def test_get_object_type(self):
"""
Test that the object type can be retrieved from the X509Certificate.
"""
expected = enums.ObjectType.CERTIFICATE
cert = X509Certificate(self.bytes_a)
observed = cert.object_type
self.assertEqual(expected, observed)
def test_not_equal_on_type_mismatch(self):
"""
Test that the equality operator returns True when comparing a
X509Certificate object to a non-PrivateKey object.
"""
a = X509Certificate(self.bytes_a)
b = "invalid"
self.assertTrue(a != b)
self.assertTrue(b != a)
def test_repr(self):
"""
Test that repr can be applied to a X509Certificate.
"""
cert = X509Certificate(self.bytes_a)
args = "certificate_type={0}, value={1}".format(
enums.CertificateType.X_509, binascii.hexlify(self.bytes_a))
expected = "X509Certificate({0})".format(args)
observed = repr(cert)
self.assertEqual(expected, observed)
def test_init(self):
"""
Test that an X509Certificate object can be instantiated.
"""
certificate = X509Certificate(self.bytes_a)
self.assertEqual(certificate.certificate_type,
enums.CertificateType.X_509)
self.assertEqual(certificate.value, self.bytes_a)
self.assertEqual(certificate.cryptographic_usage_masks, list())
self.assertEqual(certificate.names, ['X.509 Certificate'])
def test_save(self):
"""
Test that the object can be saved using SQLAlchemy. This will add it to
the database, verify that no exceptions are thrown, and check that its
unique identifier was set.
"""
cert = X509Certificate(self.bytes_a)
Session = sessionmaker(bind=self.engine)
session = Session()
session.add(cert)
session.commit()
self.assertIsNotNone(cert.unique_identifier)
def test_init_with_args(self):
"""
Test that an X509Certificate object can be instantiated with all
arguments.
"""
cert = X509Certificate(self.bytes_a,
masks=[
enums.CryptographicUsageMask.ENCRYPT,
enums.CryptographicUsageMask.VERIFY
],
name='Test X.509 Certificate')
self.assertEqual(cert.certificate_type, enums.CertificateType.X_509)
self.assertEqual(cert.value, self.bytes_a)
self.assertEqual(cert.cryptographic_usage_masks, [
enums.CryptographicUsageMask.ENCRYPT,
enums.CryptographicUsageMask.VERIFY
])
self.assertEqual(cert.names, ['Test X.509 Certificate'])
def test_update_with_remove_and_add_name(self):
"""
Tests that an X509Certificate already stored in the database can be
updated. This will store an X509Certificate in the database. It will
remove a name and add another one to it in one session, and then
retrieve it in another session to verify that it has all of the correct
names. This simulates multiple operation being sent for the same
object.
"""
names = ['bowser', 'frumpy', 'big fat cat']
cert = X509Certificate(self.bytes_a, name=names[0])
cert.names.append(names[1])
cert.names.append(names[2])
Session = sessionmaker(bind=self.engine)
session = Session()
session.add(cert)
session.commit()
session = Session()
update_cert = session.query(X509Certificate).filter(
ManagedObject.unique_identifier == cert.unique_identifier).one()
update_cert.names.pop()
update_cert.names.pop()
update_cert.names.append('dog')
session.commit()
expected_names = ['bowser', 'dog']
expected_mo_names = list()
expected_mo_names.append(
sqltypes.ManagedObjectName(expected_names[0], 0))
expected_mo_names.append(
sqltypes.ManagedObjectName(expected_names[1], 3))
session = Session()
get_obj = session.query(X509Certificate).filter(
ManagedObject.unique_identifier == cert.unique_identifier).one()
session.commit()
self.assertEquals(expected_names, get_obj.names)
self.assertEquals(expected_mo_names, get_obj._names)
def test_update_with_remove_name(self):
"""
Tests that an X509Certificate already stored in the database can be
updated. This will store an X509Certificate in the database. It will
remove a name from it in one session, and then retrieve it in another
session to verify that it has all of the correct names.
"""
names = ['bowser', 'frumpy', 'big fat cat']
remove_index = 1
cert = X509Certificate(self.bytes_a, name=names[0])
cert.names.append(names[1])
cert.names.append(names[2])
Session = sessionmaker(bind=self.engine)
session = Session()
session.add(cert)
session.commit()
expected_names = list()
expected_mo_names = list()
for i, name in enumerate(names):
if i != remove_index:
expected_names.append(name)
expected_mo_names.append(sqltypes.ManagedObjectName(name, i))
session = Session()
update_cert = session.query(X509Certificate).filter(
ManagedObject.unique_identifier == cert.unique_identifier).one()
update_cert.names.pop(remove_index)
session.commit()
session = Session()
get_obj = session.query(X509Certificate).filter(
ManagedObject.unique_identifier == cert.unique_identifier).one()
session.commit()
self.assertEquals(expected_names, get_obj.names)
self.assertEquals(expected_mo_names, get_obj._names)
def test_update_with_add_name(self):
"""
Tests that an X509Certificate already stored in the database can be
updated. This will store an X509Certificate in the database. It will
add a name to it in one session, and then retrieve it in another
session to verify that it has all of the correct names.
This test and the subsequent test_udpate_* methods are different than
the name tests above because these are updating objects already stored
in the database. This tests will simulate what happens when the KMIP
client calls an add attribute method.
"""
first_name = 'bowser'
cert = X509Certificate(self.bytes_a, name=first_name)
Session = sessionmaker(bind=self.engine)
session = Session()
session.add(cert)
session.commit()
added_name = 'frumpy'
expected_names = [first_name, added_name]
expected_mo_names = list()
for i, name in enumerate(expected_names):
expected_mo_names.append(sqltypes.ManagedObjectName(name, i))
session = Session()
update_cert = session.query(X509Certificate).filter(
ManagedObject.unique_identifier == cert.unique_identifier).one()
update_cert.names.append(added_name)
session.commit()
session = Session()
get_obj = session.query(X509Certificate).filter(
ManagedObject.unique_identifier == cert.unique_identifier).one()
session.commit()
self.assertEquals(expected_names, get_obj.names)
self.assertEquals(expected_mo_names, get_obj._names)
def test_remove_and_add_name(self):
"""
Tests that names can be removed from the list of names and more added.
This will verify that the list of names is correct. It will verify that
updating this object removes the name from the database. It will verify
that the indices for the removed names are not reused.
"""
names = ['bowser', 'frumpy', 'big fat cat']
cert = X509Certificate(self.bytes_a, name=names[0])
cert.names.append(names[1])
cert.names.append(names[2])
cert.names.pop()
cert.names.pop()
cert.names.append('dog')
self.assertEquals(4, cert.name_index)
expected_names = ['bowser', 'dog']
expected_mo_names = list()
expected_mo_names.append(
sqltypes.ManagedObjectName(expected_names[0], 0))
expected_mo_names.append(
sqltypes.ManagedObjectName(expected_names[1], 3))
self.assertEquals(expected_names, cert.names)
self.assertEquals(expected_mo_names, cert._names)
Session = sessionmaker(bind=self.engine)
session = Session()
session.add(cert)
session.commit()
session = Session()
get_obj = session.query(X509Certificate).filter(
ManagedObject.unique_identifier == cert.unique_identifier).one()
session.commit()
self.assertEquals(expected_names, get_obj.names)
self.assertEquals(expected_mo_names, get_obj._names)
