def test_exists_raises(self): mock_connectionection = Mock() mock_connectionection.call.return_value = { 'ET_BAPIRET2': [{ 'TYPE': 'E', 'MESSAGE': 'Invalid storage' }] } ssl_storage = SSLCertStorage(mock_connectionection, 'RAISE', 'TEST') with self.assertRaises(InvalidSSLStorage) as cm: ssl_storage.exists() self.assertEqual(mock_connectionection.call.call_args_list, [ mock.call('SSFR_PSE_CHECK', IS_STRUST_IDENTITY={ 'PSE_CONTEXT': 'RAISE', 'PSE_APPLIC': 'TEST' }) ]) self.assertEqual( str(cm.exception), 'The SSL Storage RAISE/TEST is broken: Invalid storage')
def putcertificate(connection, args): """Uploads X.509 Base64 certificates into SAP to enable SSL peer verification of remote servers Exceptions: - SAPCliError: - when the given storage does not belong to the storage white list - when identity argument has invalid format """ identities = [] for storage in args.storage: if storage in (CLIENT_ANONYMOUS, CLIENT_STANDART): identities.append(IDENTITY_MAPPING[storage]) else: raise SAPCliError(f'Unknown storage: {storage}') for identity in args.identity: try: identities.append(Identity(*identity.split('/'))) except (ValueError, TypeError): # pylint: disable=raise-missing-from raise SAPCliError('Invalid identity format') ssl_storages = [] for identity in identities: ssl_storage = SSLCertStorage(connection, identity.pse_context, identity.pse_applic) if not ssl_storage.exists(): ssl_storage.create( alg=args.algorithm, keylen=args.key_length, dn=args.dn ) logging.debug('SSL Storage is OK: %s', ssl_storage) ssl_storages.append(ssl_storage) for file_path in args.paths: logging.info('Processing the file: %s', file_path) with open(file_path, 'rb') as cert_file: cert_contents = cert_file.read() for ssl_storage in ssl_storages: logging.info('Adding the file: %s to %s', file_path, ssl_storage) logging.info(ssl_storage.put_certificate(cert_contents)) logging.info('Notifying ICM ... ') notify_icm_changed_pse(connection) for updated_storage in ssl_storages: logging.info('Certificates of %s:', str(updated_storage)) for cert in iter_storage_certificates(updated_storage): logging.info('* %s', cert['EV_SUBJECT'])
def test_exists_raises_if_not_ret(self): mock_connectionection = Mock() mock_connectionection.call.return_value = {'ET_BAPIRET2': []} ssl_storage = SSLCertStorage(mock_connectionection, 'RAISE', 'TEST') with self.assertRaises(InvalidSSLStorage) as cm: ssl_storage.exists() self.assertEqual(mock_connectionection.call.call_args_list, [ mock.call('SSFR_PSE_CHECK', IS_STRUST_IDENTITY={ 'PSE_CONTEXT': 'RAISE', 'PSE_APPLIC': 'TEST' }) ]) self.assertEqual( str(cm.exception), 'Received no response from the server - check STRUST manually.')
def test_exists_yes(self): mock_connectionection = Mock() mock_connectionection.call.return_value = { 'ET_BAPIRET2': [{ 'TYPE': 'S' }] } ssl_storage = SSLCertStorage(mock_connectionection, 'NOTRAISE', 'TEST') self.assertTrue(ssl_storage.exists()) self.assertEquals(mock_connectionection.call.call_args_list, [ mock.call('SSFR_PSE_CHECK', IS_STRUST_IDENTITY={ 'PSE_CONTEXT': 'NOTRAISE', 'PSE_APPLIC': 'TEST' }) ])