Merge branch 'master' into pinning-to-cross-signed-LE-ICA

This commit is contained in:
Hossein Shafagh 2020-07-24 10:25:11 -07:00 committed by GitHub
commit 3c1d6998fb
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 32 additions and 2 deletions

View File

@ -24,7 +24,7 @@
"angularjs-toaster": "~1.0.0", "angularjs-toaster": "~1.0.0",
"angular-chart.js": "~0.8.8", "angular-chart.js": "~0.8.8",
"ngletteravatar": "~4.0.0", "ngletteravatar": "~4.0.0",
"bootswatch": "~3.4.1", "bootswatch": "3.4.1+1",
"fontawesome": "~4.5.0", "fontawesome": "~4.5.0",
"satellizer": "~0.13.4", "satellizer": "~0.13.4",
"angular-ui-router": "~0.2.15", "angular-ui-router": "~0.2.15",

View File

@ -24,6 +24,11 @@ from lemur.certificates.service import create_csr
def build_certificate_authority(options): def build_certificate_authority(options):
options["certificate_authority"] = True options["certificate_authority"] = True
csr, private_key = create_csr(**options) csr, private_key = create_csr(**options)
if options.get("parent"):
# Intermediate Cert Issuance
cert_pem, chain_cert_pem = issue_certificate(csr, options, None)
else:
cert_pem, chain_cert_pem = issue_certificate(csr, options, private_key) cert_pem, chain_cert_pem = issue_certificate(csr, options, private_key)
return cert_pem, private_key, chain_cert_pem return cert_pem, private_key, chain_cert_pem

View File

@ -25,6 +25,31 @@ def test_build_certificate_authority():
assert chain_cert_pem == "" assert chain_cert_pem == ""
def test_build_intermediate_certificate_authority(authority):
from lemur.plugins.lemur_cryptography.plugin import build_certificate_authority
options = {
"key_type": "RSA2048",
"country": "US",
"state": "CA",
"location": "Example place",
"organization": "Example, Inc.",
"organizational_unit": "Example Unit",
"common_name": "Example INTERMEDIATE",
"validity_start": arrow.get("2016-12-01").datetime,
"validity_end": arrow.get("2016-12-02").datetime,
"first_serial": 1,
"serial_number": 1,
"owner": "owner@example.com",
"parent": authority
}
cert_pem, private_key_pem, chain_cert_pem = build_certificate_authority(options)
assert cert_pem
assert private_key_pem
assert chain_cert_pem == authority.authority_certificate.body
def test_issue_certificate(authority): def test_issue_certificate(authority):
from lemur.tests.vectors import CSR_STR from lemur.tests.vectors import CSR_STR
from lemur.plugins.lemur_cryptography.plugin import issue_certificate from lemur.plugins.lemur_cryptography.plugin import issue_certificate