Infra/lemur
5
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Closes #648, also fixes several issues #666. (#678)

Browse Source
This commit is contained in:
kevgliss
2017-01-27 21:05:25 -08:00
committed by GitHub
parent f13a3505f3
commit bc94353850
10 changed files with 142 additions and 112 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
lemur/plugins/lemur_digicert/plugin.py
View File

@ -22,13 +22,14 @@ from retrying import retry
from flask import current_app
from cryptography import x509
from lemur.extensions import metrics
from lemur.common.utils import validate_conf
from lemur.plugins.bases import IssuerPlugin, SourcePlugin
from lemur.plugins import lemur_digicert as digicert
from lemur.common.utils import validate_conf
def log_status_code(r, *args, **kwargs):
"""
@ -106,7 +107,8 @@ def get_additional_names(options):
# add SANs if present
if options.get('extensions'):
for san in options['extensions']['sub_alt_names']['names']:
names.append(san['value'])
if isinstance(san, x509.DNSName):
names.append(san.value)
return names
@ -119,19 +121,14 @@ def map_fields(options, csr):
"""
options = get_issuance(options)
data = {
"certificate":
{
"common_name": options['common_name'],
"csr": csr,
"signature_hash":
signature_hash(options.get('signing_algorithm')),
},
"organization":
{
"id": current_app.config.get("DIGICERT_ORG_ID")
},
}
data = dict(certificate={
"common_name": options['common_name'],
"csr": csr,
"signature_hash":
signature_hash(options.get('signing_algorithm')),
}, organization={
"id": current_app.config.get("DIGICERT_ORG_ID")
})
data['certificate']['dns_names'] = get_additional_names(options)
data['custom_expiration_date'] = options['validity_end'].format('YYYY-MM-DD')

6
lemur/plugins/lemur_digicert/tests/test_digicert.py
View File

@ -4,6 +4,8 @@ from freezegun import freeze_time
from lemur.tests.vectors import CSR_STR
from cryptography import x509
def test_map_fields(app):
from lemur.plugins.lemur_digicert.plugin import map_fields
@ -16,7 +18,7 @@ def test_map_fields(app):
'description': 'test certificate',
'extensions': {
'sub_alt_names': {
'names': [{'name_type': 'DNSName', 'value': x} for x in names]
'names': [x509.DNSName(x) for x in names]
}
},
'validity_end': arrow.get(2017, 5, 7),
@ -48,7 +50,7 @@ def test_map_cis_fields(app):
'description': 'test certificate',
'extensions': {
'sub_alt_names': {
'names': [{'name_type': 'DNSName', 'value': x} for x in names]
'names': [x509.DNSName(x) for x in names]
}
},
'organization': 'Example, Inc.',

21
lemur/plugins/lemur_verisign/plugin.py
View File

@ -13,6 +13,7 @@ import xmltodict
from flask import current_app
from cryptography import x509
from lemur.extensions import metrics
from lemur.plugins import lemur_verisign as verisign
@ -76,6 +77,22 @@ def log_status_code(r, *args, **kwargs):
metrics.send('symantec_status_code_{}'.format(r.status_code), 'counter', 1)
def get_additional_names(options):
"""
Return a list of strings to be added to a SAN certificates.
:param options:
:return:
"""
names = []
# add SANs if present
if options.get('extensions'):
for san in options['extensions']['sub_alt_names']:
if isinstance(san, x509.DNSName):
names.append(san.value)
return names
def process_options(options):
"""
Processes and maps the incoming issuer options to fields/options that
@ -94,9 +111,7 @@ def process_options(options):
'email': current_app.config.get("VERISIGN_EMAIL")
}
if options.get('extensions'):
if options['extensions'].get('sub_alt_names'):
data['subject_alt_names'] = ",".join(x['value'] for x in options['extensions']['sub_alt_names']['names'])
data['subject_alt_names'] = ",".join(get_additional_names(options))
if options.get('validity_end'):
period = get_default_issuance(options)