gimmecert Changeset - 03cf2bc4fa2a

Changeset - 03cf2bc4fa2a

Parent rev.

Child rev.

[Not reviewed]

0 2 0

Branko Majic (branko) - 6 years ago 2018-04-14 00:17:52
branko@majic.rs

GC-22: Updated renew command to check if only one of the generate_new_private_key or custom_csr_path parameters are specified.

2 files changed with 31 insertions and 2 deletions:

gimmecert/commands.py

tests/test_commands.py

0 comments (0 inline, 0 general)

gimmecert/commands.py

➞

Show inline comments

@@ @@ -38,6 +38,13 @@ class ExitCode: @@
     ERROR_UNKNOWN_ENTITY = 13
 class InvalidCommandInvocation(Exception):
     """
     Exception thrown if command is invoked with invalid arguments.
     """
     pass
 def init(stdout, stderr, project_directory, ca_base_name, ca_hierarchy_depth):
     """
     Initialises the necessary directory and CA hierarchies for use in
     :param entity_name: Name of entity. Name should refer to entity for which a certificate has already been issued.
     :type entity_name: str
-    :param generate_new_private_key: Specify if a new private key should be generated, or an existing one should be used instead.
+    :param generate_new_private_key: Specify if a new private key should be generated. Cannot be used together with custom_csr_path.
     :type generate_new_private_key: bool
-    :param custom_csr_path: Path to custom certificate signing request to use for issuing client certificate. Set to None or "" to generate private key.
+    :param custom_csr_path: Path to custom CSR for issuing client certificate. Cannot be used together with generate_new_private_key.
     :type custom_csr_path: str or None
     :returns: Status code, one from gimmecert.commands.ExitCode.
     :rtype: int
     """
     # Ensure we are not called with conflicting request.
     if generate_new_private_key and custom_csr_path:
         raise InvalidCommandInvocation("Only one of the following two parameters should be specified: generate_new_private_key, custom_csr_path.")
     # Set-up paths to possible artefacts.
     private_key_path = os.path.join(project_directory, '.gimmecert', entity_type, '%s.key.pem' % entity_name)
     csr_path = os.path.join(project_directory, '.gimmecert', entity_type, '%s.csr.pem' % entity_name)

tests/test_commands.py

➞

Show inline comments

     assert csr_file_content == custom_csr_file_content
     assert not private_key_file.check()
 def test_renew_raises_exception_if_both_new_private_key_generation_and_csr_are_passed_in(tmpdir):
     depth = 1
     gimmecert.commands.init(io.StringIO(), io.StringIO(), tmpdir.strpath, tmpdir.basename, depth)
     custom_csr_file = tmpdir.join("mycustom.csr.pem")
     custom_csr_private_key = gimmecert.crypto.generate_private_key()
     custom_csr = gimmecert.crypto.generate_csr("mycustom", custom_csr_private_key)
     gimmecert.storage.write_csr(custom_csr, custom_csr_file.strpath)
     with pytest.raises(gimmecert.commands.InvalidCommandInvocation) as e_info:
         gimmecert.commands.renew(io.StringIO(), io.StringIO(), tmpdir.strpath, 'server', 'myserver', True, custom_csr_file.strpath)
     print(e_info.value)
     assert str(e_info.value) == "Only one of the following two parameters should be specified: generate_new_private_key, custom_csr_path."

0 comments (0 inline, 0 general)