ecc_curve in 'init_ca' command about django-ca HOT 5 CLOSED

Hi @bandirom,

Thanks for the report!

There is a kind of hidden issue with yoru test case: Django itself says you should use call_command(), but in reality that skips the parsing of the argument parser. So when you call manage.py init_ca ... --ecc-curve secp256r1, the command function will actually receive an ec.EllipticCurve object, but with call_command() it won't. But we rely heavily on argparse parsing to parse strings into cryptography objects.

You have three options:

1. Not test with an ECC curve as you did - probably not what you want.
2. Pass the correct cryptography object.
3. Make use of the same, undocumented trick that we use: https://github.com/mathiasertl/django-ca/blob/main/ca/django_ca/tests/base/mixins.py#L606-L608

I think this should solve the issue for you?

kr, Mat

from django-ca.

PS: I have checked the default value (where it says ABCMeta in your screenshot) and verified that this only affects the output of the default value for --help. The actual default value is not wrong.

from django-ca.

closing this issue. If you need further assistance please reopen or create a new issue.

from django-ca.

Sorry, didnt have a time to reply. Im from Ukraine :)
I will check when will be able :)
Thank you!

from django-ca.

Hi!
I've fixed this bug.
for correct parsing need to provide values to call_command() as args not kwargs.

I mean the next one:

args = [
      '--key-type', 'RSA',
      '--key-size', '4096',
      '--algorithm', 'sha512',
      '--expires', '3650',
]

call_command('init_ca', 'example', '/some/subject', *args)

and it will be handled properly :)

I believe it can be described in some docs section

from django-ca.