Merge pull request #75 from Venafi/pkcs12_support

PKCS12 support

Author: rvelaVenafi

tests/test_e2e.py

@@ -627,178 +627,3 @@ def renew_by_thumbprint(conn, prev_cert):
     print(prev_cert.subject.get_attributes_for_oid(NameOID.COMMON_NAME))
     assert cert.subject.get_attributes_for_oid(NameOID.COMMON_NAME) == prev_cert.subject.get_attributes_for_oid(
         NameOID.COMMON_NAME)
-
-
-class TestLocalMethods(unittest.TestCase):
-
-    def test_parse_cloud_zone1(self):
-        conn = CloudConnection(token="")
-        p = conn._parse_policy_response_to_object(json.loads(POLICY_CLOUD1))
-        self.assertEqual(p.id, "3da4ba30-c370-11e9-9e69-99559a9ae32a")
-        self.assertEqual(p.SubjectCNRegexes[-1], ".*.test")
-        self.assertTrue(
-            p.SubjectCRegexes == p.SubjectLRegexes == p.SubjectORegexes == p.SubjectOURegexes == p.SubjectSTRegexes == [
-                ".*"])
-        self.assertEqual(p.key_types[0].key_type, KeyType.RSA)
-        self.assertEqual(p.key_types[0].option, 2048)
-        self.assertEqual(p.key_types[1].key_type, KeyType.RSA)
-        self.assertEqual(p.key_types[1].option, 4096)
-        self.assertTrue(len(p.key_types) == 2)
-
-    #  cloud doesnt support ecdsa yet. may be can be enabled in the future
-    # def test_parse_cloud_zone2(self):
-    #     conn = CloudConnection(token="")
-    #     p = conn._parse_policy_responce_to_object(json.loads(POLICY_CLOUD2))
-    #     self.assertTrue(len(p.key_types) == 2)
-    #     self.assertEqual(p.key_types[1].key_type, KeyType.RSA)
-    #     self.assertEqual(p.key_types[0].key_type,   KeyType.ECDSA)
-    #     self.assertEqual(p.key_types[0].key_curves,  ["p521"])
-
-    def test_parse_tpp_zone1(self):
-        conn = TPPConnection(url="http://example.com/", user="", password="")
-        z = conn._parse_zone_data_to_object(json.loads(POLICY_TPP1))
-        self.assertEqual(z.country.value, "US")
-        self.assertEqual(z.locality.value, "Salt Lake")
-        self.assertEqual(z.province.value, "Utah")
-        self.assertEqual(z.organization.value, "Venafi Inc.")
-
-    def test_parse_tpp_policy1(self):
-        conn = TPPConnection(url="http://example.com/", user="", password="")
-        raw_data = json.loads(POLICY_TPP1)
-        p = conn._parse_zone_config_to_policy(raw_data)
-        self.assertEqual(len(p.key_types), 7)
-        raw_data['Policy']['KeyPair']['KeySize']['Locked'] = True
-        p = conn._parse_zone_config_to_policy(raw_data)
-        self.assertEqual(len(p.key_types), 4)
-        raw_data['Policy']['KeyPair']['KeyAlgorithm']['Locked'] = True
-        p = conn._parse_zone_config_to_policy(raw_data)
-        self.assertEqual(len(p.key_types), 1)
-
-    def test_update_request_with_zone_config(self):
-        r = CertificateRequest()
-        z = ZoneConfig(
-            organization=CertField("Venafi"),
-            organizational_unit=CertField(""),
-            country=CertField(""),
-            province=CertField(""),
-            locality=CertField(""),
-            policy=None,
-            key_type=None
-        )
-        r.update_from_zone_config(z)
-        self.assertEqual(r.organization, "Venafi")
-        r = CertificateRequest(organization="Test")
-        r.update_from_zone_config(z)
-        self.assertEqual(r.organization, "Test")
-        z = ZoneConfig(
-            organization=CertField("Venafi", locked=True),
-            organizational_unit=CertField(""),
-            country=CertField(""),
-            province=CertField(""),
-            locality=CertField(""),
-            policy=None,
-            key_type=None
-        )
-        r.update_from_zone_config(z)
-        self.assertEqual(r.organization, "Venafi")
-
-    def test_request_with_csr(self):
-        req = CertificateRequest(common_name="test.example.com", csr=EXAMPLE_CSR)
-        self.assertEqual(req.common_name, "test.example.com")
-        with self.assertRaises(Exception):
-            CertificateRequest(common_name="test2.example.com", csr=EXAMPLE_CSR)
-        req = CertificateRequest(csr=EXAMPLE_CSR)
-        self.assertEqual(req.common_name, None)
-
-    def test_generate_rsa_csr(self):
-        req = CertificateRequest(common_name="test.example.com", key_type=KeyType("rsa", 2048))
-        req.build_csr()
-        req = x509.load_pem_x509_csr(req.csr.encode(), default_backend())
-        self.assertEqual(req.public_key().key_size, 2048)
-
-    def test_generate_ecdsa_csr(self):
-        req = CertificateRequest(common_name="test.exampe.com", key_type=KeyType("ecdsa", "p384"))
-        req.build_csr()
-        req = x509.load_pem_x509_csr(req.csr.encode(), default_backend())
-        self.assertEqual(req.public_key().curve.name, "secp384r1")
-
-    def test_generate_rsa_key(self):
-        req = CertificateRequest(common_name="test.example.com", key_type=KeyType("rsa", 2048))
-        req._gen_key()
-        self.assertEqual(req.public_key.key_size, 2048)
-
-    def test_generate_ecdsa_key(self):
-        req = CertificateRequest(common_name="test.exampe.com", key_type=KeyType("ecdsa", "p384"))
-        req._gen_key()
-        self.assertEqual(req.public_key.curve.name, "secp384r1")
-
-    def test_parse_key_arguments(self):
-        k = KeyType("rsa", 2048)
-        self.assertEqual(k.key_type, k.RSA)
-        self.assertEqual(k.option, 2048)
-        k = KeyType("Rsa", 4096)
-        self.assertEqual(k.key_type, k.RSA)
-        self.assertEqual(k.option, 4096)
-        k = KeyType("ecdsa", "secp256r1")
-        self.assertEqual(k.key_type, k.ECDSA)
-        self.assertEqual(k.option, "p256")
-        with self.assertRaises(Exception):
-            k = KeyType("ololo", 2048)
-        with self.assertRaises(Exception):
-            k = KeyType("ecdsa", 2048)
-        with self.assertRaises(Exception):
-            k = KeyType("ecdsa", "secp256k1")
-        with self.assertRaises(Exception):
-            k = KeyType("rsa", "")
-        with self.assertRaises(Exception):
-            k = KeyType("rsa", 1024)
-        with self.assertRaises(Exception):
-            k = KeyType("rsa", None)
-
-    def test_pass_invalid_key_type_to_request(self):
-        with self.assertRaises(Exception):
-            req = CertificateRequest(common_name="test.example.com", key_type="rsa")
-
-    def test_return_pem_private_key(self):
-        req = CertificateRequest(common_name="test.example.com", key_password="ololo")
-        req.build_csr()
-        self.assertIn("ENCRYPTED", req.private_key_pem)
-        req = CertificateRequest(common_name="test.example.com")
-        req.build_csr()
-        self.assertNotIn("ENCRYPTED", req.private_key_pem)
-
-    def test_return_pem_csr(self):
-        req = CertificateRequest(common_name="test.example.com")
-        req.build_csr()
-        self.assertIn("CERTIFICATE REQUEST", req.csr)
-
-    def test_return_pem_cert(self):
-        conn = FakeConnection()
-        req = CertificateRequest(common_name="test.example.com")
-        conn.request_cert(req, "")
-        cert = conn.retrieve_cert(req)
-        self.assertIn("BEGIN CERTIFICATE", cert.cert)
-
-    def test_tpp_url_normalization(self):
-        conn = TPPConnection(url="localhost", user="user", password="password")
-        self.assertEqual(conn._base_url, "https://localhost/")
-        conn._base_url = "http://localhost:8080"
-        self.assertEqual(conn._base_url, "https://localhost:8080/")
-        conn._base_url = "http://localhost:8080/vedsdk"
-        self.assertEqual(conn._base_url, "https://localhost:8080/")
-        with self.assertRaises(Exception):
-            conn._base_url = "ftp://example.com"
-        with self.assertRaises(Exception):
-            conn._base_url = ""
-        with self.assertRaises(Exception):
-            conn._base_url = "https://"
-
-    def test_parse_pem_chain(self):
-        cert = parse_pem(EXAMPLE_CHAIN, "last")
-        self.assertEqual(len(cert.chain), 2)
-        self.assertIn("PRIVATE", cert.key)
-        c = x509.load_pem_x509_certificate(cert.cert.encode(), default_backend())
-        for a in c.subject:
-            if a.oid == x509.NameOID.COMMON_NAME:
-                subject = a.value
-        self.assertEqual(subject, "test2.example.com")