def get_file(self, filename): return test_config.get_test_file_path(filename)
#!/usr/bin/env python # coding=utf-8 import unittest import time import sys from ct.client.db import cert_desc from ct.crypto import cert from ct.cert_analysis import all_checks from ct.cert_analysis import observation from ct.test import test_config from ct.test import time_utils import gflags CERT = cert.Certificate.from_der_file( test_config.get_test_file_path("google_cert.der")) CA_CERT = cert.Certificate.from_pem_file( test_config.get_test_file_path("verisign_intermediate.pem")) DSA_SHA256_CERT = cert.Certificate.from_der_file( test_config.get_test_file_path("dsa_with_sha256.der")) BAD_UTF8_CERT = cert.Certificate.from_pem_file( test_config.get_test_file_path("cert_bad_utf8_subject.pem")) DOMAIN_IN_ISSUER_CERT = cert.Certificate.from_pem_file( test_config.get_test_file_path("domain_in_issuer.pem")) DOMAIN_IN_O_COMPONENT = cert.Certificate.from_pem_file( test_config.get_test_file_path("domain_in_o_component.pem")) class CertificateDescriptionTest(unittest.TestCase): def get_observations(self, source): observations = []
import sys from collections import defaultdict from ct.cert_analysis import asn1 from ct.cert_analysis import base_check_test from ct.client import reporter from ct.client.db import cert_desc from ct.client.db import sqlite_cert_db from ct.client.db import sqlite_connection as sqlitecon from ct.crypto import cert from ct.proto import certificate_pb2 from ct.proto import client_pb2 from ct.test import test_config import gflags STRICT_DER = cert.Certificate.from_der_file( test_config.get_test_file_path('google_cert.der'), False).to_der() NON_STRICT_DER = cert.Certificate.from_pem_file( test_config.get_test_file_path('invalid_ip.pem'), False).to_der() CHAIN_FILE = test_config.get_test_file_path('google_chain.pem') CHAIN_DERS = [c.to_der() for c in cert.certs_from_pem_file(CHAIN_FILE)] SELF_SIGNED_ROOT_DER = cert.Certificate.from_pem_file( test_config.get_test_file_path('subrigo_net.pem'), False).to_der() def readable_dn(dn_attribs): return ",".join(["%s=%s" % (attr.type, attr.value) for attr in dn_attribs]) class FakeCheck(object): @staticmethod
def pem_file(self): return test_config.get_test_file_path(self._PEM_FILE)
#!/usr/bin/env python # coding=utf-8 import unittest import time import sys from absl import flags as gflags from ct.client.db import cert_desc from ct.crypto import cert from ct.test import test_config from ct.test import time_utils CERT = cert.Certificate.from_der_file( test_config.get_test_file_path("google_cert.der")) CA_CERT = cert.Certificate.from_pem_file( test_config.get_test_file_path("verisign_intermediate.pem")) DSA_SHA256_CERT = cert.Certificate.from_der_file( test_config.get_test_file_path("dsa_with_sha256.der")) BAD_UTF8_CERT = cert.Certificate.from_pem_file( test_config.get_test_file_path("cert_bad_utf8_subject.pem")) DOMAIN_IN_ISSUER_CERT = cert.Certificate.from_pem_file( test_config.get_test_file_path("domain_in_issuer.pem")) DOMAIN_IN_O_COMPONENT = cert.Certificate.from_pem_file( test_config.get_test_file_path("domain_in_o_component.pem")) class CertificateDescriptionTest(unittest.TestCase): def assert_description_subject_matches_source(self, proto, source): subject = [(att.type, att.value) for att in proto.subject] cert_subject = [(type_.short_name, cert_desc.to_unicode('.'.join( cert_desc.process_name(value.human_readable()))))
#!/usr/bin/env python import unittest import mock from ct.cert_analysis import base_check_test from ct.cert_analysis import ocsp_pointers from ct.crypto import cert from ct.test import test_config CERT_WITH_OCSP = cert.Certificate.from_pem_file( test_config.get_test_file_path("aia.pem")) CERT_WITHOUT_OCSP = cert.Certificate.from_pem_file( test_config.get_test_file_path("promise_com.pem")) class OcspPointersTest(base_check_test.BaseCheckTest): def test_ocsp_existence_exist(self): check = ocsp_pointers.CheckOcspExistence() result = check.check(CERT_WITH_OCSP) self.assertIsNone(result) def test_ocsp_existence_doesnt_exist(self): check = ocsp_pointers.CheckOcspExistence() result = check.check(CERT_WITHOUT_OCSP) self.assertObservationIn(ocsp_pointers.LackOfOcsp(), result) def test_ocsp_extension_corrupt(self): certificate = mock.MagicMock() certificate.ocsp_responders = mock.Mock( side_effect=cert.CertificateError("Corrupt or unrecognized...")) check = ocsp_pointers.CheckCorruptOrMultipleAiaExtension()
#!/usr/bin/env python import unittest import mock from ct.cert_analysis import base_check_test from ct.cert_analysis import ocsp_pointers from ct.crypto import cert from ct.test import test_config CERT_WITH_OCSP = cert.Certificate.from_pem_file( test_config.get_test_file_path("aia.pem")) CERT_WITHOUT_OCSP = cert.Certificate.from_pem_file( test_config.get_test_file_path("promise_com.pem")) class OcspPointersTest(base_check_test.BaseCheckTest): def test_ocsp_existence_exist(self): check = ocsp_pointers.CheckOcspExistence() result = check.check(CERT_WITH_OCSP) self.assertIsNone(result) def test_ocsp_existence_doesnt_exist(self): check = ocsp_pointers.CheckOcspExistence() result = check.check(CERT_WITHOUT_OCSP) self.assertObservationIn(ocsp_pointers.LackOfOcsp(), result) def test_ocsp_extension_corrupt(self): certificate = mock.MagicMock() certificate.ocsp_responders = mock.Mock( side_effect=cert.CertificateError("Corrupt or unrecognized...")) check = ocsp_pointers.CheckCorruptOrMultipleAiaExtension() result = check.check(certificate)