def testImportRootCertificate(self):
trust = constants.TRUST_AUTHENTICITY | constants.TRUST_SERVER
cert = self._importAndFind(self.pemRoot, trust)
x509 = cert.asX509()
self.assert_(x509.verify())
self.assert_(x509.as_pem()[:-1] == self.pemRoot)
self.assert_(x509.get_subject().CN == 'OSAF CA')
self.assert_(cert.fingerprint == '0xadacc622c85df4c2ae471a81eda1bd28379a6fa9L', cert.fingerprint)
self.assert_(cert.trust == trust)
self.assert_(cert.purpose & constants.PURPOSE_CA)
self.assert_(cert.displayName == u'OSAF CA')
self.assertTrue(certificate.certificatePurpose(x509) & constants.PURPOSE_CA)
def testPreloadedCertificates(self):
self.loadParcel("osaf.framework.certstore.data")
view = self.view
rootCerts = FilteredCollection(
'rootCertsQuery',
itsView=view,
source=utils.getExtent(certificate.Certificate, view, exact=True),
filterExpression=u"view.findValue(uuid, 'purpose') & %d" %
constants.PURPOSE_CA,
filterAttributes=['purpose'])
now = time.gmtime()
format = '%b %d %H:%M:%S %Y %Z'
self.assert_(not rootCerts.isEmpty())
for cert in rootCerts:
x509 = cert.asX509()
self.assertTrue(x509.verify())
# verify() should have caught bad times, but just in case:
before = x509.get_not_before()
after = x509.get_not_after()
try:
self.assert_(
time.strptime(str(before), format) < now,
'%s not yet valid:%s' % (cert.displayName, before))
self.assert_(now < time.strptime(str(after), format),
'%s expired:%s' % (cert.displayName, after))
except ValueError:
raise ValueError('bad time value in ' +
cert.displayName.encode('utf8'))
self.assertTrue(len(cert.displayName) > 0)
self.assertTrue(cert.purpose & constants.PURPOSE_CA,
cert.getAsTextAsString())
self.assertTrue(cert.trust == constants.TRUST_AUTHENTICITY
| constants.TRUST_SERVER)
self.assertTrue(cert.fingerprintAlgorithm == 'sha1')
self.assertTrue(len(cert.fingerprint) > 3)
self.assertTrue(cert.asTextAsString[:12] == 'Certificate:')
self.assertTrue(
certificate.certificatePurpose(x509) & constants.PURPOSE_CA,
cert.getAsTextAsString())
def testImportRootCertificate(self):
trust = constants.TRUST_AUTHENTICITY | constants.TRUST_SERVER
cert = self._importAndFind(self.pemRoot, trust)
x509 = cert.asX509()
self.assert_(x509.verify())
self.assert_(x509.as_pem()[:-1] == self.pemRoot)
self.assert_(x509.get_subject().CN == 'OSAF CA')
self.assert_(
cert.fingerprint == '0xadacc622c85df4c2ae471a81eda1bd28379a6fa9L',
cert.fingerprint)
self.assert_(cert.trust == trust)
self.assert_(cert.purpose & constants.PURPOSE_CA)
self.assert_(cert.displayName == u'OSAF CA')
self.assertTrue(
certificate.certificatePurpose(x509) & constants.PURPOSE_CA)
def testImportSiteCertificate(self):
trust = constants.TRUST_AUTHENTICITY
cert = self._importAndFind(self.pemSite, trust)
x509 = cert.asX509()
x509Issuer = X509.load_cert_string(self.pemRoot)
issuerPublicKey = x509Issuer.get_pubkey()
self.assert_(x509.verify(issuerPublicKey))
self.assert_(x509.as_pem()[:-1] == self.pemSite)
self.assert_(x509.get_subject().CN == 'bugzilla.osafoundation.org')
self.assert_(cert.fingerprint == '0xff8013055aae612ad79c347f06d1b83f93deb664L', cert.fingerprint)
self.assert_(cert.trust == trust)
self.assert_(cert.purpose == constants.PURPOSE_SERVER)
self.assert_(cert.displayName == u'bugzilla.osafoundation.org')
self.assertTrue(certificate.certificatePurpose(x509) == constants.PURPOSE_SERVER)
def testImportSiteCertificate(self):
trust = constants.TRUST_AUTHENTICITY
cert = self._importAndFind(self.pemSite, trust)
x509 = cert.asX509()
x509Issuer = X509.load_cert_string(self.pemRoot)
issuerPublicKey = x509Issuer.get_pubkey()
self.assert_(x509.verify(issuerPublicKey))
self.assert_(x509.as_pem()[:-1] == self.pemSite)
self.assert_(x509.get_subject().CN == 'bugzilla.osafoundation.org')
self.assert_(
cert.fingerprint == '0xff8013055aae612ad79c347f06d1b83f93deb664L',
cert.fingerprint)
self.assert_(cert.trust == trust)
self.assert_(cert.purpose == constants.PURPOSE_SERVER)
self.assert_(cert.displayName == u'bugzilla.osafoundation.org')
self.assertTrue(
certificate.certificatePurpose(x509) == constants.PURPOSE_SERVER)
def testPreloadedCertificates(self):
self.loadParcel("osaf.framework.certstore.data")
view = self.view
rootCerts = FilteredCollection('rootCertsQuery',
itsView=view,
source=utils.getExtent(certificate.Certificate, view, exact=True),
filterExpression=u"view.findValue(uuid, 'purpose') & %d" % constants.PURPOSE_CA,
filterAttributes=['purpose'])
now = time.gmtime()
format = '%b %d %H:%M:%S %Y %Z'
self.assert_(not rootCerts.isEmpty())
for cert in rootCerts:
x509 = cert.asX509()
self.assertTrue(x509.verify())
# verify() should have caught bad times, but just in case:
before = x509.get_not_before()
after = x509.get_not_after()
try:
self.assert_(time.strptime(str(before), format) < now, '%s not yet valid:%s' % (cert.displayName, before))
self.assert_(now < time.strptime(str(after), format), '%s expired:%s' % (cert.displayName, after))
except ValueError:
raise ValueError('bad time value in ' + cert.displayName.encode('utf8'))
self.assertTrue(len(cert.displayName) > 0)
self.assertTrue(cert.purpose & constants.PURPOSE_CA, cert.getAsTextAsString())
self.assertTrue(cert.trust == constants.TRUST_AUTHENTICITY | constants.TRUST_SERVER)
self.assertTrue(cert.fingerprintAlgorithm == 'sha1')
self.assertTrue(len(cert.fingerprint) > 3)
self.assertTrue(cert.asTextAsString[:12] == 'Certificate:')
self.assertTrue(certificate.certificatePurpose(x509) & constants.PURPOSE_CA, cert.getAsTextAsString())
