Fix certificate import issues
This commit is contained in:
parent
0ab0caa375
commit
7d42e4ce67
@ -235,8 +235,9 @@ class CertificateOutputSchema(LemurOutputSchema):
|
|||||||
|
|
||||||
class CertificateUploadInputSchema(CertificateCreationSchema):
|
class CertificateUploadInputSchema(CertificateCreationSchema):
|
||||||
name = fields.String()
|
name = fields.String()
|
||||||
|
authority = fields.Nested(AssociatedAuthoritySchema, required=False)
|
||||||
notify = fields.Boolean(missing=True)
|
notify = fields.Boolean(missing=True)
|
||||||
|
external_id = fields.String(missing=None, allow_none=True)
|
||||||
private_key = fields.String(validate=validators.private_key)
|
private_key = fields.String(validate=validators.private_key)
|
||||||
body = fields.String(required=True, validate=validators.public_certificate)
|
body = fields.String(required=True, validate=validators.public_certificate)
|
||||||
chain = fields.String(validate=validators.public_certificate, missing=None,
|
chain = fields.String(validate=validators.public_certificate, missing=None,
|
||||||
|
@ -233,7 +233,7 @@ def upload(**kwargs):
|
|||||||
kwargs['private_key'] = private_key.encode('utf-8')
|
kwargs['private_key'] = private_key.encode('utf-8')
|
||||||
|
|
||||||
cert = Certificate(**kwargs)
|
cert = Certificate(**kwargs)
|
||||||
|
cert.authority = kwargs.get('authority')
|
||||||
cert = database.create(cert)
|
cert = database.create(cert)
|
||||||
|
|
||||||
kwargs['creator'].certificates.append(cert)
|
kwargs['creator'].certificates.append(cert)
|
||||||
|
@ -232,8 +232,8 @@ def issuer(cert):
|
|||||||
delchars = ''.join(c for c in map(chr, range(256)) if not c.isalnum())
|
delchars = ''.join(c for c in map(chr, range(256)) if not c.isalnum())
|
||||||
try:
|
try:
|
||||||
# Try organization name or fall back to CN
|
# Try organization name or fall back to CN
|
||||||
issuer = (cert.issuer.get_attributes_for_oid(x509.OID_ORGANIZATION_NAME)
|
issuer = (cert.issuer.get_attributes_for_oid(x509.OID_COMMON_NAME) or
|
||||||
or cert.issuer.get_attributes_for_oid(x509.OID_COMMON_NAME))
|
cert.issuer.get_attributes_for_oid(x509.OID_ORGANIZATION_NAME))
|
||||||
issuer = str(issuer[0].value)
|
issuer = str(issuer[0].value)
|
||||||
for c in delchars:
|
for c in delchars:
|
||||||
issuer = issuer.replace(c, "")
|
issuer = issuer.replace(c, "")
|
||||||
|
@ -61,7 +61,7 @@ def test_certificate_output_schema(session, certificate, issuer_plugin):
|
|||||||
# Make sure serialization parses the cert only once (uses cached 'parsed_cert' attribute)
|
# Make sure serialization parses the cert only once (uses cached 'parsed_cert' attribute)
|
||||||
with patch('lemur.common.utils.parse_certificate', side_effect=utils.parse_certificate) as wrapper:
|
with patch('lemur.common.utils.parse_certificate', side_effect=utils.parse_certificate) as wrapper:
|
||||||
data, errors = CertificateOutputSchema().dump(certificate)
|
data, errors = CertificateOutputSchema().dump(certificate)
|
||||||
assert data['issuer'] == 'LemurTrustEnterprisesLtd'
|
assert data['issuer'] == 'LemurTrustUnittestsClass1CA2018'
|
||||||
|
|
||||||
assert wrapper.call_count == 1
|
assert wrapper.call_count == 1
|
||||||
|
|
||||||
@ -455,8 +455,8 @@ def test_create_certificate(issuer_plugin, authority, user):
|
|||||||
cert = create(authority=authority, csr=CSR_STR, owner='joe@example.com', creator=user['user'])
|
cert = create(authority=authority, csr=CSR_STR, owner='joe@example.com', creator=user['user'])
|
||||||
assert str(cert.not_after) == '2047-12-31T22:00:00+00:00'
|
assert str(cert.not_after) == '2047-12-31T22:00:00+00:00'
|
||||||
assert str(cert.not_before) == '2017-12-31T22:00:00+00:00'
|
assert str(cert.not_before) == '2017-12-31T22:00:00+00:00'
|
||||||
assert cert.issuer == 'LemurTrustEnterprisesLtd'
|
assert cert.issuer == 'LemurTrustUnittestsClass1CA2018'
|
||||||
assert cert.name == 'SAN-san.example.org-LemurTrustEnterprisesLtd-20171231-20471231-AFF2DB4F8D2D4D8E80FA382AE27C2333'
|
assert cert.name == 'SAN-san.example.org-LemurTrustUnittestsClass1CA2018-20171231-20471231-AFF2DB4F8D2D4D8E80FA382AE27C2333'
|
||||||
|
|
||||||
cert = create(authority=authority, csr=CSR_STR, owner='joe@example.com', name='ACustomName1', creator=user['user'])
|
cert = create(authority=authority, csr=CSR_STR, owner='joe@example.com', name='ACustomName1', creator=user['user'])
|
||||||
assert cert.name == 'ACustomName1'
|
assert cert.name == 'ACustomName1'
|
||||||
@ -486,8 +486,8 @@ def test_import(user):
|
|||||||
cert = import_certificate(body=SAN_CERT_STR, chain=INTERMEDIATE_CERT_STR, private_key=SAN_CERT_KEY, creator=user['user'])
|
cert = import_certificate(body=SAN_CERT_STR, chain=INTERMEDIATE_CERT_STR, private_key=SAN_CERT_KEY, creator=user['user'])
|
||||||
assert str(cert.not_after) == '2047-12-31T22:00:00+00:00'
|
assert str(cert.not_after) == '2047-12-31T22:00:00+00:00'
|
||||||
assert str(cert.not_before) == '2017-12-31T22:00:00+00:00'
|
assert str(cert.not_before) == '2017-12-31T22:00:00+00:00'
|
||||||
assert cert.issuer == 'LemurTrustEnterprisesLtd'
|
assert cert.issuer == 'LemurTrustUnittestsClass1CA2018'
|
||||||
assert cert.name == 'SAN-san.example.org-LemurTrustEnterprisesLtd-20171231-20471231-AFF2DB4F8D2D4D8E80FA382AE27C2333-2'
|
assert cert.name == 'SAN-san.example.org-LemurTrustUnittestsClass1CA2018-20171231-20471231-AFF2DB4F8D2D4D8E80FA382AE27C2333-2'
|
||||||
|
|
||||||
cert = import_certificate(body=SAN_CERT_STR, chain=INTERMEDIATE_CERT_STR, private_key=SAN_CERT_KEY, owner='joe@example.com', name='ACustomName2', creator=user['user'])
|
cert = import_certificate(body=SAN_CERT_STR, chain=INTERMEDIATE_CERT_STR, private_key=SAN_CERT_KEY, owner='joe@example.com', name='ACustomName2', creator=user['user'])
|
||||||
assert cert.name == 'ACustomName2'
|
assert cert.name == 'ACustomName2'
|
||||||
|
@ -35,7 +35,7 @@ def test_cert_bitstrength(client):
|
|||||||
|
|
||||||
def test_cert_issuer(client):
|
def test_cert_issuer(client):
|
||||||
from lemur.common.defaults import issuer
|
from lemur.common.defaults import issuer
|
||||||
assert issuer(INTERMEDIATE_CERT) == 'LemurTrustEnterprisesLtd'
|
assert issuer(INTERMEDIATE_CERT) == 'LemurTrustUnittestsRootCA2018'
|
||||||
|
|
||||||
|
|
||||||
def test_text_to_slug(client):
|
def test_text_to_slug(client):
|
||||||
|
@ -26,7 +26,7 @@ def test_create_pending(pending_certificate, user, session):
|
|||||||
from lemur.pending_certificates.service import create_certificate, get
|
from lemur.pending_certificates.service import create_certificate, get
|
||||||
cert = {'body': WILDCARD_CERT_STR,
|
cert = {'body': WILDCARD_CERT_STR,
|
||||||
'chain': INTERMEDIATE_CERT_STR,
|
'chain': INTERMEDIATE_CERT_STR,
|
||||||
'external_id': 54321}
|
'external_id': '54321'}
|
||||||
|
|
||||||
# Weird copy because the session behavior. pending_certificate is a valid object but the
|
# Weird copy because the session behavior. pending_certificate is a valid object but the
|
||||||
# return of vars(pending_certificate) is a sessionobject, and so nothing from the pending_cert
|
# return of vars(pending_certificate) is a sessionobject, and so nothing from the pending_cert
|
||||||
|
Loading…
Reference in New Issue
Block a user