Files
@ f2df385b1493
Branch filter:
Location: gimmecert/tests/test_crypto.py - annotation
f2df385b1493
3.6 KiB
text/x-python
GC-3: Added ability to provide custom CA base name to init command:
- Added functional test to cover the new scenario (providing CA base
name).
- Updated init command to accept the CA base name to be used when
constructing the CA subject DN.
- Updated the existing tests to pass-in the CA base name explicitly.
- Updated the CLI code to allow for user to pass-in the CA base name
via option (both short and long form available).
- Added functional test to cover the new scenario (providing CA base
name).
- Updated init command to accept the CA base name to be used when
constructing the CA subject DN.
- Updated the existing tests to pass-in the CA base name explicitly.
- Updated the CLI code to allow for user to pass-in the CA base name
via option (both short and long form available).
9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 9f09715ce550 | # -*- coding: utf-8 -*-
#
# Copyright (C) 2018 Branko Majic
#
# This file is part of Gimmecert.
#
# Gimmecert is free software: you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by the Free
# Software Foundation, either version 3 of the License, or (at your option) any
# later version.
#
# Gimmecert is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
# details.
#
# You should have received a copy of the GNU General Public License along with
# Gimmecert. If not, see <http://www.gnu.org/licenses/>.
#
import datetime
import cryptography.hazmat.primitives.asymmetric.rsa
from dateutil.relativedelta import relativedelta
import gimmecert.crypto
from freezegun import freeze_time
def test_generate_private_key_returns_private_key():
private_key = gimmecert.crypto.generate_private_key()
assert isinstance(private_key, cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey)
def test_get_dn():
dn = gimmecert.crypto.get_dn('My test')
assert isinstance(dn, cryptography.x509.Name)
assert len(dn) == 1
assert isinstance(list(dn)[0], cryptography.x509.NameAttribute)
assert list(dn)[0].oid == cryptography.x509.oid.NameOID.COMMON_NAME
assert list(dn)[0].value == 'My test'
def test_get_validity_range_returns_datetime_tuple():
not_before, not_after = gimmecert.crypto.get_validity_range()
assert isinstance(not_before, datetime.datetime)
assert isinstance(not_after, datetime.datetime)
@freeze_time('2018-01-01 00:15:00')
def test_get_validity_range_not_before_is_within_15_minutes_of_now():
not_before, _ = gimmecert.crypto.get_validity_range()
assert not_before == datetime.datetime(2018, 1, 1, 0, 0)
@freeze_time('2018-01-01 00:15:00')
def test_get_validity_range_is_one_year_and_15_minutes():
not_before, not_after = gimmecert.crypto.get_validity_range()
difference = relativedelta(not_after, not_before)
assert difference == relativedelta(years=1, minutes=15)
@freeze_time('2018-01-01 00:15:00.100')
def test_get_validity_range_drops_microseconds():
not_before, not_after = gimmecert.crypto.get_validity_range()
assert not_before.microsecond == 0
assert not_after.microsecond == 0
def test_issue_certificate_returns_certificate():
issuer_dn = gimmecert.crypto.get_dn('My test 1')
subject_dn = gimmecert.crypto.get_dn('My test 2')
issuer_private_key = gimmecert.crypto.generate_private_key()
subject_private_key = gimmecert.crypto.generate_private_key()
not_before, not_after = gimmecert.crypto.get_validity_range()
certificate = gimmecert.crypto.issue_certificate(issuer_dn, subject_dn, issuer_private_key, subject_private_key.public_key(), not_before, not_after)
assert isinstance(certificate, cryptography.x509.Certificate)
def test_issue_certificate_has_correct_content():
issuer_dn = gimmecert.crypto.get_dn('My test 1')
subject_dn = gimmecert.crypto.get_dn('My test 2')
issuer_private_key = gimmecert.crypto.generate_private_key()
subject_private_key = gimmecert.crypto.generate_private_key()
not_before, not_after = gimmecert.crypto.get_validity_range()
certificate = gimmecert.crypto.issue_certificate(issuer_dn, subject_dn, issuer_private_key, subject_private_key.public_key(), not_before, not_after)
assert certificate.issuer == issuer_dn
assert certificate.subject == subject_dn
assert certificate.not_valid_before == not_before
assert certificate.not_valid_after == not_after
|