Changeset - 10f853e85ad2
[Not reviewed]
0 3 0
Branko Majic (branko) - 6 years ago 2018-04-27 23:57:21
branko@majic.rs
GC-22: Updated status command to display path to CSR if certificate was issued using CSR:

- Updated the existing functional test for validating output from the
status command on an initialised directory.
- Updated status command to check for existence or private key or CSR,
and display appropriate message and path to it.
- Updated unit tests covering the status command output.
3 files changed with 70 insertions and 2 deletions:
0 comments (0 inline, 0 general)
functional_tests/test_status.py
Show inline comments
 
@@ -73,13 +73,20 @@ def test_status_on_initialised_directory(tmpdir):
 
    # certificates have been already issued in one of the projects he
 
    # had initialised before.
 
    tmpdir.chdir()
 

	
 
    run_command('gimmecert', 'init', '-d', '3', '-b', 'My Project')
 

	
 
    run_command('gimmecert', 'server', 'myserver1')
 
    run_command('gimmecert', 'server', 'myserver2', 'myservice.example.com', 'myotherservice.example.com')
 
    run_command("openssl", "req", "-new", "-newkey", "rsa:2048", "-nodes", "-keyout", "myserver3.key.pem",
 
                "-subj", "/CN=myserver3", "-out", "myserver3.csr.pem")
 
    run_command('gimmecert', 'server', '--csr', 'myserver3.csr.pem', 'myserver3')
 

	
 
    run_command('gimmecert', 'client', 'myclient1')
 
    run_command('gimmecert', 'client', 'myclient2')
 
    run_command("openssl", "req", "-new", "-newkey", "rsa:2048", "-nodes", "-keyout", "myclient3.key.pem",
 
                "-subj", "/CN=myclient3", "-out", "myclient3.csr.pem")
 
    run_command('gimmecert', 'client', '--csr', 'myclient3.csr.pem', 'myclient3')
 

	
 
    # John switches to project directory.
 
    tmpdir.chdir()
 
@@ -131,6 +138,7 @@ def test_status_on_initialised_directory(tmpdir):
 
    # each server is followed by paths to private key and certificate.
 
    index_myserver1 = stdout_lines.index("CN=myserver1")  # Should not raise
 
    index_myserver2 = stdout_lines.index("CN=myserver2")  # Should not raise
 
    index_myserver3 = stdout_lines.index("CN=myserver3")  # Should not raise
 

	
 
    assert stdout_lines[index_myserver1+1].startswith("    Validity: ")
 
    assert stdout_lines[index_myserver1+2] == "    DNS: myserver1"
 
@@ -142,11 +150,17 @@ def test_status_on_initialised_directory(tmpdir):
 
    assert stdout_lines[index_myserver2+3] == "    Private key: .gimmecert/server/myserver2.key.pem"
 
    assert stdout_lines[index_myserver2+4] == "    Certificate: .gimmecert/server/myserver2.cert.pem"
 

	
 
    assert stdout_lines[index_myserver3+1].startswith("    Validity: ")
 
    assert stdout_lines[index_myserver3+2] == "    DNS: myserver3"
 
    assert stdout_lines[index_myserver3+3] == "    CSR: .gimmecert/server/myserver3.csr.pem"
 
    assert stdout_lines[index_myserver3+4] == "    Certificate: .gimmecert/server/myserver3.cert.pem"
 

	
 
    # For client certificates, John can see that for each certificate
 
    # he can see its subject DN and validity. Information for each
 
    # server is followed by paths to private key and certificate.
 
    index_myclient1 = stdout_lines.index("CN=myclient1")  # Should not raise
 
    index_myclient2 = stdout_lines.index("CN=myclient2")  # Should not raise
 
    index_myclient3 = stdout_lines.index("CN=myclient3")  # Should not raise
 

	
 
    assert stdout_lines[index_myclient1+1].startswith("    Validity: ")
 
    assert stdout_lines[index_myclient1+2] == "    Private key: .gimmecert/client/myclient1.key.pem"
 
@@ -155,3 +169,7 @@ def test_status_on_initialised_directory(tmpdir):
 
    assert stdout_lines[index_myclient2+1].startswith("    Validity: ")
 
    assert stdout_lines[index_myclient2+2] == "    Private key: .gimmecert/client/myclient2.key.pem"
 
    assert stdout_lines[index_myclient2+3] == "    Certificate: .gimmecert/client/myclient2.cert.pem"
 

	
 
    assert stdout_lines[index_myclient3+1].startswith("    Validity: ")
 
    assert stdout_lines[index_myclient3+2] == "    CSR: .gimmecert/client/myclient3.csr.pem"
 
    assert stdout_lines[index_myclient3+3] == "    Certificate: .gimmecert/client/myclient3.cert.pem"
gimmecert/commands.py
Show inline comments
 
@@ -563,6 +563,8 @@ def status(stdout, stderr, project_directory):
 
    if certificate_files:
 
        for certificate_file in certificate_files:
 
            certificate = gimmecert.storage.read_certificate(os.path.join(project_directory, '.gimmecert', 'server', certificate_file))
 
            private_key_path = os.path.join(project_directory, '.gimmecert', 'server', certificate_file.replace('.cert.pem', '.key.pem'))
 
            csr_path = os.path.join(project_directory, '.gimmecert', 'server', certificate_file.replace('.cert.pem', '.csr.pem'))
 

	
 
            # Separator.
 
            print("", file=stdout)
 
@@ -579,7 +581,12 @@ def status(stdout, stderr, project_directory):
 
                                                                            certificate.not_valid_after),
 
                                          validity_status), file=stdout)
 
            print("    DNS: %s" % ", ".join(gimmecert.utils.get_dns_names(certificate)), file=stdout)
 
            print("    Private key: .gimmecert/server/%s" % certificate_file.replace('.cert.pem', '.key.pem'), file=stdout)
 

	
 
            if os.path.exists(private_key_path):
 
                print("    Private key: .gimmecert/server/%s" % certificate_file.replace('.cert.pem', '.key.pem'), file=stdout)
 
            elif os.path.exists(csr_path):
 
                print("    CSR: .gimmecert/server/%s" % certificate_file.replace('.cert.pem', '.csr.pem'), file=stdout)
 

	
 
            print("    Certificate: .gimmecert/server/%s" % certificate_file, file=stdout)
 
    else:
 
        # Separator.
 
@@ -596,6 +603,8 @@ def status(stdout, stderr, project_directory):
 
    if certificate_files:
 
        for certificate_file in certificate_files:
 
            certificate = gimmecert.storage.read_certificate(os.path.join(project_directory, '.gimmecert', 'client', certificate_file))
 
            private_key_path = os.path.join(project_directory, '.gimmecert', 'client', certificate_file.replace('.cert.pem', '.key.pem'))
 
            csr_path = os.path.join(project_directory, '.gimmecert', 'client', certificate_file.replace('.cert.pem', '.csr.pem'))
 

	
 
            # Separator.
 
            print("", file=stdout)
 
@@ -611,7 +620,12 @@ def status(stdout, stderr, project_directory):
 
            print("    Validity: %s%s" % (gimmecert.utils.date_range_to_str(certificate.not_valid_before,
 
                                                                            certificate.not_valid_after),
 
                                          validity_status), file=stdout)
 
            print("    Private key: .gimmecert/client/%s" % certificate_file.replace('.cert.pem', '.key.pem'), file=stdout)
 

	
 
            if os.path.exists(private_key_path):
 
                print("    Private key: .gimmecert/client/%s" % certificate_file.replace('.cert.pem', '.key.pem'), file=stdout)
 
            elif os.path.exists(csr_path):
 
                print("    CSR: .gimmecert/client/%s" % certificate_file.replace('.cert.pem', '.csr.pem'), file=stdout)
 

	
 
            print("    Certificate: .gimmecert/client/%s" % certificate_file, file=stdout)
 
    else:
 
        # Separator.
tests/test_commands.py
Show inline comments
 
@@ -861,6 +861,11 @@ def test_status_reports_server_certificate_information(tmpdir):
 
    stdout_stream = io.StringIO()
 
    stderr_stream = io.StringIO()
 

	
 
    myserver3_csr_file = tmpdir.join('server3.csr.pem')
 
    myserver3_private_key = gimmecert.crypto.generate_private_key()
 
    myserver3_csr = gimmecert.crypto.generate_csr('blah', myserver3_private_key)
 
    gimmecert.storage.write_csr(myserver3_csr, myserver3_csr_file.strpath)
 

	
 
    with freeze_time('2018-01-01 00:15:00'):
 
        gimmecert.commands.init(io.StringIO(), io.StringIO(), tmpdir.strpath, tmpdir.basename, depth)
 

	
 
@@ -870,6 +875,9 @@ def test_status_reports_server_certificate_information(tmpdir):
 
    with freeze_time('2018-03-01 00:15:00'):
 
        gimmecert.commands.server(io.StringIO(), io.StringIO(), tmpdir.strpath, 'myserver2', ['myservice1.example.com', 'myservice2.example.com'], False, None)
 

	
 
    with freeze_time('2018-04-01 00:15:00'):
 
        gimmecert.commands.server(io.StringIO(), io.StringIO(), tmpdir.strpath, 'myserver3', None, False, myserver3_csr_file.strpath)
 

	
 
    status_code = gimmecert.commands.status(stdout_stream, stderr_stream, tmpdir.strpath)
 

	
 
    stdout = stdout_stream.getvalue()
 
@@ -883,6 +891,7 @@ def test_status_reports_server_certificate_information(tmpdir):
 

	
 
    index_myserver1 = stdout_lines.index("CN=myserver1")  # Should not raise
 
    index_myserver2 = stdout_lines.index("CN=myserver2")  # Should not raise
 
    index_myserver3 = stdout_lines.index("CN=myserver3")  # Should not raise
 

	
 
    myserver1_validity = stdout_lines[index_myserver1 + 1]
 
    myserver1_dns = stdout_lines[index_myserver1 + 2]
 
@@ -894,6 +903,11 @@ def test_status_reports_server_certificate_information(tmpdir):
 
    myserver2_private_key_path = stdout_lines[index_myserver2 + 3]
 
    myserver2_certificate_path = stdout_lines[index_myserver2 + 4]
 

	
 
    myserver3_validity = stdout_lines[index_myserver3 + 1]
 
    myserver3_dns = stdout_lines[index_myserver3 + 2]
 
    myserver3_csr_path = stdout_lines[index_myserver3 + 3]
 
    myserver3_certificate_path = stdout_lines[index_myserver3 + 4]
 

	
 
    assert myserver1_validity == "    Validity: 2018-02-01 00:00:00 UTC - 2019-01-01 00:15:00 UTC"
 
    assert myserver1_dns == "    DNS: myserver1"
 
    assert myserver1_private_key_path == "    Private key: .gimmecert/server/myserver1.key.pem"
 
@@ -904,6 +918,11 @@ def test_status_reports_server_certificate_information(tmpdir):
 
    assert myserver2_private_key_path == "    Private key: .gimmecert/server/myserver2.key.pem"
 
    assert myserver2_certificate_path == "    Certificate: .gimmecert/server/myserver2.cert.pem"
 

	
 
    assert myserver3_validity == "    Validity: 2018-04-01 00:00:00 UTC - 2019-01-01 00:15:00 UTC"
 
    assert myserver3_dns == "    DNS: myserver3"
 
    assert myserver3_csr_path == "    CSR: .gimmecert/server/myserver3.csr.pem"
 
    assert myserver3_certificate_path == "    Certificate: .gimmecert/server/myserver3.cert.pem"
 

	
 

	
 
def test_status_reports_client_certificate_information(tmpdir):
 
    depth = 3
 
@@ -911,6 +930,11 @@ def test_status_reports_client_certificate_information(tmpdir):
 
    stdout_stream = io.StringIO()
 
    stderr_stream = io.StringIO()
 

	
 
    myclient3_csr_file = tmpdir.join('client3.csr.pem')
 
    myclient3_private_key = gimmecert.crypto.generate_private_key()
 
    myclient3_csr = gimmecert.crypto.generate_csr('blah', myclient3_private_key)
 
    gimmecert.storage.write_csr(myclient3_csr, myclient3_csr_file.strpath)
 

	
 
    with freeze_time('2018-01-01 00:15:00'):
 
        gimmecert.commands.init(io.StringIO(), io.StringIO(), tmpdir.strpath, tmpdir.basename, depth)
 

	
 
@@ -920,6 +944,9 @@ def test_status_reports_client_certificate_information(tmpdir):
 
    with freeze_time('2018-03-01 00:15:00'):
 
        gimmecert.commands.client(io.StringIO(), io.StringIO(), tmpdir.strpath, 'myclient2', None)
 

	
 
    with freeze_time('2018-04-01 00:15:00'):
 
        gimmecert.commands.client(io.StringIO(), io.StringIO(), tmpdir.strpath, 'myclient3', myclient3_csr_file.strpath)
 

	
 
    status_code = gimmecert.commands.status(stdout_stream, stderr_stream, tmpdir.strpath)
 

	
 
    stdout = stdout_stream.getvalue()
 
@@ -933,6 +960,7 @@ def test_status_reports_client_certificate_information(tmpdir):
 

	
 
    index_myclient1 = stdout_lines.index("CN=myclient1")  # Should not raise
 
    index_myclient2 = stdout_lines.index("CN=myclient2")  # Should not raise
 
    index_myclient3 = stdout_lines.index("CN=myclient3")  # Should not raise
 

	
 
    myclient1_validity = stdout_lines[index_myclient1 + 1]
 
    myclient1_private_key_path = stdout_lines[index_myclient1 + 2]
 
@@ -942,6 +970,10 @@ def test_status_reports_client_certificate_information(tmpdir):
 
    myclient2_private_key_path = stdout_lines[index_myclient2 + 2]
 
    myclient2_certificate_path = stdout_lines[index_myclient2 + 3]
 

	
 
    myclient3_validity = stdout_lines[index_myclient3 + 1]
 
    myclient3_csr_path = stdout_lines[index_myclient3 + 2]
 
    myclient3_certificate_path = stdout_lines[index_myclient3 + 3]
 

	
 
    assert myclient1_validity == "    Validity: 2018-02-01 00:00:00 UTC - 2019-01-01 00:15:00 UTC"
 
    assert myclient1_private_key_path == "    Private key: .gimmecert/client/myclient1.key.pem"
 
    assert myclient1_certificate_path == "    Certificate: .gimmecert/client/myclient1.cert.pem"
 
@@ -950,6 +982,10 @@ def test_status_reports_client_certificate_information(tmpdir):
 
    assert myclient2_private_key_path == "    Private key: .gimmecert/client/myclient2.key.pem"
 
    assert myclient2_certificate_path == "    Certificate: .gimmecert/client/myclient2.cert.pem"
 

	
 
    assert myclient3_validity == "    Validity: 2018-04-01 00:00:00 UTC - 2019-01-01 00:15:00 UTC"
 
    assert myclient3_csr_path == "    CSR: .gimmecert/client/myclient3.csr.pem"
 
    assert myclient3_certificate_path == "    Certificate: .gimmecert/client/myclient3.cert.pem"
 

	
 

	
 
def test_status_reports_no_server_certificates_were_issued(tmpdir):
 
    depth = 1
0 comments (0 inline, 0 general)