diff --git a/functional_tests/test_status.py b/functional_tests/test_status.py index e0baea26978f4d167584c8b4ef0faa65b16dee2c..bbab0fb1160e635b15611110438e435ebbc83ebd 100644 --- a/functional_tests/test_status.py +++ b/functional_tests/test_status.py @@ -72,6 +72,7 @@ def test_status_on_uninitialised_directory(tmpdir): @pytest.mark.parametrize("ca_key_specification, default_key_representation", [ ("rsa:2048", "2048-bit RSA"), + ("ecdsa:secp521r1", "secp521r1 ECDSA"), ]) def test_status_on_initialised_directory(tmpdir, ca_key_specification, default_key_representation): # John is interested in finding out a bit more about what @@ -86,12 +87,14 @@ def test_status_on_initialised_directory(tmpdir, ca_key_specification, default_k run_command("openssl", "req", "-new", "-newkey", "rsa:2048", "-nodes", "-keyout", "myserver3.key.pem", "-subj", "/CN=myserver3", "-out", "myserver3.csr.pem") run_command('gimmecert', 'server', '--csr', 'myserver3.csr.pem', 'myserver3') + run_command('gimmecert', 'server', 'myserver4', '-k', 'ecdsa:secp256r1') run_command('gimmecert', 'client', 'myclient1', '-k', 'rsa:1024') run_command('gimmecert', 'client', 'myclient2') run_command("openssl", "req", "-new", "-newkey", "rsa:2048", "-nodes", "-keyout", "myclient3.key.pem", "-subj", "/CN=myclient3", "-out", "myclient3.csr.pem") run_command('gimmecert', 'client', '--csr', 'myclient3.csr.pem', 'myclient3') + run_command('gimmecert', 'client', 'myclient4', '-k', 'ecdsa:secp192r1') # John switches to project directory. tmpdir.chdir() @@ -149,6 +152,7 @@ def test_status_on_initialised_directory(tmpdir, ca_key_specification, default_k index_myserver1 = stdout_lines.index("CN=myserver1") # Should not raise index_myserver2 = stdout_lines.index("CN=myserver2") # Should not raise index_myserver3 = stdout_lines.index("CN=myserver3") # Should not raise + index_myserver4 = stdout_lines.index("CN=myserver4") # Should not raise assert stdout_lines[index_myserver1+1].startswith(" Validity: ") assert stdout_lines[index_myserver1+2] == " DNS: myserver1" @@ -168,6 +172,11 @@ def test_status_on_initialised_directory(tmpdir, ca_key_specification, default_k assert stdout_lines[index_myserver3+4] == " CSR: .gimmecert/server/myserver3.csr.pem" assert stdout_lines[index_myserver3+5] == " Certificate: .gimmecert/server/myserver3.cert.pem" + assert stdout_lines[index_myserver4+2] == " DNS: myserver4" + assert stdout_lines[index_myserver4+3] == " Key algorithm: secp256r1 ECDSA" + assert stdout_lines[index_myserver4+4] == " Private key: .gimmecert/server/myserver4.key.pem" + assert stdout_lines[index_myserver4+5] == " Certificate: .gimmecert/server/myserver4.cert.pem" + # For client certificates, John can see that for each certificate # he can see its subject DN and validity. Information for each # client is followed by key algorithm and paths to private key and @@ -175,6 +184,7 @@ def test_status_on_initialised_directory(tmpdir, ca_key_specification, default_k index_myclient1 = stdout_lines.index("CN=myclient1") # Should not raise index_myclient2 = stdout_lines.index("CN=myclient2") # Should not raise index_myclient3 = stdout_lines.index("CN=myclient3") # Should not raise + index_myclient4 = stdout_lines.index("CN=myclient4") # Should not raise assert stdout_lines[index_myclient1+1].startswith(" Validity: ") assert stdout_lines[index_myclient1+2] == " Key algorithm: 1024-bit RSA" @@ -190,3 +200,8 @@ def test_status_on_initialised_directory(tmpdir, ca_key_specification, default_k assert stdout_lines[index_myclient3+2] == " Key algorithm: 2048-bit RSA" assert stdout_lines[index_myclient3+3] == " CSR: .gimmecert/client/myclient3.csr.pem" assert stdout_lines[index_myclient3+4] == " Certificate: .gimmecert/client/myclient3.cert.pem" + + assert stdout_lines[index_myclient4+1].startswith(" Validity: ") + assert stdout_lines[index_myclient4+2] == " Key algorithm: secp192r1 ECDSA" + assert stdout_lines[index_myclient4+3] == " Private key: .gimmecert/client/myclient4.key.pem" + assert stdout_lines[index_myclient4+4] == " Certificate: .gimmecert/client/myclient4.cert.pem"