class CertUtilsTest(TestCase): """ Tests to exercise splice.common.certs.CertUtils """ def setUp(self): super(CertUtilsTest, self).setUp() # Test Certificate Data # invalid cert, signed by a CA other than 'root_ca_pem' self.invalid_key_path = os.path.join(TEST_DATA_DIR, 'invalid_cert', 'invalid.key') self.invalid_identity_cert_path = os.path.join(TEST_DATA_DIR, "invalid_cert", "invalid.cert") self.invalid_identity_cert_pem = open(self.invalid_identity_cert_path, "r").read() # a valid cert, signed by the below CA, 'root_ca_pem' self.valid_identity_cert_path = os.path.join(TEST_DATA_DIR, "valid_cert", "valid.cert") self.valid_identity_cert_pem = open(self.valid_identity_cert_path, "r").read() # CA self.root_ca_crt_path = os.path.join(TEST_DATA_DIR, 'ca', 'ca.crt') self.root_ca_key_path = os.path.join(TEST_DATA_DIR, 'ca', 'ca.key') self.root_ca_srl_path = os.path.join(TEST_DATA_DIR, 'ca', 'ca.srl') self.root_ca_crt = open(self.root_ca_crt_path).read() self.root_ca_key = open(self.root_ca_key_path).read() self.root_ca_pem = open(self.root_ca_srl_path).read() self.root_ca_pem = self.root_ca_crt + self.root_ca_key self.expected_valid_identity_uuid = "fb647f68-aa01-4171-b62b-35c2984a5328" self.cert_utils = CertUtils() def tearDown(self): super(CertUtilsTest, self).tearDown() def test_validate_certificate_pem_valid(self): self.assertTrue(self.cert_utils.validate_certificate( self.valid_identity_cert_pem, self.root_ca_pem)) def test_validate_certificate_pem_invalid(self): self.assertFalse(self.cert_utils.validate_certificate( self.invalid_identity_cert_pem, self.root_ca_pem)) def test_get_subject_pieces(self): pieces = self.cert_utils.get_subject_pieces(self.valid_identity_cert_pem) self.assertTrue(pieces["CN"]) self.assertEquals(pieces["CN"], self.expected_valid_identity_uuid) def test_get_subject_pieces_with_filepath(self): caught = False try: pieces = self.cert_utils.get_subject_pieces(self.valid_identity_cert_path) except CertificateParseException, e: caught = True self.assertTrue(caught)
def get_identifier_from_cert(x509_cert): """ Returns the 'CN' and 'O' pieces of the passed in Certificate if available @param x509_cert: @return: (str, str) """ cn = None o = None cert_utils = CertUtils() try: subj_pieces = cert_utils.get_subject_pieces(x509_cert) except CertificateParseException: return None, None if subj_pieces: if subj_pieces.has_key("CN"): cn = subj_pieces["CN"] if subj_pieces.has_key("O"): o = subj_pieces["O"] return (cn, o)