openstack/anchor
Code Issues Proposed changes

Merge "Use NIDs instead of strings"

Browse Source
This commit is contained in:
Jenkins 2015-07-06 13:28:03 +00:00 committed by Gerrit Code Review
commit 0fc5e23168
7 changed files with 88 additions and 288 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
anchor/X509/name.py
View File

@ -19,32 +19,20 @@ from anchor.X509 import errors
from anchor.X509 import utils
NID_countryName = backend._lib.NID_countryName
NID_stateOrProvinceName = backend._lib.NID_stateOrProvinceName
NID_localityName = backend._lib.NID_localityName
NID_organizationName = backend._lib.NID_organizationName
NID_organizationalUnitName = backend._lib.NID_organizationalUnitName
NID_commonName = backend._lib.NID_commonName
NID_pkcs9_emailAddress = backend._lib.NID_pkcs9_emailAddress
NID_surname = backend._lib.NID_surname
NID_givenName = backend._lib.NID_givenName
class X509Name(object):
"""An X509 Name object."""
# NOTE(tkelsey): this is not exhaustive
nid = {'C': backend._lib.NID_countryName,
'countryName': backend._lib.NID_countryName,
'SP': backend._lib.NID_stateOrProvinceName,
'ST': backend._lib.NID_stateOrProvinceName,
'stateOrProvinceName': backend._lib.NID_stateOrProvinceName,
'L': backend._lib.NID_localityName,
'localityName': backend._lib.NID_localityName,
'O': backend._lib.NID_organizationName,
'organizationName': backend._lib.NID_organizationName,
'OU': backend._lib.NID_organizationalUnitName,
'organizationalUnitName': backend._lib.NID_organizationalUnitName,
'CN': backend._lib.NID_commonName,
'commonName': backend._lib.NID_commonName,
'Email': backend._lib.NID_pkcs9_emailAddress,
'emailAddress': backend._lib.NID_pkcs9_emailAddress,
'serialNumber': backend._lib.NID_serialNumber,
'SN': backend._lib.NID_surname,
'surname': backend._lib.NID_surname,
'GN': backend._lib.NID_givenName,
'givenName': backend._lib.NID_givenName
}
class Entry():
"""An X509 Name sub-entry object."""
def __init__(self, obj):
@ -116,12 +104,8 @@ class X509Name(object):
for i in range(self.entry_count()):
yield self[i]
def add_name_entry(self, nid_name, text):
def add_name_entry(self, nid, text):
"""Add a name entry by its NID name."""
if nid_name not in X509Name.nid:
raise errors.X509Error("Unknown NID name: %s" % nid_name)
nid = X509Name.nid[nid_name]
ret = self._lib.X509_NAME_add_entry_by_NID(
self._name_obj, nid,
self._lib.MBSTRING_UTF8,
@ -129,23 +113,19 @@ class X509Name(object):
if ret != 1:
raise errors.X509Error("Failed to add name entry: '%s' '%s'" % (
nid_name, text))
nid, text))
def entry_count(self):
"""Get the number of entries in the name object."""
return self._lib.X509_NAME_entry_count(self._name_obj)
def get_entries_by_nid_name(self, nid_name):
def get_entries_by_nid(self, nid):
"""Get a name entry corresponding to an NID name.
:param nid_name: an NID name, chosen from the X509Name.nid table
:param nid: an NID for the new name entry
:return: An X509Name.Entry object
"""
if nid_name not in X509Name.nid:
raise errors.X509Error("Unknown NID name: %s" % nid_name)
out = []
nid = X509Name.nid[nid_name]
idx = self._lib.X509_NAME_get_index_by_NID(self._name_obj, nid, -1)
while idx != -1:
val = self._lib.X509_NAME_get_entry(self._name_obj, idx)

8
anchor/validators.py
View File

@ -18,6 +18,8 @@ import socket
import netaddr
from anchor.X509 import name as x509_name
logger = logging.getLogger(__name__)
@ -28,7 +30,7 @@ class ValidationError(Exception):
def csr_get_cn(csr):
name = csr.get_subject()
data = name.get_entries_by_nid_name('CN')
data = name.get_entries_by_nid(x509_name.NID_commonName)
if len(data) > 0:
return data[0].get_value()
else:
@ -122,7 +124,7 @@ def common_name(csr, allowed_domains=[], allowed_networks=[], **kwargs):
alt_present = any(ext.get_name() == "subjectAltName"
for ext in csr.get_extensions())
CNs = csr.get_subject().get_entries_by_nid_name('CN')
CNs = csr.get_subject().get_entries_by_nid(x509_name.NID_commonName)
if alt_present:
if len(CNs) > 1:
@ -182,7 +184,7 @@ def blacklist_names(csr, domains=[], **kwargs):
"consider disabling the step or providing a list")
return
CNs = csr.get_subject().get_entries_by_nid_name('CN')
CNs = csr.get_subject().get_entries_by_nid(x509_name.NID_commonName)
if len(CNs) > 0:
cn = csr_get_cn(csr)
if check_domains(cn, domains):

117
tests/X509/test_x509_certificate.py
View File

@ -70,184 +70,101 @@ class TestX509Cert(unittest.TestCase):
cert.from_buffer,
bad_data)
def test_get_bad_elem(self):
name = self.cert.get_subject()
self.assertRaises(x509_errors.X509Error,
name.get_entries_by_nid_name,
'BAD')
def test_get_subject_c(self):
name = self.cert.get_subject()
entries = name.get_entries_by_nid_name('C')
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "countryName")
self.assertEqual(entries[0].get_value(), "UK")
def test_get_subject_countryName(self):
name = self.cert.get_subject()
entries = name.get_entries_by_nid_name('countryName')
entries = name.get_entries_by_nid(x509_name.NID_countryName)
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "countryName")
self.assertEqual(entries[0].get_value(), "UK")
def test_get_subject_st(self):
name = self.cert.get_subject()
entries = name.get_entries_by_nid_name('ST')
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "stateOrProvinceName")
self.assertEqual(entries[0].get_value(), "Narnia")
def test_get_subject_sp(self):
name = self.cert.get_subject()
entries = name.get_entries_by_nid_name('SP')
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "stateOrProvinceName")
self.assertEqual(entries[0].get_value(), "Narnia")
def test_get_subject_stateOrProvinceName(self):
name = self.cert.get_subject()
entries = name.get_entries_by_nid_name('stateOrProvinceName')
entries = name.get_entries_by_nid(x509_name.NID_stateOrProvinceName)
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "stateOrProvinceName")
self.assertEqual(entries[0].get_value(), "Narnia")
def test_get_subject_l(self):
name = self.cert.get_subject()
entries = name.get_entries_by_nid_name('L')
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "localityName")
self.assertEqual(entries[0].get_value(), "Funkytown")
def test_get_subject_localityName(self):
name = self.cert.get_subject()
entries = name.get_entries_by_nid_name('localityName')
entries = name.get_entries_by_nid(x509_name.NID_localityName)
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "localityName")
self.assertEqual(entries[0].get_value(), "Funkytown")
def test_get_subject_o(self):
name = self.cert.get_subject()
entries = name.get_entries_by_nid_name('O')
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "organizationName")
self.assertEqual(entries[0].get_value(), "Anchor Testing")
def test_get_subject_organizationName(self):
name = self.cert.get_subject()
entries = name.get_entries_by_nid_name('organizationName')
entries = name.get_entries_by_nid(x509_name.NID_organizationName)
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "organizationName")
self.assertEqual(entries[0].get_value(), "Anchor Testing")
def test_get_subject_ou(self):
name = self.cert.get_subject()
entries = name.get_entries_by_nid_name('OU')
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "organizationalUnitName")
self.assertEqual(entries[0].get_value(), "testing")
def test_get_subject_organizationUnitName(self):
name = self.cert.get_subject()
entries = name.get_entries_by_nid_name('organizationalUnitName')
entries = name.get_entries_by_nid(x509_name.NID_organizationalUnitName)
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "organizationalUnitName")
self.assertEqual(entries[0].get_value(), "testing")
def test_get_subject_cn(self):
name = self.cert.get_subject()
entries = name.get_entries_by_nid_name('CN')
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "commonName")
self.assertEqual(entries[0].get_value(), "anchor.test")
def test_get_subject_commonName(self):
name = self.cert.get_subject()
entries = name.get_entries_by_nid_name('commonName')
entries = name.get_entries_by_nid(x509_name.NID_commonName)
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "commonName")
self.assertEqual(entries[0].get_value(), "anchor.test")
def test_get_subject_email(self):
name = self.cert.get_subject()
entries = name.get_entries_by_nid_name('Email')
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "emailAddress")
self.assertEqual(entries[0].get_value(), "test@anchor.test")
def test_get_subject_emailAddress(self):
name = self.cert.get_subject()
entries = name.get_entries_by_nid_name('Email')
entries = name.get_entries_by_nid(x509_name.NID_pkcs9_emailAddress)
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "emailAddress")
self.assertEqual(entries[0].get_value(), "test@anchor.test")
def test_get_issuer_c(self):
name = self.cert.get_issuer()
entries = name.get_entries_by_nid_name('C')
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "countryName")
self.assertEqual(entries[0].get_value(), "AU")
def test_get_issuer_countryName(self):
name = self.cert.get_issuer()
entries = name.get_entries_by_nid_name('countryName')
entries = name.get_entries_by_nid(x509_name.NID_countryName)
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "countryName")
self.assertEqual(entries[0].get_value(), "AU")
def test_get_issuer_st(self):
def test_get_issuer_stateOrProvinceName(self):
name = self.cert.get_issuer()
entries = name.get_entries_by_nid_name('ST')
entries = name.get_entries_by_nid(x509_name.NID_stateOrProvinceName)
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "stateOrProvinceName")
self.assertEqual(entries[0].get_value(), "Some-State")
def test_get_issuer_o(self):
name = self.cert.get_issuer()
entries = name.get_entries_by_nid_name('O')
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "organizationName")
self.assertEqual(entries[0].get_value(), "Herp Derp plc")
def test_get_issuer_organizationName(self):
name = self.cert.get_issuer()
entries = name.get_entries_by_nid_name('organizationName')
entries = name.get_entries_by_nid(x509_name.NID_organizationName)
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "organizationName")
self.assertEqual(entries[0].get_value(), "Herp Derp plc")
def test_get_issuer_cn(self):
name = self.cert.get_issuer()
entries = name.get_entries_by_nid_name('CN')
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "commonName")
self.assertEqual(entries[0].get_value(), "herp.derp.plc")
def test_get_issuer_commonName(self):
name = self.cert.get_issuer()
entries = name.get_entries_by_nid_name('commonName')
entries = name.get_entries_by_nid(x509_name.NID_commonName)
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "commonName")
self.assertEqual(entries[0].get_value(), "herp.derp.plc")
def test_set_subject(self):
name = x509_name.X509Name()
name.add_name_entry('C', 'UK')
name.add_name_entry(x509_name.NID_countryName, 'UK')
self.cert.set_subject(name)
name = self.cert.get_subject()
entries = name.get_entries_by_nid_name('C')
entries = name.get_entries_by_nid(x509_name.NID_countryName)
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "countryName")
self.assertEqual(entries[0].get_value(), "UK")
def test_set_issuer(self):
name = x509_name.X509Name()
name.add_name_entry('C', 'UK')
name.add_name_entry(x509_name.NID_countryName, 'UK')
self.cert.set_issuer(name)
name = self.cert.get_issuer()
entries = name.get_entries_by_nid_name('C')
entries = name.get_entries_by_nid(x509_name.NID_countryName)
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "countryName")
self.assertEqual(entries[0].get_value(), "UK")
@ -262,7 +179,7 @@ class TestX509Cert(unittest.TestCase):
cert = certificate.X509Certificate()
cert.from_file("some_path")
name = cert.get_subject()
entries = name.get_entries_by_nid_name('C')
entries = name.get_entries_by_nid(x509_name.NID_countryName)
self.assertEqual(entries[0].get_value(), "UK")
def test_get_fingerprint(self):

79
tests/X509/test_x509_csr.py
View File

@ -22,6 +22,7 @@ from cryptography.hazmat.backends.openssl import backend
import mock
from anchor.X509 import errors as x509_errors
from anchor.X509 import name as x509_name
from anchor.X509 import signing_request
@ -78,7 +79,7 @@ class TestX509Csr(unittest.TestCase):
csr.from_file("some_path")
name = csr.get_subject()
entries = name.get_entries_by_nid_name('C')
entries = name.get_entries_by_nid(x509_name.NID_countryName)
self.assertEqual(entries[0].get_value(), "UK")
def test_bad_data_throws(self):
@ -91,113 +92,51 @@ class TestX509Csr(unittest.TestCase):
csr.from_buffer,
bad_data)
def test_get_bad_elem(self):
name = self.csr.get_subject()
self.assertRaises(x509_errors.X509Error,
name.get_entries_by_nid_name,
'BAD')
def test_get_subject_c(self):
name = self.csr.get_subject()
entries = name.get_entries_by_nid_name('C')
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "countryName")
self.assertEqual(entries[0].get_value(), "UK")
def test_get_subject_countryName(self):
name = self.csr.get_subject()
entries = name.get_entries_by_nid_name('countryName')
entries = name.get_entries_by_nid(x509_name.NID_countryName)
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "countryName")
self.assertEqual(entries[0].get_value(), "UK")
def test_get_subject_st(self):
name = self.csr.get_subject()
entries = name.get_entries_by_nid_name('ST')
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "stateOrProvinceName")
self.assertEqual(entries[0].get_value(), "Narnia")
def test_get_subject_sp(self):
name = self.csr.get_subject()
entries = name.get_entries_by_nid_name('SP')
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "stateOrProvinceName")
self.assertEqual(entries[0].get_value(), "Narnia")
def test_get_subject_stateOrProvinceName(self):
name = self.csr.get_subject()
entries = name.get_entries_by_nid_name('stateOrProvinceName')
entries = name.get_entries_by_nid(x509_name.NID_stateOrProvinceName)
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "stateOrProvinceName")
self.assertEqual(entries[0].get_value(), "Narnia")
def test_get_subject_l(self):
name = self.csr.get_subject()
entries = name.get_entries_by_nid_name('L')
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "localityName")
self.assertEqual(entries[0].get_value(), "Funkytown")
def test_get_subject_localityName(self):
name = self.csr.get_subject()
entries = name.get_entries_by_nid_name('localityName')
entries = name.get_entries_by_nid(x509_name.NID_localityName)
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "localityName")
self.assertEqual(entries[0].get_value(), "Funkytown")
def test_get_subject_o(self):
name = self.csr.get_subject()
entries = name.get_entries_by_nid_name('O')
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "organizationName")
self.assertEqual(entries[0].get_value(), "Anchor Testing")
def test_get_subject_organizationName(self):
name = self.csr.get_subject()
entries = name.get_entries_by_nid_name('organizationName')
entries = name.get_entries_by_nid(x509_name.NID_organizationName)
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "organizationName")
self.assertEqual(entries[0].get_value(), "Anchor Testing")
def test_get_subject_ou(self):
name = self.csr.get_subject()
entries = name.get_entries_by_nid_name('OU')
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "organizationalUnitName")
self.assertEqual(entries[0].get_value(), "testing")
def test_get_subject_organizationUnitName(self):
name = self.csr.get_subject()
entries = name.get_entries_by_nid_name('organizationalUnitName')
entries = name.get_entries_by_nid(x509_name.NID_organizationalUnitName)
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "organizationalUnitName")
self.assertEqual(entries[0].get_value(), "testing")
def test_get_subject_cn(self):
name = self.csr.get_subject()
entries = name.get_entries_by_nid_name('CN')
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "commonName")
self.assertEqual(entries[0].get_value(), "anchor.test")
def test_get_subject_commonName(self):
name = self.csr.get_subject()
entries = name.get_entries_by_nid_name('commonName')
entries = name.get_entries_by_nid(x509_name.NID_commonName)
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "commonName")
self.assertEqual(entries[0].get_value(), "anchor.test")
def test_get_subject_email(self):
name = self.csr.get_subject()
entries = name.get_entries_by_nid_name('Email')
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "emailAddress")
self.assertEqual(entries[0].get_value(), "test@anchor.test")
def test_get_subject_emailAddress(self):
name = self.csr.get_subject()
entries = name.get_entries_by_nid_name('Email')
entries = name.get_entries_by_nid(x509_name.NID_pkcs9_emailAddress)
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "emailAddress")
self.assertEqual(entries[0].get_value(), "test@anchor.test")

93
tests/X509/test_x509_name.py
View File

@ -24,15 +24,18 @@ class TestX509Name(unittest.TestCase):
def setUp(self):
super(TestX509Name, self).setUp()
self.name = x509_name.X509Name()
self.name.add_name_entry('C', "UK") # must be 2 chars
self.name.add_name_entry('ST', "test_ST")
self.name.add_name_entry('L', "test_L")
self.name.add_name_entry('O', "test_O")
self.name.add_name_entry('OU', "test_OU")
self.name.add_name_entry('CN', "test_CN")
self.name.add_name_entry('Email', "test_Email")
self.name.add_name_entry('SN', "test_SN")
self.name.add_name_entry('GN', "test_GN")
self.name.add_name_entry(x509_name.NID_countryName,
"UK") # must be 2 chars
self.name.add_name_entry(x509_name.NID_stateOrProvinceName, "test_ST")
self.name.add_name_entry(x509_name.NID_localityName, "test_L")
self.name.add_name_entry(x509_name.NID_organizationName, "test_O")
self.name.add_name_entry(x509_name.NID_organizationalUnitName,
"test_OU")
self.name.add_name_entry(x509_name.NID_commonName, "test_CN")
self.name.add_name_entry(x509_name.NID_pkcs9_emailAddress,
"test_Email")
self.name.add_name_entry(x509_name.NID_surname, "test_SN")
self.name.add_name_entry(x509_name.NID_givenName, "test_GN")
def tearDown(self):
pass
@ -40,12 +43,12 @@ class TestX509Name(unittest.TestCase):
def test_add_bad_entry_throws(self):
self.assertRaises(x509_errors.X509Error,
self.name.add_name_entry,
'BAD', "BAD_WRONG")
-1, "BAD_WRONG")
def test_set_bad_c_throws(self):
self.assertRaises(x509_errors.X509Error,
self.name.add_name_entry,
'C', "BAD_WRONG")
x509_name.NID_countryName, "BAD_WRONG")
def test_name_to_string(self):
val = str(self.name)
@ -53,98 +56,54 @@ class TestX509Name(unittest.TestCase):
"/CN=test_CN/emailAddress=test_Email/"
"SN=test_SN/GN=test_GN"))
def test_get_c(self):
entries = self.name.get_entries_by_nid_name('C')
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "countryName")
self.assertEqual(entries[0].get_value(), "UK")
def test_get_countryName(self):
entries = self.name.get_entries_by_nid_name('countryName')
entries = self.name.get_entries_by_nid(x509_name.NID_countryName)
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "countryName")
self.assertEqual(entries[0].get_value(), "UK")
def test_get_st(self):
entries = self.name.get_entries_by_nid_name('ST')
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "stateOrProvinceName")
self.assertEqual(entries[0].get_value(), "test_ST")
def test_get_sp(self):
entries = self.name.get_entries_by_nid_name('SP')
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "stateOrProvinceName")
self.assertEqual(entries[0].get_value(), "test_ST")
def test_get_stateOrProvinceName(self):
entries = self.name.get_entries_by_nid_name('stateOrProvinceName')
entries = self.name.get_entries_by_nid(
x509_name.NID_stateOrProvinceName)
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "stateOrProvinceName")
self.assertEqual(entries[0].get_value(), "test_ST")
def test_get_l(self):
entries = self.name.get_entries_by_nid_name('L')
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "localityName")
self.assertEqual(entries[0].get_value(), "test_L")
def test_get_subject_localityName(self):
entries = self.name.get_entries_by_nid_name('localityName')
entries = self.name.get_entries_by_nid(x509_name.NID_localityName)
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "localityName")
self.assertEqual(entries[0].get_value(), "test_L")
def test_get_o(self):
entries = self.name.get_entries_by_nid_name('O')
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "organizationName")
self.assertEqual(entries[0].get_value(), "test_O")
def test_get_organizationName(self):
entries = self.name.get_entries_by_nid_name('organizationName')
entries = self.name.get_entries_by_nid(x509_name.NID_organizationName)
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "organizationName")
self.assertEqual(entries[0].get_value(), "test_O")
def test_get_ou(self):
entries = self.name.get_entries_by_nid_name('OU')
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "organizationalUnitName")
self.assertEqual(entries[0].get_value(), "test_OU")
def test_get_organizationUnitName(self):
entries = self.name.get_entries_by_nid_name('organizationalUnitName')
entries = self.name.get_entries_by_nid(
x509_name.NID_organizationalUnitName)
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "organizationalUnitName")
self.assertEqual(entries[0].get_value(), "test_OU")
def test_get_cn(self):
entries = self.name.get_entries_by_nid_name('CN')
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "commonName")
self.assertEqual(entries[0].get_value(), "test_CN")
def test_get_commonName(self):
entries = self.name.get_entries_by_nid_name('commonName')
entries = self.name.get_entries_by_nid(x509_name.NID_commonName)
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "commonName")
self.assertEqual(entries[0].get_value(), "test_CN")
def test_get_email(self):
entries = self.name.get_entries_by_nid_name('Email')
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "emailAddress")
self.assertEqual(entries[0].get_value(), "test_Email")
def test_get_emailAddress(self):
entries = self.name.get_entries_by_nid_name('Email')
entries = self.name.get_entries_by_nid(
x509_name.NID_pkcs9_emailAddress)
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0].get_name(), "emailAddress")
self.assertEqual(entries[0].get_value(), "test_Email")
def test_entry_to_string(self):
entries = self.name.get_entries_by_nid_name('Email')
entries = self.name.get_entries_by_nid(
x509_name.NID_pkcs9_emailAddress)
self.assertEqual(len(entries), 1)
self.assertEqual(str(entries[0]), "emailAddress: test_Email")

7
tests/test_certificate_ops.py
View File

@ -21,6 +21,7 @@ import mock
from webob import exc as http_status
from anchor import certificate_ops
from anchor.X509 import name as x509_name
class CertificateOpsTests(unittest.TestCase):
@ -66,14 +67,16 @@ class CertificateOpsTests(unittest.TestCase):
"""Test basic success path for parse_csr."""
result = certificate_ops.parse_csr(self.csr, 'pem')
subject = result.get_subject()
actual_cn = subject.get_entries_by_nid_name('CN')[0].get_value()
actual_cn = subject.get_entries_by_nid(
x509_name.NID_commonName)[0].get_value()
self.assertEqual(actual_cn, self.expected_cn)
def test_parse_csr_success2(self):
"""Test basic success path for parse_csr."""
result = certificate_ops.parse_csr(self.csr, 'PEM')
subject = result.get_subject()
actual_cn = subject.get_entries_by_nid_name('CN')[0].get_value()
actual_cn = subject.get_entries_by_nid(
x509_name.NID_commonName)[0].get_value()
self.assertEqual(actual_cn, self.expected_cn)
def test_parse_csr_fail1(self):

22
tests/validators/test_callable_validators.py
View File

@ -78,7 +78,7 @@ class TestValidators(unittest.TestCase):
csr_config = {
'get_extensions.return_value': [ext_mock],
'get_subject.return_value.get_entries_by_nid_name.return_value':
'get_subject.return_value.get_entries_by_nid.return_value':
['dummy_value', 'dummy_value'],
}
csr_mock = mock.MagicMock(**csr_config)
@ -93,7 +93,7 @@ class TestValidators(unittest.TestCase):
def test_common_name_no_CN(self):
csr_config = {
'get_subject.return_value.__len__.return_value': 0,
'get_subject.return_value.get_entries_by_nid_name.return_value':
'get_subject.return_value.get_entries_by_nid.return_value':
[]
}
csr_mock = mock.MagicMock(**csr_config)
@ -115,7 +115,7 @@ class TestValidators(unittest.TestCase):
csr_config = {
'get_subject.return_value.__len__.return_value': 1,
'get_subject.return_value.get_entries_by_nid_name.return_value':
'get_subject.return_value.get_entries_by_nid.return_value':
[cn_mock],
}
csr_mock = mock.MagicMock(**csr_config)
@ -134,7 +134,7 @@ class TestValidators(unittest.TestCase):
gethostbyname_ex.return_value = ('master.test.com', [], ['10.0.0.1'])
name = x509_name.X509Name()
name.add_name_entry('CN', 'test.baddomain.com')
name.add_name_entry(x509_name.NID_commonName, 'test.baddomain.com')
csr_mock = mock.MagicMock()
csr_mock.get_subject.return_value = name
@ -153,7 +153,7 @@ class TestValidators(unittest.TestCase):
csr_config = {
'get_subject.return_value.__len__.return_value': 1,
'get_subject.return_value.get_entries_by_nid_name.return_value':
'get_subject.return_value.get_entries_by_nid.return_value':
[cn_mock],
}
csr_mock = mock.MagicMock(**csr_config)
@ -169,7 +169,7 @@ class TestValidators(unittest.TestCase):
def test_common_name_bad_ip_CN(self):
name = x509_name.X509Name()
name.add_name_entry('CN', '12.0.0.1')
name.add_name_entry(x509_name.NID_commonName, '12.0.0.1')
csr_mock = mock.MagicMock()
csr_mock.get_subject.return_value = name
@ -308,7 +308,7 @@ class TestValidators(unittest.TestCase):
cn_mock.get_value.return_value = 'master.test.com'
csr_config = {
'get_subject.return_value.get_entries_by_nid_name.return_value':
'get_subject.return_value.get_entries_by_nid.return_value':
[cn_mock],
}
csr_mock = mock.MagicMock(**csr_config)
@ -327,7 +327,7 @@ class TestValidators(unittest.TestCase):
cn_mock.get_value.return_value = 'nv_master.test.com'
csr_config = {
'get_subject.return_value.get_entries_by_nid_name.return_value':
'get_subject.return_value.get_entries_by_nid.return_value':
[cn_mock],
}
csr_mock = mock.MagicMock(**csr_config)
@ -350,7 +350,7 @@ class TestValidators(unittest.TestCase):
cn_mock.get_value.return_value = 'nv_master.test.com'
csr_config = {
'get_subject.return_value.get_entries_by_nid_name.return_value':
'get_subject.return_value.get_entries_by_nid.return_value':
[cn_mock],
}
csr_mock = mock.MagicMock(**csr_config)
@ -372,7 +372,7 @@ class TestValidators(unittest.TestCase):
cn_mock.get_value.return_value = 'nv-master.test.com'
csr_config = {
'get_subject.return_value.get_entries_by_nid_name.return_value':
'get_subject.return_value.get_entries_by_nid.return_value':
[cn_mock],
}
csr_mock = mock.MagicMock(**csr_config)
@ -682,7 +682,7 @@ class TestValidators(unittest.TestCase):
cn_mock.get_value.return_value = 'blah.bad'
csr_config = {
'get_subject.return_value.get_entries_by_nid_name.return_value':
'get_subject.return_value.get_entries_by_nid.return_value':
[cn_mock],
}
csr_mock = mock.MagicMock(**csr_config)