diff --git a/functional_tests/test_init.py b/functional_tests/test_init.py index 7ab4bb2b925683edf3e6de5540351c42bfcec97f..38a98838368becd29cecd39b7559ae3e47beb3b9 100644 --- a/functional_tests/test_init.py +++ b/functional_tests/test_init.py @@ -92,7 +92,7 @@ def test_initialisation_on_fresh_directory(tmpdir): # it's a root CA certificate), and can also see that the subject # DN has just the CN with working directory's name in it. assert issuer_dn == subject_dn - assert subject_dn.rstrip() == 'CN = %s Level 1' % tmpdir.basename + assert subject_dn.rstrip() == 'CN = %s Level 1 CA' % tmpdir.basename # John has a quick look at generated certificate and chain, only # to realise they are identical. @@ -163,7 +163,7 @@ def test_initialisation_with_custom_base_name(tmpdir): # To his delight, both the issuer and subject DN are identical, # and now they are based on his custom-provided name instead of # project name. - assert issuer_dn.rstrip() == subject_dn.rstrip() == "CN = My Project Level 1" + assert issuer_dn.rstrip() == subject_dn.rstrip() == "CN = My Project Level 1 CA" assert tmpdir.basename not in issuer_dn @@ -252,9 +252,9 @@ def test_initialisation_with_custom_hierarchy_depth(tmpdir): assert issuer_dn1 == subject_dn1 assert issuer_dn2 == subject_dn1 assert issuer_dn3 == subject_dn2 - assert subject_dn1 == 'CN = %s Level 1' % tmpdir.basename - assert subject_dn2 == 'CN = %s Level 2' % tmpdir.basename - assert subject_dn3 == 'CN = %s Level 3' % tmpdir.basename + assert subject_dn1 == 'CN = %s Level 1 CA' % tmpdir.basename + assert subject_dn2 == 'CN = %s Level 2 CA' % tmpdir.basename + assert subject_dn3 == 'CN = %s Level 3 CA' % tmpdir.basename # John opens-up the chain file, and observes that all certificates # seem to be contained within. diff --git a/gimmecert/crypto.py b/gimmecert/crypto.py index 580a2cc924faa06d30e7dfcf69ff5e0d1cc1c63e..d7e4552c52ce80c2461e9169da95390cca5a436d 100644 --- a/gimmecert/crypto.py +++ b/gimmecert/crypto.py @@ -162,7 +162,7 @@ def generate_ca_hierarchy(base_name, depth): for level in range(1, depth+1): # Generate info for the new CA. - dn = get_dn("%s Level %d" % (base_name, level)) + dn = get_dn("%s Level %d CA" % (base_name, level)) private_key = generate_private_key() # First certificate issued needs to be self-signed. diff --git a/tests/test_crypto.py b/tests/test_crypto.py index f472bad8bf97a770c81d7a02316c5f2e3f215c31..bbcf97c128167b7a018365bf3deec592ee1e9e14 100644 --- a/tests/test_crypto.py +++ b/tests/test_crypto.py @@ -140,9 +140,9 @@ def test_generate_ca_hierarchy_subject_dns_have_correct_value(): level1, level2, level3 = [certificate for _, certificate in gimmecert.crypto.generate_ca_hierarchy(base_name, depth)] - assert level1.subject == cryptography.x509.Name(gimmecert.crypto.get_dn('My Project Level 1')) - assert level2.subject == cryptography.x509.Name(gimmecert.crypto.get_dn('My Project Level 2')) - assert level3.subject == cryptography.x509.Name(gimmecert.crypto.get_dn('My Project Level 3')) + assert level1.subject == cryptography.x509.Name(gimmecert.crypto.get_dn('My Project Level 1 CA')) + assert level2.subject == cryptography.x509.Name(gimmecert.crypto.get_dn('My Project Level 2 CA')) + assert level3.subject == cryptography.x509.Name(gimmecert.crypto.get_dn('My Project Level 3 CA')) def test_generate_ca_hierarchy_issuer_dns_have_correct_value(): @@ -155,9 +155,9 @@ def test_generate_ca_hierarchy_issuer_dns_have_correct_value(): level2_key, level2_certificate = hierarchy[1] level3_key, level3_certificate = hierarchy[2] - assert level1_certificate.issuer == cryptography.x509.Name(gimmecert.crypto.get_dn('My Project Level 1')) - assert level2_certificate.issuer == cryptography.x509.Name(gimmecert.crypto.get_dn('My Project Level 1')) - assert level3_certificate.issuer == cryptography.x509.Name(gimmecert.crypto.get_dn('My Project Level 2')) + assert level1_certificate.issuer == cryptography.x509.Name(gimmecert.crypto.get_dn('My Project Level 1 CA')) + assert level2_certificate.issuer == cryptography.x509.Name(gimmecert.crypto.get_dn('My Project Level 1 CA')) + assert level3_certificate.issuer == cryptography.x509.Name(gimmecert.crypto.get_dn('My Project Level 2 CA')) def test_generate_ca_hierarchy_private_keys_match_with_public_keys_in_certificates():