-%s.pem" % (ROOT_PRIV_PATH, ISSUER_URL,
time.strftime('%F'))
self.assertEqual(run(cmd.split()), None, msg=cmd)
def test_0_newkey(self):
cmd = 'newkey test-%s' % time.strftime('%F')
self.assertEqual(run(cmd.split()), None, msg=cmd)