def test_verify_inconsistent_signature(self):
manifest = cvmfs.Manifest(self.insane_manifest_broken_signature)
cert = cvmfs.Certificate(open(self.certificate_file))
is_valid = manifest.verify_signature(cert)
self.assertFalse(is_valid)
def test_verify_signature(self):
manifest = cvmfs.Manifest(self.sane_manifest)
cert = cvmfs.Certificate(open(self.certificate_file))
is_valid = manifest.verify_signature(cert)
self.assertTrue(is_valid)
def test_verify_invalid_signature(self):
manifest = cvmfs.Manifest(self.insane_manifest_tampered)
cert = cvmfs.Certificate(open(self.certificate_file))
is_valid = manifest.verify_signature(cert)
self.assertFalse(is_valid)
def test_verify_tampered_message(self):
with open(self.certificate_file) as cert_file:
cert = cvmfs.Certificate(cert_file)
self.assertFalse(cert.verify(self.signature, "I am Malory!"))
def test_certificate_fingerprint(self):
with open(self.certificate_file) as cert_file:
cert = cvmfs.Certificate(cert_file)
self.assertEqual(self.fingerprint, cert.get_fingerprint())
def test_verify_message(self):
with open(self.certificate_file) as cert_file:
cert = cvmfs.Certificate(cert_file)
self.assertTrue(cert.verify(self.signature, self.message_digest))
def test_get_openssl_x509(self):
with open(self.certificate_file) as cert_file:
cert = cvmfs.Certificate(cert_file)
x509 = cert.get_openssl_certificate()
self.assertTrue(isinstance(x509, X509))
def test_load(self):
with open(self.certificate_file) as cert_file:
cvmfs.Certificate(cert_file)
def test_doesnt_contain_certificate(self):
with open(self.certificate_file) as cert:
whitelist = cvmfs.Whitelist(
self.insane_whitelist_signature_mismatch)
certificate = cvmfs.Certificate(cert)
self.assertFalse(whitelist.contains(certificate))
def test_contains_certificate(self):
with open(self.certificate_file) as cert:
whitelist = cvmfs.Whitelist(self.sane_whitelist)
certificate = cvmfs.Certificate(cert)
self.assertTrue(whitelist.contains(certificate))