def test_create_raises(self): mock_connectionection = Mock() mock_connectionection.call.return_value = { 'ET_BAPIRET2': [{ 'TYPE': 'E', 'MESSAGE': 'Invalid storage' }] } ssl_storage = SSLCertStorage(mock_connectionection, 'RAISE', 'TEST') with self.assertRaises(InvalidSSLStorage) as cm: ssl_storage.create() self.assertEquals(mock_connectionection.call.call_args_list, [ mock.call('SSFR_PSE_CREATE', IS_STRUST_IDENTITY={ 'PSE_CONTEXT': 'RAISE', 'PSE_APPLIC': 'TEST' }, IV_ALG='R', IV_KEYLEN=2048, IV_REPLACE_EXISTING_PSE='-') ]) self.assertEqual(str(cm.exception), str([{ 'TYPE': 'E', 'MESSAGE': 'Invalid storage' }]))
def putcertificate(connection, args): """Uploads X.509 Base64 certificates into SAP to enable SSL peer verification of remote servers Exceptions: - SAPCliError: - when the given storage does not belong to the storage white list - when identity argument has invalid format """ identities = [] for storage in args.storage: if storage in (CLIENT_ANONYMOUS, CLIENT_STANDART): identities.append(IDENTITY_MAPPING[storage]) else: raise SAPCliError(f'Unknown storage: {storage}') for identity in args.identity: try: identities.append(Identity(*identity.split('/'))) except (ValueError, TypeError): # pylint: disable=raise-missing-from raise SAPCliError('Invalid identity format') ssl_storages = [] for identity in identities: ssl_storage = SSLCertStorage(connection, identity.pse_context, identity.pse_applic) if not ssl_storage.exists(): ssl_storage.create( alg=args.algorithm, keylen=args.key_length, dn=args.dn ) logging.debug('SSL Storage is OK: %s', ssl_storage) ssl_storages.append(ssl_storage) for file_path in args.paths: logging.info('Processing the file: %s', file_path) with open(file_path, 'rb') as cert_file: cert_contents = cert_file.read() for ssl_storage in ssl_storages: logging.info('Adding the file: %s to %s', file_path, ssl_storage) logging.info(ssl_storage.put_certificate(cert_contents)) logging.info('Notifying ICM ... ') notify_icm_changed_pse(connection) for updated_storage in ssl_storages: logging.info('Certificates of %s:', str(updated_storage)) for cert in iter_storage_certificates(updated_storage): logging.info('* %s', cert['EV_SUBJECT'])
def test_create_ok_default(self): mock_connectionection = Mock() mock_connectionection.call.return_value = {'ET_BAPIRET2': []} ssl_storage = SSLCertStorage(mock_connectionection, 'NOTRAISE', 'TEST') ssl_storage.create() self.assertEquals(mock_connectionection.call.call_args_list, [ mock.call('SSFR_PSE_CREATE', IS_STRUST_IDENTITY={ 'PSE_CONTEXT': 'NOTRAISE', 'PSE_APPLIC': 'TEST' }, IV_ALG='R', IV_KEYLEN=2048, IV_REPLACE_EXISTING_PSE='-') ])
def test_create_ok_all_params(self): mock_connectionection = Mock() mock_connectionection.call.return_value = {'ET_BAPIRET2': []} ssl_storage = SSLCertStorage(mock_connectionection, 'NOTRAISE', 'TEST') ssl_storage.create(alg='S', keylen=4096, replace=True, dn='ou=test') self.assertEquals(mock_connectionection.call.call_args_list, [ mock.call('SSFR_PSE_CREATE', IS_STRUST_IDENTITY={ 'PSE_CONTEXT': 'NOTRAISE', 'PSE_APPLIC': 'TEST' }, IV_ALG='S', IV_KEYLEN=4096, IV_REPLACE_EXISTING_PSE='X', IV_DN='ou=test') ])