Exemple #1
0
 def test_verify_by_key(self):
     ca = X509(self.ca_cert)
     pubkey = ca.pubkey
     self.assertTrue(ca.verify(key=pubkey))
     c = X509(self.cert1)
     pk2 = c.pubkey
     self.assertFalse(c.verify(key=pk2))
     self.assertTrue(c.verify(key=pubkey))
Exemple #2
0
 def test_default_filestore(self):
     store = X509Store(default=True)
     c1 = X509(self.cert1)
     # Cert signed by our CA shouldn't be successfully verified
     # by default CA store
     self.assertFalse(c1.verify(store))
     # but cert, downloaded from some commercial CA - should.
     c2 = X509(self.digicert_cert)
     self.assertTrue(c2.verify(store))
Exemple #3
0
 def test_certstack3(self):
     l = []
     l.append(X509(self.cert1))
     self.assertEqual(unicode(l[0].subject[Oid('CN')]), u'Виктор Вагнер')
     l.append(X509(self.ca_cert))
     l.append(X509(self.digicert_cert))
     stack = StackOfX509(certs=l)
     stack2 = StackOfX509(ptr=stack.ptr, disposable=False)
     with self.assertRaises(ValueError):
         stack3 = StackOfX509(ptr=stack.ptr, certs=l)
     with self.assertRaises(ValueError):
         stack2[1] = l[0]
     with self.assertRaises(ValueError):
         stack2.append(l[0])
Exemple #4
0
 def test_subjectfields(self):
     c = X509(self.cert1)
     self.assertEqual(c.subject[Oid("C")], "RU")
     with self.assertRaises(TypeError):
         x = c.subject["CN"]
     self.assertEqual(c.subject[Oid("L")],
                      u'\u041c\u043e\u0441\u043a\u0432\u0430')
Exemple #5
0
 def test_verify_by_filestore(self):
     trusted = NamedTemporaryFile()
     trusted.write(self.ca_cert)
     trusted.flush()
     goodcert = X509(self.cert1)
     badcert = X509(self.cert1[0:-30] + "GG" + self.cert1[-28:])
     gitcert = X509(self.digicert_cert)
     store = X509Store(file=trusted.name)
     # We should successfuly verify certificate signed by our CA cert
     self.assertTrue(goodcert.verify(store))
     # We should reject corrupted certificate
     self.assertFalse(badcert.verify(store))
     # And if we specify explicitely certificate file, certificate,
     # signed by some commercial CA should be rejected too
     self.assertFalse(gitcert.verify(store))
     trusted.close()
Exemple #6
0
 def test_certstack2(self):
     stack = StackOfX509()
     stack.append(X509(self.cert1))
     stack.append(X509(self.ca_cert))
     c = stack[1]
     stack[1] = X509(self.digicert_cert)
     self.assertEqual(len(stack), 2)
     self.assertEqual(unicode(stack[1].subject[Oid('CN')]),
                      u'DigiCert High Assurance EV CA-1')
     with self.assertRaises(IndexError):
         stack[-1] = c
     with self.assertRaises(IndexError):
         stack[3] = c
     with self.assertRaises(TypeError):
         stack[0] = self.cert1
     with self.assertRaises(TypeError):
         stack.append(self.cert1)
Exemple #7
0
 def test_extenson_critical(self):
     cert = X509(self.digicert_cert)
     crit_exts = cert.extensions.find_critical()
     self.assertEqual(len(crit_exts), 2)
     other_exts = cert.extensions.find_critical(False)
     self.assertEqual(
         len(crit_exts) + len(other_exts), len(cert.extensions))
     self.assertEqual(crit_exts[0].critical, True)
     self.assertEqual(other_exts[0].critical, False)
Exemple #8
0
 def test_certstack1(self):
     l = []
     l.append(X509(self.cert1))
     self.assertEqual(unicode(l[0].subject[Oid('CN')]), u'Виктор Вагнер')
     l.append(X509(self.ca_cert))
     l.append(X509(self.digicert_cert))
     stack = StackOfX509(certs=l)
     self.assertEqual(len(stack), 3)
     self.assertTrue(isinstance(stack[1], X509))
     self.assertEqual(unicode(stack[0].subject[Oid('CN')]),
                      u'Виктор Вагнер')
     with self.assertRaises(IndexError):
         c = stack[-1]
     with self.assertRaises(IndexError):
         c = stack[3]
     del stack[1]
     self.assertEqual(len(stack), 2)
     self.assertEqual(unicode(stack[0].subject[Oid('CN')]),
                      u'Виктор Вагнер')
     self.assertEqual(unicode(stack[1].subject[Oid('CN')]),
                      u'DigiCert High Assurance EV CA-1')
Exemple #9
0
 def test_subjectbadsubfield(self):
     c = X509(self.cert1)
     with self.assertRaises(KeyError):
         x = c.subject[Oid("streetAddress")]
Exemple #10
0
 def test_extension_bad_find(self):
     cert = X509(self.cert1)
     with self.assertRaises(TypeError):
         exts = cert.extensions.find('subjectAltName')
Exemple #11
0
 def test_subjectfieldindex(self):
     c = X509(self.cert1)
     self.assertEqual(repr(c.subject[0]), repr((Oid('C'), u'RU')))
Exemple #12
0
 def test_extension_text(self):
     cert = X509(self.cert1)
     ext = cert.extensions[0]
     self.assertEqual(str(ext), 'CA:FALSE')
     self.assertEqual(unicode(ext), u'CA:FALSE')
Exemple #13
0
 def test_extenson_find(self):
     cert = X509(self.cert1)
     exts = cert.extensions.find(Oid('subjectAltName'))
     self.assertEqual(len(exts), 1)
     self.assertEqual(exts[0].oid, Oid('subjectAltName'))
Exemple #14
0
 def test_issuer(self):
     c = X509(self.cert1)
     self.assertEqual(
         unicode(c.issuer),
         u'C=RU,ST=Москва,O=Удостоверяющий центр,CN=Виктор Вагнер,[email protected]'
     )
Exemple #15
0
 def test_notAfter(self):
     c = X509(self.cert1)
     self.assertEqual(c.endDate,
                      datetime.datetime(2024, 10, 23, 19, 7, 17, 0, utc))
Exemple #16
0
 def test_subject_len(self):
     c = X509(self.cert1)
     self.assertEqual(len(c.subject), 5)
Exemple #17
0
 def test_extension_count(self):
     cert = X509(self.cert1)
     self.assertTrue(len(cert.extensions), 4)
     ca_cert = X509(self.ca_cert)
     self.assertEqual(len(ca_cert.extensions), 3)
Exemple #18
0
 def test_serial(self):
     c = X509(self.cert1)
     self.assertEqual(c.serial, 0xDF448E69DADC927CL)
Exemple #19
0
 def test_subjectbadindex(self):
     c = X509(self.cert1)
     with self.assertRaises(IndexError):
         x = c.subject[11]
     with self.assertRaises(IndexError):
         x = c.subject[-1]
Exemple #20
0
 def test_namecomp(self):
     c = X509(self.cert1)
     ca = X509(self.ca_cert)
     self.assertEqual(c.issuer, ca.subject)
     self.assertNotEqual(c.subject, c.issuer)
     self.assertEqual(ca.issuer, ca.subject)
Exemple #21
0
 def test_issuerHash(self):
     c = X509(self.cert1)
     self.assertEqual(hash(c.issuer), 0x7d3ea8c3)
Exemple #22
0
 def test_subjectHash(self):
     c = X509(self.cert1)
     self.assertEqual(hash(c.subject), 0x1f3ed722)
Exemple #23
0
 def test_verify_self_singed(self):
     ca = X509(self.ca_cert)
     self.assertTrue(ca.verify())
Exemple #24
0
 def test_extension_outofrange(self):
     cert = X509(self.cert1)
     with self.assertRaises(IndexError):
         cert.extensions[4]
     with self.assertRaises(IndexError):
         cert.extensions[-1]
Exemple #25
0
 def test_subjectmodify(self):
     c = X509(self.cert1)
     with self.assertRaises(ValueError):
         c.subject[Oid("CN")] = u'Foo'
     with self.assertRaises(ValueError):
         del c.subject[Oid('CN')]
Exemple #26
0
 def test_extension_oid(self):
     cert = X509(self.cert1)
     ext = cert.extensions[0]
     ext_id = ext.oid
     self.assertTrue(isinstance(ext_id, Oid))
     self.assertEqual(ext_id, Oid('basicConstraints'))
Exemple #27
0
 def test_version(self):
     c = X509(self.cert1)
     self.assertEqual(c.version, 3)
Exemple #28
0
 def test_notBefore(self):
     c = X509(self.cert1)
     self.assertEqual(c.startDate,
                      datetime.datetime(2014, 10, 26, 19, 07, 17, 0, utc))
Exemple #29
0
 def test_ca_cert(self):
     ca = X509(self.ca_cert)
     self.assertTrue(ca.check_ca())
     notca = X509(self.cert1)
     self.assertFalse(notca.check_ca())
Exemple #30
0
 def test_subject_str(self):
     c = X509(self.cert1)
     self.assertEqual(
         str(c.subject),
         b'C=RU,ST=\\D0\\9C\\D0\\BE\\D1\\81\\D0\\BA\\D0\\B2\\D0\\B0,L=\\D0\\9C\\D0\\BE\\D1\\81\\D0\\BA\\D0\\B2\\D0\\B0,O=\\D0\\A7\\D0\\B0\\D1\\81\\D1\\82\\D0\\BD\\D0\\BE\\D0\\B5 \\D0\\BB\\D0\\B8\\D1\\86\\D0\\BE,CN=\\D0\\92\\D0\\B8\\D0\\BA\\D1\\82\\D0\\BE\\D1\\80 \\D0\\92\\D0\\B0\\D0\\B3\\D0\\BD\\D0\\B5\\D1\\80'
     )