def test_invalid_signature(self):
     resp = OCSPResponse(resp_sig_sha1)
     cert = X509()
     cert.parseBinary(cert_sig_sha1)
     old_sig = resp.signature
     resp.signature = bytearray([0])
     self.assertNotEqual(resp.signature, old_sig)
     with self.assertRaises(ValueError) as ctx:
         resp.verify_signature(cert.publicKey)
     self.assertTrue("Signature could not be verified for sha1" in str(ctx.exception))
 def test_invalid_signature(self):
     resp = OCSPResponse(resp_sig_sha1)
     cert = X509()
     cert.parseBinary(cert_sig_sha1)
     old_sig = resp.signature
     resp.signature = bytearray([0])
     self.assertNotEqual(resp.signature, old_sig)
     with self.assertRaises(ValueError) as ctx:
         resp.verify_signature(cert.publicKey)
     self.assertTrue(
         "Signature could not be verified for sha1" in str(ctx.exception))
Beispiel #3
0
 def test_signature(self):
     resp = OCSPResponse(resp_OK)
     self.assertEqual(
         bytearray([
             0, 155, 245, 236, 104, 50, 168, 180, 30, 1, 17, 165, 12, 249,
             208, 100, 5, 234, 227, 182, 10, 206, 201, 197, 230, 163, 119,
             85, 210, 121, 249, 216, 250, 85, 86, 102, 230, 229, 82, 179,
             208, 77, 208, 104, 228, 254, 85, 140, 184, 5, 246, 184, 24,
             204, 143, 30, 179, 188, 240, 20, 184, 79, 119, 50, 230, 162,
             207, 18, 167, 147, 163, 12, 61, 51, 228, 208, 234, 161, 26,
             146, 25, 12, 68, 43, 179, 144, 227, 192, 113, 240, 74, 15, 181,
             87, 207, 7, 140, 43, 242, 209, 219, 38, 218, 48, 104, 182, 12,
             228, 155, 117, 53, 249, 178, 179, 214, 173, 212, 127, 174, 171,
             227, 92, 172, 219, 236, 251, 129, 208, 16, 198, 71, 80, 201,
             60, 242, 79, 48, 31, 119, 15, 125, 212, 2, 96, 149, 100, 221,
             246, 145, 157, 12, 132, 144, 0, 17, 95, 86, 45, 171, 98, 198,
             18, 218, 10, 247, 137, 201, 78, 92, 51, 250, 72, 73, 14, 216,
             178, 190, 14, 223, 114, 80, 91, 126, 227, 59, 44, 133, 93, 150,
             40, 15, 4, 95, 55, 243, 140, 178, 237, 111, 45, 137, 244, 104,
             195, 243, 110, 48, 59, 248, 6, 0, 199, 32, 14, 136, 228, 243,
             210, 51, 144, 153, 140, 105, 185, 186, 190, 138, 137, 175, 203,
             42, 251, 188, 105, 188, 63, 223, 88, 127, 185, 246, 71, 221,
             35, 100, 229, 116, 97, 237, 208, 212, 126, 199, 12, 217, 196,
             167
         ]), resp.signature)
Beispiel #4
0
 def test_resp_id(self):
     resp = OCSPResponse(resp_OK)
     self.assertEqual(
         bytearray([
             4, 20, 156, 77, 0, 153, 0, 14, 139, 176, 1, 129, 117, 161, 186,
             240, 208, 37, 215, 160, 28, 71
         ]), resp.resp_id)
 def test_verify_cert_match_sha512(self):
     resp = OCSPResponse(resps_sha512)
     self.assertGreater(len(resp.responses), 0)
     for singleResp in resp.responses:
         verified = singleResp.verify_cert_match(self.server_cert,
                                                 self.issuer_cert)
         self.assertTrue(verified)
Beispiel #6
0
 def test___init__(self):
     resp = OCSPResponse(resp_OK)
     singleRespList = resp.responses
     singleRespCnt = len(singleRespList)
     for i in range(singleRespCnt):
         singleResp = resp.responses[i]
         self.assertEqual(bytearray(), singleResp.cert_status)
Beispiel #7
0
 def test_nonextupdate(self):
     resp = OCSPResponse(resp_nonext)
     singleRespList = resp.responses
     singleRespCnt = len(singleRespList)
     for i in range(singleRespCnt):
         singleResp = resp.responses[i]
         self.assertEqual(bytearray(), singleResp.cert_status)
         self.assertEqual(None, singleResp.next_update)
Beispiel #8
0
 def test_certs(self):
     resp = OCSPResponse(resp_OK)
     self.assertGreater(len(resp.certs), 0)
     cert = resp.certs[0]  # checking only first certificate
     self.assertIsInstance(cert, bytearray)
     x509 = X509()
     x509.parseBinary(cert)
     self.assertIsInstance(x509, X509)
 def test_verify_cert_match_incorrect_server_cert(self):
     resp = OCSPResponse(resps)
     self.assertGreater(len(resp.responses), 0)
     # redefine server cert object
     self.server_cert.parseBinary(other_server_cert)
     for singleResp in resp.responses:
         with self.assertRaises(ValueError) as ctx:
             verified = singleResp.verify_cert_match(
                 self.server_cert, self.issuer_cert)
         self.assertEqual("Could not verify certificate serial number",
                          str(ctx.exception))
 def test_verify_signature_sha256(self):
     resp = OCSPResponse(resp_sig_sha256)
     cert = X509()
     cert.parseBinary(cert_sig_sha256)
     self.assertTrue(resp.verify_signature(cert.publicKey))
Beispiel #11
0
 def test_produced_at(self):
     resp = OCSPResponse(resp_OK)
     self.assertEqual(bytearray(b"20171113135112Z"), resp.produced_at)
 def test_certs(self):
     resp = OCSPResponse(resp_OK)
     self.assertGreater(len(resp.certs), 0)
     cert = resp.certs[0]  # checking only first certificate
     self.assertIsInstance(cert, X509)
Beispiel #13
0
 def test_type_id_pkix_ocsp_basic(self):
     resp = OCSPResponse(resp_OK)
     self.assertEqual(bytearray([43, 6, 1, 5, 5, 7, 48, 1, 1]),
                      resp.resp_type)
Beispiel #14
0
 def test_unauthorized(self):
     resp = OCSPResponse(resp_unauthorized)
     self.assertEqual(OCSPRespStatus.unauthorized, resp.resp_status)
Beispiel #15
0
 def test_sigrequired(self):
     resp = OCSPResponse(resp_sigreq)
     self.assertEqual(OCSPRespStatus.sigRequired, resp.resp_status)
Beispiel #16
0
 def test_trylater(self):
     resp = OCSPResponse(resp_trylater)
     self.assertEqual(OCSPRespStatus.tryLater, resp.resp_status)
Beispiel #17
0
 def test_internalerror(self):
     resp = OCSPResponse(resp_internal)
     self.assertEqual(OCSPRespStatus.internalError, resp.resp_status)
Beispiel #18
0
 def test_malformedrequest(self):
     resp = OCSPResponse(resp_malformed)
     self.assertEqual(OCSPRespStatus.malformedRequest, resp.resp_status)
Beispiel #19
0
 def test___init__(self):
     resp = OCSPResponse(resp_OK)
     self.assertEqual(OCSPRespStatus.successful, resp.resp_status)
 def test_certs_signature(self):
     resp = OCSPResponse(resp_OK)
     self.assertGreater(len(resp.certs), 0)
     cert = resp.certs[0]  # checking only first certificate
     self.assertIsInstance(cert, X509)
     self.assertTrue(resp.verify_signature(resp.certs[0].publicKey))
 def test_single_responses(self):
     resp = OCSPResponse(resp_OK)
     self.assertGreater(len(resp.responses), 0)
     for singleResp in resp.responses:
         self.assertEqual(bytearray(), singleResp.cert_status)
 def test_nonextupdate(self):
     resp = OCSPResponse(resp_nonext)
     self.assertGreater(len(resp.responses), 0)
     for singleResp in resp.responses:
         self.assertEqual(bytearray(), singleResp.cert_status)
         self.assertEqual(None, singleResp.next_update)
Beispiel #23
0
 def test_signature_alg(self):
     resp = OCSPResponse(resp_OK)
     self.assertEqual(bytearray([42, 134, 72, 134, 247, 13, 1, 1, 11]),
                      resp.signature_alg)
 def test_certs_signature(self):
     resp = OCSPResponse(resp_OK)
     self.assertGreater(len(resp.certs), 0)
     cert = resp.certs[0]  # checking only first certificate
     self.assertIsInstance(cert, X509)
     self.assertTrue(resp.verify_signature(resp.certs[0].publicKey))
 def test_verify_signature_sha256(self):
     resp = OCSPResponse(resp_sig_sha256)
     cert = X509()
     cert.parseBinary(cert_sig_sha256)
     self.assertTrue(resp.verify_signature(cert.publicKey))