diff --git a/django_x509/base/models.py b/django_x509/base/models.py index 84f45c5..574ec2d 100644 --- a/django_x509/base/models.py +++ b/django_x509/base/models.py @@ -32,6 +32,7 @@ ('sha256', 'SHA256'), ('sha384', 'SHA384'), ('sha512', 'SHA512'), + ('ecdsa-with-sha384', 'ECDSA with SHA384'), ) SIGNATURE_MAPPING = { @@ -40,6 +41,7 @@ 'sha256WithRSAEncryption': 'sha256', 'sha384WithRSAEncryption': 'sha384', 'sha512WithRSAEncryption': 'sha512', + 'ecdsa-with-SHA384': 'sha384', } @@ -121,7 +123,7 @@ class BaseX509(models.Model): help_text=_('bits'), choices=DIGEST_CHOICES, default=default_digest_algorithm, - max_length=8, + max_length=20, ) validity_start = models.DateTimeField( blank=True, null=True, default=default_validity_start diff --git a/django_x509/migrations/0010_alter_ca_digest_alter_cert_digest.py b/django_x509/migrations/0010_alter_ca_digest_alter_cert_digest.py new file mode 100644 index 0000000..b4ad9e7 --- /dev/null +++ b/django_x509/migrations/0010_alter_ca_digest_alter_cert_digest.py @@ -0,0 +1,50 @@ +# Generated by Django 4.2.13 on 2024-05-16 15:22 + +from django.db import migrations, models +import django_x509.base.models + + +class Migration(migrations.Migration): + + dependencies = [ + ("django_x509", "0009_alter_ca_digest_alter_ca_key_length_and_more"), + ] + + operations = [ + migrations.AlterField( + model_name="ca", + name="digest", + field=models.CharField( + choices=[ + ("sha1", "SHA1"), + ("sha224", "SHA224"), + ("sha256", "SHA256"), + ("sha384", "SHA384"), + ("sha512", "SHA512"), + ("ecdsa-with-sha384", "ECDSA with SHA384"), + ], + default=django_x509.base.models.default_digest_algorithm, + help_text="bits", + max_length=20, + verbose_name="digest algorithm", + ), + ), + migrations.AlterField( + model_name="cert", + name="digest", + field=models.CharField( + choices=[ + ("sha1", "SHA1"), + ("sha224", "SHA224"), + ("sha256", "SHA256"), + ("sha384", "SHA384"), + ("sha512", "SHA512"), + ("ecdsa-with-sha384", "ECDSA with SHA384"), + ], + default=django_x509.base.models.default_digest_algorithm, + help_text="bits", + max_length=20, + verbose_name="digest algorithm", + ), + ), + ] diff --git a/django_x509/tests/test_ca.py b/django_x509/tests/test_ca.py index 92c8c5e..a1b106a 100644 --- a/django_x509/tests/test_ca.py +++ b/django_x509/tests/test_ca.py @@ -1,4 +1,5 @@ from datetime import datetime, timedelta +from unittest.mock import MagicMock, patch from django.core.exceptions import ValidationError from django.test import TestCase @@ -680,3 +681,19 @@ def test_ca_without_key_length_and_digest_algo(self): self.fail(f'Got exception: {e}') else: self.fail('ValidationError not raised as expected') + + def test_import_with_ecdsa_signature_algorithm(self): + cert_mock = MagicMock() + cert_mock.get_signature_algorithm.return_value = b'ecdsa-with-SHA384' + cert_mock.get_pubkey.return_value.bits.return_value = '384' + cert_mock.get_notBefore.return_value.decode.return_value = '20240101000000Z' + + with patch( + 'django_x509.base.models.crypto.load_certificate', return_value=cert_mock + ): + ca = TestCa()._create_ca() + + try: + ca.full_clean() + except ValueError as ve: + self.fail(f"Unexpected ValueError: {ve}") diff --git a/tests/openwisp2/sample_x509/migrations/0003_alter_ca_digest_alter_cert_digest_and_more.py b/tests/openwisp2/sample_x509/migrations/0003_alter_ca_digest_alter_cert_digest_and_more.py new file mode 100644 index 0000000..d098a48 --- /dev/null +++ b/tests/openwisp2/sample_x509/migrations/0003_alter_ca_digest_alter_cert_digest_and_more.py @@ -0,0 +1,68 @@ +# Generated by Django 4.2.13 on 2024-05-16 15:32 + +from django.db import migrations, models +import django_x509.base.models + + +class Migration(migrations.Migration): + + dependencies = [ + ("sample_x509", "0002_common_name_max_length"), + ] + + operations = [ + migrations.AlterField( + model_name="ca", + name="digest", + field=models.CharField( + choices=[ + ("sha1", "SHA1"), + ("sha224", "SHA224"), + ("sha256", "SHA256"), + ("sha384", "SHA384"), + ("sha512", "SHA512"), + ("ecdsa-with-sha384", "ECDSA with SHA384"), + ], + default=django_x509.base.models.default_digest_algorithm, + help_text="bits", + max_length=20, + verbose_name="digest algorithm", + ), + ), + migrations.AlterField( + model_name="cert", + name="digest", + field=models.CharField( + choices=[ + ("sha1", "SHA1"), + ("sha224", "SHA224"), + ("sha256", "SHA256"), + ("sha384", "SHA384"), + ("sha512", "SHA512"), + ("ecdsa-with-sha384", "ECDSA with SHA384"), + ], + default=django_x509.base.models.default_digest_algorithm, + help_text="bits", + max_length=20, + verbose_name="digest algorithm", + ), + ), + migrations.AlterField( + model_name="customcert", + name="digest", + field=models.CharField( + choices=[ + ("sha1", "SHA1"), + ("sha224", "SHA224"), + ("sha256", "SHA256"), + ("sha384", "SHA384"), + ("sha512", "SHA512"), + ("ecdsa-with-sha384", "ECDSA with SHA384"), + ], + default=django_x509.base.models.default_digest_algorithm, + help_text="bits", + max_length=20, + verbose_name="digest algorithm", + ), + ), + ]