From 7d42e4ce6770d857e17818b85c3620adc1746383 Mon Sep 17 00:00:00 2001 From: Curtis Castrapel Date: Mon, 10 Sep 2018 10:34:47 -0700 Subject: [PATCH] Fix certificate import issues --- lemur/certificates/schemas.py | 3 ++- lemur/certificates/service.py | 2 +- lemur/common/defaults.py | 4 ++-- lemur/tests/test_certificates.py | 10 +++++----- lemur/tests/test_defaults.py | 2 +- lemur/tests/test_pending_certificates.py | 2 +- 6 files changed, 12 insertions(+), 11 deletions(-) diff --git a/lemur/certificates/schemas.py b/lemur/certificates/schemas.py index e62951bf..032a9175 100644 --- a/lemur/certificates/schemas.py +++ b/lemur/certificates/schemas.py @@ -235,8 +235,9 @@ class CertificateOutputSchema(LemurOutputSchema): class CertificateUploadInputSchema(CertificateCreationSchema): name = fields.String() + authority = fields.Nested(AssociatedAuthoritySchema, required=False) notify = fields.Boolean(missing=True) - + external_id = fields.String(missing=None, allow_none=True) private_key = fields.String(validate=validators.private_key) body = fields.String(required=True, validate=validators.public_certificate) chain = fields.String(validate=validators.public_certificate, missing=None, diff --git a/lemur/certificates/service.py b/lemur/certificates/service.py index a02c412c..13c0f8bf 100644 --- a/lemur/certificates/service.py +++ b/lemur/certificates/service.py @@ -233,7 +233,7 @@ def upload(**kwargs): kwargs['private_key'] = private_key.encode('utf-8') cert = Certificate(**kwargs) - + cert.authority = kwargs.get('authority') cert = database.create(cert) kwargs['creator'].certificates.append(cert) diff --git a/lemur/common/defaults.py b/lemur/common/defaults.py index 80079232..e9bbc6e6 100644 --- a/lemur/common/defaults.py +++ b/lemur/common/defaults.py @@ -232,8 +232,8 @@ def issuer(cert): delchars = ''.join(c for c in map(chr, range(256)) if not c.isalnum()) try: # Try organization name or fall back to CN - issuer = (cert.issuer.get_attributes_for_oid(x509.OID_ORGANIZATION_NAME) - or cert.issuer.get_attributes_for_oid(x509.OID_COMMON_NAME)) + issuer = (cert.issuer.get_attributes_for_oid(x509.OID_COMMON_NAME) or + cert.issuer.get_attributes_for_oid(x509.OID_ORGANIZATION_NAME)) issuer = str(issuer[0].value) for c in delchars: issuer = issuer.replace(c, "") diff --git a/lemur/tests/test_certificates.py b/lemur/tests/test_certificates.py index 103a0968..1a4d644b 100644 --- a/lemur/tests/test_certificates.py +++ b/lemur/tests/test_certificates.py @@ -61,7 +61,7 @@ def test_certificate_output_schema(session, certificate, issuer_plugin): # Make sure serialization parses the cert only once (uses cached 'parsed_cert' attribute) with patch('lemur.common.utils.parse_certificate', side_effect=utils.parse_certificate) as wrapper: data, errors = CertificateOutputSchema().dump(certificate) - assert data['issuer'] == 'LemurTrustEnterprisesLtd' + assert data['issuer'] == 'LemurTrustUnittestsClass1CA2018' assert wrapper.call_count == 1 @@ -455,8 +455,8 @@ def test_create_certificate(issuer_plugin, authority, user): cert = create(authority=authority, csr=CSR_STR, owner='joe@example.com', creator=user['user']) assert str(cert.not_after) == '2047-12-31T22:00:00+00:00' assert str(cert.not_before) == '2017-12-31T22:00:00+00:00' - assert cert.issuer == 'LemurTrustEnterprisesLtd' - assert cert.name == 'SAN-san.example.org-LemurTrustEnterprisesLtd-20171231-20471231-AFF2DB4F8D2D4D8E80FA382AE27C2333' + assert cert.issuer == 'LemurTrustUnittestsClass1CA2018' + assert cert.name == 'SAN-san.example.org-LemurTrustUnittestsClass1CA2018-20171231-20471231-AFF2DB4F8D2D4D8E80FA382AE27C2333' cert = create(authority=authority, csr=CSR_STR, owner='joe@example.com', name='ACustomName1', creator=user['user']) assert cert.name == 'ACustomName1' @@ -486,8 +486,8 @@ def test_import(user): cert = import_certificate(body=SAN_CERT_STR, chain=INTERMEDIATE_CERT_STR, private_key=SAN_CERT_KEY, creator=user['user']) assert str(cert.not_after) == '2047-12-31T22:00:00+00:00' assert str(cert.not_before) == '2017-12-31T22:00:00+00:00' - assert cert.issuer == 'LemurTrustEnterprisesLtd' - assert cert.name == 'SAN-san.example.org-LemurTrustEnterprisesLtd-20171231-20471231-AFF2DB4F8D2D4D8E80FA382AE27C2333-2' + assert cert.issuer == 'LemurTrustUnittestsClass1CA2018' + assert cert.name == 'SAN-san.example.org-LemurTrustUnittestsClass1CA2018-20171231-20471231-AFF2DB4F8D2D4D8E80FA382AE27C2333-2' cert = import_certificate(body=SAN_CERT_STR, chain=INTERMEDIATE_CERT_STR, private_key=SAN_CERT_KEY, owner='joe@example.com', name='ACustomName2', creator=user['user']) assert cert.name == 'ACustomName2' diff --git a/lemur/tests/test_defaults.py b/lemur/tests/test_defaults.py index c6c70684..918e1ab8 100644 --- a/lemur/tests/test_defaults.py +++ b/lemur/tests/test_defaults.py @@ -35,7 +35,7 @@ def test_cert_bitstrength(client): def test_cert_issuer(client): from lemur.common.defaults import issuer - assert issuer(INTERMEDIATE_CERT) == 'LemurTrustEnterprisesLtd' + assert issuer(INTERMEDIATE_CERT) == 'LemurTrustUnittestsRootCA2018' def test_text_to_slug(client): diff --git a/lemur/tests/test_pending_certificates.py b/lemur/tests/test_pending_certificates.py index 455a4068..567159e1 100644 --- a/lemur/tests/test_pending_certificates.py +++ b/lemur/tests/test_pending_certificates.py @@ -26,7 +26,7 @@ def test_create_pending(pending_certificate, user, session): from lemur.pending_certificates.service import create_certificate, get cert = {'body': WILDCARD_CERT_STR, 'chain': INTERMEDIATE_CERT_STR, - 'external_id': 54321} + 'external_id': '54321'} # Weird copy because the session behavior. pending_certificate is a valid object but the # return of vars(pending_certificate) is a sessionobject, and so nothing from the pending_cert