예제 #1
0
    def test_exists_raises(self):
        mock_connectionection = Mock()
        mock_connectionection.call.return_value = {
            'ET_BAPIRET2': [{
                'TYPE': 'E',
                'MESSAGE': 'Invalid storage'
            }]
        }

        ssl_storage = SSLCertStorage(mock_connectionection, 'RAISE', 'TEST')

        with self.assertRaises(InvalidSSLStorage) as cm:
            ssl_storage.exists()

        self.assertEqual(mock_connectionection.call.call_args_list, [
            mock.call('SSFR_PSE_CHECK',
                      IS_STRUST_IDENTITY={
                          'PSE_CONTEXT': 'RAISE',
                          'PSE_APPLIC': 'TEST'
                      })
        ])

        self.assertEqual(
            str(cm.exception),
            'The SSL Storage RAISE/TEST is broken: Invalid storage')
예제 #2
0
def putcertificate(connection, args):
    """Uploads X.509 Base64 certificates into SAP to enable SSL peer verification
       of remote servers

        Exceptions:
            - SAPCliError:
                - when the given storage does not belong to the storage white list
                - when identity argument has invalid format
    """

    identities = []

    for storage in args.storage:
        if storage in (CLIENT_ANONYMOUS, CLIENT_STANDART):
            identities.append(IDENTITY_MAPPING[storage])
        else:
            raise SAPCliError(f'Unknown storage: {storage}')

    for identity in args.identity:
        try:
            identities.append(Identity(*identity.split('/')))
        except (ValueError, TypeError):
            # pylint: disable=raise-missing-from
            raise SAPCliError('Invalid identity format')

    ssl_storages = []
    for identity in identities:
        ssl_storage = SSLCertStorage(connection, identity.pse_context, identity.pse_applic)

        if not ssl_storage.exists():
            ssl_storage.create(
                alg=args.algorithm,
                keylen=args.key_length,
                dn=args.dn
            )

        logging.debug('SSL Storage is OK: %s', ssl_storage)
        ssl_storages.append(ssl_storage)

    for file_path in args.paths:
        logging.info('Processing the file: %s', file_path)
        with open(file_path, 'rb') as cert_file:
            cert_contents = cert_file.read()
            for ssl_storage in ssl_storages:
                logging.info('Adding the file: %s to %s', file_path, ssl_storage)
                logging.info(ssl_storage.put_certificate(cert_contents))

    logging.info('Notifying ICM ... ')
    notify_icm_changed_pse(connection)

    for updated_storage in ssl_storages:
        logging.info('Certificates of %s:', str(updated_storage))

        for cert in iter_storage_certificates(updated_storage):
            logging.info('* %s', cert['EV_SUBJECT'])
예제 #3
0
    def test_exists_raises_if_not_ret(self):
        mock_connectionection = Mock()
        mock_connectionection.call.return_value = {'ET_BAPIRET2': []}

        ssl_storage = SSLCertStorage(mock_connectionection, 'RAISE', 'TEST')

        with self.assertRaises(InvalidSSLStorage) as cm:
            ssl_storage.exists()

        self.assertEqual(mock_connectionection.call.call_args_list, [
            mock.call('SSFR_PSE_CHECK',
                      IS_STRUST_IDENTITY={
                          'PSE_CONTEXT': 'RAISE',
                          'PSE_APPLIC': 'TEST'
                      })
        ])

        self.assertEqual(
            str(cm.exception),
            'Received no response from the server - check STRUST manually.')
예제 #4
0
    def test_exists_yes(self):
        mock_connectionection = Mock()
        mock_connectionection.call.return_value = {
            'ET_BAPIRET2': [{
                'TYPE': 'S'
            }]
        }

        ssl_storage = SSLCertStorage(mock_connectionection, 'NOTRAISE', 'TEST')
        self.assertTrue(ssl_storage.exists())

        self.assertEquals(mock_connectionection.call.call_args_list, [
            mock.call('SSFR_PSE_CHECK',
                      IS_STRUST_IDENTITY={
                          'PSE_CONTEXT': 'NOTRAISE',
                          'PSE_APPLIC': 'TEST'
                      })
        ])