def mkPEMBundle(self, client_cert, client_key, password, chain): return QgsPkiBundle.fromPemPaths(PKIDATA + '/' + client_cert, PKIDATA + '/' + client_key, password, QgsAuthCertUtils.certsFromFile( PKIDATA + '/' + chain ))
def test_060_identities(self): client_cert_path = os.path.join(PKIDATA, 'fra_cert.pem') client_key_path = os.path.join(PKIDATA, 'fra_key_w-pass.pem') client_key_pass = '******' client_p12_path = os.path.join(PKIDATA, 'gerardus_w-chain.p12') client_p12_pass = '******' # store regular PEM cert/key and generate config # noinspection PyTypeChecker bundle1 = QgsPkiBundle.fromPemPaths(client_cert_path, client_key_path, client_key_pass) bundle1_cert = bundle1.clientCert() bundle1_key = bundle1.clientKey() bundle1_ca_chain = bundle1.caChain() bundle1_cert_sha = bundle1.certId() # with open(client_key_path, 'r') as f: # key_data = f.read() # # client_cert = QgsAuthCertUtils.certsFromFile(client_cert_path)[0] msg = 'Identity PEM certificate is null' self.assertFalse(bundle1_cert.isNull(), msg) # cert_sha = QgsAuthCertUtils.shaHexForCert(client_cert) # # client_key = QSslKey(key_data, QSsl.Rsa, QSsl.Pem, # QSsl.PrivateKey, client_key_pass) msg = 'Identity PEM key is null' self.assertFalse(bundle1_key.isNull(), msg) msg = 'Identity PEM certificate chain is not empty' self.assertEqual(len(bundle1_ca_chain), 0, msg) msg = "Identity PEM could not be stored in database" self.assertTrue( self.authm.storeCertIdentity(bundle1_cert, bundle1_key), msg) msg = "Identity PEM not found in database" self.assertTrue(self.authm.existsCertIdentity(bundle1_cert_sha), msg) config1 = QgsAuthMethodConfig() config1.setName('IdentityCert - PEM') config1.setMethod('Identity-Cert') config1.setConfig('certid', bundle1_cert_sha) msg = 'Could not store PEM identity config' self.assertTrue(self.authm.storeAuthenticationConfig(config1), msg) configid1 = config1.id() msg = 'Could not retrieve PEM identity config id from store op' self.assertIsNotNone(configid1, msg) config2 = QgsAuthMethodConfig() msg = 'Could not load PEM identity config' self.assertTrue( self.authm.loadAuthenticationConfig(configid1, config2, True), msg) # store PKCS#12 bundled cert/key and generate config # bundle = QgsPkcsBundle(client_p12_path, client_p12_pass) # noinspection PyTypeChecker bundle = QgsPkiBundle.fromPkcs12Paths(client_p12_path, client_p12_pass) bundle_cert = bundle.clientCert() bundle_key = bundle.clientKey() bundle_ca_chain = bundle.caChain() bundle_cert_sha = QgsAuthCertUtils.shaHexForCert(bundle_cert) msg = 'Identity bundle certificate is null' self.assertFalse(bundle_cert.isNull(), msg) msg = 'Identity bundle key is null' self.assertFalse(bundle_key.isNull(), msg) msg = 'Identity bundle CA chain is not correct depth' self.assertEqual(len(bundle_ca_chain), 3, msg) msg = "Identity bundle could not be stored in database" self.assertTrue( self.authm.storeCertIdentity(bundle_cert, bundle_key), msg) msg = "Identity bundle not found in database" self.assertTrue(self.authm.existsCertIdentity(bundle_cert_sha), msg) bundle_config = QgsAuthMethodConfig() bundle_config.setName('IdentityCert - Bundle') bundle_config.setMethod('Identity-Cert') bundle_config.setConfig('certid', bundle_cert_sha) msg = 'Could not store bundle identity config' self.assertTrue( self.authm.storeAuthenticationConfig(bundle_config), msg) bundle_configid = bundle_config.id() msg = 'Could not retrieve bundle identity config id from store op' self.assertIsNotNone(bundle_configid, msg) bundle_config2 = QgsAuthMethodConfig() msg = 'Could not load bundle identity config' self.assertTrue( self.authm.loadAuthenticationConfig(bundle_configid, bundle_config2, True), msg) # TODO: add more tests # self.show_editors_widget() msg = 'Could not remove PEM identity config' self.assertTrue(self.authm.removeAuthenticationConfig(configid1), msg) msg = 'Could not remove bundle identity config' self.assertTrue( self.authm.removeAuthenticationConfig(bundle_configid), msg)
def mkPEMBundle(self, client_cert, client_key, password, chain): return QgsPkiBundle.fromPemPaths( PKIDATA + '/' + client_cert, PKIDATA + '/' + client_key, password, QgsAuthCertUtils.certsFromFile(PKIDATA + '/' + chain))
def test_060_identities(self): client_cert_path = os.path.join(PKIDATA, 'fra_cert.pem') client_key_path = os.path.join(PKIDATA, 'fra_key_w-pass.pem') client_key_pass = '******' client_p12_path = os.path.join(PKIDATA, 'gerardus_w-chain.p12') client_p12_pass = '******' # store regular PEM cert/key and generate config # noinspection PyTypeChecker bundle1 = QgsPkiBundle.fromPemPaths(client_cert_path, client_key_path, client_key_pass) bundle1_cert = bundle1.clientCert() bundle1_key = bundle1.clientKey() bundle1_ca_chain = bundle1.caChain() bundle1_cert_sha = bundle1.certId() # with open(client_key_path, 'r') as f: # key_data = f.read() # # client_cert = QgsAuthCertUtils.certsFromFile(client_cert_path)[0] msg = 'Identity PEM certificate is null' self.assertFalse(bundle1_cert.isNull(), msg) # cert_sha = QgsAuthCertUtils.shaHexForCert(client_cert) # # client_key = QSslKey(key_data, QSsl.Rsa, QSsl.Pem, # QSsl.PrivateKey, client_key_pass) msg = 'Identity PEM key is null' self.assertFalse(bundle1_key.isNull(), msg) msg = 'Identity PEM certificate chain is not empty' self.assertEqual(len(bundle1_ca_chain), 0, msg) msg = "Identity PEM could not be stored in database" self.assertTrue( self.authm.storeCertIdentity(bundle1_cert, bundle1_key), msg) msg = "Identity PEM not found in database" self.assertTrue(self.authm.existsCertIdentity(bundle1_cert_sha), msg) config1 = QgsAuthMethodConfig() config1.setName('IdentityCert - PEM') config1.setMethod('Identity-Cert') config1.setConfig('certid', bundle1_cert_sha) msg = 'Could not store PEM identity config' self.assertTrue(self.authm.storeAuthenticationConfig(config1), msg) configid1 = config1.id() msg = 'Could not retrieve PEM identity config id from store op' self.assertIsNotNone(configid1, msg) config2 = QgsAuthMethodConfig() msg = 'Could not load PEM identity config' self.assertTrue( self.authm.loadAuthenticationConfig(configid1, config2, True), msg) # store PKCS#12 bundled cert/key and generate config # bundle = QgsPkcsBundle(client_p12_path, client_p12_pass) # noinspection PyTypeChecker bundle = QgsPkiBundle.fromPkcs12Paths(client_p12_path, client_p12_pass) bundle_cert = bundle.clientCert() bundle_key = bundle.clientKey() bundle_ca_chain = bundle.caChain() bundle_cert_sha = QgsAuthCertUtils.shaHexForCert(bundle_cert) msg = 'Identity bundle certificate is null' self.assertFalse(bundle_cert.isNull(), msg) msg = 'Identity bundle key is null' self.assertFalse(bundle_key.isNull(), msg) msg = 'Identity bundle CA chain is not correct depth' self.assertEqual(len(bundle_ca_chain), 3, msg) msg = "Identity bundle could not be stored in database" self.assertTrue(self.authm.storeCertIdentity(bundle_cert, bundle_key), msg) msg = "Identity bundle not found in database" self.assertTrue(self.authm.existsCertIdentity(bundle_cert_sha), msg) bundle_config = QgsAuthMethodConfig() bundle_config.setName('IdentityCert - Bundle') bundle_config.setMethod('Identity-Cert') bundle_config.setConfig('certid', bundle_cert_sha) msg = 'Could not store bundle identity config' self.assertTrue(self.authm.storeAuthenticationConfig(bundle_config), msg) bundle_configid = bundle_config.id() msg = 'Could not retrieve bundle identity config id from store op' self.assertIsNotNone(bundle_configid, msg) bundle_config2 = QgsAuthMethodConfig() msg = 'Could not load bundle identity config' self.assertTrue( self.authm.loadAuthenticationConfig(bundle_configid, bundle_config2, True), msg) # TODO: add more tests # self.show_editors_widget() msg = 'Could not remove PEM identity config' self.assertTrue(self.authm.removeAuthenticationConfig(configid1), msg) msg = 'Could not remove bundle identity config' self.assertTrue(self.authm.removeAuthenticationConfig(bundle_configid), msg)