josep.2526
/
VerifactuMidAPI
mirror of https://github.com/BYolivia/VerifactuMidAPI.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
VerifactuMidAPI/test/generate_certs.py

89 lines
3.0 KiB
Python
Raw Blame History

#!/usr/bin/env python3
"""
Script to generate test certificates for VeriFactu API testing.
Each certificate has a DIFFERENT password for testing purposes.
"""
import datetime
import json
import os
from cryptography import x509
from cryptography.x509.oid import NameOID
from cryptography.hazmat.primitives import hashes, serialization
from cryptography.hazmat.primitives.asymmetric import rsa
from cryptography.hazmat.backends import default_backend
PASSWORDS = {
"valid_365days": "password365",
"valid_60days": "password60",
"expired": "password_expired",
"expiring_soon": "password_expiring",
"not_yet_valid": "password_future",
}
base_dir = os.path.join(os.path.dirname(__file__), "certs")
os.makedirs(base_dir, exist_ok=True)
def generate_cert(output_path, password, days_offset, test_name):
private_key = rsa.generate_private_key(65537, 2048, default_backend())
subject = issuer = x509.Name([
x509.NameAttribute(NameOID.COMMON_NAME, test_name),
])
now = datetime.datetime.utcnow()
not_valid_before = now + datetime.timedelta(days=days_offset[0])
not_valid_after = now + datetime.timedelta(days=days_offset[1])
cert = x509.CertificateBuilder().subject_name(subject).issuer_name(
issuer
).public_key(private_key.public_key()).serial_number(
x509.random_serial_number()
).not_valid_before(not_valid_before).not_valid_after(
not_valid_after
).sign(private_key, hashes.SHA256(), default_backend())
from cryptography.hazmat.primitives.serialization import pkcs12
p12_data = pkcs12.serialize_key_and_certificates(
name=test_name.encode(),
key=private_key,
cert=cert,
cas=None,
encryption_algorithm=serialization.BestAvailableEncryption(password.encode())
)
with open(output_path, "wb") as f:
f.write(p12_data)
print(f"[OK] Generated: {os.path.basename(output_path)}")
print(f" Password: {password}")
print(f" Days valid: {days_offset[1] - days_offset[0]}")
return password
print("=" * 60)
print("Generating Certificates with UNIQUE passwords")
print("=" * 60)
print()
generate_cert(os.path.join(base_dir, "valid_365days.p12"), PASSWORDS["valid_365days"], (0, 365), "Valid 365 days")
print()
generate_cert(os.path.join(base_dir, "valid_60days.p12"), PASSWORDS["valid_60days"], (0, 60), "Valid 60 days")
print()
generate_cert(os.path.join(base_dir, "expired.p12"), PASSWORDS["expired"], (-20, -5), "Expired")
print()
generate_cert(os.path.join(base_dir, "expiring_soon.p12"), PASSWORDS["expiring_soon"], (0, 15), "Expiring Soon")
print()
generate_cert(os.path.join(base_dir, "not_yet_valid.p12"), PASSWORDS["not_yet_valid"], (30, 395), "Not Yet Valid")
print()
print("=" * 60)
print("Password Reference:")
print("=" * 60)
for k, v in PASSWORDS.items():
print(f" {k}: {v}")
print()
with open("test_passwords.json", "w") as f:
json.dump(PASSWORDS, f, indent=2)
print("Saved: test_passwords.json")
Reference in New Issue View Git Blame Copy Permalink