gimmecert Changeset - 10f853e85ad2

Changeset - 10f853e85ad2

Parent rev.

Child rev.

[Not reviewed]

0 3 0

Branko Majic (branko) - 6 years ago 2018-04-27 23:57:21
branko@majic.rs

GC-22: Updated status command to display path to CSR if certificate was issued using CSR:

- Updated the existing functional test for validating output from the
status command on an initialised directory.
- Updated status command to check for existence or private key or CSR,
and display appropriate message and path to it.
- Updated unit tests covering the status command output.

3 files changed with 70 insertions and 2 deletions:

functional_tests/test_status.py

gimmecert/commands.py

tests/test_commands.py

0 comments (0 inline, 0 general)

functional_tests/test_status.py

➞

Show inline comments

@@ @@ -73,13 +73,20 @@ def test_status_on_initialised_directory(tmpdir): @@
     # certificates have been already issued in one of the projects he
     # had initialised before.
     tmpdir.chdir()
     run_command('gimmecert', 'init', '-d', '3', '-b', 'My Project')
     run_command('gimmecert', 'server', 'myserver1')
     run_command('gimmecert', 'server', 'myserver2', 'myservice.example.com', 'myotherservice.example.com')
     run_command("openssl", "req", "-new", "-newkey", "rsa:2048", "-nodes", "-keyout", "myserver3.key.pem",
                 "-subj", "/CN=myserver3", "-out", "myserver3.csr.pem")
     run_command('gimmecert', 'server', '--csr', 'myserver3.csr.pem', 'myserver3')
     run_command('gimmecert', 'client', 'myclient1')
     run_command('gimmecert', 'client', 'myclient2')
     run_command("openssl", "req", "-new", "-newkey", "rsa:2048", "-nodes", "-keyout", "myclient3.key.pem",
                 "-subj", "/CN=myclient3", "-out", "myclient3.csr.pem")
     run_command('gimmecert', 'client', '--csr', 'myclient3.csr.pem', 'myclient3')
     # John switches to project directory.
     tmpdir.chdir()
@@ @@ -131,6 +138,7 @@ def test_status_on_initialised_directory(tmpdir): @@
     # each server is followed by paths to private key and certificate.
     index_myserver1 = stdout_lines.index("CN=myserver1")  # Should not raise
     index_myserver2 = stdout_lines.index("CN=myserver2")  # Should not raise
     index_myserver3 = stdout_lines.index("CN=myserver3")  # Should not raise
     assert stdout_lines[index_myserver1+1].startswith("    Validity: ")
     assert stdout_lines[index_myserver1+2] == "    DNS: myserver1"
@@ @@ -142,11 +150,17 @@ def test_status_on_initialised_directory(tmpdir): @@
     assert stdout_lines[index_myserver2+3] == "    Private key: .gimmecert/server/myserver2.key.pem"
     assert stdout_lines[index_myserver2+4] == "    Certificate: .gimmecert/server/myserver2.cert.pem"
     assert stdout_lines[index_myserver3+1].startswith("    Validity: ")
     assert stdout_lines[index_myserver3+2] == "    DNS: myserver3"
     assert stdout_lines[index_myserver3+3] == "    CSR: .gimmecert/server/myserver3.csr.pem"
     assert stdout_lines[index_myserver3+4] == "    Certificate: .gimmecert/server/myserver3.cert.pem"
     # For client certificates, John can see that for each certificate
     # he can see its subject DN and validity. Information for each
     # server is followed by paths to private key and certificate.
     index_myclient1 = stdout_lines.index("CN=myclient1")  # Should not raise
     index_myclient2 = stdout_lines.index("CN=myclient2")  # Should not raise
     index_myclient3 = stdout_lines.index("CN=myclient3")  # Should not raise
     assert stdout_lines[index_myclient1+1].startswith("    Validity: ")
     assert stdout_lines[index_myclient1+2] == "    Private key: .gimmecert/client/myclient1.key.pem"
@@ @@ -155,3 +169,7 @@ def test_status_on_initialised_directory(tmpdir): @@
     assert stdout_lines[index_myclient2+1].startswith("    Validity: ")
     assert stdout_lines[index_myclient2+2] == "    Private key: .gimmecert/client/myclient2.key.pem"
     assert stdout_lines[index_myclient2+3] == "    Certificate: .gimmecert/client/myclient2.cert.pem"
     assert stdout_lines[index_myclient3+1].startswith("    Validity: ")
     assert stdout_lines[index_myclient3+2] == "    CSR: .gimmecert/client/myclient3.csr.pem"
     assert stdout_lines[index_myclient3+3] == "    Certificate: .gimmecert/client/myclient3.cert.pem"

gimmecert/commands.py

➞

Show inline comments

@@ @@ -563,6 +563,8 @@ def status(stdout, stderr, project_directory): @@
     if certificate_files:
         for certificate_file in certificate_files:
             certificate = gimmecert.storage.read_certificate(os.path.join(project_directory, '.gimmecert', 'server', certificate_file))
             private_key_path = os.path.join(project_directory, '.gimmecert', 'server', certificate_file.replace('.cert.pem', '.key.pem'))
             csr_path = os.path.join(project_directory, '.gimmecert', 'server', certificate_file.replace('.cert.pem', '.csr.pem'))
             # Separator.
             print("", file=stdout)
@@ @@ -579,7 +581,12 @@ def status(stdout, stderr, project_directory): @@
                                                                             certificate.not_valid_after),
                                           validity_status), file=stdout)
             print("    DNS: %s" % ", ".join(gimmecert.utils.get_dns_names(certificate)), file=stdout)
             print("    Private key: .gimmecert/server/%s" % certificate_file.replace('.cert.pem', '.key.pem'), file=stdout)
             if os.path.exists(private_key_path):
                 print("    Private key: .gimmecert/server/%s" % certificate_file.replace('.cert.pem', '.key.pem'), file=stdout)
             elif os.path.exists(csr_path):
                 print("    CSR: .gimmecert/server/%s" % certificate_file.replace('.cert.pem', '.csr.pem'), file=stdout)
             print("    Certificate: .gimmecert/server/%s" % certificate_file, file=stdout)
     else:
         # Separator.
@@ @@ -596,6 +603,8 @@ def status(stdout, stderr, project_directory): @@
     if certificate_files:
         for certificate_file in certificate_files:
             certificate = gimmecert.storage.read_certificate(os.path.join(project_directory, '.gimmecert', 'client', certificate_file))
             private_key_path = os.path.join(project_directory, '.gimmecert', 'client', certificate_file.replace('.cert.pem', '.key.pem'))
             csr_path = os.path.join(project_directory, '.gimmecert', 'client', certificate_file.replace('.cert.pem', '.csr.pem'))
             # Separator.
             print("", file=stdout)
@@ @@ -611,7 +620,12 @@ def status(stdout, stderr, project_directory): @@
             print("    Validity: %s%s" % (gimmecert.utils.date_range_to_str(certificate.not_valid_before,
                                                                             certificate.not_valid_after),
                                           validity_status), file=stdout)
             print("    Private key: .gimmecert/client/%s" % certificate_file.replace('.cert.pem', '.key.pem'), file=stdout)
             if os.path.exists(private_key_path):
                 print("    Private key: .gimmecert/client/%s" % certificate_file.replace('.cert.pem', '.key.pem'), file=stdout)
             elif os.path.exists(csr_path):
                 print("    CSR: .gimmecert/client/%s" % certificate_file.replace('.cert.pem', '.csr.pem'), file=stdout)
             print("    Certificate: .gimmecert/client/%s" % certificate_file, file=stdout)
     else:
         # Separator.

tests/test_commands.py

➞

Show inline comments

     stdout_stream = io.StringIO()
     stderr_stream = io.StringIO()
     myserver3_csr_file = tmpdir.join('server3.csr.pem')
     myserver3_private_key = gimmecert.crypto.generate_private_key()
     myserver3_csr = gimmecert.crypto.generate_csr('blah', myserver3_private_key)
     gimmecert.storage.write_csr(myserver3_csr, myserver3_csr_file.strpath)
     with freeze_time('2018-01-01 00:15:00'):
         gimmecert.commands.init(io.StringIO(), io.StringIO(), tmpdir.strpath, tmpdir.basename, depth)
     with freeze_time('2018-03-01 00:15:00'):
         gimmecert.commands.server(io.StringIO(), io.StringIO(), tmpdir.strpath, 'myserver2', ['myservice1.example.com', 'myservice2.example.com'], False, None)
     with freeze_time('2018-04-01 00:15:00'):
         gimmecert.commands.server(io.StringIO(), io.StringIO(), tmpdir.strpath, 'myserver3', None, False, myserver3_csr_file.strpath)
     status_code = gimmecert.commands.status(stdout_stream, stderr_stream, tmpdir.strpath)
     stdout = stdout_stream.getvalue()
     index_myserver1 = stdout_lines.index("CN=myserver1")  # Should not raise
     index_myserver2 = stdout_lines.index("CN=myserver2")  # Should not raise
     index_myserver3 = stdout_lines.index("CN=myserver3")  # Should not raise
     myserver1_validity = stdout_lines[index_myserver1 + 1]
     myserver1_dns = stdout_lines[index_myserver1 + 2]
     myserver2_private_key_path = stdout_lines[index_myserver2 + 3]
     myserver2_certificate_path = stdout_lines[index_myserver2 + 4]
     myserver3_validity = stdout_lines[index_myserver3 + 1]
     myserver3_dns = stdout_lines[index_myserver3 + 2]
     myserver3_csr_path = stdout_lines[index_myserver3 + 3]
     myserver3_certificate_path = stdout_lines[index_myserver3 + 4]
     assert myserver1_validity == "    Validity: 2018-02-01 00:00:00 UTC - 2019-01-01 00:15:00 UTC"
     assert myserver1_dns == "    DNS: myserver1"
     assert myserver1_private_key_path == "    Private key: .gimmecert/server/myserver1.key.pem"
     assert myserver2_private_key_path == "    Private key: .gimmecert/server/myserver2.key.pem"
     assert myserver2_certificate_path == "    Certificate: .gimmecert/server/myserver2.cert.pem"
     assert myserver3_validity == "    Validity: 2018-04-01 00:00:00 UTC - 2019-01-01 00:15:00 UTC"
     assert myserver3_dns == "    DNS: myserver3"
     assert myserver3_csr_path == "    CSR: .gimmecert/server/myserver3.csr.pem"
     assert myserver3_certificate_path == "    Certificate: .gimmecert/server/myserver3.cert.pem"
 def test_status_reports_client_certificate_information(tmpdir):
     depth = 3
     stdout_stream = io.StringIO()
     stderr_stream = io.StringIO()
     myclient3_csr_file = tmpdir.join('client3.csr.pem')
     myclient3_private_key = gimmecert.crypto.generate_private_key()
     myclient3_csr = gimmecert.crypto.generate_csr('blah', myclient3_private_key)
     gimmecert.storage.write_csr(myclient3_csr, myclient3_csr_file.strpath)
     with freeze_time('2018-01-01 00:15:00'):
         gimmecert.commands.init(io.StringIO(), io.StringIO(), tmpdir.strpath, tmpdir.basename, depth)
     with freeze_time('2018-03-01 00:15:00'):
         gimmecert.commands.client(io.StringIO(), io.StringIO(), tmpdir.strpath, 'myclient2', None)
     with freeze_time('2018-04-01 00:15:00'):
         gimmecert.commands.client(io.StringIO(), io.StringIO(), tmpdir.strpath, 'myclient3', myclient3_csr_file.strpath)
     status_code = gimmecert.commands.status(stdout_stream, stderr_stream, tmpdir.strpath)
     stdout = stdout_stream.getvalue()
     index_myclient1 = stdout_lines.index("CN=myclient1")  # Should not raise
     index_myclient2 = stdout_lines.index("CN=myclient2")  # Should not raise
     index_myclient3 = stdout_lines.index("CN=myclient3")  # Should not raise
     myclient1_validity = stdout_lines[index_myclient1 + 1]
     myclient1_private_key_path = stdout_lines[index_myclient1 + 2]
     myclient2_private_key_path = stdout_lines[index_myclient2 + 2]
     myclient2_certificate_path = stdout_lines[index_myclient2 + 3]
     myclient3_validity = stdout_lines[index_myclient3 + 1]
     myclient3_csr_path = stdout_lines[index_myclient3 + 2]
     myclient3_certificate_path = stdout_lines[index_myclient3 + 3]
     assert myclient1_validity == "    Validity: 2018-02-01 00:00:00 UTC - 2019-01-01 00:15:00 UTC"
     assert myclient1_private_key_path == "    Private key: .gimmecert/client/myclient1.key.pem"
     assert myclient1_certificate_path == "    Certificate: .gimmecert/client/myclient1.cert.pem"
     assert myclient2_private_key_path == "    Private key: .gimmecert/client/myclient2.key.pem"
     assert myclient2_certificate_path == "    Certificate: .gimmecert/client/myclient2.cert.pem"
     assert myclient3_validity == "    Validity: 2018-04-01 00:00:00 UTC - 2019-01-01 00:15:00 UTC"
     assert myclient3_csr_path == "    CSR: .gimmecert/client/myclient3.csr.pem"
     assert myclient3_certificate_path == "    Certificate: .gimmecert/client/myclient3.cert.pem"
 def test_status_reports_no_server_certificates_were_issued(tmpdir):
     depth = 1

0 comments (0 inline, 0 general)