gimmecert Changeset - 2b1af351bf20

@@ -52,15 +52,15 @@ def test_commands_report_csr_option_as_available():

    # John notcies the option for passing-in a CSR.

    assert " --csr " in stdout

    assert " -c " in stdout

def test_client_certificate_issuance_by_passing_csr_as_file(tmpdir):

def test_client_certificate_issuance_by_passing_csr_as_file_rsa(tmpdir):

    # John is working on a project where he has already generated

    # client private key.

    # client RSA private key.

    tmpdir.chdir()

    run_command("openssl", "genrsa", "-out", "myclient1.key.pem", "2048")

    # However, he still needs to have a CA as a trustpoint, so he goes

    # ahead and initialises Gimmecert for this purpose.

    run_command("gimmecert", "init")

@@ -94,15 +94,15 @@ def test_client_certificate_issuance_by_passing_csr_as_file(tmpdir):

    certificate_public_key, _, _ = run_command("openssl", "x509", "-pubkey", "-noout", "-in", ".gimmecert/client/myclient1.cert.pem")

    # To his delight, they are identical.

    assert certificate_public_key == public_key

def test_server_certificate_issuance_by_passing_csr_as_file(tmpdir):

def test_server_certificate_issuance_by_passing_csr_as_file_rsa(tmpdir):

    # John is working on a project where he has already generated

    # server private key.

    # server RSA private key.

    tmpdir.chdir()

    run_command("openssl", "genrsa", "-out", "myserver1.key.pem", "2048")

    # However, he still needs to have a CA as a trustpoint, so he goes

    # ahead and initialises Gimmecert for this purpose.

    run_command("gimmecert", "init")

@@ -136,13 +136,13 @@ def test_server_certificate_issuance_by_passing_csr_as_file(tmpdir):

    certificate_public_key, _, _ = run_command("openssl", "x509", "-pubkey", "-noout", "-in", ".gimmecert/server/myserver1.cert.pem")

    # To his delight, they are identical.

    assert certificate_public_key == public_key

def test_renew_certificate_originally_issued_with_csr(tmpdir):

def test_renew_certificate_originally_issued_with_csr_rsa(tmpdir):

    # In one of his past projects, John has initialised CA hierarchy

    # and issued server and client certificate using CSR.

    tmpdir.chdir()

    run_command("openssl", "req", "-new", "-newkey", "rsa:2048", "-nodes", "-keyout", "myserver.key.pem",

                "-subj", "/CN=myserver", "-out", "mycustomserver.csr.pem")

@@ -210,13 +210,13 @@ def test_renew_certificate_originally_issued_with_csr(tmpdir):

    # key is the same in CSR and certificate.

    assert client_new_stored_csr == client_old_stored_csr

    assert client_new_certificate != client_old_certificate

    assert client_csr_public_key == client_certificate_public_key

def test_renew_certificate_originally_issued_with_private_key_using_csr(tmpdir):

def test_renew_certificate_originally_issued_with_private_key_using_csr_rsa(tmpdir):

    # John has an existing project where he has generated a server and

    # client private key with corresponding CSR.

    tmpdir.chdir()

    run_command("openssl", "req", "-new", "-newkey", "rsa:2048", "-nodes", "-keyout", "myserver.key.pem",

                "-subj", "/CN=myserver", "-out", "mycustomserver.csr.pem")

    run_command("openssl", "req", "-new", "-newkey", "rsa:2048", "-nodes", "-keyout", "myclient.key.pem",

@@ -314,13 +314,13 @@ def test_renew_certificate_originally_issued_with_private_key_using_csr(tmpdir):

    assert not tmpdir.join(".gimmecert", "client", "myclient.key.pem").check()

    assert client_new_certificate != client_old_certificate

    assert client_stored_csr == client_csr

    assert client_new_certificate_public_key == client_csr_public_key

def test_renew_certificate_originally_issued_with_csr_using_private_key(tmpdir):

def test_renew_certificate_originally_issued_with_csr_using_private_key_rsa(tmpdir):

    # John has an existing project where he has generated a server and

    # client private key with corresponding CSR.

    tmpdir.chdir()

    run_command("openssl", "req", "-new", "-newkey", "rsa:2048", "-nodes", "-keyout", "myserver.key.pem",

                "-subj", "/CN=myserver", "-out", "mycustomserver.csr.pem")

    run_command("openssl", "req", "-new", "-newkey", "rsa:2048", "-nodes", "-keyout", "myclient.key.pem",