|
@@ -518,7 +518,7 @@ def test_renew_certificate_returns_certificate():
|
|
|
private_key = gimmecert.crypto.generate_private_key()
|
|
|
old_certificate = gimmecert.crypto.issue_server_certificate('myserver', private_key.public_key(), issuer_private_key, issuer_certificate)
|
|
|
|
|
|
new_certificate = gimmecert.crypto.renew_certificate(old_certificate, issuer_private_key, issuer_certificate)
|
|
|
new_certificate = gimmecert.crypto.renew_certificate(old_certificate, private_key.public_key(), issuer_private_key, issuer_certificate)
|
|
|
|
|
|
assert isinstance(new_certificate, cryptography.x509.Certificate)
|
|
|
|
|
@@ -529,13 +529,14 @@ def test_renew_certificate_has_correct_content():
|
|
|
|
|
|
private_key = gimmecert.crypto.generate_private_key()
|
|
|
old_certificate = gimmecert.crypto.issue_server_certificate('myserver', private_key.public_key(), issuer_private_key, issuer_certificate)
|
|
|
public_key = gimmecert.crypto.generate_private_key().public_key()
|
|
|
|
|
|
new_certificate = gimmecert.crypto.renew_certificate(old_certificate, issuer_private_key, issuer_certificate)
|
|
|
new_certificate = gimmecert.crypto.renew_certificate(old_certificate, public_key, issuer_private_key, issuer_certificate)
|
|
|
|
|
|
assert old_certificate != new_certificate # make sure we didn't get identical certificate.
|
|
|
assert old_certificate.issuer == new_certificate.issuer
|
|
|
assert old_certificate.subject == new_certificate.subject
|
|
|
assert old_certificate.public_key().public_numbers() == new_certificate.public_key().public_numbers()
|
|
|
assert new_certificate.public_key().public_numbers() == public_key.public_numbers()
|
|
|
assert [e for e in old_certificate.extensions] == [e for e in new_certificate.extensions]
|
|
|
|
|
|
|
|
@@ -551,7 +552,7 @@ def test_renew_certificate_not_before_is_15_minutes_in_past():
|
|
|
|
|
|
# Renew certificate.
|
|
|
with freeze_time('2018-06-01 00:15:00'):
|
|
|
certificate = gimmecert.crypto.renew_certificate(old_certificate, issuer_private_key, issuer_certificate)
|
|
|
certificate = gimmecert.crypto.renew_certificate(old_certificate, private_key.public_key(), issuer_private_key, issuer_certificate)
|
|
|
|
|
|
assert certificate.not_valid_before == datetime.datetime(2018, 6, 1, 0, 0)
|
|
|
|
|
@@ -568,7 +569,7 @@ def test_renew_certificate_not_before_does_not_exceed_ca_validity():
|
|
|
|
|
|
# Renew certificate.
|
|
|
with freeze_time(issuer_certificate.not_valid_before - datetime.timedelta(seconds=1)):
|
|
|
certificate = gimmecert.crypto.renew_certificate(old_certificate, issuer_private_key, issuer_certificate)
|
|
|
certificate = gimmecert.crypto.renew_certificate(old_certificate, private_key.public_key(), issuer_private_key, issuer_certificate)
|
|
|
|
|
|
assert certificate.not_valid_before == issuer_certificate.not_valid_before
|
|
|
|
|
@@ -585,6 +586,6 @@ def test_renew_certificate_not_after_does_not_exceed_ca_validity():
|
|
|
|
|
|
# Renew certificate.
|
|
|
with freeze_time(issuer_certificate.not_valid_after + datetime.timedelta(seconds=1)):
|
|
|
certificate = gimmecert.crypto.renew_certificate(old_certificate, issuer_private_key, issuer_certificate)
|
|
|
certificate = gimmecert.crypto.renew_certificate(old_certificate, private_key.public_key(), issuer_private_key, issuer_certificate)
|
|
|
|
|
|
assert certificate.not_valid_after == issuer_certificate.not_valid_after
|