Revize 2a90f4fd
Přidáno uživatelem Stanislav Král před asi 4 roky(ů)
| src/services/certificate_service.py | ||
|---|---|---|
| 52 | 52 |
certificate = Certificate(-1, common_name, not_before_formatted, not_after_formatted, cert_pem, |
| 53 | 53 |
private_key_id, cert_type, parent_id, usages) |
| 54 | 54 |
|
| 55 |
print(f"CW: {parent_id} {certificate.parent_id}")
|
|
| 56 | 55 |
return certificate |
| 57 | 56 |
|
| 58 | 57 |
# TODO config parameter present in class diagram but not here (unused) |
| ... | ... | |
| 111 | 110 |
issuer_key_pass=issuer_key.password, extensions=extensions, |
| 112 | 111 |
days=days) |
| 113 | 112 |
|
| 114 |
print(f"test cert {issuer_cert.certificate_id}")
|
|
| 115 | 113 |
# wrap the generated certificate using Certificate class |
| 116 | 114 |
certificate = self.__create_wrapper(cert_pem, subject_key.private_key_id, subject.common_name, usages, |
| 117 | 115 |
issuer_cert.certificate_id, CERTIFICATE_ID) |
| 118 | 116 |
|
| 119 |
print(f"parent cert {certificate.parent_id}")
|
|
| 120 |
|
|
| 121 | 117 |
created_id = self.certificate_repository.create(certificate) |
| 122 | 118 |
|
| 123 | 119 |
certificate.certificate_id = created_id |
| 124 | 120 |
|
| 125 |
print(f"parent cert {certificate.parent_id}")
|
|
| 126 |
|
|
| 127 | 121 |
return certificate |
| 128 | 122 |
|
| 129 | 123 |
def get_certificate(self, unique_id: int) -> Certificate: |
| 130 | 124 |
return self.certificate_repository.read(unique_id) |
| 125 |
|
|
| 126 |
def get_certificates(self, cert_type=None) -> Certificate: |
|
| 127 |
return self.certificate_repository.read_all(cert_type) |
|
| tests/integration_tests/services/certificate_key_service_test.py | ||
|---|---|---|
| 50 | 50 |
assert cert.usages == cert_loaded.usages |
| 51 | 51 |
|
| 52 | 52 |
|
| 53 |
def test_create_and_get_cert(private_key_service, certificate_service): |
|
| 53 |
def test_create_and_get_inter_cert(private_key_service, certificate_service):
|
|
| 54 | 54 |
root_ca_private_key = private_key_service.create_new_key(passphrase="foobar") |
| 55 | 55 |
inter_ca_private_key = private_key_service.create_new_key() |
| 56 | 56 |
|
| ... | ... | |
| 121 | 121 |
assert cert.parent_id == inter_ca_cert.certificate_id |
| 122 | 122 |
assert cert_loaded.parent_id == inter_ca_cert.certificate_id |
| 123 | 123 |
assert cert.usages == cert_loaded.usages |
| 124 |
|
|
| 125 |
|
|
| 126 |
def test_get_certificates(private_key_service_unique, certificate_service_unique): |
|
| 127 |
root_ca_private_key = private_key_service_unique.create_new_key(passphrase="foobar") |
|
| 128 |
inter_ca_private_key = private_key_service_unique.create_new_key(passphrase="barfoo") |
|
| 129 |
end_cert_private_key = private_key_service_unique.create_new_key(passphrase="foofoo") |
|
| 130 |
|
|
| 131 |
root_ca_cert = certificate_service_unique.create_root_ca(root_ca_private_key, |
|
| 132 |
Subject(common_name="RootFoo", |
|
| 133 |
organization_unit="Department of Foo")) |
|
| 134 |
|
|
| 135 |
inter_ca_cert = certificate_service_unique.create_ca(inter_ca_private_key, Subject(common_name="Intermediate CA"), |
|
| 136 |
root_ca_cert, |
|
| 137 |
root_ca_private_key, usages={SSL_ID: True})
|
|
| 138 |
|
|
| 139 |
cert = certificate_service_unique.create_end_cert(end_cert_private_key, |
|
| 140 |
Subject("Foo Child", email_address="foo@bar.cz"), inter_ca_cert,
|
|
| 141 |
inter_ca_private_key, usages={AUTHENTICATION_ID: True})
|
|
| 142 |
|
|
| 143 |
all_certs = certificate_service_unique.get_certificates() |
|
| 144 |
assert 3 == len(all_certs) |
|
| 145 |
assert "RootFoo" == all_certs[0].common_name |
|
| 146 |
assert "Intermediate CA" == all_certs[1].common_name |
|
| 147 |
assert "Foo Child" == all_certs[2].common_name |
|
| 148 |
|
|
| 149 |
assert 1 == len(certificate_service_unique.get_certificates(cert_type=ROOT_CA_ID)) |
|
| 150 |
assert 1 == len(certificate_service_unique.get_certificates(cert_type=INTERMEDIATE_CA_ID)) |
|
| 151 |
assert 1 == len(certificate_service_unique.get_certificates(cert_type=CERTIFICATE_ID)) |
|
| tests/integration_tests/services/conftest.py | ||
|---|---|---|
| 68 | 68 |
@pytest.fixture |
| 69 | 69 |
def certificate_service(certificate_repository, cryptography_service): |
| 70 | 70 |
return CertificateService(cryptography_service, certificate_repository) |
| 71 |
|
|
| 72 |
|
|
| 73 |
# TODO improve this (lots of duplicated code) - some test cases need a DB connection that is not shared with other tests |
|
| 74 |
@pytest.fixture |
|
| 75 |
def connection_unique(): |
|
| 76 |
print("Creating a new unique SQLITE connection to the test DB")
|
|
| 77 |
test_db_file = "test_unique.sqlite" |
|
| 78 |
connection: Connection = sqlite3.connect(test_db_file) |
|
| 79 |
|
|
| 80 |
# yield the created connection |
|
| 81 |
yield connection |
|
| 82 |
|
|
| 83 |
# after tests have finished delete the created db file |
|
| 84 |
try: |
|
| 85 |
print("Deleting the unique test DB")
|
|
| 86 |
os.unlink(test_db_file) |
|
| 87 |
except FileNotFoundError: |
|
| 88 |
print(f"Could not delete {test_db_file} file containing the unique test DB")
|
|
| 89 |
pass |
|
| 90 |
|
|
| 91 |
|
|
| 92 |
@pytest.fixture |
|
| 93 |
def cursor_unique(connection_unique): |
|
| 94 |
cursor = connection_unique.cursor() |
|
| 95 |
|
|
| 96 |
# execute db initialisation script |
|
| 97 |
cursor.executescript(SCHEMA_SQL) |
|
| 98 |
|
|
| 99 |
# insert default values |
|
| 100 |
cursor.executescript(DEFAULT_VALUES_SQL) |
|
| 101 |
|
|
| 102 |
return cursor |
|
| 103 |
|
|
| 104 |
|
|
| 105 |
# scope defaults to "function" which means that the fixture is run once per test (function) |
|
| 106 |
@pytest.fixture |
|
| 107 |
def certificate_repository_unique(connection_unique, cursor_unique): |
|
| 108 |
return CertificateRepository(connection_unique, cursor_unique) |
|
| 109 |
|
|
| 110 |
|
|
| 111 |
@pytest.fixture |
|
| 112 |
def private_key_repository_unique(connection_unique, cursor_unique): |
|
| 113 |
return PrivateKeyRepository(connection_unique, cursor_unique) |
|
| 114 |
|
|
| 115 |
|
|
| 116 |
@pytest.fixture |
|
| 117 |
def cryptography_service_unique(): |
|
| 118 |
return CryptographyService() |
|
| 119 |
|
|
| 120 |
|
|
| 121 |
@pytest.fixture |
|
| 122 |
def private_key_service_unique(private_key_repository_unique, cryptography_service_unique): |
|
| 123 |
return KeyService(cryptography_service_unique, private_key_repository_unique) |
|
| 124 |
|
|
| 125 |
|
|
| 126 |
@pytest.fixture |
|
| 127 |
def certificate_service_unique(certificate_repository_unique, cryptography_service_unique): |
|
| 128 |
return CertificateService(cryptography_service_unique, certificate_repository_unique) |
|
Také k dispozici: Unified diff
Re #8472 - Implemented get_certificates method and added an integration test validating it
Added fixtures providing a unique DB connection for each test