def testGetCertificatesNoKeychainSuccess(self):
"""Test _GetCertificates no keychain specified, successful search."""
self.StubSetup()
self.mox.StubOutWithMock(certs, 'Certificate')
command = [certs.CMD_SECURITY, 'find-certificate', '-a', '-p']
cert = '%s\n%s\n%s\n' % (certs.PEM_HEADER, 'cert_body', certs.PEM_FOOTER)
output = cert * 2
certs.gmacpyutil.RunProcess(command).AndReturn((output, '', 0))
certs.Certificate(cert.strip()).AndReturn('parsed cert')
certs.Certificate(cert.strip()).AndReturn('parsed cert')
self.mox.ReplayAll()
self.assertEqual(['parsed cert', 'parsed cert'],
list(certs._GetCertificates()))
self.mox.VerifyAll()
def delete_prereq():
with open('configure.json') as file:
json_text = json.load(file)
# Delete Thing
thing_name = json_text['thing_name']
thing_obj = thing.Thing(thing_name)
thing_obj.delete()
# Delete certificate
cert_id_filename = thing_name + '_cert_id_file'
cert_id_file = open(cert_id_filename, 'r')
cert_id = cert_id_file.read()
cert_obj = certs.Certificate(cert_id)
cert_obj.delete()
os.remove(cert_id_filename)
# Delete cert_pem file and private_key_pem file
cert_pem_filename = thing_name + '_cert_pem_file'
private_key_pem_filename = thing_name + '_private_key_pem_file'
os.remove(cert_pem_filename)
os.remove(private_key_pem_filename)
# Delete policy
policy_name = thing_name + '_amazon_freertos_policy'
policy_obj = policy.Policy(policy_name)
policy_obj.delete()
def testParsePEMCertificateWithEmail(self):
"""Test _ParsePEMCertificate."""
self.StubSetup()
pem = 'pem'
date = 'Oct 31 12:34:56 1971 GMT'
dt_date = datetime.datetime(1971, 10, 31, 12, 34, 56)
parsed = {
'subject': 'subject',
'issuer': 'issuer',
'certhash': 'hash',
'startdate': [date, dt_date],
'enddate': [date, dt_date],
'fingerprint': 'fing:er:print',
'osx_fingerprint': 'fingerprint',
'serial': '87654321',
'email': '*****@*****.**',
'pem': pem
}
cmd = [
certs.CMD_OPENSSL, 'x509', '-sha1', '-nameopt', 'compat', '-noout',
'-hash', '-subject', '-issuer', '-startdate', '-enddate',
'-fingerprint', '-serial', '-email'
]
output_with_email = (
'hash\nsubject= subject\nissuer= issuer\nnotBefore=%s'
'\nnotAfter=%s\nSHA1 Fingerprint=fing:er:print\n'
'serial=87654321\[email protected]\n' % (date, date))
certs.gmacpyutil.RunProcess(cmd, pem).AndReturn(
(output_with_email, '', 0))
self.mox.ReplayAll()
c = certs.Certificate(pem)
self.assertEqual(parsed, c.__dict__)
self.mox.VerifyAll()
def testParsePEMCertificateWithMalformedDate(self):
"""Test _ParsePEMCertificate."""
self.StubSetup()
pem = 'pem'
parsed = {
'subject': 'subject',
'issuer': 'issuer',
'certhash': 'hash',
'startdate': ['bad date', None],
'enddate': ['bad date', None],
'fingerprint': 'fing:er:print',
'osx_fingerprint': 'fingerprint',
'email': '',
'serial': '87654321',
'pem': pem
}
cmd = [
certs.CMD_OPENSSL, 'x509', '-sha1', '-nameopt', 'compat', '-noout',
'-hash', '-subject', '-issuer', '-startdate', '-enddate',
'-fingerprint', '-serial', '-email'
]
output_bad_date = (
'hash\nsubject= subject\nissuer= issuer\nnotBefore=bad '
'date\nnotAfter=bad date\nSHA1 Fingerprint='
'fing:er:print\nserial=87654321\n')
certs.gmacpyutil.RunProcess(cmd, pem).AndReturn(
(output_bad_date, '', 0))
self.mox.ReplayAll()
c = certs.Certificate(pem)
self.assertEqual(parsed, c.__dict__)
self.mox.VerifyAll()
def testGetCertificatesNoKeychainCertError(self):
"""Test _GetCertificates with CertError from Certificate class."""
self.StubSetup()
self.mox.StubOutWithMock(certs, 'Certificate')
command = [certs.CMD_SECURITY, 'find-certificate', '-a', '-p']
cert = '%s\n%s\n%s\n' % (certs.PEM_HEADER, 'cert_body', certs.PEM_FOOTER)
output = cert * 2
certs.gmacpyutil.RunProcess(command).AndReturn((output, '', 0))
certs.Certificate(cert.strip()).AndRaise(certs.CertError('err'))
certs.logging.info('Encountered an unparseable certificate, continuing.')
certs.logging.debug('err')
certs.Certificate(cert.strip()).AndReturn('parsed cert')
self.mox.ReplayAll()
self.assertEqual(['parsed cert'], list(certs._GetCertificates()))
self.mox.VerifyAll()
def delete_prereq():
with open('configure.json') as file:
json_text = json.load(file)
# Delete Thing
thing_name = json_text['thing_name']
thing_obj = thing.Thing(thing_name)
thing_obj.delete()
# Delete certificate
cert_id_filename = thing_name + '_cert_id.txt'
cert_id_file = open(cert_id_filename, 'r')
cert_id = cert_id_file.read()
cert_obj = certs.Certificate(cert_id)
cert_obj.delete()
cert_id_file.close()
cert_id_file_path = os.path.abspath(cert_id_filename)
os.chmod(cert_id_file_path, 0o666)
os.remove(cert_id_filename)
# Delete cert_pem file and private_key_pem file
cert_pem_filename = thing_name + '_cert.pem'
private_key_pem_filename = thing_name + '_private_key.pem'
cert_pem_file_path = os.path.abspath(cert_pem_filename)
private_key_pem_file_path = os.path.abspath(private_key_pem_filename)
os.chmod(cert_pem_file_path, 0o666)
os.chmod(private_key_pem_file_path, 0o666)
os.remove(cert_pem_filename)
os.remove(private_key_pem_filename)
# Delete policy
policy_obj = policy.Policy(thing_name)
policy_obj.delete()
def cleanup():
certIdlength = 64
with open('configure.json') as file:
json_text = json.load(file)
thing_name = json_text['thing_name']
thing_obj = thing.Thing(thing_name)
principals = thing_obj.list_principals()
# Delete certificates and policies attached to thing
for eachPrincipal in principals:
certId = eachPrincipal[-certIdlength:]
certarn = eachPrincipal
cert_obj = certs.Certificate(certId)
# Get policies attached to certificate
policies_attached = cert_obj.list_policies()
# Delete certificate
cert_obj.delete()
# Delete policies attached to the certificate
for each_policy in policies_attached:
policy_obj = policy.Policy(each_policy['policyName'])
policy_obj.delete()
# Delete Thing
thing_obj.delete()
def prereq():
with open('configure.json') as file:
json_text = json.load(file)
# Validate that the entries in the JSON are valid.
validate_json_text(json_text)
# Create a Thing
thing_name = json_text['thing_name']
thing_obj = thing.Thing(thing_name)
if not thing_obj.create():
# Create a Certificate
cert_obj = certs.Certificate()
result = cert_obj.create()
# Store certId
cert_id = result['certificateId']
cert_id_filename = thing_name + '_cert_id_file'
print('Writing certificate ID to: {}'.format(cert_id_filename))
cert_id_file = open(cert_id_filename, 'w')
cert_id_file.write(cert_id)
cert_id_file_path = os.path.abspath(cert_id_filename)
os.chmod(cert_id_file_path, 0o444)
cert_id_file.close()
# Store cert_pem as file
cert_pem = result['certificatePem']
cert_pem_filename = thing_name + '_cert_pem_file'
print('Writing certificate PEM to: {}'.format(cert_pem_filename))
cert_pem_file = open(cert_pem_filename, 'w')
cert_pem_file.write(cert_pem)
cert_pem_file_path = os.path.abspath(cert_pem_filename)
os.chmod(cert_pem_file_path, 0o444)
cert_pem_file.close()
# Store private key PEM as file
private_key_pem = result['keyPair']['PrivateKey']
private_key_pem_filename = thing_name + '_private_key_pem_file'
print(
'Writing private key PEM to: {}'.format(private_key_pem_filename))
private_key_pem_file = open(private_key_pem_filename, 'w')
private_key_pem_file.write(private_key_pem)
private_key_pem_file_path = os.path.abspath(private_key_pem_filename)
os.chmod(private_key_pem_file_path, 0o444)
private_key_pem_file.close()
# Create a Policy
policy_document = misc.create_policy_document()
policy_name = thing_name + '_amazon_freertos_policy'
policy_obj = policy.Policy(policy_name, policy_document)
policy_obj.create()
# Attach certificate to Thing
cert_obj.attach_thing(thing_name)
# Attach policy to certificate
cert_obj.attach_policy(policy_name)
print("Completed prereq operation!")
def prereq():
with open('configure.json') as file:
json_text = json.load(file)
# If using existing policy, make sure policy exists before
# creating the thing
thing_name = json_text.get('thing_name', "")
mac_addr = json_text.get('mac_addr', "")
# Create a Thing
thing_obj = thing.Thing(thing_name)
if not thing_obj.create():
# Create a Certificate
cert_obj = certs.Certificate()
result = cert_obj.create()
# Store certId
cert_id = result['certificateId']
cert_id_filename = thing_name + '_cert_id.txt'
cert_id_file = open(cert_id_filename, 'w')
cert_id_file.write(cert_id)
cert_id_file_path = os.path.abspath(cert_id_filename)
os.chmod(cert_id_file_path, 0o664)
cert_id_file.close()
# Store cert_pem as file
cert_pem = result['certificatePem']
cert_pem_filename = thing_name + '_cert.pem'
cert_pem_file = open(cert_pem_filename, 'w')
cert_pem_file.write(cert_pem)
cert_pem_file_path = os.path.abspath(cert_pem_filename)
os.chmod(cert_pem_file_path, 0o664)
cert_pem_file.close()
# Store private key PEM as file
private_key_pem = result['keyPair']['PrivateKey']
private_key_pem_filename = thing_name + '_private_key.pem'
private_key_pem_file = open(private_key_pem_filename, 'w')
private_key_pem_file.write(private_key_pem)
private_key_pem_file_path = os.path.abspath(private_key_pem_filename)
os.chmod(private_key_pem_file_path, 0o664)
private_key_pem_file.close()
# Create thing policy
policy_document_text = misc.create_policy_document_text(thing_name)
if policy_document_text:
policy_obj = policy.Policy(thing_name, policy_document_text)
cert_policy_name = policy_obj.create()
print('Creating Certificate Policy {}'.format(cert_policy_name))
# Attach the Policy to the Cert, Cert to thing
cert_obj.attach_thing(thing_name)
cert_obj.attach_policy(cert_policy_name)
def testget(self): # pylint: disable=g-bad-name
"""Test get."""
self.StubSetup()
self.mox.StubOutWithMock(certs.Certificate, '_ParsePEMCertificate')
certs.Certificate._ParsePEMCertificate('pem').AndReturn(None)
self.mox.ReplayAll()
c = certs.Certificate('pem')
c.key = 'key'
self.assertEqual('key', c.get('key'))
self.assertEqual(None, c.get('missing'))
self.mox.VerifyAll()
def prereq():
with open('configure.json') as configure_file:
json_text = json.load(configure_file)
# Create a Thing
thing_name = json_text['thing_name']
thing_obj = thing.Thing(thing_name)
if not thing_obj.create():
# Create a Certificate
cert_obj = certs.Certificate()
result = cert_obj.create()
# Store certId
cert_id = result['certificateId']
cert_id_filename = thing_name + '_cert_id_file.txt'
cert_id_file = open(cert_id_filename, 'w')
cert_id_file.write(cert_id)
cert_id_file_path = os.path.abspath(cert_id_filename)
os.chmod(cert_id_file_path, 0o444)
cert_id_file.close()
# Store cert_pem as file
cert_pem = result['certificatePem']
cert_pem_filename = thing_name + '_cert_pem_file.pem'
cert_pem_file = open(cert_pem_filename, 'w')
cert_pem_file.write(cert_pem)
cert_pem_file_path = os.path.abspath(cert_pem_filename)
os.chmod(cert_pem_file_path, 0o444)
cert_pem_file.close()
# Store private key PEM as file
private_key_pem = result['keyPair']['PrivateKey']
private_key_pem_filename = thing_name + '_private_key_pem_file.pem'
private_key_pem_file = open(private_key_pem_filename, 'w')
private_key_pem_file.write(private_key_pem)
private_key_pem_file_path = os.path.abspath(private_key_pem_filename)
os.chmod(private_key_pem_file_path, 0o444)
private_key_pem_file.close()
# Create a Policy
policy_document = misc.create_policy_document()
policy_name = thing_name + '_amazon_freertos_policy'
policy_obj = policy.Policy(policy_name, policy_document)
policy_obj.create()
# Attach certificate to Thing
cert_obj.attach_thing(thing_name)
# Attach policy to certificate
cert_obj.attach_policy(policy_name)
def prereq():
with open('configure.json') as file:
json_text = json.load(file)
aws_config = json_text["aws_config"]
optiga_config = json_text["optiga_trust_config"]
# Create a Certificate
cert_obj = certs.Certificate()
result = cert_obj.create(optiga_config['executable_path'],
optiga_config['i2c_device'],
optiga_config['privatekey_objectid'],
optiga_config['certificate_objectid'])
# Create a Thing if doesn't exist
thing_name = aws_config['thing_name']
thing_obj = thing.Thing(thing_name)
if not thing_obj.exists():
thing_obj.create()
# Store certId
cert_id = result['certificateId']
cert_id_filename = thing_name + '_cert_id_file'
cert_id_file = open(cert_id_filename, 'w')
cert_id_file.write(cert_id)
cert_id_file_path = os.path.abspath(cert_id_filename)
os.chmod(cert_id_file_path, 0o444)
cert_id_file.close()
# Store cert_pem as file
cert_pem = result['certificatePem']
cert_pem_filename = thing_name + '_cert_pem_file'
cert_pem_file = open(cert_pem_filename, 'w')
cert_pem_file.write(cert_pem)
cert_pem_file_path = os.path.abspath(cert_pem_filename)
os.chmod(cert_pem_file_path, 0o444)
cert_pem_file.close()
# Create a Policy if doesn't exist
policy_obj = policy.Policy(aws_config['policy_name'])
if not policy_obj.exists():
policy_document = misc.create_policy_document()
policy_obj.attach_rules(policy_document)
policy_obj.create()
# Attach certificate to Thing
cert_obj.attach_thing(aws_config['thing_name'])
# Attach policy to certificate
cert_obj.attach_policy(aws_config['policy_name'])
def setup():
with open('configure.json') as file:
json_text = json.load(file)
# Create a Thing
thing_name = json_text['thing_name']
thing_obj = thing.Thing(thing_name)
if not thing_obj.create():
# Create a Certificate
cert_obj = certs.Certificate()
result = cert_obj.create()
# Store cert_pem
cert_pem = result['certificatePem']
# Store Private key PEM
private_key_pem = result['keyPair']['PrivateKey']
wifi_ssid = json_text['wifi_ssid']
wifi_passwd = json_text['wifi_password']
wifi_security = json_text['wifi_security']
# Modify 'aws_clientcredential.h' file
misc.client_credential(
wifi_ssid = wifi_ssid,
wifi_passwd = wifi_passwd,
wifi_security = wifi_security,
thing_name = thing_name,
credentials_or_keys = "client_credential")
# Modify 'aws_clientcredential_keys.h' file
misc.client_credential(
client_certificate_pem = cert_pem,
clientprivate_key_pem = private_key_pem,
credentials_or_keys = "client_keys")
# Create a Policy
policy_document = misc.create_policy_document()
policy_name = thing_name + '_amazon_freertos_policy'
policy_obj = policy.Policy(policy_name, policy_document)
policy_obj.create()
# Attach certificate to Thing
cert_obj.attach_thing(thing_name)
# Attach policy to certificate
cert_obj.attach_policy(policy_name)
def delete_prereq():
with open('configure.json') as configure_file:
json_text = json.load(configure_file)
# Delete Thing
thing_name = json_text['thing_name']
thing_obj = thing.Thing(thing_name)
if thing_obj.exists():
thing_obj.delete()
# Delete certificate
cert_id_filename = thing_name + '_cert_id_file.txt'
if os.path.exists(cert_id_filename):
cert_id_file = open(cert_id_filename, 'r')
cert_id = cert_id_file.read()
cert_obj = certs.Certificate(cert_id)
cert_obj.delete()
cert_id_file.close()
cert_id_file_path = os.path.abspath(cert_id_filename)
os.chmod(cert_id_file_path, 0o666)
os.remove(cert_id_filename)
# Delete cert_pem file and private_key_pem file
cert_pem_filename = thing_name + '_cert_pem_file.pem'
if os.path.exists(cert_pem_filename):
cert_pem_file_path = os.path.abspath(cert_pem_filename)
os.chmod(cert_pem_file_path, 0o666)
os.remove(cert_pem_filename)
private_key_pem_filename = thing_name + '_private_key_pem_file.pem'
if os.path.exists(private_key_pem_filename):
private_key_pem_file_path = os.path.abspath(private_key_pem_filename)
os.chmod(private_key_pem_file_path, 0o666)
os.remove(private_key_pem_filename)
# Delete policy
policy_name = thing_name + '_amazon_freertos_policy'
policy_obj = policy.Policy(policy_name)
if policy_obj.exists():
policy_obj.delete()
def delete_prereq():
with open('configure.json') as file:
json_text = json.load(file)
# Delete Thing
thing_name = json_text['thing_name']
thing_obj = thing.Thing(thing_name)
thing_obj.delete()
# Delete certificate
cert_id_filename = thing_name + '_cert_id_file'
cert_id_file = open(cert_id_filename, 'r')
cert_id = cert_id_file.read()
cert_obj = certs.Certificate(cert_id)
cert_obj.delete()
cert_id_file.close()
cert_id_file_path = os.path.abspath(cert_id_filename)
os.chmod(cert_id_file_path, 0o666)
print("Deleting {}".format(cert_id_filename))
os.remove(cert_id_filename)
# Delete cert_pem file and private_key_pem file
cert_pem_filename = thing_name + '_cert_pem_file'
private_key_pem_filename = thing_name + '_private_key_pem_file'
cert_pem_file_path = os.path.abspath(cert_pem_filename)
private_key_pem_file_path = os.path.abspath(private_key_pem_filename)
os.chmod(cert_pem_file_path, 0o666)
os.chmod(private_key_pem_file_path, 0o666)
print("Deleting {}".format(cert_pem_filename))
os.remove(cert_pem_filename)
print("Deleting {}".format(private_key_pem_filename))
os.remove(private_key_pem_filename)
# Delete policy
policy_name = thing_name + '_amazon_freertos_policy'
policy_obj = policy.Policy(policy_name)
policy_obj.delete()
print("Successfully deleted prereqs!")
