def testGetCertificatesNoKeychainSuccess(self): """Test _GetCertificates no keychain specified, successful search.""" self.StubSetup() self.mox.StubOutWithMock(certs, 'Certificate') command = [certs.CMD_SECURITY, 'find-certificate', '-a', '-p'] cert = '%s\n%s\n%s\n' % (certs.PEM_HEADER, 'cert_body', certs.PEM_FOOTER) output = cert * 2 certs.gmacpyutil.RunProcess(command).AndReturn((output, '', 0)) certs.Certificate(cert.strip()).AndReturn('parsed cert') certs.Certificate(cert.strip()).AndReturn('parsed cert') self.mox.ReplayAll() self.assertEqual(['parsed cert', 'parsed cert'], list(certs._GetCertificates())) self.mox.VerifyAll()
def delete_prereq(): with open('configure.json') as file: json_text = json.load(file) # Delete Thing thing_name = json_text['thing_name'] thing_obj = thing.Thing(thing_name) thing_obj.delete() # Delete certificate cert_id_filename = thing_name + '_cert_id_file' cert_id_file = open(cert_id_filename, 'r') cert_id = cert_id_file.read() cert_obj = certs.Certificate(cert_id) cert_obj.delete() os.remove(cert_id_filename) # Delete cert_pem file and private_key_pem file cert_pem_filename = thing_name + '_cert_pem_file' private_key_pem_filename = thing_name + '_private_key_pem_file' os.remove(cert_pem_filename) os.remove(private_key_pem_filename) # Delete policy policy_name = thing_name + '_amazon_freertos_policy' policy_obj = policy.Policy(policy_name) policy_obj.delete()
def testParsePEMCertificateWithEmail(self): """Test _ParsePEMCertificate.""" self.StubSetup() pem = 'pem' date = 'Oct 31 12:34:56 1971 GMT' dt_date = datetime.datetime(1971, 10, 31, 12, 34, 56) parsed = { 'subject': 'subject', 'issuer': 'issuer', 'certhash': 'hash', 'startdate': [date, dt_date], 'enddate': [date, dt_date], 'fingerprint': 'fing:er:print', 'osx_fingerprint': 'fingerprint', 'serial': '87654321', 'email': '*****@*****.**', 'pem': pem } cmd = [ certs.CMD_OPENSSL, 'x509', '-sha1', '-nameopt', 'compat', '-noout', '-hash', '-subject', '-issuer', '-startdate', '-enddate', '-fingerprint', '-serial', '-email' ] output_with_email = ( 'hash\nsubject= subject\nissuer= issuer\nnotBefore=%s' '\nnotAfter=%s\nSHA1 Fingerprint=fing:er:print\n' 'serial=87654321\[email protected]\n' % (date, date)) certs.gmacpyutil.RunProcess(cmd, pem).AndReturn( (output_with_email, '', 0)) self.mox.ReplayAll() c = certs.Certificate(pem) self.assertEqual(parsed, c.__dict__) self.mox.VerifyAll()
def testParsePEMCertificateWithMalformedDate(self): """Test _ParsePEMCertificate.""" self.StubSetup() pem = 'pem' parsed = { 'subject': 'subject', 'issuer': 'issuer', 'certhash': 'hash', 'startdate': ['bad date', None], 'enddate': ['bad date', None], 'fingerprint': 'fing:er:print', 'osx_fingerprint': 'fingerprint', 'email': '', 'serial': '87654321', 'pem': pem } cmd = [ certs.CMD_OPENSSL, 'x509', '-sha1', '-nameopt', 'compat', '-noout', '-hash', '-subject', '-issuer', '-startdate', '-enddate', '-fingerprint', '-serial', '-email' ] output_bad_date = ( 'hash\nsubject= subject\nissuer= issuer\nnotBefore=bad ' 'date\nnotAfter=bad date\nSHA1 Fingerprint=' 'fing:er:print\nserial=87654321\n') certs.gmacpyutil.RunProcess(cmd, pem).AndReturn( (output_bad_date, '', 0)) self.mox.ReplayAll() c = certs.Certificate(pem) self.assertEqual(parsed, c.__dict__) self.mox.VerifyAll()
def testGetCertificatesNoKeychainCertError(self): """Test _GetCertificates with CertError from Certificate class.""" self.StubSetup() self.mox.StubOutWithMock(certs, 'Certificate') command = [certs.CMD_SECURITY, 'find-certificate', '-a', '-p'] cert = '%s\n%s\n%s\n' % (certs.PEM_HEADER, 'cert_body', certs.PEM_FOOTER) output = cert * 2 certs.gmacpyutil.RunProcess(command).AndReturn((output, '', 0)) certs.Certificate(cert.strip()).AndRaise(certs.CertError('err')) certs.logging.info('Encountered an unparseable certificate, continuing.') certs.logging.debug('err') certs.Certificate(cert.strip()).AndReturn('parsed cert') self.mox.ReplayAll() self.assertEqual(['parsed cert'], list(certs._GetCertificates())) self.mox.VerifyAll()
def delete_prereq(): with open('configure.json') as file: json_text = json.load(file) # Delete Thing thing_name = json_text['thing_name'] thing_obj = thing.Thing(thing_name) thing_obj.delete() # Delete certificate cert_id_filename = thing_name + '_cert_id.txt' cert_id_file = open(cert_id_filename, 'r') cert_id = cert_id_file.read() cert_obj = certs.Certificate(cert_id) cert_obj.delete() cert_id_file.close() cert_id_file_path = os.path.abspath(cert_id_filename) os.chmod(cert_id_file_path, 0o666) os.remove(cert_id_filename) # Delete cert_pem file and private_key_pem file cert_pem_filename = thing_name + '_cert.pem' private_key_pem_filename = thing_name + '_private_key.pem' cert_pem_file_path = os.path.abspath(cert_pem_filename) private_key_pem_file_path = os.path.abspath(private_key_pem_filename) os.chmod(cert_pem_file_path, 0o666) os.chmod(private_key_pem_file_path, 0o666) os.remove(cert_pem_filename) os.remove(private_key_pem_filename) # Delete policy policy_obj = policy.Policy(thing_name) policy_obj.delete()
def cleanup(): certIdlength = 64 with open('configure.json') as file: json_text = json.load(file) thing_name = json_text['thing_name'] thing_obj = thing.Thing(thing_name) principals = thing_obj.list_principals() # Delete certificates and policies attached to thing for eachPrincipal in principals: certId = eachPrincipal[-certIdlength:] certarn = eachPrincipal cert_obj = certs.Certificate(certId) # Get policies attached to certificate policies_attached = cert_obj.list_policies() # Delete certificate cert_obj.delete() # Delete policies attached to the certificate for each_policy in policies_attached: policy_obj = policy.Policy(each_policy['policyName']) policy_obj.delete() # Delete Thing thing_obj.delete()
def prereq(): with open('configure.json') as file: json_text = json.load(file) # Validate that the entries in the JSON are valid. validate_json_text(json_text) # Create a Thing thing_name = json_text['thing_name'] thing_obj = thing.Thing(thing_name) if not thing_obj.create(): # Create a Certificate cert_obj = certs.Certificate() result = cert_obj.create() # Store certId cert_id = result['certificateId'] cert_id_filename = thing_name + '_cert_id_file' print('Writing certificate ID to: {}'.format(cert_id_filename)) cert_id_file = open(cert_id_filename, 'w') cert_id_file.write(cert_id) cert_id_file_path = os.path.abspath(cert_id_filename) os.chmod(cert_id_file_path, 0o444) cert_id_file.close() # Store cert_pem as file cert_pem = result['certificatePem'] cert_pem_filename = thing_name + '_cert_pem_file' print('Writing certificate PEM to: {}'.format(cert_pem_filename)) cert_pem_file = open(cert_pem_filename, 'w') cert_pem_file.write(cert_pem) cert_pem_file_path = os.path.abspath(cert_pem_filename) os.chmod(cert_pem_file_path, 0o444) cert_pem_file.close() # Store private key PEM as file private_key_pem = result['keyPair']['PrivateKey'] private_key_pem_filename = thing_name + '_private_key_pem_file' print( 'Writing private key PEM to: {}'.format(private_key_pem_filename)) private_key_pem_file = open(private_key_pem_filename, 'w') private_key_pem_file.write(private_key_pem) private_key_pem_file_path = os.path.abspath(private_key_pem_filename) os.chmod(private_key_pem_file_path, 0o444) private_key_pem_file.close() # Create a Policy policy_document = misc.create_policy_document() policy_name = thing_name + '_amazon_freertos_policy' policy_obj = policy.Policy(policy_name, policy_document) policy_obj.create() # Attach certificate to Thing cert_obj.attach_thing(thing_name) # Attach policy to certificate cert_obj.attach_policy(policy_name) print("Completed prereq operation!")
def prereq(): with open('configure.json') as file: json_text = json.load(file) # If using existing policy, make sure policy exists before # creating the thing thing_name = json_text.get('thing_name', "") mac_addr = json_text.get('mac_addr', "") # Create a Thing thing_obj = thing.Thing(thing_name) if not thing_obj.create(): # Create a Certificate cert_obj = certs.Certificate() result = cert_obj.create() # Store certId cert_id = result['certificateId'] cert_id_filename = thing_name + '_cert_id.txt' cert_id_file = open(cert_id_filename, 'w') cert_id_file.write(cert_id) cert_id_file_path = os.path.abspath(cert_id_filename) os.chmod(cert_id_file_path, 0o664) cert_id_file.close() # Store cert_pem as file cert_pem = result['certificatePem'] cert_pem_filename = thing_name + '_cert.pem' cert_pem_file = open(cert_pem_filename, 'w') cert_pem_file.write(cert_pem) cert_pem_file_path = os.path.abspath(cert_pem_filename) os.chmod(cert_pem_file_path, 0o664) cert_pem_file.close() # Store private key PEM as file private_key_pem = result['keyPair']['PrivateKey'] private_key_pem_filename = thing_name + '_private_key.pem' private_key_pem_file = open(private_key_pem_filename, 'w') private_key_pem_file.write(private_key_pem) private_key_pem_file_path = os.path.abspath(private_key_pem_filename) os.chmod(private_key_pem_file_path, 0o664) private_key_pem_file.close() # Create thing policy policy_document_text = misc.create_policy_document_text(thing_name) if policy_document_text: policy_obj = policy.Policy(thing_name, policy_document_text) cert_policy_name = policy_obj.create() print('Creating Certificate Policy {}'.format(cert_policy_name)) # Attach the Policy to the Cert, Cert to thing cert_obj.attach_thing(thing_name) cert_obj.attach_policy(cert_policy_name)
def testget(self): # pylint: disable=g-bad-name """Test get.""" self.StubSetup() self.mox.StubOutWithMock(certs.Certificate, '_ParsePEMCertificate') certs.Certificate._ParsePEMCertificate('pem').AndReturn(None) self.mox.ReplayAll() c = certs.Certificate('pem') c.key = 'key' self.assertEqual('key', c.get('key')) self.assertEqual(None, c.get('missing')) self.mox.VerifyAll()
def prereq(): with open('configure.json') as configure_file: json_text = json.load(configure_file) # Create a Thing thing_name = json_text['thing_name'] thing_obj = thing.Thing(thing_name) if not thing_obj.create(): # Create a Certificate cert_obj = certs.Certificate() result = cert_obj.create() # Store certId cert_id = result['certificateId'] cert_id_filename = thing_name + '_cert_id_file.txt' cert_id_file = open(cert_id_filename, 'w') cert_id_file.write(cert_id) cert_id_file_path = os.path.abspath(cert_id_filename) os.chmod(cert_id_file_path, 0o444) cert_id_file.close() # Store cert_pem as file cert_pem = result['certificatePem'] cert_pem_filename = thing_name + '_cert_pem_file.pem' cert_pem_file = open(cert_pem_filename, 'w') cert_pem_file.write(cert_pem) cert_pem_file_path = os.path.abspath(cert_pem_filename) os.chmod(cert_pem_file_path, 0o444) cert_pem_file.close() # Store private key PEM as file private_key_pem = result['keyPair']['PrivateKey'] private_key_pem_filename = thing_name + '_private_key_pem_file.pem' private_key_pem_file = open(private_key_pem_filename, 'w') private_key_pem_file.write(private_key_pem) private_key_pem_file_path = os.path.abspath(private_key_pem_filename) os.chmod(private_key_pem_file_path, 0o444) private_key_pem_file.close() # Create a Policy policy_document = misc.create_policy_document() policy_name = thing_name + '_amazon_freertos_policy' policy_obj = policy.Policy(policy_name, policy_document) policy_obj.create() # Attach certificate to Thing cert_obj.attach_thing(thing_name) # Attach policy to certificate cert_obj.attach_policy(policy_name)
def prereq(): with open('configure.json') as file: json_text = json.load(file) aws_config = json_text["aws_config"] optiga_config = json_text["optiga_trust_config"] # Create a Certificate cert_obj = certs.Certificate() result = cert_obj.create(optiga_config['executable_path'], optiga_config['i2c_device'], optiga_config['privatekey_objectid'], optiga_config['certificate_objectid']) # Create a Thing if doesn't exist thing_name = aws_config['thing_name'] thing_obj = thing.Thing(thing_name) if not thing_obj.exists(): thing_obj.create() # Store certId cert_id = result['certificateId'] cert_id_filename = thing_name + '_cert_id_file' cert_id_file = open(cert_id_filename, 'w') cert_id_file.write(cert_id) cert_id_file_path = os.path.abspath(cert_id_filename) os.chmod(cert_id_file_path, 0o444) cert_id_file.close() # Store cert_pem as file cert_pem = result['certificatePem'] cert_pem_filename = thing_name + '_cert_pem_file' cert_pem_file = open(cert_pem_filename, 'w') cert_pem_file.write(cert_pem) cert_pem_file_path = os.path.abspath(cert_pem_filename) os.chmod(cert_pem_file_path, 0o444) cert_pem_file.close() # Create a Policy if doesn't exist policy_obj = policy.Policy(aws_config['policy_name']) if not policy_obj.exists(): policy_document = misc.create_policy_document() policy_obj.attach_rules(policy_document) policy_obj.create() # Attach certificate to Thing cert_obj.attach_thing(aws_config['thing_name']) # Attach policy to certificate cert_obj.attach_policy(aws_config['policy_name'])
def setup(): with open('configure.json') as file: json_text = json.load(file) # Create a Thing thing_name = json_text['thing_name'] thing_obj = thing.Thing(thing_name) if not thing_obj.create(): # Create a Certificate cert_obj = certs.Certificate() result = cert_obj.create() # Store cert_pem cert_pem = result['certificatePem'] # Store Private key PEM private_key_pem = result['keyPair']['PrivateKey'] wifi_ssid = json_text['wifi_ssid'] wifi_passwd = json_text['wifi_password'] wifi_security = json_text['wifi_security'] # Modify 'aws_clientcredential.h' file misc.client_credential( wifi_ssid = wifi_ssid, wifi_passwd = wifi_passwd, wifi_security = wifi_security, thing_name = thing_name, credentials_or_keys = "client_credential") # Modify 'aws_clientcredential_keys.h' file misc.client_credential( client_certificate_pem = cert_pem, clientprivate_key_pem = private_key_pem, credentials_or_keys = "client_keys") # Create a Policy policy_document = misc.create_policy_document() policy_name = thing_name + '_amazon_freertos_policy' policy_obj = policy.Policy(policy_name, policy_document) policy_obj.create() # Attach certificate to Thing cert_obj.attach_thing(thing_name) # Attach policy to certificate cert_obj.attach_policy(policy_name)
def delete_prereq(): with open('configure.json') as configure_file: json_text = json.load(configure_file) # Delete Thing thing_name = json_text['thing_name'] thing_obj = thing.Thing(thing_name) if thing_obj.exists(): thing_obj.delete() # Delete certificate cert_id_filename = thing_name + '_cert_id_file.txt' if os.path.exists(cert_id_filename): cert_id_file = open(cert_id_filename, 'r') cert_id = cert_id_file.read() cert_obj = certs.Certificate(cert_id) cert_obj.delete() cert_id_file.close() cert_id_file_path = os.path.abspath(cert_id_filename) os.chmod(cert_id_file_path, 0o666) os.remove(cert_id_filename) # Delete cert_pem file and private_key_pem file cert_pem_filename = thing_name + '_cert_pem_file.pem' if os.path.exists(cert_pem_filename): cert_pem_file_path = os.path.abspath(cert_pem_filename) os.chmod(cert_pem_file_path, 0o666) os.remove(cert_pem_filename) private_key_pem_filename = thing_name + '_private_key_pem_file.pem' if os.path.exists(private_key_pem_filename): private_key_pem_file_path = os.path.abspath(private_key_pem_filename) os.chmod(private_key_pem_file_path, 0o666) os.remove(private_key_pem_filename) # Delete policy policy_name = thing_name + '_amazon_freertos_policy' policy_obj = policy.Policy(policy_name) if policy_obj.exists(): policy_obj.delete()
def delete_prereq(): with open('configure.json') as file: json_text = json.load(file) # Delete Thing thing_name = json_text['thing_name'] thing_obj = thing.Thing(thing_name) thing_obj.delete() # Delete certificate cert_id_filename = thing_name + '_cert_id_file' cert_id_file = open(cert_id_filename, 'r') cert_id = cert_id_file.read() cert_obj = certs.Certificate(cert_id) cert_obj.delete() cert_id_file.close() cert_id_file_path = os.path.abspath(cert_id_filename) os.chmod(cert_id_file_path, 0o666) print("Deleting {}".format(cert_id_filename)) os.remove(cert_id_filename) # Delete cert_pem file and private_key_pem file cert_pem_filename = thing_name + '_cert_pem_file' private_key_pem_filename = thing_name + '_private_key_pem_file' cert_pem_file_path = os.path.abspath(cert_pem_filename) private_key_pem_file_path = os.path.abspath(private_key_pem_filename) os.chmod(cert_pem_file_path, 0o666) os.chmod(private_key_pem_file_path, 0o666) print("Deleting {}".format(cert_pem_filename)) os.remove(cert_pem_filename) print("Deleting {}".format(private_key_pem_filename)) os.remove(private_key_pem_filename) # Delete policy policy_name = thing_name + '_amazon_freertos_policy' policy_obj = policy.Policy(policy_name) policy_obj.delete() print("Successfully deleted prereqs!")