def test_dir_address(self):
"""
Parses the dir-address field.
"""
certificate = KeyCertificate.create({'dir-address': '127.0.0.1:80'})
self.assertEqual('127.0.0.1', certificate.address)
self.assertEqual(80, certificate.dir_port)
test_values = (
(''),
(' '),
('127.0.0.1'),
('127.0.0.1:'),
('80'),
(':80'),
('127.0.0.1a:80'),
('127.0.0.1:80a'),
)
for test_value in test_values:
content = KeyCertificate.content({'dir-address': test_value})
self.assertRaises(ValueError, KeyCertificate, content, True)
certificate = KeyCertificate(content, False)
self.assertEqual(None, certificate.address)
self.assertEqual(None, certificate.dir_port)
def test_key_blocks(self):
"""
Parses the dir-identity-key, dir-signing-key, dir-key-crosscert, and
dir-key-certification fields which all just have signature content.
"""
# the only non-mandatory field that we haven't exercised yet is dir-key-crosscert
certificate = KeyCertificate.create({
'dir-key-crosscert':
'\n-----BEGIN ID SIGNATURE-----%s-----END ID SIGNATURE-----' %
stem.descriptor.CRYPTO_BLOB
})
self.assertTrue(stem.descriptor.CRYPTO_BLOB in certificate.crosscert)
test_value = '\n-----BEGIN ID SIGNATURE-----%s-----END UGABUGA SIGNATURE-----' % stem.descriptor.CRYPTO_BLOB
for field, attr in (('dir-identity-key', 'identity_key'),
('dir-signing-key', 'signing_key'),
('dir-key-crosscert', 'crosscert'),
('dir-key-certification', 'certification')):
content = KeyCertificate.content({field: test_value})
self.assertRaises(ValueError, KeyCertificate, content, True)
certificate = KeyCertificate(content, False)
self.assertEqual(None, getattr(certificate, attr))
def test_missing_fields(self):
"""
Parse a key certificate where a mandatory field is missing.
"""
mandatory_fields = (
'dir-key-certificate-version',
'fingerprint',
'dir-key-published',
'dir-key-expires',
'dir-identity-key',
'dir-signing-key',
'dir-key-certification',
)
for excluded_field in mandatory_fields:
content = KeyCertificate.content(exclude=(excluded_field, ))
self.assertRaises(ValueError, KeyCertificate, content, True)
certificate = KeyCertificate(content, False)
if excluded_field == 'fingerprint':
self.assertEqual(3, certificate.version)
else:
self.assertEqual(40, len(certificate.fingerprint))
def test_dir_address(self):
"""
Parses the dir-address field.
"""
certificate = KeyCertificate.create({'dir-address': '127.0.0.1:80'})
self.assertEqual('127.0.0.1', certificate.address)
self.assertEqual(80, certificate.dir_port)
test_values = (
(''),
(' '),
('127.0.0.1'),
('127.0.0.1:'),
('80'),
(':80'),
('127.0.0.1a:80'),
('127.0.0.1:80a'),
)
for test_value in test_values:
content = KeyCertificate.content({'dir-address': test_value})
self.assertRaises(ValueError, KeyCertificate, content, True)
certificate = KeyCertificate(content, False)
self.assertEqual(None, certificate.address)
self.assertEqual(None, certificate.dir_port)
def test_first_and_last_lines(self):
"""
Includes a non-mandatory field before the 'dir-key-certificate-version'
line or after the 'dir-key-certification' line.
"""
content = KeyCertificate.content()
for cert_text in (b'dir-address 127.0.0.1:80\n' + content,
content + b'\ndir-address 127.0.0.1:80'):
self.assertRaises(ValueError, KeyCertificate, cert_text, True)
certificate = KeyCertificate(cert_text, False)
self.assertEqual('127.0.0.1', certificate.address)
self.assertEqual(80, certificate.dir_port)
def test_version(self):
"""
Parses the dir-key-certificate-version field, including trying to handle a
different certificate version with the v3 parser.
"""
certificate = KeyCertificate.create({'dir-key-certificate-version': '3'})
self.assertEqual(3, certificate.version)
content = KeyCertificate.content({'dir-key-certificate-version': '4'})
self.assertRaises(ValueError, KeyCertificate, content, True)
self.assertEqual(4, KeyCertificate(content, False).version)
content = KeyCertificate.content({'dir-key-certificate-version': 'boo'})
self.assertRaises(ValueError, KeyCertificate, content, True)
self.assertEqual(None, KeyCertificate(content, False).version)
def test_wrong_block_type(self):
"""
Checks that we validate the type of crypto content we receive.
"""
content = KeyCertificate.content({'dir-identity-key': '\n-----BEGIN MD5SUM-----%s-----END MD5SUM-----' % stem.descriptor.CRYPTO_BLOB})
self.assertRaises(ValueError, KeyCertificate, content, True)
def test_missing_fields(self):
"""
Parse a key certificate where a mandatory field is missing.
"""
mandatory_fields = (
'dir-key-certificate-version',
'fingerprint',
'dir-key-published',
'dir-key-expires',
'dir-identity-key',
'dir-signing-key',
'dir-key-certification',
)
for excluded_field in mandatory_fields:
content = KeyCertificate.content(exclude = (excluded_field,))
self.assertRaises(ValueError, KeyCertificate, content, True)
certificate = KeyCertificate(content, False)
if excluded_field == 'fingerprint':
self.assertEqual(3, certificate.version)
else:
self.assertEqual(40, len(certificate.fingerprint))
def test_blank_lines(self):
"""
Includes blank lines, which should be ignored.
"""
certificate = KeyCertificate.create({'dir-key-published': '2011-11-28 21:51:04\n\n\n'})
self.assertEqual(datetime.datetime(2011, 11, 28, 21, 51, 4), certificate.published)
def test_wrong_block_type(self):
"""
Checks that we validate the type of crypto content we receive.
"""
content = KeyCertificate.content({'dir-identity-key': '\n-----BEGIN MD5SUM-----%s-----END MD5SUM-----' % stem.descriptor.CRYPTO_BLOB})
self.assertRaises(ValueError, KeyCertificate, content, True)
def test_unrecognized_line(self):
"""
Includes unrecognized content in the descriptor.
"""
certificate = KeyCertificate.create({'pepperjack': 'is oh so tasty!'})
self.assertEqual(['pepperjack is oh so tasty!'], certificate.get_unrecognized_lines())
def test_version(self):
"""
Parses the dir-key-certificate-version field, including trying to handle a
different certificate version with the v3 parser.
"""
certificate = get_key_certificate({"dir-key-certificate-version": "3"})
self.assertEquals(3, certificate.version)
content = get_key_certificate({"dir-key-certificate-version": "4"}, content = True)
self.assertRaises(ValueError, KeyCertificate, content)
self.assertEquals(4, KeyCertificate(content, False).version)
content = get_key_certificate({"dir-key-certificate-version": "boo"}, content = True)
self.assertRaises(ValueError, KeyCertificate, content)
self.assertEquals(None, KeyCertificate(content, False).version)
def test_dir_address(self):
"""
Parses the dir-address field.
"""
certificate = get_key_certificate({"dir-address": "127.0.0.1:80"})
self.assertEqual("127.0.0.1", certificate.address)
self.assertEqual(80, certificate.dir_port)
test_values = (
("", None, None),
(" ", None, None),
("127.0.0.1", None, None),
("127.0.0.1:", None, None),
("80", None, None),
(":80", "", 80),
("127.0.0.1a:80", "127.0.0.1a", 80),
("127.0.0.1:80a", None, None),
)
for test_value, expected_address, expected_port in test_values:
content = get_key_certificate({"dir-address": test_value}, content = True)
self.assertRaises(ValueError, KeyCertificate, content)
certificate = KeyCertificate(content, False)
self.assertEqual(expected_address, certificate.address)
self.assertEqual(expected_port, certificate.dir_port)
def test_unrecognized_line(self):
"""
Includes unrecognized content in the descriptor.
"""
certificate = KeyCertificate.create({'pepperjack': 'is oh so tasty!'})
self.assertEqual(['pepperjack is oh so tasty!'], certificate.get_unrecognized_lines())
def test_version(self):
"""
Parses the dir-key-certificate-version field, including trying to handle a
different certificate version with the v3 parser.
"""
certificate = KeyCertificate.create({'dir-key-certificate-version': '3'})
self.assertEqual(3, certificate.version)
content = KeyCertificate.content({'dir-key-certificate-version': '4'})
self.assertRaises(ValueError, KeyCertificate, content, True)
self.assertEqual(4, KeyCertificate(content, False).version)
content = KeyCertificate.content({'dir-key-certificate-version': 'boo'})
self.assertRaises(ValueError, KeyCertificate, content, True)
self.assertEqual(None, KeyCertificate(content, False).version)
def test_dir_address(self):
"""
Parses the dir-address field.
"""
certificate = get_key_certificate({'dir-address': '127.0.0.1:80'})
self.assertEqual('127.0.0.1', certificate.address)
self.assertEqual(80, certificate.dir_port)
test_values = (
('', None, None),
(' ', None, None),
('127.0.0.1', None, None),
('127.0.0.1:', None, None),
('80', None, None),
(':80', '', 80),
('127.0.0.1a:80', '127.0.0.1a', 80),
('127.0.0.1:80a', None, None),
)
for test_value, expected_address, expected_port in test_values:
content = get_key_certificate({'dir-address': test_value},
content=True)
self.assertRaises(ValueError, KeyCertificate, content)
certificate = KeyCertificate(content, False)
self.assertEqual(expected_address, certificate.address)
self.assertEqual(expected_port, certificate.dir_port)
def test_blank_lines(self):
"""
Includes blank lines, which should be ignored.
"""
certificate = KeyCertificate.create({'dir-key-published': '2011-11-28 21:51:04\n\n\n'})
self.assertEqual(datetime.datetime(2011, 11, 28, 21, 51, 4), certificate.published)
def test_fingerprint(self):
"""
Parses the fingerprint field.
"""
test_values = (
'',
' ',
'27B6B5996C426270A5C95488AA5BCEB6BCC8695',
'27B6B5996C426270A5C95488AA5BCEB6BCC869568',
)
for test_value in test_values:
content = KeyCertificate.content({'fingerprint': test_value})
self.assertRaises(ValueError, KeyCertificate, content, True)
certificate = KeyCertificate(content, False)
self.assertEqual(None, certificate.fingerprint)
def test_time_fields(self):
"""
Parses the dir-key-published and dir-key-expires fields, which both have
datetime content.
"""
test_values = (
'',
' ',
'2012-12-12',
'2012-12-12 01:01:',
'2012-12-12 01:a1:01',
)
for field, attr in (('dir-key-published', 'published'), ('dir-key-expires', 'expires')):
for test_value in test_values:
content = KeyCertificate.content({field: test_value})
self.assertRaises(ValueError, KeyCertificate, content, True)
certificate = KeyCertificate(content, False)
self.assertEqual(None, getattr(certificate, attr))
def test_minimal(self):
"""
Parses a minimal key certificate.
"""
certificate = KeyCertificate.create()
self.assertEqual(3, certificate.version)
self.assertEqual(None, certificate.address)
self.assertEqual(None, certificate.dir_port)
self.assertEqual(40, len(certificate.fingerprint))
self.assertEqual(None, certificate.crosscert)
self.assertEqual([], certificate.get_unrecognized_lines())
def test_minimal(self):
"""
Parses a minimal key certificate.
"""
certificate = KeyCertificate.create()
self.assertEqual(3, certificate.version)
self.assertEqual(None, certificate.address)
self.assertEqual(None, certificate.dir_port)
self.assertEqual(40, len(certificate.fingerprint))
self.assertEqual(None, certificate.crosscert)
self.assertEqual([], certificate.get_unrecognized_lines())
def test_key_blocks(self):
"""
Parses the dir-identity-key, dir-signing-key, dir-key-crosscert, and
dir-key-certification fields which all just have signature content.
"""
# the only non-mandatory field that we haven't exercised yet is dir-key-crosscert
certificate = KeyCertificate.create({'dir-key-crosscert': '\n-----BEGIN ID SIGNATURE-----%s-----END ID SIGNATURE-----' % stem.descriptor.CRYPTO_BLOB})
self.assertTrue(stem.descriptor.CRYPTO_BLOB in certificate.crosscert)
test_value = '\n-----BEGIN ID SIGNATURE-----%s-----END UGABUGA SIGNATURE-----' % stem.descriptor.CRYPTO_BLOB
for field, attr in (('dir-identity-key', 'identity_key'),
('dir-signing-key', 'signing_key'),
('dir-key-crosscert', 'crosscert'),
('dir-key-certification', 'certification')):
content = KeyCertificate.content({field: test_value})
self.assertRaises(ValueError, KeyCertificate, content, True)
certificate = KeyCertificate(content, False)
self.assertEqual(None, getattr(certificate, attr))
def test_first_and_last_lines(self):
"""
Includes a non-mandatory field before the 'dir-key-certificate-version'
line or after the 'dir-key-certification' line.
"""
content = KeyCertificate.content()
for cert_text in (b'dir-address 127.0.0.1:80\n' + content,
content + b'\ndir-address 127.0.0.1:80'):
self.assertRaises(ValueError, KeyCertificate, cert_text, True)
certificate = KeyCertificate(cert_text, False)
self.assertEqual('127.0.0.1', certificate.address)
self.assertEqual(80, certificate.dir_port)
def test_first_and_last_lines(self):
"""
Includes a non-mandatory field before the 'dir-key-certificate-version'
line or after the 'dir-key-certification' line.
"""
content = get_key_certificate(content=True)
for cert_text in ("dir-address 127.0.0.1:80\n" + content,
content + "\ndir-address 127.0.0.1:80"):
self.assertRaises(ValueError, KeyCertificate, cert_text)
certificate = KeyCertificate(cert_text, False)
self.assertEqual("127.0.0.1", certificate.address)
self.assertEqual(80, certificate.dir_port)
def test_missing_fields(self):
"""
Parse a key certificate where a mandatory field is missing.
"""
mandatory_fields = [entry[0] for entry in KEY_CERTIFICATE_HEADER + KEY_CERTIFICATE_FOOTER]
for excluded_field in mandatory_fields:
content = get_key_certificate(exclude = (excluded_field,), content = True)
self.assertRaises(ValueError, KeyCertificate, content)
certificate = KeyCertificate(content, False)
if excluded_field == "fingerprint":
self.assertEqual(3, certificate.version)
else:
self.assertEqual("27B6B5996C426270A5C95488AA5BCEB6BCC86956", certificate.fingerprint)
def test_fingerprint(self):
"""
Parses the fingerprint field.
"""
test_values = (
'',
' ',
'27B6B5996C426270A5C95488AA5BCEB6BCC8695',
'27B6B5996C426270A5C95488AA5BCEB6BCC869568',
)
for test_value in test_values:
content = KeyCertificate.content({'fingerprint': test_value})
self.assertRaises(ValueError, KeyCertificate, content, True)
certificate = KeyCertificate(content, False)
self.assertEqual(None, certificate.fingerprint)
def test_fingerprint(self):
"""
Parses the fingerprint field.
"""
test_values = (
"",
" ",
"27B6B5996C426270A5C95488AA5BCEB6BCC8695",
"27B6B5996C426270A5C95488AA5BCEB6BCC869568",
)
for test_value in test_values:
content = get_key_certificate({"fingerprint": test_value}, content = True)
self.assertRaises(ValueError, KeyCertificate, content)
certificate = KeyCertificate(content, False)
self.assertEqual(test_value.strip(), certificate.fingerprint)
def test_time_fields(self):
"""
Parses the dir-key-published and dir-key-expires fields, which both have
datetime content.
"""
test_values = (
"",
" ",
"2012-12-12",
"2012-12-12 01:01:",
"2012-12-12 01:a1:01",
)
for field, attr in (("dir-key-published", "published"), ("dir-key-expires", "expires")):
for test_value in test_values:
content = get_key_certificate({field: test_value}, content = True)
self.assertRaises(ValueError, KeyCertificate, content)
certificate = KeyCertificate(content, False)
self.assertEquals(None, getattr(certificate, attr))
def test_key_certificate(self):
"""
Includes or exclude a key certificate from the directory entry.
"""
key_cert = KeyCertificate.content()
# include a key cert with a consensus
content = DirectoryAuthority.content() + b'\n' + key_cert
self.assertRaises(ValueError, DirectoryAuthority, content, True)
authority = DirectoryAuthority(content, False)
self.assertTrue(authority.nickname.startswith('Unnamed'))
# exclude key cert from a vote
content = b'\n'.join(DirectoryAuthority.content(is_vote = True).splitlines()[:-5])
self.assertRaises(ValueError, DirectoryAuthority, content, True, True)
authority = DirectoryAuthority(content, False, True)
self.assertTrue(authority.nickname.startswith('Unnamed'))
def test_key_certificate(self):
"""
Includes or exclude a key certificate from the directory entry.
"""
key_cert = KeyCertificate.content()
# include a key cert with a consensus
content = DirectoryAuthority.content() + b'\n' + key_cert
self.assertRaises(ValueError, DirectoryAuthority, content, True)
authority = DirectoryAuthority(content, False)
self.assertTrue(authority.nickname.startswith('Unnamed'))
# exclude key cert from a vote
content = b'\n'.join(DirectoryAuthority.content(is_vote = True).splitlines()[:-5])
self.assertRaises(ValueError, DirectoryAuthority, content, True, True)
authority = DirectoryAuthority(content, False, True)
self.assertTrue(authority.nickname.startswith('Unnamed'))
def test_time_fields(self):
"""
Parses the dir-key-published and dir-key-expires fields, which both have
datetime content.
"""
test_values = (
'',
' ',
'2012-12-12',
'2012-12-12 01:01:',
'2012-12-12 01:a1:01',
)
for field, attr in (('dir-key-published', 'published'), ('dir-key-expires', 'expires')):
for test_value in test_values:
content = KeyCertificate.content({field: test_value})
self.assertRaises(ValueError, KeyCertificate, content, True)
certificate = KeyCertificate(content, False)
self.assertEqual(None, getattr(certificate, attr))
