def test_missing_fields(self): """ Parse a key certificate where a mandatory field is missing. """ mandatory_fields = ( 'dir-key-certificate-version', 'fingerprint', 'dir-key-published', 'dir-key-expires', 'dir-identity-key', 'dir-signing-key', 'dir-key-certification', ) for excluded_field in mandatory_fields: content = KeyCertificate.content(exclude=(excluded_field, )) self.assertRaises(ValueError, KeyCertificate, content, True) certificate = KeyCertificate(content, False) if excluded_field == 'fingerprint': self.assertEqual(3, certificate.version) else: self.assertEqual(40, len(certificate.fingerprint))
def test_dir_address(self): """ Parses the dir-address field. """ certificate = KeyCertificate.create({'dir-address': '127.0.0.1:80'}) self.assertEqual('127.0.0.1', certificate.address) self.assertEqual(80, certificate.dir_port) test_values = ( (''), (' '), ('127.0.0.1'), ('127.0.0.1:'), ('80'), (':80'), ('127.0.0.1a:80'), ('127.0.0.1:80a'), ) for test_value in test_values: content = KeyCertificate.content({'dir-address': test_value}) self.assertRaises(ValueError, KeyCertificate, content, True) certificate = KeyCertificate(content, False) self.assertEqual(None, certificate.address) self.assertEqual(None, certificate.dir_port)
def test_wrong_block_type(self): """ Checks that we validate the type of crypto content we receive. """ content = KeyCertificate.content({'dir-identity-key': '\n-----BEGIN MD5SUM-----%s-----END MD5SUM-----' % stem.descriptor.CRYPTO_BLOB}) self.assertRaises(ValueError, KeyCertificate, content, True)
def test_key_blocks(self): """ Parses the dir-identity-key, dir-signing-key, dir-key-crosscert, and dir-key-certification fields which all just have signature content. """ # the only non-mandatory field that we haven't exercised yet is dir-key-crosscert certificate = KeyCertificate.create({ 'dir-key-crosscert': '\n-----BEGIN ID SIGNATURE-----%s-----END ID SIGNATURE-----' % stem.descriptor.CRYPTO_BLOB }) self.assertTrue(stem.descriptor.CRYPTO_BLOB in certificate.crosscert) test_value = '\n-----BEGIN ID SIGNATURE-----%s-----END UGABUGA SIGNATURE-----' % stem.descriptor.CRYPTO_BLOB for field, attr in (('dir-identity-key', 'identity_key'), ('dir-signing-key', 'signing_key'), ('dir-key-crosscert', 'crosscert'), ('dir-key-certification', 'certification')): content = KeyCertificate.content({field: test_value}) self.assertRaises(ValueError, KeyCertificate, content, True) certificate = KeyCertificate(content, False) self.assertEqual(None, getattr(certificate, attr))
def test_version(self): """ Parses the dir-key-certificate-version field, including trying to handle a different certificate version with the v3 parser. """ certificate = KeyCertificate.create({'dir-key-certificate-version': '3'}) self.assertEqual(3, certificate.version) content = KeyCertificate.content({'dir-key-certificate-version': '4'}) self.assertRaises(ValueError, KeyCertificate, content, True) self.assertEqual(4, KeyCertificate(content, False).version) content = KeyCertificate.content({'dir-key-certificate-version': 'boo'}) self.assertRaises(ValueError, KeyCertificate, content, True) self.assertEqual(None, KeyCertificate(content, False).version)
def test_missing_fields(self): """ Parse a key certificate where a mandatory field is missing. """ mandatory_fields = ( 'dir-key-certificate-version', 'fingerprint', 'dir-key-published', 'dir-key-expires', 'dir-identity-key', 'dir-signing-key', 'dir-key-certification', ) for excluded_field in mandatory_fields: content = KeyCertificate.content(exclude = (excluded_field,)) self.assertRaises(ValueError, KeyCertificate, content, True) certificate = KeyCertificate(content, False) if excluded_field == 'fingerprint': self.assertEqual(3, certificate.version) else: self.assertEqual(40, len(certificate.fingerprint))
def test_first_and_last_lines(self): """ Includes a non-mandatory field before the 'dir-key-certificate-version' line or after the 'dir-key-certification' line. """ content = KeyCertificate.content() for cert_text in (b'dir-address 127.0.0.1:80\n' + content, content + b'\ndir-address 127.0.0.1:80'): self.assertRaises(ValueError, KeyCertificate, cert_text, True) certificate = KeyCertificate(cert_text, False) self.assertEqual('127.0.0.1', certificate.address) self.assertEqual(80, certificate.dir_port)
def test_fingerprint(self): """ Parses the fingerprint field. """ test_values = ( '', ' ', '27B6B5996C426270A5C95488AA5BCEB6BCC8695', '27B6B5996C426270A5C95488AA5BCEB6BCC869568', ) for test_value in test_values: content = KeyCertificate.content({'fingerprint': test_value}) self.assertRaises(ValueError, KeyCertificate, content, True) certificate = KeyCertificate(content, False) self.assertEqual(None, certificate.fingerprint)
def test_time_fields(self): """ Parses the dir-key-published and dir-key-expires fields, which both have datetime content. """ test_values = ( '', ' ', '2012-12-12', '2012-12-12 01:01:', '2012-12-12 01:a1:01', ) for field, attr in (('dir-key-published', 'published'), ('dir-key-expires', 'expires')): for test_value in test_values: content = KeyCertificate.content({field: test_value}) self.assertRaises(ValueError, KeyCertificate, content, True) certificate = KeyCertificate(content, False) self.assertEqual(None, getattr(certificate, attr))
def test_key_certificate(self): """ Includes or exclude a key certificate from the directory entry. """ key_cert = KeyCertificate.content() # include a key cert with a consensus content = DirectoryAuthority.content() + b'\n' + key_cert self.assertRaises(ValueError, DirectoryAuthority, content, True) authority = DirectoryAuthority(content, False) self.assertTrue(authority.nickname.startswith('Unnamed')) # exclude key cert from a vote content = b'\n'.join(DirectoryAuthority.content(is_vote = True).splitlines()[:-5]) self.assertRaises(ValueError, DirectoryAuthority, content, True, True) authority = DirectoryAuthority(content, False, True) self.assertTrue(authority.nickname.startswith('Unnamed'))
def test_key_blocks(self): """ Parses the dir-identity-key, dir-signing-key, dir-key-crosscert, and dir-key-certification fields which all just have signature content. """ # the only non-mandatory field that we haven't exercised yet is dir-key-crosscert certificate = KeyCertificate.create({'dir-key-crosscert': '\n-----BEGIN ID SIGNATURE-----%s-----END ID SIGNATURE-----' % stem.descriptor.CRYPTO_BLOB}) self.assertTrue(stem.descriptor.CRYPTO_BLOB in certificate.crosscert) test_value = '\n-----BEGIN ID SIGNATURE-----%s-----END UGABUGA SIGNATURE-----' % stem.descriptor.CRYPTO_BLOB for field, attr in (('dir-identity-key', 'identity_key'), ('dir-signing-key', 'signing_key'), ('dir-key-crosscert', 'crosscert'), ('dir-key-certification', 'certification')): content = KeyCertificate.content({field: test_value}) self.assertRaises(ValueError, KeyCertificate, content, True) certificate = KeyCertificate(content, False) self.assertEqual(None, getattr(certificate, attr))