gimmecert Changeset - c033bb4b0a05

Changeset - c033bb4b0a05

Parent rev.

Child rev.

[Not reviewed]

0 3 0

Branko Majic (branko) - 6 years ago 2018-03-01 15:42:57
branko@majic.rs

GC-3: Updated naming convention for CAs (append CA at end for usability purposes).

3 files changed with 12 insertions and 12 deletions:

functional_tests/test_init.py

gimmecert/crypto.py

tests/test_crypto.py

0 comments (0 inline, 0 general)

functional_tests/test_init.py

➞

Show inline comments

@@ @@ -92,7 +92,7 @@ def test_initialisation_on_fresh_directory(tmpdir): @@
     # it's a root CA certificate), and can also see that the subject
     # DN has just the CN with working directory's name in it.
     assert issuer_dn == subject_dn
     assert subject_dn.rstrip() == 'CN = %s Level 1' % tmpdir.basename
+    assert subject_dn.rstrip() == 'CN = %s Level 1 CA' % tmpdir.basename
     # John has a quick look at generated certificate and chain, only
     # to realise they are identical.
@@ @@ -163,7 +163,7 @@ def test_initialisation_with_custom_base_name(tmpdir): @@
     # To his delight, both the issuer and subject DN are identical,
     # and now they are based on his custom-provided name instead of
     # project name.
     assert issuer_dn.rstrip() == subject_dn.rstrip() == "CN = My Project Level 1"
+    assert issuer_dn.rstrip() == subject_dn.rstrip() == "CN = My Project Level 1 CA"
     assert tmpdir.basename not in issuer_dn
     assert issuer_dn1 == subject_dn1
     assert issuer_dn2 == subject_dn1
     assert issuer_dn3 == subject_dn2
     assert subject_dn1 == 'CN = %s Level 1' % tmpdir.basename
     assert subject_dn2 == 'CN = %s Level 2' % tmpdir.basename
     assert subject_dn3 == 'CN = %s Level 3' % tmpdir.basename
     assert subject_dn1 == 'CN = %s Level 1 CA' % tmpdir.basename
     assert subject_dn2 == 'CN = %s Level 2 CA' % tmpdir.basename
     assert subject_dn3 == 'CN = %s Level 3 CA' % tmpdir.basename
     # John opens-up the chain file, and observes that all certificates
     # seem to be contained within.

gimmecert/crypto.py

➞

Show inline comments

@@ @@ -162,7 +162,7 @@ def generate_ca_hierarchy(base_name, depth): @@
     for level in range(1, depth+1):
         # Generate info for the new CA.
         dn = get_dn("%s Level %d" % (base_name, level))
+        dn = get_dn("%s Level %d CA" % (base_name, level))
         private_key = generate_private_key()
         # First certificate issued needs to be self-signed.

tests/test_crypto.py

➞

Show inline comments

     level1, level2, level3 = [certificate for _, certificate in gimmecert.crypto.generate_ca_hierarchy(base_name, depth)]
     assert level1.subject == cryptography.x509.Name(gimmecert.crypto.get_dn('My Project Level 1'))
     assert level2.subject == cryptography.x509.Name(gimmecert.crypto.get_dn('My Project Level 2'))
     assert level3.subject == cryptography.x509.Name(gimmecert.crypto.get_dn('My Project Level 3'))
     assert level1.subject == cryptography.x509.Name(gimmecert.crypto.get_dn('My Project Level 1 CA'))
     assert level2.subject == cryptography.x509.Name(gimmecert.crypto.get_dn('My Project Level 2 CA'))
     assert level3.subject == cryptography.x509.Name(gimmecert.crypto.get_dn('My Project Level 3 CA'))
 def test_generate_ca_hierarchy_issuer_dns_have_correct_value():
     level2_key, level2_certificate = hierarchy[1]
     level3_key, level3_certificate = hierarchy[2]
     assert level1_certificate.issuer == cryptography.x509.Name(gimmecert.crypto.get_dn('My Project Level 1'))
     assert level2_certificate.issuer == cryptography.x509.Name(gimmecert.crypto.get_dn('My Project Level 1'))
     assert level3_certificate.issuer == cryptography.x509.Name(gimmecert.crypto.get_dn('My Project Level 2'))
     assert level1_certificate.issuer == cryptography.x509.Name(gimmecert.crypto.get_dn('My Project Level 1 CA'))
     assert level2_certificate.issuer == cryptography.x509.Name(gimmecert.crypto.get_dn('My Project Level 1 CA'))
     assert level3_certificate.issuer == cryptography.x509.Name(gimmecert.crypto.get_dn('My Project Level 2 CA'))
 def test_generate_ca_hierarchy_private_keys_match_with_public_keys_in_certificates():

0 comments (0 inline, 0 general)