def findCertificate(repView, pem):
"""
See if the certificate is stored in the repository.
"""
q = utils.getExtent(Certificate, view=repView)
for cert in q:
if cert.pemAsString() == pem:
return cert
return None
def findCertificate(repView, pem):
"""
See if the certificate is stored in the repository.
"""
q = utils.getExtent(Certificate, view=repView)
for cert in q:
if cert.pemAsString() == pem:
return cert
return None
def testPreloadedCertificates(self):
self.loadParcel("osaf.framework.certstore.data")
view = self.view
rootCerts = FilteredCollection(
'rootCertsQuery',
itsView=view,
source=utils.getExtent(certificate.Certificate, view, exact=True),
filterExpression=u"view.findValue(uuid, 'purpose') & %d" %
constants.PURPOSE_CA,
filterAttributes=['purpose'])
now = time.gmtime()
format = '%b %d %H:%M:%S %Y %Z'
self.assert_(not rootCerts.isEmpty())
for cert in rootCerts:
x509 = cert.asX509()
self.assertTrue(x509.verify())
# verify() should have caught bad times, but just in case:
before = x509.get_not_before()
after = x509.get_not_after()
try:
self.assert_(
time.strptime(str(before), format) < now,
'%s not yet valid:%s' % (cert.displayName, before))
self.assert_(now < time.strptime(str(after), format),
'%s expired:%s' % (cert.displayName, after))
except ValueError:
raise ValueError('bad time value in ' +
cert.displayName.encode('utf8'))
self.assertTrue(len(cert.displayName) > 0)
self.assertTrue(cert.purpose & constants.PURPOSE_CA,
cert.getAsTextAsString())
self.assertTrue(cert.trust == constants.TRUST_AUTHENTICITY
| constants.TRUST_SERVER)
self.assertTrue(cert.fingerprintAlgorithm == 'sha1')
self.assertTrue(len(cert.fingerprint) > 3)
self.assertTrue(cert.asTextAsString[:12] == 'Certificate:')
self.assertTrue(
certificate.certificatePurpose(x509) & constants.PURPOSE_CA,
cert.getAsTextAsString())
def _importAndFind(self, pem, trust):
x509 = X509.load_cert_string(pem)
fingerprint = utils.fingerprint(x509)
certificate.importCertificate(x509, fingerprint, trust, self.view)
view = self.view
matchingCerts = FilteredCollection(
'fpCertQuery' + fingerprint,
itsView=view,
source=utils.getExtent(certificate.Certificate, view, exact=True),
filterExpression=u"view.findValue(uuid, 'fingerprint') == '%s'" %
fingerprint,
filterAttributes=['fingerprint'])
self.assert_(len(matchingCerts) == 1)
return iter(matchingCerts).next()
def _importAndFind(self, pem, trust):
x509 = X509.load_cert_string(pem)
fingerprint = utils.fingerprint(x509)
certificate.importCertificate(x509,
fingerprint,
trust,
self.view)
view = self.view
matchingCerts = FilteredCollection('fpCertQuery' + fingerprint,
itsView=view,
source=utils.getExtent(certificate.Certificate, view, exact=True),
filterExpression=u"view.findValue(uuid, 'fingerprint') == '%s'" % fingerprint,
filterAttributes=['fingerprint'])
self.assert_(len(matchingCerts) == 1)
return iter(matchingCerts).next()
def testPreloadedCertificates(self):
self.loadParcel("osaf.framework.certstore.data")
view = self.view
rootCerts = FilteredCollection('rootCertsQuery',
itsView=view,
source=utils.getExtent(certificate.Certificate, view, exact=True),
filterExpression=u"view.findValue(uuid, 'purpose') & %d" % constants.PURPOSE_CA,
filterAttributes=['purpose'])
now = time.gmtime()
format = '%b %d %H:%M:%S %Y %Z'
self.assert_(not rootCerts.isEmpty())
for cert in rootCerts:
x509 = cert.asX509()
self.assertTrue(x509.verify())
# verify() should have caught bad times, but just in case:
before = x509.get_not_before()
after = x509.get_not_after()
try:
self.assert_(time.strptime(str(before), format) < now, '%s not yet valid:%s' % (cert.displayName, before))
self.assert_(now < time.strptime(str(after), format), '%s expired:%s' % (cert.displayName, after))
except ValueError:
raise ValueError('bad time value in ' + cert.displayName.encode('utf8'))
self.assertTrue(len(cert.displayName) > 0)
self.assertTrue(cert.purpose & constants.PURPOSE_CA, cert.getAsTextAsString())
self.assertTrue(cert.trust == constants.TRUST_AUTHENTICITY | constants.TRUST_SERVER)
self.assertTrue(cert.fingerprintAlgorithm == 'sha1')
self.assertTrue(len(cert.fingerprint) > 3)
self.assertTrue(cert.asTextAsString[:12] == 'Certificate:')
self.assertTrue(certificate.certificatePurpose(x509) & constants.PURPOSE_CA, cert.getAsTextAsString())
