def test_dnsnames_email(self): certificate = cert_with_urls(EMAIL_ADDRESS) check = dnsnames.CheckValidityOfDnsnames() result = check.check(certificate) self.assertEqual(len(result), 1) self.assertIsNotNone(result[0].reason) self.assertIn('@', ''.join(result[0].details))
def test_dnsnames_multiple_names(self): certificate = cert_with_urls(EXAMPLE, EXAMPLE_WILDCARD, UTF8_URL, NON_UTF8_URL, URL_INVALID_CHARACTERS_5) check = dnsnames.CheckValidityOfDnsnames() result = check.check(certificate) # 1 from NON_UTF8, 5 from INVALID_CHARACTERS_5 self.assertEqual(len(result), 6)
def test_dnsnames_invalid_chars(self): certificate = cert_with_urls(URL_INVALID_CHARACTERS_5) check = dnsnames.CheckValidityOfDnsnames() result = check.check(certificate) self.assertEqual(len(result), 5) for res in result: self.assertIsNotNone(res.details)
def test_dnsnames_non_utf8(self): certificate = cert_with_urls(NON_UTF8_URL) check = dnsnames.CheckValidityOfDnsnames() result = check.check(certificate) self.assertEqual(len(result), 1) self.assertIsNotNone(result[0].reason)
def test_dnsnames_utf8(self): certificate = cert_with_urls(UTF8_URL) check = dnsnames.CheckValidityOfDnsnames() result = check.check(certificate) self.assertEqual(len(result), 0)
def test_dnsnames_wildcard(self): certificate = cert_with_urls(EXAMPLE_WILDCARD) check = dnsnames.CheckValidityOfDnsnames() result = check.check(certificate) self.assertEqual(len(result), 0)
from ct.cert_analysis import algorithm from ct.cert_analysis import ca_field from ct.cert_analysis import common_name from ct.cert_analysis import crl_pointers from ct.cert_analysis import dnsnames from ct.cert_analysis import extensions from ct.cert_analysis import ip_addresses from ct.cert_analysis import ocsp_pointers from ct.cert_analysis import serial_number from ct.cert_analysis import validity ALL_CHECKS = [serial_number.CheckNegativeSerialNumber(), validity.CheckValidityNotBeforeFuture(), validity.CheckValidityCorrupt(), validity.CheckIsExpirationDateWellDefined(), dnsnames.CheckValidityOfDnsnames(), dnsnames.CheckCorruptSANExtension(), dnsnames.CheckTldMatches(), common_name.CheckSCNTldMatches(), common_name.CheckLackOfSubjectCommonName(), common_name.CheckCorruptSubjectCommonName(), extensions.CheckCorrectExtensions(), ip_addresses.CheckPrivateIpAddresses(), ip_addresses.CheckCorruptIpAddresses(), algorithm.CheckSignatureAlgorithmsMismatch(), algorithm.CheckCertificateAlgorithmSHA1After2017(), algorithm.CheckTbsCertificateAlgorithmSHA1Ater2017(), ca_field.CheckCATrue(), ocsp_pointers.CheckOcspExistence(), ocsp_pointers.CheckCorruptOrMultipleAiaExtension(), crl_pointers.CheckCrlExistence(),