From a94201cdbbe0c1ceb2fa0e676a61627e4bc7b657 Mon Sep 17 00:00:00 2001 From: Piotr Marcinkiewicz Date: Wed, 25 Nov 2020 12:46:26 +0100 Subject: Update CertServiceClient tests with new SANs types - Add new test with all SANs types - Add sorting SANs Issue-ID: OOM-2559 Signed-off-by: Piotr Marcinkiewicz Change-Id: Ic32c410109c8340b776ffc78e967106b0873ac4e --- .../assets/valid_client_docker_all_sans_types.env | 16 ++++++++++++++++ .../certservice/cert-service-test.robot | 5 +++++ .../certservice/libraries/ArtifactParser.py | 17 +++++++++++++---- .../certservice/resources/cert-service-properties.robot | 1 + 4 files changed, 35 insertions(+), 4 deletions(-) create mode 100644 tests/oom-platform-cert-service/certservice/assets/valid_client_docker_all_sans_types.env (limited to 'tests/oom-platform-cert-service') diff --git a/tests/oom-platform-cert-service/certservice/assets/valid_client_docker_all_sans_types.env b/tests/oom-platform-cert-service/certservice/assets/valid_client_docker_all_sans_types.env new file mode 100644 index 00000000..f78817ca --- /dev/null +++ b/tests/oom-platform-cert-service/certservice/assets/valid_client_docker_all_sans_types.env @@ -0,0 +1,16 @@ +#Client envs +REQUEST_TIMEOUT=30000 +OUTPUT_PATH=/var/certs +CA_NAME=RA +KEYSTORE_PATH=/etc/onap/oom-platform-cert-service/certservice/certs/certServiceClient-keystore.jks +KEYSTORE_PASSWORD=secret +TRUSTSTORE_PATH=/etc/onap/oom-platform-cert-service/certservice/certs/truststore.jks +TRUSTSTORE_PASSWORD=secret +#Csr config envs +COMMON_NAME=onap.org +ORGANIZATION=Linux-Foundation +ORGANIZATION_UNIT=ONAP +LOCATION=San-Francisco +STATE=California +COUNTRY=US +SANS=example.com,sample.com,onap@onap.org,127.0.0.1,onap://cluster.local/ diff --git a/tests/oom-platform-cert-service/certservice/cert-service-test.robot b/tests/oom-platform-cert-service/certservice/cert-service-test.robot index 85d0f357..3cc2fce8 100644 --- a/tests/oom-platform-cert-service/certservice/cert-service-test.robot +++ b/tests/oom-platform-cert-service/certservice/cert-service-test.robot @@ -68,6 +68,11 @@ Cert Service Client successfully creates keystore and truststore with expected d [Documentation] Run with correct env and PKCS12 files created with correct data Run Cert Service Client And Validate PKCS12 Files Contain Expected Data ${VALID_ENV_FILE} 0 +Cert Service Client successfully creates keystore and truststore with all SANs types provided + [Tags] OOM-CERT-SERVICE + [Documentation] Run with correct env and expected exit code 0 + Run Cert Service Client And Validate PKCS12 Files Contain Expected Data ${VALID_ENV_FILE_ALL_SANS_TYPES} 0 + Cert Service Client successfully creates keystore and truststore with expected data with OUTPUT_TYPE=JKS [Tags] OOM-CERT-SERVICE [Documentation] Run with correct env and JKS files created with correct data diff --git a/tests/oom-platform-cert-service/certservice/libraries/ArtifactParser.py b/tests/oom-platform-cert-service/certservice/libraries/ArtifactParser.py index 34512cd2..bc796ed6 100644 --- a/tests/oom-platform-cert-service/certservice/libraries/ArtifactParser.py +++ b/tests/oom-platform-cert-service/certservice/libraries/ArtifactParser.py @@ -1,5 +1,7 @@ from cryptography.x509.oid import ExtensionOID -from cryptography import x509 + +SANS_DELIMITER = ',' + class ArtifactParser: @@ -19,14 +21,21 @@ class ArtifactParser: return dict((k, v) for k, v in list) def get_sans(self, cert): - extension = cert.to_cryptography().extensions.get_extension_for_oid(ExtensionOID.SUBJECT_ALTERNATIVE_NAME) - dnsList = extension.value.get_values_for_type(x509.DNSName) - return ','.join(map(lambda dns: dns.encode('ascii','ignore'), dnsList)) + sans = cert.to_cryptography().extensions.get_extension_for_oid(ExtensionOID.SUBJECT_ALTERNATIVE_NAME).value + sans_strings = [str(alt_name.value) for alt_name in sans] + return self.get_sorted_sans(sans_strings) def get_envs_as_dict(self, list): envs = self.get_list_of_pairs_by_mappings(list) + SANS = 'SANS' + sans_env_strings = SANS in envs and envs[SANS].split(SANS_DELIMITER) or [] + envs[SANS] = self.get_sorted_sans(sans_env_strings) return self.remove_nones_from_dict(envs) + def get_sorted_sans(self, sans_strings): + sans_strings.sort() + return SANS_DELIMITER.join(sans_strings) + def remove_nones_from_dict(self, dictionary): return dict((k, v) for k, v in dictionary.iteritems() if k is not None) diff --git a/tests/oom-platform-cert-service/certservice/resources/cert-service-properties.robot b/tests/oom-platform-cert-service/certservice/resources/cert-service-properties.robot index 776e39d9..f417f5ec 100644 --- a/tests/oom-platform-cert-service/certservice/resources/cert-service-properties.robot +++ b/tests/oom-platform-cert-service/certservice/resources/cert-service-properties.robot @@ -24,6 +24,7 @@ ${VALID_ENV_FILE} %{WORKSPACE}/tests/oom-platform-cert-se ${VALID_ENV_FILE_JKS} %{WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/valid_client_docker_jks.env ${VALID_ENV_FILE_P12} %{WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/valid_client_docker_p12.env ${VALID_ENV_FILE_PEM} %{WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/valid_client_docker_pem.env +${VALID_ENV_FILE_ALL_SANS_TYPES} %{WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/valid_client_docker_all_sans_types.env ${INVALID_ENV_FILE_OUTPUT_TYPE} %{WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/invalid_client_docker_output_type.env ${INVALID_ENV_FILE} %{WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/invalid_client_docker.env ${DOCKER_CLIENT_IMAGE} nexus3.onap.org:10001/onap/org.onap.oom.platform.cert-service.oom-certservice-client:latest -- cgit 1.2.3-korg