Imported Upstream version 4.0.5
This commit is contained in:
Mario Fetka
22
ipatests/test_pkcs10/__init__.py
Normal file
22
ipatests/test_pkcs10/__init__.py
Normal file
@@ -0,0 +1,22 @@
|
||||
# Authors:
|
||||
# Rob Crittenden <rcritten@redhat.com>
|
||||
#
|
||||
# Copyright (C) 2009 Red Hat
|
||||
# see file 'COPYING' for use and warranty information
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
"""
|
||||
Sub-package containing unit tests for `pkcs10` package.
|
||||
"""
|
||||
12
ipatests/test_pkcs10/test0.csr
Normal file
12
ipatests/test_pkcs10/test0.csr
Normal file
@@ -0,0 +1,12 @@
|
||||
-----BEGIN NEW CERTIFICATE REQUEST-----
|
||||
MIIBjjCB+AIBADBPMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEQ
|
||||
MA4GA1UEChMHRXhhbXBsZTEZMBcGA1UEAxMQdGVzdC5leGFtcGxlLmNvbTCBnzAN
|
||||
BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAyxsN5dmvyKiw+5nyrcO3a61sivZRg+ja
|
||||
kyNIyUo+tIUiYwTdpPESAHTWRlk0XhydauAkWfOIN7pR3a5Z+kQw8W7F+DuZze2M
|
||||
6wRNmN+NTrTlqnKOiMHBXhIM0Qxrx68GDctYqtnKTVT94FvvLl9XYVdUEi2ePTc2
|
||||
Nyfr1z66+W0CAwEAAaAAMA0GCSqGSIb3DQEBBQUAA4GBAIf3r+Y6WHrFnttUqDow
|
||||
9/UCHtCeQlQoJqjjxi5wcjbkGwTgHbx/BPOd/8OVaHElboMXLGaZx+L/eFO6E9Yg
|
||||
mDOYv3OsibDFGaEhJrU8EnfuFZKnbrGeSC9Hkqrq+3OjqacaPla5N7MHKbfLY377
|
||||
ddbOHKzR0sURZ+ro4z3fATW2
|
||||
-----END NEW CERTIFICATE REQUEST-----
|
||||
|
||||
13
ipatests/test_pkcs10/test1.csr
Normal file
13
ipatests/test_pkcs10/test1.csr
Normal file
@@ -0,0 +1,13 @@
|
||||
-----BEGIN NEW CERTIFICATE REQUEST-----
|
||||
MIIBwDCCASkCAQAwTzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWEx
|
||||
EDAOBgNVBAoTB0V4YW1wbGUxGTAXBgNVBAMTEHRlc3QuZXhhbXBsZS5jb20wgZ8w
|
||||
DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMK+3uy1CGwek8jutw4UO62YTpkmStlw
|
||||
cKPEjTER7Ra1a1wyWJTo1mMnPhVia0GODeq8ERPgcIckCVogBu8+gL6g8NevaBNv
|
||||
ij1XWU08BEQqmoqAkrFiI8EdDckKYrSoXo2cg1fiTGzlG8AWtr5eT0op5jBBo0J6
|
||||
qXX5Sf6e+n+nAgMBAAGgMTAvBgkqhkiG9w0BCQ4xIjAgMB4GA1UdEQQXMBWCE3Rl
|
||||
c3Rsb3cuZXhhbXBsZS5jb20wDQYJKoZIhvcNAQEFBQADgYEAwRDa7ZOaym9mAUH7
|
||||
hudbvsRkqXHehgf51uMUq0OC9hQ6vPLWqUMAod05lxn3Tnvq6a/fVK0ybgCH5Ld7
|
||||
qpAcUruYdj7YxkFfuBc1dpAK6h94rVsJXFCWIMEZm9Fe7n5RERjhO6h2IRSXBHFz
|
||||
QIszvqBamm/W1ONKdQSM2g+M4BQ=
|
||||
-----END NEW CERTIFICATE REQUEST-----
|
||||
|
||||
15
ipatests/test_pkcs10/test2.csr
Normal file
15
ipatests/test_pkcs10/test2.csr
Normal file
@@ -0,0 +1,15 @@
|
||||
-----BEGIN NEW CERTIFICATE REQUEST-----
|
||||
MIICETCCAXoCAQAwTzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWEx
|
||||
EDAOBgNVBAoTB0V4YW1wbGUxGTAXBgNVBAMTEHRlc3QuZXhhbXBsZS5jb20wgZ8w
|
||||
DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOXfP8LeiU7g6wLCclgkT1lVskK+Lxm1
|
||||
6ijE4LmEQBk5nn2P46im+E/UOgTddbDo5cdJlkoCnqXkO4RkqJckXYDxfI34KL3C
|
||||
CRFPvOa5Sg02m1x5Rg3boZfS6NciP62lRp0SI+0TCt3F16wYZxMahVIOXjbJ6Lu5
|
||||
mGjNn7XaWJhFAgMBAAGggYEwfwYJKoZIhvcNAQkOMXIwcDAeBgNVHREEFzAVghN0
|
||||
ZXN0bG93LmV4YW1wbGUuY29tME4GA1UdHwRHMEUwQ6BBoD+GHGh0dHA6Ly9jYS5l
|
||||
eGFtcGxlLmNvbS9teS5jcmyGH2h0dHA6Ly9vdGhlci5leGFtcGxlLmNvbS9teS5j
|
||||
cmwwDQYJKoZIhvcNAQEFBQADgYEAkv8pppcgGhX7erJmvg9r2UHrRriuKaOYgKZQ
|
||||
lf/eBt2N0L2mV4QvCY82H7HWuE+7T3mra9ikfvz0nYkPJQe2gntjZzECE0Jt5LWR
|
||||
UZOFwX8N6wrX11U2xu0NlvsbjU6siWd6OZjZ1p5/V330lzut/q3CNzaAcW1Fx3wL
|
||||
sV5SXSw=
|
||||
-----END NEW CERTIFICATE REQUEST-----
|
||||
|
||||
3
ipatests/test_pkcs10/test3.csr
Normal file
3
ipatests/test_pkcs10/test3.csr
Normal file
@@ -0,0 +1,3 @@
|
||||
-----BEGIN NEW CERTIFICATE REQUEST-----
|
||||
VGhpcyBpcyBhbiBpbnZhbGlkIENTUg==
|
||||
-----END NEW CERTIFICATE REQUEST-----
|
||||
4
ipatests/test_pkcs10/test4.csr
Normal file
4
ipatests/test_pkcs10/test4.csr
Normal file
@@ -0,0 +1,4 @@
|
||||
-----BEGIN NEW CERTIFICATE REQUEST-----
|
||||
Invalidate data
|
||||
-----END NEW CERTIFICATE REQUEST-----
|
||||
|
||||
20
ipatests/test_pkcs10/test5.csr
Normal file
20
ipatests/test_pkcs10/test5.csr
Normal file
@@ -0,0 +1,20 @@
|
||||
|
||||
Certificate request generated by Netscape certutil
|
||||
Phone: (not specified)
|
||||
|
||||
Common Name: test.example.com
|
||||
Email: (not specified)
|
||||
Organization: IPA
|
||||
State: (not specified)
|
||||
Country: (not specified)
|
||||
|
||||
-----BEGIN NEW CERTIFICATE REQUEST-----
|
||||
MIIBaDCB0gIBADApMQwwCgYDVQQKEwNJUEExGTAXBgNVBAMTEHRlc3QuZXhhbXBs
|
||||
ZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAPnSCLwl7IytP2HC7+zv
|
||||
nI2fe6oRCE/J8K1jIoiqS9engx3Yfe4kaXWWzcwmuUV57VhUmWDEQIbSREPdrVSi
|
||||
tWC55ilGmPOAEw+mP4qg6Ctb+d8Egmy1JVrpIYCLNXvEd3dAaimB0J+K3hKFRyHI
|
||||
2MzrIuFqqohRijkDLwB8oVVdAgMBAAGgADANBgkqhkiG9w0BAQUFAAOBgQACt37K
|
||||
j+RMEbqG8s0Uxs3FhcfiAx8Do99CDizY/b7hZEgMyG4dLmm+vSCBbxBrG5oMlxJD
|
||||
dxnpk0PQSknNkJVrCS/J1OTpOPRTi4VKATT3tHJAfDbWZTwcSelUCLQ4lREiuT3D
|
||||
WP4vKrLIxDJDb+/mwuV7WWo34E6MD9iTB1xINg==
|
||||
-----END NEW CERTIFICATE REQUEST-----
|
||||
123
ipatests/test_pkcs10/test_pkcs10.py
Normal file
123
ipatests/test_pkcs10/test_pkcs10.py
Normal file
@@ -0,0 +1,123 @@
|
||||
# Authors:
|
||||
# Rob Crittenden <rcritten@redhat.com>
|
||||
#
|
||||
# Copyright (C) 2009 Red Hat
|
||||
# see file 'COPYING' for use and warranty information
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
"""
|
||||
Test the `pkcs10.py` module.
|
||||
"""
|
||||
|
||||
import os
|
||||
import sys
|
||||
import nose
|
||||
from ipatests.util import raises, PluginTester
|
||||
from ipalib import pkcs10
|
||||
from ipapython import ipautil
|
||||
import nss.nss as nss
|
||||
from nss.error import NSPRError
|
||||
|
||||
class test_update(object):
|
||||
"""
|
||||
Test the PKCS#10 Parser.
|
||||
"""
|
||||
|
||||
def setUp(self):
|
||||
nss.nss_init_nodb()
|
||||
if ipautil.file_exists("test0.csr"):
|
||||
self.testdir="./"
|
||||
elif ipautil.file_exists("ipatests/test_pkcs10/test0.csr"):
|
||||
self.testdir= "./ipatests/test_pkcs10/"
|
||||
else:
|
||||
raise nose.SkipTest("Unable to find test update files")
|
||||
|
||||
def read_file(self, filename):
|
||||
fp = open(self.testdir + filename, "r")
|
||||
data = fp.read()
|
||||
fp.close()
|
||||
return data
|
||||
|
||||
def test_0(self):
|
||||
"""
|
||||
Test simple CSR with no attributes
|
||||
"""
|
||||
csr = self.read_file("test0.csr")
|
||||
|
||||
subject = pkcs10.get_subject(csr)
|
||||
|
||||
assert(subject.common_name == 'test.example.com')
|
||||
assert(subject.state_name == 'California')
|
||||
assert(subject.country_name == 'US')
|
||||
|
||||
def test_1(self):
|
||||
"""
|
||||
Test CSR with subject alt name
|
||||
"""
|
||||
csr = self.read_file("test1.csr")
|
||||
request = pkcs10.load_certificate_request(csr)
|
||||
|
||||
subject = request.subject
|
||||
|
||||
assert(subject.common_name == 'test.example.com')
|
||||
assert(subject.state_name == 'California')
|
||||
assert(subject.country_name == 'US')
|
||||
|
||||
for extension in request.extensions:
|
||||
if extension.oid_tag == nss.SEC_OID_X509_SUBJECT_ALT_NAME:
|
||||
assert nss.x509_alt_name(extension.value)[0] == 'testlow.example.com'
|
||||
|
||||
def test_2(self):
|
||||
"""
|
||||
Test CSR with subject alt name and a list of CRL distribution points
|
||||
"""
|
||||
csr = self.read_file("test2.csr")
|
||||
request = pkcs10.load_certificate_request(csr)
|
||||
|
||||
subject = request.subject
|
||||
|
||||
assert(subject.common_name == 'test.example.com')
|
||||
assert(subject.state_name == 'California')
|
||||
assert(subject.country_name == 'US')
|
||||
|
||||
for extension in request.extensions:
|
||||
if extension.oid_tag == nss.SEC_OID_X509_SUBJECT_ALT_NAME:
|
||||
assert nss.x509_alt_name(extension.value)[0] == 'testlow.example.com'
|
||||
if extension.oid_tag == nss.SEC_OID_X509_CRL_DIST_POINTS:
|
||||
pts = nss.CRLDistributionPts(extension.value)
|
||||
urls = pts[0].get_general_names()
|
||||
assert('http://ca.example.com/my.crl' in urls)
|
||||
assert('http://other.example.com/my.crl' in urls)
|
||||
|
||||
def test_3(self):
|
||||
"""
|
||||
Test CSR with base64-encoded bogus data
|
||||
"""
|
||||
csr = self.read_file("test3.csr")
|
||||
|
||||
try:
|
||||
request = pkcs10.load_certificate_request(csr)
|
||||
except NSPRError, nsprerr:
|
||||
# (SEC_ERROR_BAD_DER) security library: improperly formatted DER-encoded message.
|
||||
assert(nsprerr. errno== -8183)
|
||||
|
||||
def test_4(self):
|
||||
"""
|
||||
Test CSR with badly formatted base64-encoded data
|
||||
"""
|
||||
csr = self.read_file("test4.csr")
|
||||
try:
|
||||
request = pkcs10.load_certificate_request(csr)
|
||||
except TypeError, typeerr:
|
||||
assert(str(typeerr) == 'Incorrect padding')
|
||||
Reference in New Issue
Block a user