예제 #1
0
    def setUp(self):
        self.msg = 'message'
        self.sig = ('IC\xd8*\xe7\x14\x9e\x19S\xb7\xcf\xec3\x12\xe2\x8a\x03'
                    '\x98u\xff\xf0\x94\xe2\xd7<\x8f\xa8\xed\xa4KN\xc3\xaa'
                    '\xb9X\xc3w\xaa\xc0_\xd0\x05$y>l#\x10<\x96\xd2\xcdr\xa3'
                    '\x1b\xa1\xf5!f\xef\xc64\xb6\x13')
        self.nonce = '\xec\xd6\xf2oYH\xeb\x13\xd5#q\xe0\xdd\xa2\x92\xa9'

        self.alg = jose.RS256
        self.jwk = jose.JWKRSA(key=RSA256_KEY.publickey())

        b64sig = ('SUPYKucUnhlTt8_sMxLiigOYdf_wlOLXPI-o7aRLTsOquVjDd6r'
                  'AX9AFJHk-bCMQPJbSzXKjG6H1IWbvxjS2Ew')
        b64nonce = '7Nbyb1lI6xPVI3Hg3aKSqQ'
        self.jsig_to = {
            'nonce': b64nonce,
            'alg': self.alg,
            'jwk': self.jwk,
            'sig': b64sig,
        }

        self.jsig_from = {
            'nonce': b64nonce,
            'alg': self.alg.to_partial_json(),
            'jwk': self.jwk.to_partial_json(),
            'sig': b64sig,
        }

        from letsencrypt.acme.other import Signature
        self.signature = Signature(alg=self.alg,
                                   sig=self.sig,
                                   nonce=self.nonce,
                                   jwk=self.jwk)
예제 #2
0
    def setUp(self):
        # acme-spec uses a confusing example in which both signature
        # nonce and challenge nonce are the same, don't make the same
        # mistake here...
        signature = other.Signature(
            alg=jose.RS256,
            jwk=jose.JWKRSA(key=KEY.publickey()),
            sig='\xa7\xc1\xe7\xe82o\xbc\xcd\xd0\x1e\x010#Z|\xaf\x15\x83'
            '\x94\x8f#\x9b\nQo(\x80\x15,\x08\xfcz\x1d\xfd\xfd.\xaap'
            '\xfa\x06\xd1\xa2f\x8d8X2>%d\xbd%\xe1T\xdd\xaa0\x18\xde'
            '\x99\x08\xf0\x0e{',
            nonce='\x99\xc7Q\xb3f2\xbc\xdci\xfe\xd6\x98k\xc67\xdf',
        )

        from letsencrypt.acme.challenges import ProofOfPossessionResponse
        self.msg = ProofOfPossessionResponse(
            nonce='xD\xf9\xb9\xdbU\xed\xaa\x17\xf1y|\x81\x88\x99 ',
            signature=signature)

        self.jmsg_to = {
            'type': 'proofOfPossession',
            'nonce': 'eET5udtV7aoX8Xl8gYiZIA',
            'signature': signature,
        }
        self.jmsg_from = {
            'type': 'proofOfPossession',
            'nonce': 'eET5udtV7aoX8Xl8gYiZIA',
            'signature': signature.fully_serialize(),
        }
예제 #3
0
    def setUp(self):
        from letsencrypt.acme.challenges import ProofOfPossession
        hints = ProofOfPossession.Hints(jwk=jose.JWKRSA(key=KEY.publickey()),
                                        cert_fingerprints=(),
                                        certs=(),
                                        serial_numbers=(),
                                        subject_key_identifiers=(),
                                        issuers=(),
                                        authorized_for=())
        self.msg = ProofOfPossession(
            alg=jose.RS256,
            hints=hints,
            nonce='xD\xf9\xb9\xdbU\xed\xaa\x17\xf1y|\x81\x88\x99 ')

        self.jmsg_to = {
            'type': 'proofOfPossession',
            'alg': jose.RS256,
            'nonce': 'eET5udtV7aoX8Xl8gYiZIA',
            'hints': hints,
        }
        self.jmsg_from = {
            'type': 'proofOfPossession',
            'alg': jose.RS256.fully_serialize(),
            'nonce': 'eET5udtV7aoX8Xl8gYiZIA',
            'hints': hints.fully_serialize(),
        }
예제 #4
0
    def setUp(self):
        jwk = jose.JWKRSA(key=KEY.publickey())

        from letsencrypt.acme.messages import Authorization
        self.msg = Authorization(recovery_token='tok', jwk=jwk,
                                 identifier='example.com')

        self.jmsg = {
            'type': 'authorization',
            'recoveryToken': 'tok',
            'identifier': 'example.com',
            'jwk': jwk,
        }
예제 #5
0
    def setUp(self):
        self.responses = (
            challenges.SimpleHTTPSResponse(path='Hf5GrX4Q7EBax9hc2jJnfw'),
            None,  # null
            challenges.RecoveryTokenResponse(token='23029d88d9e123e'),
        )
        self.contact = ("mailto:[email protected]", "tel:+12025551212")
        signature = other.Signature(
            alg=jose.RS256,
            jwk=jose.JWKRSA(key=KEY.publickey()),
            sig='-v\xd8\xc2\xa3\xba0\xd6\x92\x16\xb5.\xbe\xa1[\x04\xbe'
            '\x1b\xa1X\xd2)\x18\x94\x8f\xd7\xd0\xc0\xbbcI`W\xdf v'
            '\xe4\xed\xe8\x03J\xe8\xc8<?\xc8W\x94\x94cj(\xe7\xaa$'
            '\x92\xe9\x96\x11\xc2\xefx\x0bR',
            nonce='\xab?\x08o\xe6\x81$\x9f\xa1\xc9\x025\x1c\x1b\xa5+')

        from letsencrypt.acme.messages import AuthorizationRequest
        self.msg = AuthorizationRequest(
            session_id='aefoGaavieG9Wihuk2aufai3aeZ5EeW4',
            nonce='\xec\xd6\xf2oYH\xeb\x13\xd5#q\xe0\xdd\xa2\x92\xa9',
            responses=self.responses,
            signature=signature,
            contact=self.contact,
        )

        self.jmsg_to = {
            'type': 'authorizationRequest',
            'sessionID': 'aefoGaavieG9Wihuk2aufai3aeZ5EeW4',
            'nonce': '7Nbyb1lI6xPVI3Hg3aKSqQ',
            'responses': self.responses,
            'signature': signature,
            'contact': self.contact,
        }
        self.jmsg_from = {
            'type':
            'authorizationRequest',
            'sessionID':
            'aefoGaavieG9Wihuk2aufai3aeZ5EeW4',
            'nonce':
            '7Nbyb1lI6xPVI3Hg3aKSqQ',
            'responses': [
                None if response is None else response.fully_serialize()
                for response in self.responses
            ],
            'signature':
            signature.fully_serialize(),
            # TODO: schema validation doesn't recognize tuples as
            # arrays :(
            'contact':
            list(self.contact),
        }
예제 #6
0
    def setUp(self):
        signature = other.Signature(
            alg=jose.RS256, jwk=jose.JWKRSA(key=KEY.publickey()),
            sig='\x15\xed\x84\xaa:\xf2DO\x0e9 \xbcg\xf8\xc0\xcf\x87\x9a'
                '\x95\xeb\xffT[\x84[\xec\x85\x7f\x8eK\xe9\xc2\x12\xc8Q'
                '\xafo\xc6h\x07\xba\xa6\xdf\xd1\xa7"$\xba=Z\x13n\x14\x0b'
                'k\xfe\xee\xb4\xe4\xc8\x05\x9a\x08\xa7',
            nonce='\xec\xd6\xf2oYH\xeb\x13\xd5#q\xe0\xdd\xa2\x92\xa9')

        from letsencrypt.acme.messages import CertificateRequest
        self.msg = CertificateRequest(csr=CSR, signature=signature)

        self.jmsg_to = {
            'type': 'certificateRequest',
            'csr': jose.b64encode(CSR.as_der()),
            'signature': signature,
        }
        self.jmsg_from = self.jmsg_to.copy()
        self.jmsg_from['signature'] = self.jmsg_from['signature'].to_json()
예제 #7
0
    def setUp(self):
        self.sig_nonce = '\xec\xd6\xf2oYH\xeb\x13\xd5#q\xe0\xdd\xa2\x92\xa9'

        signature = other.Signature(
            alg=jose.RS256, jwk=jose.JWKRSA(key=KEY.publickey()),
            sig='eJ\xfe\x12"U\x87\x8b\xbf/ ,\xdeP\xb2\xdc1\xb00\xe5\x1dB'
                '\xfch<\xc6\x9eH@!\x1c\x16\xb2\x0b_\xc4\xddP\x89\xc8\xce?'
                '\x16g\x069I\xb9\xb3\x91\xb9\x0e$3\x9f\x87\x8e\x82\xca\xc5'
                's\xd9\xd0\xe7',
            nonce=self.sig_nonce)

        from letsencrypt.acme.messages import RevocationRequest
        self.msg = RevocationRequest(certificate=CERT, signature=signature)

        self.jmsg_to = {
            'type': 'revocationRequest',
            'certificate': jose.b64encode(CERT.as_der()),
            'signature': signature,
        }
        self.jmsg_from = self.jmsg_to.copy()
        self.jmsg_from['signature'] = self.jmsg_from['signature'].to_json()
예제 #8
0
    def setUp(self):
        jwk = jose.JWKRSA(key=KEY.publickey())
        issuers = (
            'C=US, O=SuperT LLC, CN=SuperTrustworthy Public CA',
            'O=LessTrustworthy CA Inc, CN=LessTrustworthy But StillSecure',
        )
        cert_fingerprints = (
            '93416768eb85e33adc4277f4c9acd63e7418fcfe',
            '16d95b7b63f1972b980b14c20291f3c0d1855d95',
            '48b46570d9fc6358108af43ad1649484def0debf',
        )
        subject_key_identifiers = ('d0083162dcc4c8a23ecb8aecbd86120e56fd24e5')
        authorized_for = ('www.example.com', 'example.net')
        serial_numbers = (34234239832, 23993939911, 17)

        from letsencrypt.acme.challenges import ProofOfPossession
        self.msg = ProofOfPossession.Hints(
            jwk=jwk,
            issuers=issuers,
            cert_fingerprints=cert_fingerprints,
            certs=(CERT, ),
            subject_key_identifiers=subject_key_identifiers,
            authorized_for=authorized_for,
            serial_numbers=serial_numbers)

        self.jmsg_to = {
            'jwk': jwk,
            'certFingerprints': cert_fingerprints,
            'certs': (jose.b64encode(CERT.as_der()), ),
            'subjectKeyIdentifiers': subject_key_identifiers,
            'serialNumbers': serial_numbers,
            'issuers': issuers,
            'authorizedFor': authorized_for,
        }
        self.jmsg_from = self.jmsg_to.copy()
        self.jmsg_from.update({'jwk': jwk.fully_serialize()})
예제 #9
0
    token="evaGxfADs6pSRb2LAv9IZf17Dt3juxGJ+PCt92wr+oA")
DVSNI = challenges.DVSNI(
    r="O*\xb4-\xad\xec\x95>\xed\xa9\r0\x94\xe8\x97\x9c&6\xbf'\xb3"
    "\xed\x9a9nX\x0f'\\m\xe7\x12",
    nonce="a82d5ff8ef740d12881f6d3c2277ab2e")
DNS = challenges.DNS(token="17817c66b60ce2e4012dfad92657527a")
RECOVERY_CONTACT = challenges.RecoveryContact(
    activation_url="https://example.ca/sendrecovery/a5bd99383fb0",
    success_url="https://example.ca/confirmrecovery/bb1b9928932",
    contact="c********[email protected]")
RECOVERY_TOKEN = challenges.RecoveryToken()
POP = challenges.ProofOfPossession(
    alg="RS256",
    nonce="xD\xf9\xb9\xdbU\xed\xaa\x17\xf1y|\x81\x88\x99 ",
    hints=challenges.ProofOfPossession.Hints(
        jwk=jose.JWKRSA(key=KEY.publickey()),
        cert_fingerprints=("93416768eb85e33adc4277f4c9acd63e7418fcfe",
                           "16d95b7b63f1972b980b14c20291f3c0d1855d95",
                           "48b46570d9fc6358108af43ad1649484def0debf"),
        certs=(),  # TODO
        subject_key_identifiers=("d0083162dcc4c8a23ecb8aecbd86120e56fd24e5"),
        serial_numbers=(34234239832, 23993939911, 17),
        issuers=(
            "C=US, O=SuperT LLC, CN=SuperTrustworthy Public CA",
            "O=LessTrustworthy CA Inc, CN=LessTrustworthy But StillSecure",
        ),
        authorized_for=("www.example.com", "example.net"),
    ))

CHALLENGES = [SIMPLE_HTTPS, DVSNI, DNS, RECOVERY_CONTACT, RECOVERY_TOKEN, POP]
DV_CHALLENGES = [