Changeset - 89d391511fdb
Parent rev.
Child rev.
[Not reviewed]
0 5 0
Branko Majic (branko) - 4 years ago 2020-07-13 13:26:21
branko@majic.rs
GC-37: Use KeyGenerator instead of generate_private_key in unit tests:

- Replaced all uses of generate_private_key with KeyGenerator
invocations that explicitly request 2048-bit RSA.
5 files changed with 58 insertions and 58 deletions:
tests/conftest.py
3
3
tests/test_commands.py
16
16
tests/test_crypto.py
29
29
tests/test_storage.py
7
7
tests/test_utils.py
3
3
0 comments (0 inline, 0 general)
tests/conftest.py
Show inline comments
 
@@ -65,7 +65,7 @@ def key_with_csr(tmpdir):
 
    csr_file = custom_csr_dir.join("%s.csr.pem" % name)
 

			




	
	
	
		
 
    # Generate private key and CSR, and output them.

			




	
	
	
		
 
    private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 
    csr = gimmecert.crypto.generate_csr(name, private_key)

			




	
	
	
		
 

			




	
	
	
		
 
    gimmecert.storage.write_private_key(private_key, private_key_file.strpath)

			




	
	
		
 
@@ -130,14 +130,14 @@ def sample_project_directory(tmpdir):

			




	
	
	
		
 
    for i in range(1, per_type_count + 1):

			




	
	
	
		
 
        # Used in generated samples.

			




	
	
	
		
 
        name = "server-with-csr-%d" % i

			




	
	
	
		
 
        private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
        private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 
        csr = gimmecert.crypto.generate_csr(name, private_key)

			




	
	
	
		
 
        gimmecert.storage.write_private_key(private_key, custom_csr_dir.join("%s.key.pem" % name).strpath)

			




	
	
	
		
 
        gimmecert.storage.write_csr(csr, custom_csr_dir.join("%s.csr.pem" % name).strpath)

			




	
	
	
		
 

			




	
	
	
		
 
        # Used in generated samples.

			




	
	
	
		
 
        name = "client-with-csr-%d" % i

			




	
	
	
		
 
        private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
        private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 
        csr = gimmecert.crypto.generate_csr(name, private_key)

			




	
	
	
		
 
        gimmecert.storage.write_private_key(private_key, custom_csr_dir.join("%s.key.pem" % name).strpath)

			




	
	
	
		
 
        gimmecert.storage.write_csr(csr, custom_csr_dir.join("%s.csr.pem" % name).strpath)

			




        

    


    
    

    

        

                

                    tests/test_commands.py
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
		
 
@@ -684,7 +684,7 @@ def test_status_reports_server_certificate_information(tmpdir):

			




	
	
	
		
 
    stderr_stream = io.StringIO()

			




	
	
	
		
 

			




	
	
	
		
 
    myserver3_csr_file = tmpdir.join('server3.csr.pem')

			




	
	
	
		
 
    myserver3_private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    myserver3_private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 
    myserver3_csr = gimmecert.crypto.generate_csr('blah', myserver3_private_key)

			




	
	
	
		
 
    gimmecert.storage.write_csr(myserver3_csr, myserver3_csr_file.strpath)

			




	
	
	
		
 

			




	
	
		
 
@@ -774,7 +774,7 @@ def test_status_reports_client_certificate_information(tmpdir):

			




	
	
	
		
 
    stderr_stream = io.StringIO()

			




	
	
	
		
 

			




	
	
	
		
 
    myclient3_csr_file = tmpdir.join('client3.csr.pem')

			




	
	
	
		
 
    myclient3_private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    myclient3_private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 
    myclient3_csr = gimmecert.crypto.generate_csr('blah', myclient3_private_key)

			




	
	
	
		
 
    gimmecert.storage.write_csr(myclient3_csr, myclient3_csr_file.strpath)

			




	
	
	
		
 

			




	
	
		
 
@@ -944,7 +944,7 @@ def test_client_reports_success_and_paths_to_generated_artifacts_with_csr(gctmpd

			




	
	
	
		
 
    stdout_stream = io.StringIO()

			




	
	
	
		
 
    stderr_stream = io.StringIO()

			




	
	
	
		
 

			




	
	
	
		
 
    private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 
    custom_csr = gimmecert.crypto.generate_csr('blah', private_key)

			




	
	
	
		
 
    gimmecert.storage.write_csr(custom_csr, custom_csr_file.strpath)

			




	
	
	
		
 

			




	
	
		
 
@@ -966,7 +966,7 @@ def test_client_outputs_passed_in_csr_to_file_without_private_key(gctmpdir):

			




	
	
	
		
 
    csr_file = gctmpdir.join('.gimmecert', 'client', 'myclient.csr.pem')

			




	
	
	
		
 
    custom_csr_file = gctmpdir.join('mycustom.csr.pem')

			




	
	
	
		
 

			




	
	
	
		
 
    private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 
    csr = gimmecert.crypto.generate_csr('mycustomcsr', private_key)

			




	
	
	
		
 
    gimmecert.storage.write_csr(csr, custom_csr_file.strpath)

			




	
	
	
		
 
    custom_csr_file_content = custom_csr_file.read()

			




	
	
		
 
@@ -1000,7 +1000,7 @@ def test_client_uses_correct_public_key_but_no_naming_with_csr(gctmpdir):

			




	
	
	
		
 
    custom_csr_file = gctmpdir.join('customcsr.pem')

			




	
	
	
		
 
    certificate_file = gctmpdir.join('.gimmecert', 'client', 'myclient.cert.pem')

			




	
	
	
		
 

			




	
	
	
		
 
    private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 
    csr = gimmecert.crypto.generate_csr('mycustomcsr', private_key)

			




	
	
	
		
 
    gimmecert.storage.write_csr(csr, custom_csr_file.strpath)

			




	
	
	
		
 

			




	
	
		
 
@@ -1020,7 +1020,7 @@ def test_server_outputs_passed_in_csr_to_file_without_private_key(gctmpdir):

			




	
	
	
		
 
    csr_file = gctmpdir.join('.gimmecert', 'server', 'myserver.csr.pem')

			




	
	
	
		
 
    custom_csr_file = gctmpdir.join('mycustom.csr.pem')

			




	
	
	
		
 

			




	
	
	
		
 
    private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 
    csr = gimmecert.crypto.generate_csr('mycustomcsr', private_key)

			




	
	
	
		
 
    gimmecert.storage.write_csr(csr, custom_csr_file.strpath)

			




	
	
	
		
 
    custom_csr_file_content = custom_csr_file.read()

			




	
	
		
 
@@ -1039,7 +1039,7 @@ def test_server_uses_correct_public_key_but_no_naming_with_csr(gctmpdir):

			




	
	
	
		
 
    custom_csr_file = gctmpdir.join('customcsr.pem')

			




	
	
	
		
 
    certificate_file = gctmpdir.join('.gimmecert', 'server', 'myserver.cert.pem')

			




	
	
	
		
 

			




	
	
	
		
 
    private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 
    csr = gimmecert.crypto.generate_csr('mycustomcsr', private_key)

			




	
	
	
		
 
    gimmecert.storage.write_csr(csr, custom_csr_file.strpath)

			




	
	
	
		
 

			




	
	
		
 
@@ -1057,7 +1057,7 @@ def test_server_uses_correct_public_key_but_no_naming_with_csr(gctmpdir):

			




	
	
	
		
 
def test_client_errors_out_if_certificate_already_issued_with_csr(gctmpdir):

			




	
	
	
		
 
    custom_csr_file = gctmpdir.join('mycustom.csr.pem')

			




	
	
	
		
 

			




	
	
	
		
 
    private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 
    csr = gimmecert.crypto.generate_csr('mycustomcsr', private_key)

			




	
	
	
		
 
    gimmecert.storage.write_csr(csr, custom_csr_file.strpath)

			




	
	
	
		
 

			




	
	
		
 
@@ -1086,7 +1086,7 @@ def test_client_errors_out_if_certificate_already_issued_with_csr(gctmpdir):

			




	
	
	
		
 
def test_server_errors_out_if_certificate_already_issued_with_csr(gctmpdir):

			




	
	
	
		
 
    custom_csr_file = gctmpdir.join('mycustom.csr.pem')

			




	
	
	
		
 

			




	
	
	
		
 
    private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 
    csr = gimmecert.crypto.generate_csr('mycustomcsr', private_key)

			




	
	
	
		
 
    gimmecert.storage.write_csr(csr, custom_csr_file.strpath)

			




	
	
	
		
 

			




	
	
		
 
@@ -1118,7 +1118,7 @@ def test_renew_reports_success_and_paths_to_server_artifacts_with_csr(gctmpdir):

			




	
	
	
		
 
    stdout_stream = io.StringIO()

			




	
	
	
		
 
    stderr_stream = io.StringIO()

			




	
	
	
		
 

			




	
	
	
		
 
    private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 
    csr = gimmecert.crypto.generate_csr("mytest", private_key)

			




	
	
	
		
 
    gimmecert.storage.write_csr(csr, csr_file.strpath)

			




	
	
	
		
 

			




	
	
		
 
@@ -1143,7 +1143,7 @@ def test_renew_reports_success_and_paths_to_client_artifacts_with_csr(gctmpdir):

			




	
	
	
		
 
    stdout_stream = io.StringIO()

			




	
	
	
		
 
    stderr_stream = io.StringIO()

			




	
	
	
		
 

			




	
	
	
		
 
    private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 
    csr = gimmecert.crypto.generate_csr("mytest", private_key)

			




	
	
	
		
 
    gimmecert.storage.write_csr(csr, csr_file.strpath)

			




	
	
	
		
 

			




	
	
		
 
@@ -1168,7 +1168,7 @@ def test_renew_reports_success_and_paths_to_server_artifacts_with_csr_when_repla

			




	
	
	
		
 
    stdout_stream = io.StringIO()

			




	
	
	
		
 
    stderr_stream = io.StringIO()

			




	
	
	
		
 

			




	
	
	
		
 
    private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 
    csr = gimmecert.crypto.generate_csr("mytest", private_key)

			




	
	
	
		
 
    gimmecert.storage.write_csr(csr, csr_file.strpath)

			




	
	
	
		
 

			




	
	
		
 
@@ -1195,7 +1195,7 @@ def test_renew_replaces_server_private_key_with_csr(gctmpdir):

			




	
	
	
		
 
    certificate_file = gctmpdir.join(".gimmecert", "server", "myserver.cert.pem")

			




	
	
	
		
 
    private_key_file = gctmpdir.join(".gimmecert", "server", "myserver.key.pem")

			




	
	
	
		
 

			




	
	
	
		
 
    custom_csr_private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    custom_csr_private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 
    custom_csr = gimmecert.crypto.generate_csr("mycustom", custom_csr_private_key)

			




	
	
	
		
 
    gimmecert.storage.write_csr(custom_csr, custom_csr_file.strpath)

			




	
	
	
		
 
    custom_csr_file_content = custom_csr_file.read()

			




	
	
		
 
@@ -1223,7 +1223,7 @@ def test_renew_replaces_server_private_key_with_csr(gctmpdir):

			




	
	
	
		
 
def test_renew_raises_exception_if_both_new_private_key_generation_and_csr_are_passed_in(gctmpdir):

			




	
	
	
		
 
    custom_csr_file = gctmpdir.join("mycustom.csr.pem")

			




	
	
	
		
 

			




	
	
	
		
 
    custom_csr_private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    custom_csr_private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 
    custom_csr = gimmecert.crypto.generate_csr("mycustom", custom_csr_private_key)

			




	
	
	
		
 
    gimmecert.storage.write_csr(custom_csr, custom_csr_file.strpath)

			




	
	
	
		
 

			




	
	
		
 
@@ -1249,7 +1249,7 @@ def test_renew_reports_success_and_paths_to_server_artifacts_with_private_key_wh

			




	
	
	
		
 
    stdout_stream = io.StringIO()

			




	
	
	
		
 
    stderr_stream = io.StringIO()

			




	
	
	
		
 

			




	
	
	
		
 
    custom_private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    custom_private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 
    custom_csr = gimmecert.crypto.generate_csr("mytest", custom_private_key)

			




	
	
	
		
 
    gimmecert.storage.write_csr(custom_csr, custom_csr_file.strpath)

			




	
	
	
		
 

			




	
	
		
 
@@ -1346,7 +1346,7 @@ def test_renew_replaces_server_csr_with_private_key(gctmpdir):

			




	
	
	
		
 
    certificate_file = gctmpdir.join(".gimmecert", "server", "myserver.cert.pem")

			




	
	
	
		
 
    private_key_file = gctmpdir.join(".gimmecert", "server", "myserver.key.pem")

			




	
	
	
		
 

			




	
	
	
		
 
    custom_csr_private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    custom_csr_private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 
    custom_csr = gimmecert.crypto.generate_csr("mycustom", custom_csr_private_key)

			




	
	
	
		
 
    gimmecert.storage.write_csr(custom_csr, custom_csr_file.strpath)

			




	
	
	
		
 

			




        

    


    
    

    

        

                

                    tests/test_crypto.py
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
		
 
@@ -81,8 +81,8 @@ def test_issue_certificate_returns_certificate():

			




	
	
	
		
 

			




	
	
	
		
 
    issuer_dn = gimmecert.crypto.get_dn('My test 1')

			




	
	
	
		
 
    subject_dn = gimmecert.crypto.get_dn('My test 2')

			




	
	
	
		
 
    issuer_private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    subject_private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    issuer_private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 
    subject_private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 
    not_before, not_after = gimmecert.crypto.get_validity_range()

			




	
	
	
		
 

			




	
	
	
		
 
    certificate = gimmecert.crypto.issue_certificate(issuer_dn, subject_dn, issuer_private_key, subject_private_key.public_key(), not_before, not_after)

			




	
	
		
 
@@ -93,8 +93,8 @@ def test_issue_certificate_returns_certificate():

			




	
	
	
		
 
def test_issue_certificate_has_correct_content():

			




	
	
	
		
 
    issuer_dn = gimmecert.crypto.get_dn('My test 1')

			




	
	
	
		
 
    subject_dn = gimmecert.crypto.get_dn('My test 2')

			




	
	
	
		
 
    issuer_private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    subject_private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    issuer_private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 
    subject_private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 
    not_before, not_after = gimmecert.crypto.get_validity_range()

			




	
	
	
		
 

			




	
	
	
		
 
    certificate = gimmecert.crypto.issue_certificate(issuer_dn, subject_dn, issuer_private_key, subject_private_key.public_key(), not_before, not_after)

			




	
	
		
 
@@ -213,7 +213,7 @@ def test_generate_ca_hierarchy_certificates_have_same_validity():

			




	
	
	
		
 

			




	
	
	
		
 
def test_issue_certificate_sets_extensions():

			




	
	
	
		
 
    dn = gimmecert.crypto.get_dn('My test 1')

			




	
	
	
		
 
    private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 
    not_before, not_after = gimmecert.crypto.get_validity_range()

			




	
	
	
		
 
    basic_constraints = cryptography.x509.BasicConstraints(ca=True, path_length=None)

			




	
	
	
		
 
    ocsp_no_check = cryptography.x509.OCSPNoCheck()

			




	
	
		
 
@@ -237,7 +237,7 @@ def test_issue_certificate_sets_extensions():

			




	
	
	
		
 

			




	
	
	
		
 
def test_issue_certificate_sets_no_extensions_if_none_are_passed():

			




	
	
	
		
 
    dn = gimmecert.crypto.get_dn('My test 1')

			




	
	
	
		
 
    private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 
    not_before, not_after = gimmecert.crypto.get_validity_range()

			




	
	
	
		
 

			




	
	
	
		
 
    certificate1 = gimmecert.crypto.issue_certificate(dn, dn, private_key, private_key.public_key(), not_before, not_after, None)

			




	
	
		
 
@@ -267,7 +267,7 @@ def test_issue_server_certificate_returns_certificate():

			




	
	
	
		
 
    ca_hierarchy = gimmecert.crypto.generate_ca_hierarchy('My Project', 1, gimmecert.crypto.KeyGenerator("rsa", 2048))

			




	
	
	
		
 
    issuer_private_key, issuer_certificate = ca_hierarchy[0]

			




	
	
	
		
 

			




	
	
	
		
 
    private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 

			




	
	
	
		
 
    certificate = gimmecert.crypto.issue_server_certificate('myserver', private_key.public_key(), issuer_private_key, issuer_certificate)

			




	
	
	
		
 

			




	
	
		
 
@@ -278,7 +278,7 @@ def test_issue_server_certificate_sets_correct_extensions():

			




	
	
	
		
 
    ca_hierarchy = gimmecert.crypto.generate_ca_hierarchy('My Project', 1, gimmecert.crypto.KeyGenerator("rsa", 2048))

			




	
	
	
		
 
    issuer_private_key, issuer_certificate = ca_hierarchy[0]

			




	
	
	
		
 

			




	
	
	
		
 
    private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 

			




	
	
	
		
 
    expected_basic_constraints = cryptography.x509.BasicConstraints(ca=False, path_length=None)

			




	
	
	
		
 
    expected_key_usage = cryptography.x509.KeyUsage(

			




	
	
		
 
@@ -323,7 +323,7 @@ def test_issue_server_certificate_has_correct_issuer_and_subject():

			




	
	
	
		
 
    ca_hierarchy = gimmecert.crypto.generate_ca_hierarchy('My Project', 4, gimmecert.crypto.KeyGenerator("rsa", 2048))

			




	
	
	
		
 
    issuer_private_key, issuer_certificate = ca_hierarchy[3]

			




	
	
	
		
 

			




	
	
	
		
 
    private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 

			




	
	
	
		
 
    certificate = gimmecert.crypto.issue_server_certificate('myserver', private_key.public_key(), issuer_private_key, issuer_certificate)

			




	
	
	
		
 

			




	
	
		
 
@@ -335,7 +335,7 @@ def test_issue_server_certificate_has_correct_public_key():

			




	
	
	
		
 
    ca_hierarchy = gimmecert.crypto.generate_ca_hierarchy('My Project', 1, gimmecert.crypto.KeyGenerator("rsa", 2048))

			




	
	
	
		
 
    issuer_private_key, issuer_certificate = ca_hierarchy[0]

			




	
	
	
		
 

			




	
	
	
		
 
    private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 

			




	
	
	
		
 
    certificate = gimmecert.crypto.issue_server_certificate('myserver', private_key.public_key(), issuer_private_key, issuer_certificate)

			




	
	
	
		
 

			




	
	
		
 
@@ -347,7 +347,7 @@ def test_issue_server_certificate_not_before_is_15_minutes_in_past():

			




	
	
	
		
 
    ca_hierarchy = gimmecert.crypto.generate_ca_hierarchy('My Project', 1, gimmecert.crypto.KeyGenerator("rsa", 2048))

			




	
	
	
		
 
    issuer_private_key, issuer_certificate = ca_hierarchy[0]

			




	
	
	
		
 

			




	
	
	
		
 
    private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 

			




	
	
	
		
 
    certificate = gimmecert.crypto.issue_server_certificate('myserver', private_key.public_key(), issuer_private_key, issuer_certificate)

			




	
	
	
		
 

			




	
	
		
 
@@ -360,7 +360,7 @@ def test_issue_server_certificate_not_before_does_not_exceed_ca_validity():

			




	
	
	
		
 

			




	
	
	
		
 
    issuer_private_key, issuer_certificate = ca_hierarchy[0]

			




	
	
	
		
 

			




	
	
	
		
 
    private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 

			




	
	
	
		
 
    with freeze_time(issuer_certificate.not_valid_before - datetime.timedelta(seconds=1)):

			




	
	
	
		
 
        certificate1 = gimmecert.crypto.issue_server_certificate('myserver', private_key.public_key(), issuer_private_key, issuer_certificate)

			




	
	
		
 
@@ -374,7 +374,7 @@ def test_issue_server_certificate_not_after_does_not_exceed_ca_validity():

			




	
	
	
		
 

			




	
	
	
		
 
    issuer_private_key, issuer_certificate = ca_hierarchy[0]

			




	
	
	
		
 

			




	
	
	
		
 
    private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 

			




	
	
	
		
 
    with freeze_time(issuer_certificate.not_valid_after + datetime.timedelta(seconds=1)):

			




	
	
	
		
 
        certificate1 = gimmecert.crypto.issue_server_certificate('myserver', private_key.public_key(), issuer_private_key, issuer_certificate)

			




	
	
		
 
@@ -386,7 +386,7 @@ def test_issue_server_certificate_incorporates_additional_dns_subject_alternativ

			




	
	
	
		
 
    ca_hierarchy = gimmecert.crypto.generate_ca_hierarchy('My Project', 1, gimmecert.crypto.KeyGenerator("rsa", 2048))

			




	
	
	
		
 
    issuer_private_key, issuer_certificate = ca_hierarchy[0]

			




	
	
	
		
 

			




	
	
	
		
 
    private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 

			




	
	
	
		
 
    expected_subject_alternative_name = cryptography.x509.SubjectAlternativeName(

			




	
	
	
		
 
        [

			




	
	
		
 
@@ -407,7 +407,7 @@ def test_issue_client_certificate_returns_certificate():

			




	
	
	
		
 
    ca_hierarchy = gimmecert.crypto.generate_ca_hierarchy('My Project', 1, gimmecert.crypto.KeyGenerator("rsa", 2048))

			




	
	
	
		
 
    issuer_private_key, issuer_certificate = ca_hierarchy[0]

			




	
	
	
		
 

			




	
	
	
		
 
    private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 

			




	
	
	
		
 
    certificate = gimmecert.crypto.issue_client_certificate('myclient', private_key.public_key(), issuer_private_key, issuer_certificate)

			




	
	
	
		
 

			




	
	
		
 
@@ -418,7 +418,7 @@ def test_issue_client_certificate_has_correct_issuer_and_subject():

			




	
	
	
		
 
    ca_hierarchy = gimmecert.crypto.generate_ca_hierarchy('My Project', 4, gimmecert.crypto.KeyGenerator("rsa", 2048))

			




	
	
	
		
 
    issuer_private_key, issuer_certificate = ca_hierarchy[3]

			




	
	
	
		
 

			




	
	
	
		
 
    private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 

			




	
	
	
		
 
    certificate = gimmecert.crypto.issue_client_certificate('myclient', private_key.public_key(), issuer_private_key, issuer_certificate)

			




	
	
	
		
 

			




	
	
		
 
@@ -430,7 +430,7 @@ def test_issue_client_certificate_sets_correct_extensions():

			




	
	
	
		
 
    ca_hierarchy = gimmecert.crypto.generate_ca_hierarchy('My Project', 1, gimmecert.crypto.KeyGenerator("rsa", 2048))

			




	
	
	
		
 
    issuer_private_key, issuer_certificate = ca_hierarchy[0]

			




	
	
	
		
 

			




	
	
	
		
 
    private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 

			




	
	
	
		
 
    expected_basic_constraints = cryptography.x509.BasicConstraints(ca=False, path_length=None)

			




	
	
	
		
 
    expected_key_usage = cryptography.x509.KeyUsage(

			




	
	
		
 
@@ -467,7 +467,7 @@ def test_issue_client_certificate_has_correct_public_key():

			




	
	
	
		
 
    ca_hierarchy = gimmecert.crypto.generate_ca_hierarchy('My Project', 1, gimmecert.crypto.KeyGenerator("rsa", 2048))

			




	
	
	
		
 
    issuer_private_key, issuer_certificate = ca_hierarchy[0]

			




	
	
	
		
 

			




	
	
	
		
 
    private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 

			




	
	
	
		
 
    certificate = gimmecert.crypto.issue_client_certificate('myclient', private_key.public_key(), issuer_private_key, issuer_certificate)

			




	
	
	
		
 

			




	
	
		
 
@@ -479,7 +479,7 @@ def test_issue_client_certificate_not_before_is_15_minutes_in_past():

			




	
	
	
		
 
    ca_hierarchy = gimmecert.crypto.generate_ca_hierarchy('My Project', 1, gimmecert.crypto.KeyGenerator("rsa", 2048))

			




	
	
	
		
 
    issuer_private_key, issuer_certificate = ca_hierarchy[0]

			




	
	
	
		
 

			




	
	
	
		
 
    private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 

			




	
	
	
		
 
    certificate = gimmecert.crypto.issue_client_certificate('myclient', private_key.public_key(), issuer_private_key, issuer_certificate)

			




	
	
	
		
 

			




	
	
		
 
@@ -492,7 +492,7 @@ def test_issue_client_certificate_not_before_does_not_exceed_ca_validity():

			




	
	
	
		
 

			




	
	
	
		
 
    issuer_private_key, issuer_certificate = ca_hierarchy[0]

			




	
	
	
		
 

			




	
	
	
		
 
    private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 

			




	
	
	
		
 
    with freeze_time(issuer_certificate.not_valid_before - datetime.timedelta(seconds=1)):

			




	
	
	
		
 
        certificate1 = gimmecert.crypto.issue_client_certificate('myclient', private_key.public_key(), issuer_private_key, issuer_certificate)

			




	
	
		
 
@@ -506,7 +506,7 @@ def test_issue_client_certificate_not_after_does_not_exceed_ca_validity():

			




	
	
	
		
 

			




	
	
	
		
 
    issuer_private_key, issuer_certificate = ca_hierarchy[0]

			




	
	
	
		
 

			




	
	
	
		
 
    private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 

			




	
	
	
		
 
    with freeze_time(issuer_certificate.not_valid_after + datetime.timedelta(seconds=1)):

			




	
	
	
		
 
        certificate1 = gimmecert.crypto.issue_client_certificate('myclient', private_key.public_key(), issuer_private_key, issuer_certificate)

			




	
	
		
 
@@ -518,7 +518,7 @@ def test_renew_certificate_returns_certificate():

			




	
	
	
		
 
    ca_hierarchy = gimmecert.crypto.generate_ca_hierarchy('My Project', 1, gimmecert.crypto.KeyGenerator("rsa", 2048))

			




	
	
	
		
 
    issuer_private_key, issuer_certificate = ca_hierarchy[0]

			




	
	
	
		
 

			




	
	
	
		
 
    private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 
    old_certificate = gimmecert.crypto.issue_server_certificate('myserver', private_key.public_key(), issuer_private_key, issuer_certificate)

			




	
	
	
		
 

			




	
	
	
		
 
    new_certificate = gimmecert.crypto.renew_certificate(old_certificate, private_key.public_key(), issuer_private_key, issuer_certificate)

			




	
	
		
 
@@ -530,9 +530,9 @@ def test_renew_certificate_has_correct_content():

			




	
	
	
		
 
    ca_hierarchy = gimmecert.crypto.generate_ca_hierarchy('My Project', 1, gimmecert.crypto.KeyGenerator("rsa", 2048))

			




	
	
	
		
 
    issuer_private_key, issuer_certificate = ca_hierarchy[0]

			




	
	
	
		
 

			




	
	
	
		
 
    private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 
    old_certificate = gimmecert.crypto.issue_server_certificate('myserver', private_key.public_key(), issuer_private_key, issuer_certificate)

			




	
	
	
		
 
    public_key = gimmecert.crypto.generate_private_key().public_key()

			




	
	
	
		
 
    public_key = gimmecert.crypto.KeyGenerator('rsa', 2048)().public_key()

			




	
	
	
		
 

			




	
	
	
		
 
    new_certificate = gimmecert.crypto.renew_certificate(old_certificate, public_key, issuer_private_key, issuer_certificate)

			




	
	
	
		
 

			




	
	
		
 
@@ -550,7 +550,7 @@ def test_renew_certificate_not_before_is_15_minutes_in_past():

			




	
	
	
		
 
        ca_hierarchy = gimmecert.crypto.generate_ca_hierarchy('My Project', 1, gimmecert.crypto.KeyGenerator("rsa", 2048))

			




	
	
	
		
 
        issuer_private_key, issuer_certificate = ca_hierarchy[0]

			




	
	
	
		
 

			




	
	
	
		
 
        private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
        private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 
        old_certificate = gimmecert.crypto.issue_server_certificate('myserver', private_key.public_key(), issuer_private_key, issuer_certificate)

			




	
	
	
		
 

			




	
	
	
		
 
    # Renew certificate.

			




	
	
		
 
@@ -567,7 +567,7 @@ def test_renew_certificate_not_before_does_not_exceed_ca_validity():

			




	
	
	
		
 
        ca_hierarchy = gimmecert.crypto.generate_ca_hierarchy('My Project', 1, gimmecert.crypto.KeyGenerator("rsa", 2048))

			




	
	
	
		
 
        issuer_private_key, issuer_certificate = ca_hierarchy[0]

			




	
	
	
		
 

			




	
	
	
		
 
        private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
        private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 
        old_certificate = gimmecert.crypto.issue_server_certificate('myserver', private_key.public_key(), issuer_private_key, issuer_certificate)

			




	
	
	
		
 

			




	
	
	
		
 
    # Renew certificate.

			




	
	
		
 
@@ -584,7 +584,7 @@ def test_renew_certificate_not_after_does_not_exceed_ca_validity():

			




	
	
	
		
 
        ca_hierarchy = gimmecert.crypto.generate_ca_hierarchy('My Project', 1, gimmecert.crypto.KeyGenerator("rsa", 2048))

			




	
	
	
		
 
        issuer_private_key, issuer_certificate = ca_hierarchy[0]

			




	
	
	
		
 

			




	
	
	
		
 
        private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
        private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 
        old_certificate = gimmecert.crypto.issue_server_certificate('myserver', private_key.public_key(), issuer_private_key, issuer_certificate)

			




	
	
	
		
 

			




	
	
	
		
 
    # Renew certificate.

			




	
	
		
 
@@ -596,7 +596,7 @@ def test_renew_certificate_not_after_does_not_exceed_ca_validity():

			




	
	
	
		
 

			




	
	
	
		
 
def test_generate_csr_returns_csr_with_passed_in_dn():

			




	
	
	
		
 

			




	
	
	
		
 
    private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 
    subject_dn = gimmecert.crypto.get_dn('testcsr')

			




	
	
	
		
 

			




	
	
	
		
 
    csr = gimmecert.crypto.generate_csr(subject_dn, private_key)

			




	
	
		
 
@@ -608,7 +608,7 @@ def test_generate_csr_returns_csr_with_passed_in_dn():

			




	
	
	
		
 

			




	
	
	
		
 
def test_generate_csr_returns_csr_with_passed_in_name():

			




	
	
	
		
 

			




	
	
	
		
 
    private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 
    name = 'testcsr'

			




	
	
	
		
 

			




	
	
	
		
 
    expected_subject_dn = gimmecert.crypto.get_dn('testcsr')

			




        

    


    
    

    

        

                

                    tests/test_storage.py
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
		
 
@@ -43,7 +43,7 @@ def test_initialise_storage(tmpdir):

			




	
	
	
		
 
def test_write_private_key(tmpdir):

			




	
	
	
		
 
    tmpdir.chdir()

			




	
	
	
		
 

			




	
	
	
		
 
    private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 
    key_path = tmpdir.join('test.key.pem').strpath

			




	
	
	
		
 

			




	
	
	
		
 
    gimmecert.storage.write_private_key(private_key, key_path)

			




	
	
		
 
@@ -61,8 +61,8 @@ def test_write_certificate(tmpdir):

			




	
	
	
		
 

			




	
	
	
		
 
    issuer_dn = gimmecert.crypto.get_dn('My test 1')

			




	
	
	
		
 
    subject_dn = gimmecert.crypto.get_dn('My test 2')

			




	
	
	
		
 
    issuer_private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    subject_private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    issuer_private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 
    subject_private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 
    not_before, not_after = gimmecert.crypto.get_validity_range()

			




	
	
	
		
 
    certificate = gimmecert.crypto.issue_certificate(issuer_dn, subject_dn, issuer_private_key, subject_private_key.public_key(), not_before, not_after)

			




	
	
	
		
 

			




	
	
		
 
@@ -120,7 +120,7 @@ def test_read_ca_hierarchy_returns_list_of_ca_private_key_and_certificate_pairs_

			




	
	
	
		
 

			




	
	
	
		
 
def test_read_private_key_returns_private_key(tmpdir):

			




	
	
	
		
 
    private_key_path = tmpdir.join('private.key.pem').strpath

			




	
	
	
		
 
    private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 
    gimmecert.storage.write_private_key(private_key, private_key_path)

			




	
	
	
		
 

			




	
	
	
		
 
    my_private_key = gimmecert.storage.read_private_key(private_key_path)

			




	
	
		
 
@@ -134,7 +134,7 @@ def test_read_certificate_returns_certificate(tmpdir):

			




	
	
	
		
 
    dn = gimmecert.crypto.get_dn('mycertificate')

			




	
	
	
		
 
    not_before, not_after = gimmecert.crypto.get_validity_range()

			




	
	
	
		
 

			




	
	
	
		
 
    private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 
    certificate = gimmecert.crypto.issue_certificate(dn, dn, private_key, private_key.public_key(), not_before, not_after)

			




	
	
	
		
 
    gimmecert.storage.write_certificate(certificate, certificate_path)

			




	
	
	
		
 

			




	
	
		
 
@@ -174,7 +174,7 @@ def test_read_ca_hierarchy_returns_list_of_ca_private_key_and_certificate_pairs_

			




	
	
	
		
 
def test_write_csr(tmpdir):

			




	
	
	
		
 
    csr_file = tmpdir.join('test.csr.pem')

			




	
	
	
		
 

			




	
	
	
		
 
    private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 
    csr = gimmecert.crypto.generate_csr('test', private_key)

			




	
	
	
		
 

			




	
	
	
		
 
    gimmecert.storage.write_csr(csr, csr_file.strpath)

			




	
	
		
 
@@ -189,7 +189,7 @@ def test_write_csr(tmpdir):

			




	
	
	
		
 
def test_read_csr(tmpdir):

			




	
	
	
		
 
    csr_file = tmpdir.join('mycsr.csr.pem')

			




	
	
	
		
 

			




	
	
	
		
 
    private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 
    original_csr = gimmecert.crypto.generate_csr('mycsr', private_key)

			




	
	
	
		
 

			




	
	
	
		
 
    gimmecert.storage.write_csr(original_csr, csr_file.strpath)

			




        

    


    
    

    

        

                

                    tests/test_utils.py
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
		
 
@@ -33,7 +33,7 @@ import pytest

			




	
	
	
		
 

			




	
	
	
		
 
def test_certificate_to_pem_returns_valid_pem():

			




	
	
	
		
 
    dn = gimmecert.crypto.get_dn('My test 1')

			




	
	
	
		
 
    private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 
    not_before, not_after = gimmecert.crypto.get_validity_range()

			




	
	
	
		
 
    certificate = gimmecert.crypto.issue_certificate(dn, dn, private_key, private_key.public_key(), not_before, not_after)

			




	
	
	
		
 

			




	
	
		
 
@@ -76,7 +76,7 @@ def test_date_range_to_str():

			




	
	
	
		
 

			




	
	
	
		
 
def test_get_dns_names_returns_empty_list_if_no_dns_names():

			




	
	
	
		
 
    issuer_private_key, issuer_certificate = gimmecert.crypto.generate_ca_hierarchy('My Test', 1, gimmecert.crypto.KeyGenerator("rsa", 2048))[0]

			




	
	
	
		
 
    private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 

			




	
	
	
		
 
    certificate = gimmecert.crypto.issue_client_certificate(

			




	
	
	
		
 
        'myclient', private_key.public_key(),

			




	
	
		
 
@@ -92,7 +92,7 @@ def test_get_dns_names_returns_empty_list_if_no_dns_names():

			




	
	
	
		
 
def test_get_dns_names_returns_list_of_dns_names():

			




	
	
	
		
 

			




	
	
	
		
 
    issuer_private_key, issuer_certificate = gimmecert.crypto.generate_ca_hierarchy('My Test', 1, gimmecert.crypto.KeyGenerator("rsa", 2048))[0]

			




	
	
	
		
 
    private_key = gimmecert.crypto.generate_private_key()

			




	
	
	
		
 
    private_key = gimmecert.crypto.KeyGenerator('rsa', 2048)()

			




	
	
	
		
 

			




	
	
	
		
 
    certificate = gimmecert.crypto.issue_server_certificate(

			




	
	
	
		
 
        'myserver', private_key.public_key(),

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2023 by various authors & licensed under GPLv3.