def run(self):
try:
import _ssl
except ImportError as exc:
self.exit_error("missing _ssl module: %s" % exc)
filename = self.data_file("nullbytecert.pem")
_ssl._test_decode_cert(filename)
self.exit_fixed()
def test_cert_date_locale(self):
import System
if is_netcoreapp:
import clr
clr.AddReference("System.Threading.Thread")
culture = System.Threading.Thread.CurrentThread.CurrentCulture
try:
System.Threading.Thread.CurrentThread.CurrentCulture = System.Globalization.CultureInfo("fr")
p = real_ssl._test_decode_cert(CERTFILE)
self.assertEqual(p['notAfter'], 'Oct 5 23:01:56 2020 GMT')
self.assertEqual(p['notBefore'], 'Oct 8 23:01:56 2010 GMT')
finally:
System.Threading.Thread.CurrentThread.CurrentCulture = culture
def test_cert_date_locale(self):
import System
if is_netcoreapp:
import clr
clr.AddReference("System.Threading.Thread")
culture = System.Threading.Thread.CurrentThread.CurrentCulture
try:
System.Threading.Thread.CurrentThread.CurrentCulture = System.Globalization.CultureInfo("fr")
p = _ssl._test_decode_cert(CERTFILE)
self.assertEqual(p['notAfter'], 'Oct 5 23:01:56 2020 GMT')
self.assertEqual(p['notBefore'], 'Oct 8 23:01:56 2010 GMT')
finally:
System.Threading.Thread.CurrentThread.CurrentCulture = culture
def test_test_decode_nullbytecert(self):
import _ssl
p = _ssl._test_decode_cert(self.nullbytecert)
subject = ((('countryName', 'US'), ),
(('stateOrProvinceName', 'Oregon'), ), (('localityName',
'Beaverton'), ),
(('organizationName', 'Python Software Foundation'), ),
(('organizationalUnitName', 'Python Core Development'), ),
(('commonName', 'null.python.org\x00example.org'), ),
(('emailAddress', '*****@*****.**'), ))
assert p['subject'] == subject
assert p['issuer'] == subject
assert p['subjectAltName'] == \
(('DNS', 'altnull.python.org\x00example.com'),
('email', '[email protected]\[email protected]'),
('URI', 'http://null.python.org\x00http://example.org'),
('IP Address', '192.0.2.1'),
('IP Address', '2001:DB8:0:0:0:0:0:1\n'))
def test_test_decode_nullbytecert(self):
import _ssl
p = _ssl._test_decode_cert(self.nullbytecert)
subject = ((('countryName', 'US'),),
(('stateOrProvinceName', 'Oregon'),),
(('localityName', 'Beaverton'),),
(('organizationName', 'Python Software Foundation'),),
(('organizationalUnitName', 'Python Core Development'),),
(('commonName', 'null.python.org\x00example.org'),),
(('emailAddress', '*****@*****.**'),))
assert p['subject'] == subject
assert p['issuer'] == subject
assert p['subjectAltName'] == \
(('DNS', 'altnull.python.org\x00example.com'),
('email', '[email protected]\[email protected]'),
('URI', 'http://null.python.org\x00http://example.org'),
('IP Address', '192.0.2.1'),
('IP Address', '2001:DB8:0:0:0:0:0:1\n'))
def test_parse_cert(self):
"""part of test_parse_cert from CPython.test_ssl"""
# note that this uses an 'unofficial' function in _ssl.c,
# provided solely for this test, to exercise the certificate
#parsing code
p = real_ssl._test_decode_cert(CERTFILE)
self.assertEqual(
p['issuer'],
((('countryName', 'XY'), ), (('localityName', 'Castle Anthrax'), ),
(('organizationName', 'Python Software Foundation'), ),
(('commonName', 'localhost'), )))
# Note the next three asserts will fail if the keys are regenerated
self.assertEqual(p['notAfter'], 'Oct 5 23:01:56 2020 GMT')
self.assertEqual(p['notBefore'], 'Oct 8 23:01:56 2010 GMT')
self.assertEqual(p['serialNumber'], 'D7C7381919AFC24E')
self.assertEqual(
p['subject'],
((('countryName', 'XY'), ), (('localityName', 'Castle Anthrax'), ),
(('organizationName', 'Python Software Foundation'), ),
(('commonName', 'localhost'), )))
self.assertEqual(p['subjectAltName'], (('DNS', 'localhost'), ))
def test_parse_cert(self):
"""part of test_parse_cert from CPython.test_ssl"""
# note that this uses an 'unofficial' function in _ssl.c,
# provided solely for this test, to exercise the certificate
# parsing code
p = real_ssl._test_decode_cert(CERTFILE)
self.assertEqual(p['issuer'],
((('countryName', 'XY'),),
(('localityName', 'Castle Anthrax'),),
(('organizationName', 'Python Software Foundation'),),
(('commonName', 'localhost'),))
)
# Note the next three asserts will fail if the keys are regenerated
self.assertEqual(p['notAfter'], 'Oct 5 23:01:56 2020 GMT')
self.assertEqual(p['notBefore'], 'Oct 8 23:01:56 2010 GMT')
self.assertEqual(p['serialNumber'], 'D7C7381919AFC24E')
self.assertEqual(p['subject'],
((('countryName', 'XY'),),
(('localityName', 'Castle Anthrax'),),
(('organizationName', 'Python Software Foundation'),),
(('commonName', 'localhost'),))
)
self.assertEqual(p['subjectAltName'], (('DNS', 'localhost'),))
def print_cert(path):
import _ssl
pprint.pprint(_ssl._test_decode_cert(path))
def print_cert(path):
import _ssl
pprint.pprint(_ssl._test_decode_cert(path))
import os.path
import sys
import vulntools
try:
import _ssl
except ImportError as exc:
vulntools.exit_error("missing _ssl module: %s" % exc)
vulntools.prepare_process()
filename = vulntools.data_file("nullbytecert.pem")
_ssl._test_decode_cert(filename)
vulntools.exit_fixed()
def test_decode_all_sans(self):
import _ssl
_ssl._test_decode_cert(self.allsans)
