|
@@ -346,7 +346,7 @@ def test_client_reports_error_if_directory_is_not_initialised(tmpdir):
|
|
|
stdout_stream = io.StringIO()
|
|
|
stderr_stream = io.StringIO()
|
|
|
|
|
|
status_code = gimmecert.commands.client(stdout_stream, stderr_stream, tmpdir.strpath, 'myclient', None)
|
|
|
status_code = gimmecert.commands.client(stdout_stream, stderr_stream, tmpdir.strpath, 'myclient', None, None)
|
|
|
|
|
|
stdout = stdout_stream.getvalue()
|
|
|
stderr = stderr_stream.getvalue()
|
|
@@ -357,7 +357,7 @@ def test_client_reports_error_if_directory_is_not_initialised(tmpdir):
|
|
|
|
|
|
|
|
|
def test_client_returns_status_code(tmpdir):
|
|
|
status_code = gimmecert.commands.client(io.StringIO(), io.StringIO(), tmpdir.strpath, 'myclient', None)
|
|
|
status_code = gimmecert.commands.client(io.StringIO(), io.StringIO(), tmpdir.strpath, 'myclient', None, None)
|
|
|
|
|
|
assert isinstance(status_code, int)
|
|
|
|
|
@@ -366,7 +366,7 @@ def test_client_reports_success_and_paths_to_generated_artifacts(gctmpdir):
|
|
|
stdout_stream = io.StringIO()
|
|
|
stderr_stream = io.StringIO()
|
|
|
|
|
|
status_code = gimmecert.commands.client(stdout_stream, stderr_stream, gctmpdir.strpath, 'myclient', None)
|
|
|
status_code = gimmecert.commands.client(stdout_stream, stderr_stream, gctmpdir.strpath, 'myclient', None, None)
|
|
|
|
|
|
stdout = stdout_stream.getvalue()
|
|
|
stderr = stderr_stream.getvalue()
|
|
@@ -383,7 +383,7 @@ def test_client_outputs_private_key_to_file_without_csr(gctmpdir):
|
|
|
private_key_file = gctmpdir.join('.gimmecert', 'client', 'myclient.key.pem')
|
|
|
csr_file = gctmpdir.join('.gimmecert', 'client', 'myclient.csr.pem')
|
|
|
|
|
|
gimmecert.commands.client(io.StringIO(), io.StringIO(), gctmpdir.strpath, 'myclient', None)
|
|
|
gimmecert.commands.client(io.StringIO(), io.StringIO(), gctmpdir.strpath, 'myclient', None, None)
|
|
|
|
|
|
assert private_key_file.check(file=1)
|
|
|
assert not csr_file.check()
|
|
@@ -397,7 +397,7 @@ def test_client_outputs_private_key_to_file_without_csr(gctmpdir):
|
|
|
def test_client_outputs_certificate_to_file(gctmpdir):
|
|
|
certificate_file = gctmpdir.join('.gimmecert', 'client', 'myclient.cert.pem')
|
|
|
|
|
|
gimmecert.commands.client(io.StringIO(), io.StringIO(), gctmpdir.strpath, 'myclient', None)
|
|
|
gimmecert.commands.client(io.StringIO(), io.StringIO(), gctmpdir.strpath, 'myclient', None, None)
|
|
|
|
|
|
assert certificate_file.check(file=1)
|
|
|
|
|
@@ -412,12 +412,12 @@ def test_client_errors_out_if_certificate_already_issued(gctmpdir):
|
|
|
stderr_stream = io.StringIO()
|
|
|
|
|
|
# Previous run.
|
|
|
gimmecert.commands.client(io.StringIO(), io.StringIO(), gctmpdir.strpath, 'myclient', None)
|
|
|
gimmecert.commands.client(io.StringIO(), io.StringIO(), gctmpdir.strpath, 'myclient', None, None)
|
|
|
existing_private_key = gctmpdir.join('.gimmecert', 'client', 'myclient.key.pem').read()
|
|
|
certificate = gctmpdir.join('.gimmecert', 'client', 'myclient.cert.pem').read()
|
|
|
|
|
|
# New run.
|
|
|
status_code = gimmecert.commands.client(stdout_stream, stderr_stream, gctmpdir.strpath, 'myclient', None)
|
|
|
status_code = gimmecert.commands.client(stdout_stream, stderr_stream, gctmpdir.strpath, 'myclient', None, None)
|
|
|
|
|
|
stdout = stdout_stream.getvalue()
|
|
|
stderr = stderr_stream.getvalue()
|
|
@@ -506,7 +506,7 @@ def test_renew_reports_success_and_paths_to_client_artifacts(gctmpdir):
|
|
|
stdout_stream = io.StringIO()
|
|
|
stderr_stream = io.StringIO()
|
|
|
|
|
|
gimmecert.commands.client(io.StringIO(), io.StringIO(), gctmpdir.strpath, 'myclient', None)
|
|
|
gimmecert.commands.client(io.StringIO(), io.StringIO(), gctmpdir.strpath, 'myclient', None, None)
|
|
|
|
|
|
status_code = gimmecert.commands.renew(stdout_stream, stderr_stream, gctmpdir.strpath, 'client', 'myclient', False, None, None)
|
|
|
|
|
@@ -536,7 +536,7 @@ def test_renew_keeps_server_private_key(gctmpdir):
|
|
|
def test_renew_keeps_client_private_key(gctmpdir):
|
|
|
private_key_file = gctmpdir.join('.gimmecert', 'client', 'myclient.key.pem')
|
|
|
|
|
|
gimmecert.commands.client(io.StringIO(), io.StringIO(), gctmpdir.strpath, 'myclient', None)
|
|
|
gimmecert.commands.client(io.StringIO(), io.StringIO(), gctmpdir.strpath, 'myclient', None, None)
|
|
|
private_key_after_issuance = private_key_file.read()
|
|
|
|
|
|
gimmecert.commands.renew(io.StringIO(), io.StringIO(), gctmpdir.strpath, 'client', 'myclient', False, None, None)
|
|
@@ -562,7 +562,7 @@ def test_renew_replaces_server_certificate(gctmpdir):
|
|
|
def test_renew_replaces_client_certificate(gctmpdir):
|
|
|
certificate_file = gctmpdir.join('.gimmecert', 'client', 'myclient.cert.pem')
|
|
|
|
|
|
gimmecert.commands.client(io.StringIO(), io.StringIO(), gctmpdir.strpath, 'myclient', None)
|
|
|
gimmecert.commands.client(io.StringIO(), io.StringIO(), gctmpdir.strpath, 'myclient', None, None)
|
|
|
certificate_after_issuance = certificate_file.read()
|
|
|
|
|
|
gimmecert.commands.renew(io.StringIO(), io.StringIO(), gctmpdir.strpath, 'client', 'myclient', False, None, None)
|
|
@@ -748,13 +748,13 @@ def test_status_reports_client_certificate_information(tmpdir):
|
|
|
gimmecert.commands.init(io.StringIO(), io.StringIO(), tmpdir.strpath, tmpdir.basename, 3, ("rsa", 2048))
|
|
|
|
|
|
with freeze_time('2018-02-01 00:15:00'):
|
|
|
gimmecert.commands.client(io.StringIO(), io.StringIO(), tmpdir.strpath, 'myclient1', None)
|
|
|
gimmecert.commands.client(io.StringIO(), io.StringIO(), tmpdir.strpath, 'myclient1', None, None)
|
|
|
|
|
|
with freeze_time('2018-03-01 00:15:00'):
|
|
|
gimmecert.commands.client(io.StringIO(), io.StringIO(), tmpdir.strpath, 'myclient2', None)
|
|
|
gimmecert.commands.client(io.StringIO(), io.StringIO(), tmpdir.strpath, 'myclient2', None, None)
|
|
|
|
|
|
with freeze_time('2018-04-01 00:15:00'):
|
|
|
gimmecert.commands.client(io.StringIO(), io.StringIO(), tmpdir.strpath, 'myclient3', myclient3_csr_file.strpath)
|
|
|
gimmecert.commands.client(io.StringIO(), io.StringIO(), tmpdir.strpath, 'myclient3', myclient3_csr_file.strpath, None)
|
|
|
|
|
|
with freeze_time('2018-06-01 00:15:00'):
|
|
|
status_code = gimmecert.commands.status(stdout_stream, stderr_stream, tmpdir.strpath)
|
|
@@ -804,8 +804,8 @@ def test_status_reports_no_server_certificates_were_issued(tmpdir):
|
|
|
# Just create some sample data, but no server certificates.
|
|
|
with freeze_time('2018-01-01 00:15:00'):
|
|
|
gimmecert.commands.init(io.StringIO(), io.StringIO(), tmpdir.strpath, tmpdir.basename, 1, ("rsa", 2048))
|
|
|
gimmecert.commands.client(io.StringIO(), io.StringIO(), tmpdir.strpath, 'myclient1', None)
|
|
|
gimmecert.commands.client(io.StringIO(), io.StringIO(), tmpdir.strpath, 'myclient2', None)
|
|
|
gimmecert.commands.client(io.StringIO(), io.StringIO(), tmpdir.strpath, 'myclient1', None, None)
|
|
|
gimmecert.commands.client(io.StringIO(), io.StringIO(), tmpdir.strpath, 'myclient2', None, None)
|
|
|
|
|
|
status_code = gimmecert.commands.status(stdout_stream, stderr_stream, tmpdir.strpath)
|
|
|
|
|
@@ -865,7 +865,7 @@ def test_certificate_marked_as_not_valid_or_expired_as_appropriate(tmpdir, subje
|
|
|
with freeze_time(issuance_date):
|
|
|
gimmecert.commands.init(io.StringIO(), io.StringIO(), tmpdir.strpath, "My Project", 1, ("rsa", 2048))
|
|
|
gimmecert.commands.server(io.StringIO(), io.StringIO(), tmpdir.strpath, 'myserver', None, None, None)
|
|
|
gimmecert.commands.client(io.StringIO(), io.StringIO(), tmpdir.strpath, 'myclient', None)
|
|
|
gimmecert.commands.client(io.StringIO(), io.StringIO(), tmpdir.strpath, 'myclient', None, None)
|
|
|
|
|
|
# Move to specific date in future/past for different validity checks.
|
|
|
with freeze_time(status_date):
|
|
@@ -894,7 +894,7 @@ def test_client_reports_success_and_paths_to_generated_artifacts_with_csr(gctmpd
|
|
|
custom_csr = gimmecert.crypto.generate_csr('blah', private_key)
|
|
|
gimmecert.storage.write_csr(custom_csr, custom_csr_file.strpath)
|
|
|
|
|
|
status_code = gimmecert.commands.client(stdout_stream, stderr_stream, gctmpdir.strpath, 'myclient', custom_csr_file.strpath)
|
|
|
status_code = gimmecert.commands.client(stdout_stream, stderr_stream, gctmpdir.strpath, 'myclient', custom_csr_file.strpath, None)
|
|
|
|
|
|
stdout = stdout_stream.getvalue()
|
|
|
stderr = stderr_stream.getvalue()
|
|
@@ -917,7 +917,7 @@ def test_client_outputs_passed_in_csr_to_file_without_private_key(gctmpdir):
|
|
|
gimmecert.storage.write_csr(csr, custom_csr_file.strpath)
|
|
|
custom_csr_file_content = custom_csr_file.read()
|
|
|
|
|
|
gimmecert.commands.client(io.StringIO(), io.StringIO(), gctmpdir.strpath, 'myclient', custom_csr_file.strpath)
|
|
|
gimmecert.commands.client(io.StringIO(), io.StringIO(), gctmpdir.strpath, 'myclient', custom_csr_file.strpath, None)
|
|
|
|
|
|
assert csr_file.check(file=1)
|
|
|
assert not private_key_file.check()
|
|
@@ -931,7 +931,7 @@ def test_client_uses_correct_public_key_without_csr(gctmpdir):
|
|
|
private_key_file = gctmpdir.join('.gimmecert', 'client', 'myclient.key.pem')
|
|
|
certificate_file = gctmpdir.join('.gimmecert', 'client', 'myclient.cert.pem')
|
|
|
|
|
|
gimmecert.commands.client(io.StringIO(), io.StringIO(), gctmpdir.strpath, 'myclient', None)
|
|
|
gimmecert.commands.client(io.StringIO(), io.StringIO(), gctmpdir.strpath, 'myclient', None, None)
|
|
|
|
|
|
private_key = gimmecert.storage.read_private_key(private_key_file.strpath)
|
|
|
certificate = gimmecert.storage.read_certificate(certificate_file.strpath)
|
|
@@ -950,7 +950,7 @@ def test_client_uses_correct_public_key_but_no_naming_with_csr(gctmpdir):
|
|
|
csr = gimmecert.crypto.generate_csr('mycustomcsr', private_key)
|
|
|
gimmecert.storage.write_csr(csr, custom_csr_file.strpath)
|
|
|
|
|
|
gimmecert.commands.client(io.StringIO(), io.StringIO(), gctmpdir.strpath, 'myclient', custom_csr_file.strpath)
|
|
|
gimmecert.commands.client(io.StringIO(), io.StringIO(), gctmpdir.strpath, 'myclient', custom_csr_file.strpath, None)
|
|
|
|
|
|
certificate = gimmecert.storage.read_certificate(certificate_file.strpath)
|
|
|
|
|
@@ -1011,12 +1011,12 @@ def test_client_errors_out_if_certificate_already_issued_with_csr(gctmpdir):
|
|
|
stderr_stream = io.StringIO()
|
|
|
|
|
|
# Previous run.
|
|
|
gimmecert.commands.client(io.StringIO(), io.StringIO(), gctmpdir.strpath, 'myclient', custom_csr_file.strpath)
|
|
|
gimmecert.commands.client(io.StringIO(), io.StringIO(), gctmpdir.strpath, 'myclient', custom_csr_file.strpath, None)
|
|
|
existing_csr = gctmpdir.join('.gimmecert', 'client', 'myclient.csr.pem').read()
|
|
|
certificate = gctmpdir.join('.gimmecert', 'client', 'myclient.cert.pem').read()
|
|
|
|
|
|
# New run.
|
|
|
status_code = gimmecert.commands.client(stdout_stream, stderr_stream, gctmpdir.strpath, 'myclient', custom_csr_file.strpath)
|
|
|
status_code = gimmecert.commands.client(stdout_stream, stderr_stream, gctmpdir.strpath, 'myclient', custom_csr_file.strpath, None)
|
|
|
|
|
|
stdout = stdout_stream.getvalue()
|
|
|
stderr = stderr_stream.getvalue()
|
|
@@ -1093,7 +1093,7 @@ def test_renew_reports_success_and_paths_to_client_artifacts_with_csr(gctmpdir):
|
|
|
csr = gimmecert.crypto.generate_csr("mytest", private_key)
|
|
|
gimmecert.storage.write_csr(csr, csr_file.strpath)
|
|
|
|
|
|
gimmecert.commands.client(io.StringIO(), io.StringIO(), gctmpdir.strpath, 'myclient', csr_file.strpath)
|
|
|
gimmecert.commands.client(io.StringIO(), io.StringIO(), gctmpdir.strpath, 'myclient', csr_file.strpath, None)
|
|
|
|
|
|
status_code = gimmecert.commands.renew(stdout_stream, stderr_stream, gctmpdir.strpath, 'client', 'myclient', False, None, None)
|
|
|
|
|
@@ -1354,7 +1354,7 @@ def test_client_reads_csr_from_stdin(mock_read_input, sample_project_directory,
|
|
|
stdout_stream = io.StringIO()
|
|
|
stderr_stream = io.StringIO()
|
|
|
|
|
|
status_code = gimmecert.commands.client(stdout_stream, stderr_stream, sample_project_directory.strpath, entity_name, '-')
|
|
|
status_code = gimmecert.commands.client(stdout_stream, stderr_stream, sample_project_directory.strpath, entity_name, '-', None)
|
|
|
assert status_code == 0
|
|
|
|
|
|
# Read stored/generated artefacts.
|
|
@@ -1410,7 +1410,7 @@ def test_renew_client_reads_csr_from_stdin(mock_read_input, sample_project_direc
|
|
|
certificate_file = sample_project_directory.join('.gimmecert', 'client', '%s.cert.pem' % entity_name)
|
|
|
|
|
|
# Generate client certificate that will be renewed.
|
|
|
gimmecert.commands.client(io.StringIO(), io.StringIO(), sample_project_directory.strpath, entity_name, None)
|
|
|
gimmecert.commands.client(io.StringIO(), io.StringIO(), sample_project_directory.strpath, entity_name, None, None)
|
|
|
|
|
|
# Mock our util for reading input from user.
|
|
|
mock_read_input.return_value = key_with_csr.csr_pem
|
|
@@ -1456,3 +1456,26 @@ def test_server_uses_passed_in_private_key_algorithm_and_parameters_when_generat
|
|
|
private_key = gimmecert.storage.read_private_key(private_key_file.strpath)
|
|
|
|
|
|
assert private_key.key_size == 1024
|
|
|
|
|
|
|
|
|
def test_client_uses_same_private_key_algorithm_and_parameters_as_issuer_when_generating_private_key(tmpdir):
|
|
|
|
|
|
private_key_file = tmpdir.join('.gimmecert', 'client', 'myclient.key.pem')
|
|
|
|
|
|
gimmecert.commands.init(io.StringIO(), io.StringIO(), tmpdir.strpath, tmpdir.basename, 1, ("rsa", 1024))
|
|
|
gimmecert.commands.client(io.StringIO(), io.StringIO(), tmpdir.strpath, 'myclient', None, None)
|
|
|
|
|
|
private_key = gimmecert.storage.read_private_key(private_key_file.strpath)
|
|
|
|
|
|
assert private_key.key_size == 1024
|
|
|
|
|
|
|
|
|
def test_client_uses_passed_in_private_key_algorithm_and_parameters_when_generating_private_key(gctmpdir):
|
|
|
|
|
|
private_key_file = gctmpdir.join('.gimmecert', 'client', 'myclient.key.pem')
|
|
|
|
|
|
gimmecert.commands.client(io.StringIO(), io.StringIO(), gctmpdir.strpath, 'myclient', None, ("rsa", 1024))
|
|
|
|
|
|
private_key = gimmecert.storage.read_private_key(private_key_file.strpath)
|
|
|
|
|
|
assert private_key.key_size == 1024
|