def testAddNetworkPayloadWired(self, mock_addpayload):
profile = profiles.NetworkProfile('test_user')
profile._auth_cert = '00000000-AUTH-CERT-UUID-00000000'
profile._anchor_certs = ['00000000-ANCH-ORCE-RTUU-ID000000']
profile.AddTrustedServer('radius.company.com')
profile.AddNetworkPayload('wired')
eap_client_data = {'AcceptEAPTypes': [13],
'PayloadCertificateAnchorUUID':
['00000000-ANCH-ORCE-RTUU-ID000000'],
'TLSTrustedServerNames':
['radius.company.com'],
'TLSAllowTrustExceptions': False}
mock_addpayload.assert_called_once_with(
{'AutoJoin': True,
'SetupModes': ['System', 'User'],
'PayloadCertificateUUID': '00000000-AUTH-CERT-UUID-00000000',
'EncryptionType': 'Any',
'Interface': 'FirstActiveEthernet',
profiles.PAYLOADKEYS_DISPLAYNAME: 'Wired',
profiles.PAYLOADKEYS_IDENTIFIER:
'com.megacorp.networkprofile.wired',
profiles.PAYLOADKEYS_TYPE: 'com.apple.firstactiveethernet.managed',
'EAPClientConfiguration': eap_client_data})
def testAddMachineCertificateBadCert(self, mock_certificate):
mock_certificate.side_effect = profiles.certs.CertError
profile = profiles.NetworkProfile('testuser')
with self.assertRaises(profiles.CertificateError):
profile.AddMachineCertificate('fakecert', 'fakekey')
def testGenerateID(self):
profile = profiles.NetworkProfile('testuser')
self.assertEqual(profile._GenerateID('test_suffix'),
'com.megacorp.networkprofile.test_suffix')
self.assertEqual(profile._GenerateID('another_suffix'),
'com.megacorp.networkprofile.another_suffix')
def testInit(self):
profile = profiles.NetworkProfile('testuser')
self.assertEqual(profile.Get(profiles.PAYLOADKEYS_DISPLAYNAME),
'Network Profile (testuser)')
self.assertEqual(profile.Get(profiles.PAYLOADKEYS_DESCRIPTION),
'Network authentication settings')
self.assertEqual(profile.Get(profiles.PAYLOADKEYS_IDENTIFIER),
'com.megacorp.networkprofile')
self.assertEqual(profile.Get(profiles.PAYLOADKEYS_SCOPE),
['System', 'User'])
self.assertEqual(profile.Get(profiles.PAYLOADKEYS_TYPE), 'Configuration')
self.assertEqual(profile.Get(profiles.PAYLOADKEYS_CONTENT), [])
def testAddMachineCertificateInvalidKey(self, mock_certificate, mock_pkcs12,
mock_loadcert, mock_loadkey):
mock_certobj = mock.MagicMock()
mock_certobj.subject_cn = 'My Cert Subject'
mock_certobj.osx_fingerprint = '0011223344556677889900'
mock_certificate.return_value = mock_certobj
mock_pkcs12obj = mock.MagicMock()
mock_pkcs12obj.export.side_effect = profiles.crypto.Error
mock_pkcs12.return_value = mock_pkcs12obj
mock_loadcert.return_value = 'certobj'
mock_loadkey.return_value = 'keyobj_from_different_cert'
profile = profiles.NetworkProfile('testuser')
with self.assertRaises(profiles.CertificateError):
profile.AddMachineCertificate('fakecert', 'otherfakekey')
def testAddAnchorCertificateSuccess(self, mock_certificate, mock_addpayload):
mock_certobj = mock.MagicMock()
mock_certobj.subject_cn = 'My Cert Subject'
mock_certobj.osx_fingerprint = '0011223344556677889900'
mock_certificate.return_value = mock_certobj
profile = profiles.NetworkProfile('testuser')
profile.AddAnchorCertificate('my_cert')
mock_certificate.assert_called_once_with('my_cert')
mock_addpayload.assert_called_once_with(
{profiles.PAYLOADKEYS_IDENTIFIER:
'com.megacorp.networkprofile.0011223344556677889900',
profiles.PAYLOADKEYS_TYPE: 'com.apple.security.pkcs1',
profiles.PAYLOADKEYS_DISPLAYNAME: 'My Cert Subject',
profiles.PAYLOADKEYS_CONTENT: profiles.plistlib.Data('my_cert'),
profiles.PAYLOADKEYS_ENABLED: True,
profiles.PAYLOADKEYS_VERSION: 1,
profiles.PAYLOADKEYS_UUID: mock.ANY})
def testAddMachineCertificateSuccess(self, mock_certificate, mock_pkcs12,
mock_loadcert, mock_loadkey,
mock_addpayload):
mock_certobj = mock.MagicMock()
mock_certobj.subject_cn = 'My Cert Subject'
mock_certobj.osx_fingerprint = '0011223344556677889900'
mock_certificate.return_value = mock_certobj
mock_pkcs12obj = mock.MagicMock()
mock_pkcs12obj.export.return_value = '-----PKCS12 Data-----'
mock_pkcs12.return_value = mock_pkcs12obj
mock_loadcert.return_value = 'certobj'
mock_loadkey.return_value = 'keyobj'
profile = profiles.NetworkProfile('testuser')
profile.AddMachineCertificate('fakecert', 'fakekey')
mock_pkcs12.assert_called_once_with()
mock_pkcs12obj.set_certificate.assert_called_once_with('certobj')
mock_pkcs12obj.set_privatekey.assert_called_once_with('keyobj')
mock_pkcs12obj.export.assert_called_once_with('0011223344556677889900')
mock_loadcert.assert_called_once_with(1, 'fakecert')
mock_loadkey.assert_called_once_with(1, 'fakekey')
mock_addpayload.assert_called_once_with(
{profiles.PAYLOADKEYS_IDENTIFIER:
'com.megacorp.networkprofile.machine_cert',
profiles.PAYLOADKEYS_TYPE: 'com.apple.security.pkcs12',
profiles.PAYLOADKEYS_DISPLAYNAME: 'My Cert Subject',
profiles.PAYLOADKEYS_ENABLED: True,
profiles.PAYLOADKEYS_VERSION: 1,
profiles.PAYLOADKEYS_CONTENT: profiles.plistlib.Data(
'-----PKCS12 Data-----'),
profiles.PAYLOADKEYS_UUID: mock.ANY,
'Password': '******'})
def testAddAnchorCertificateBadCert(self, mock_certificate):
mock_certificate.side_effect = profiles.certs.CertError
profile = profiles.NetworkProfile('testuser')
with self.assertRaises(profiles.CertificateError):
profile.AddAnchorCertificate('test_cert')