def test_cannotSign(self): """ Vertex nodes with no portal will not sign cert requests. """ cr = CertificateRequest.load(makeCertRequest("example.com")) class FakeService(object): portal = None q = Q2Q() q.service = FakeService() d = callResponder(q, Sign, certificate_request=cr, password='******') self.failureResultOf(d, amp.RemoteAmpError)
def test_sign(self): """ 'Sign' messages with a cert request result in a cred login with the given password. The avatar returned is then asked to sign the cert request with the presence server's certificate. The resulting certificate is returned as a response. """ user = '******' passwd = 'hunter2' issuerName = "fake certificate" domainCert = makeCert(issuerName) class FakeAvatar(object): def signCertificateRequest(fa, certificateRequest, hostcert, suggestedSerial): self.assertEqual(hostcert, domainCert) return hostcert.signRequestObject(certificateRequest, suggestedSerial) class FakeStorage(object): def getPrivateCertificate(cs, subject): return domainCert def genSerial(cs, domain): return 1 cr = CertificateRequest.load(makeCertRequest(user)) class FakePortal(object): def login(fp, creds, proto, iface): self.assertEqual(iface, IQ2QUser) self.assertEqual(creds.username, user) self.assertEqual(creds.password, passwd) return succeed([None, FakeAvatar(), None]) class FakeService(object): portal = FakePortal() certificateStorage = FakeStorage() q = Q2Q() q.service = FakeService() d = callResponder(q, Sign, certificate_request=cr, password=passwd) response = self.successResultOf(d) self.assertEqual(response['certificate'].getIssuer().commonName, issuerName)
def test_identify(self): """ A presence server responds to Identify messages with the cert stored for the requested domain. """ target = "example.com" fakeCert = makeCert("fake certificate") class FakeStorage(object): def getPrivateCertificate(cs, subject): self.assertEqual(subject, target) return fakeCert class FakeService(object): certificateStorage = FakeStorage() q = Q2Q() q.service = FakeService() d = callResponder(q, Identify, subject=Q2QAddress(target)) response = self.successResultOf(d) self.assertEqual(response, {'certificate': fakeCert}) self.assertFalse(hasattr(response['certificate'], 'privateKey'))