slapos_cloud: use cryptography library to extract certificate information

The string (certificate) dont contains metadata text anymore only the certificate itself.

slapos_cloud: use cryptography library to extract certificate information
The string (certificate) dont contains metadata text anymore only the certificate itself.
a2b2f851 · Rafael Monnerat · 33a44549 · a2b2f851 · a2b2f851 · a2b2f851
Commit a2b2f851 authored Sep 21, 2023 by Rafael Monnerat
3 changed files
--- a/master/bt5/slapos_cloud/TestTemplateItem/portal_components/test.erp5.testSlapOSCloudComputeNodeSlapInterfaceWorkflow.py
+++ b/master/bt5/slapos_cloud/TestTemplateItem/portal_components/test.erp5.testSlapOSCloudComputeNodeSlapInterfaceWorkflow.py
--- a/master/bt5/slapos_cloud/TestTemplateItem/portal_components/test.erp5.testSlapOSCloudInstanceSlapInterfaceWorkflow.py
+++ b/master/bt5/slapos_cloud/TestTemplateItem/portal_components/test.erp5.testSlapOSCloudInstanceSlapInterfaceWorkflow.py
@@ -22,6 +22,8 @@ from erp5.component.test.SlapOSTestCaseMixin import SlapOSTestCaseMixin
 import transaction
 from time import sleep
 from zExceptions import Unauthorized
+from cryptography import x509
+from cryptography.x509.oid import NameOID

 class TestSlapOSCoreInstanceSlapInterfaceWorkflow(SlapOSTestCaseMixin):
  """Tests instance.requestInstance"""
@@ -1207,7 +1209,6 @@ class TestSlapOSCoreInstanceSlapInterfaceWorkflowTransfer(SlapOSTestCaseMixin):
    self.software_instance.generateCertificate()
    self.assertNotEqual(self.software_instance.getSslKey(), None)
    self.assertNotEqual(self.software_instance.getSslCertificate(), None)
-    self.assertEqual(self.software_instance.getDestinationReference(), None)

    certificate_login_list = self.software_instance.objectValues(portal_type="Certificate Login")
    self.assertEqual(len(certificate_login_list), 1)
@@ -1215,11 +1216,11 @@ class TestSlapOSCoreInstanceSlapInterfaceWorkflowTransfer(SlapOSTestCaseMixin):

    self.assertEqual(certificate_login.getValidationState(), 'validated')
    self.assertNotEqual(certificate_login.getReference(), None)
-    self.assertNotEqual(certificate_login.getDestinationReference(), None)
-    serial = '0x%x' % int(certificate_login.getDestinationReference(), 16)
-    self.assertTrue(serial in self.software_instance.getSslCertificate())
-    self.assertTrue(certificate_login.getReference() in \
-       self.software_instance.getSslCertificate().decode('string_escape'))
+    self.assertNotEqual(certificate_login.getSourceReference(), None)
+    ssl_certificate = x509.load_pem_x509_certificate(self.software_instance.getSslCertificate())
+    self.assertEqual(len(ssl_certificate.subject), 2)
+    cn = [i.value for i in ssl_certificate.subject if i.oid == NameOID.COMMON_NAME][0]
+    self.assertEqual(certificate_login.getReference().decode("UTF-8"), cn)
    self.assertRaises(ValueError, self.software_instance.generateCertificate)

  def test_revokeCertificate(self):
@@ -1248,7 +1249,7 @@ class TestSlapOSCoreInstanceSlapInterfaceWorkflowTransfer(SlapOSTestCaseMixin):
    certificate_login = certificate_login_list[0]
    self.assertEqual(certificate_login.getValidationState(), 'validated')
    self.assertNotEqual(certificate_login.getReference(), None)
-    self.assertNotEqual(certificate_login.getDestinationReference(), None)
+    self.assertNotEqual(certificate_login.getSourceReference(), None)

    self.assertNotEqual(self.software_instance.getSslKey(),
      ssl_key)
@@ -1275,11 +1276,11 @@ class TestSlapOSCoreInstanceSlapInterfaceWorkflowTransfer(SlapOSTestCaseMixin):

    self.assertEqual(another_certificate_login.getValidationState(), 'validated')
    self.assertNotEqual(another_certificate_login.getReference(), None)
-    self.assertNotEqual(another_certificate_login.getDestinationReference(), None)
+    self.assertNotEqual(another_certificate_login.getSourceReference(), None)

    self.assertEqual(certificate_login.getValidationState(), 'invalidated')
    self.assertNotEqual(certificate_login.getReference(),
      another_certificate_login.getReference())
-    self.assertNotEqual(certificate_login.getDestinationReference(),
-      another_certificate_login.getDestinationReference())
+    self.assertNotEqual(certificate_login.getSourceReference(),
+      another_certificate_login.getSourceReference())

--- a/master/bt5/slapos_jio/TestTemplateItem/portal_components/test.erp5.testSlapOSHalJsonStyleSkins.py
+++ b/master/bt5/slapos_jio/TestTemplateItem/portal_components/test.erp5.testSlapOSHalJsonStyleSkins.py
@@ -554,7 +554,7 @@ class TestPerson_get_Certificate(TestSlapOSHalJsonStyleMixin):

    self.assertSameSet(response_dict.keys(), ["common_name", "certificate", "id", "key"])

-    self.assertEqual(response_dict["id"], login.getDestinationReference())
+    self.assertEqual(response_dict["id"], login.getSourceReference())
    self.assertEqual(json.dumps(response_dict["common_name"]), json.dumps(login.getReference()))
    self.assertEqual(self.portal.REQUEST.RESPONSE.getStatus(), 200)

@@ -568,7 +568,7 @@ class TestPerson_get_Certificate(TestSlapOSHalJsonStyleMixin):
    self.assertEqual("validated" , login.getValidationState())
    self.assertEqual("validated" , new_login.getValidationState())
    self.assertNotEqual(login.getReference(), new_login.getReference())
-    self.assertNotEqual(login.getDestinationReference(), new_login.getDestinationReference())
+    self.assertNotEqual(login.getSourceReference(), new_login.getSourceReference())

    self.assertSameSet(new_response_dict.keys(), ["common_name", "certificate", "id", "key"])
    self.assertEqual(json.dumps(new_response_dict["common_name"]), json.dumps(new_login.getReference()))