def test_systemd_os_release(self):
from certbot.util import (get_os_info, get_systemd_os_info,
get_os_info_ua)
with mock.patch('certbot.compat.os.path.isfile', return_value=True):
self.assertEqual(get_os_info(
test_util.vector_path("os-release"))[0], 'systemdos')
self.assertEqual(get_os_info(
test_util.vector_path("os-release"))[1], '42')
self.assertEqual(get_systemd_os_info(os.devnull), ("", ""))
self.assertEqual(get_os_info_ua(
test_util.vector_path("os-release")), "SystemdOS")
with mock.patch('certbot.compat.os.path.isfile', return_value=False):
self.assertEqual(get_systemd_os_info(), ("", ""))
def test_systemd_os_release(self):
from certbot.util import (get_os_info, get_systemd_os_info,
get_os_info_ua)
with mock.patch('os.path.isfile', return_value=True):
self.assertEqual(get_os_info(
test_util.vector_path("os-release"))[0], 'systemdos')
self.assertEqual(get_os_info(
test_util.vector_path("os-release"))[1], '42')
self.assertEqual(get_systemd_os_info(os.devnull), ("", ""))
self.assertEqual(get_os_info_ua(
test_util.vector_path("os-release")), "SystemdOS")
with mock.patch('os.path.isfile', return_value=False):
self.assertEqual(get_systemd_os_info(), ("", ""))
def setUp(self):
from certbot import ocsp
self.checker = ocsp.RevocationChecker()
self.cert_path = test_util.vector_path('ocsp_certificate.pem')
self.chain_path = test_util.vector_path('ocsp_issuer_certificate.pem')
self.cert_obj = mock.MagicMock()
self.cert_obj.cert_path = self.cert_path
self.cert_obj.chain_path = self.chain_path
now = pytz.UTC.fromutc(datetime.utcnow())
self.mock_notAfter = mock.patch('certbot.ocsp.crypto_util.notAfter',
return_value=now + timedelta(hours=2))
self.mock_notAfter.start()
# Ensure the mock.patch is stopped even if test raises an exception
self.addCleanup(self.mock_notAfter.stop)
def test_systemd_os_release_like(self):
from certbot.util import get_systemd_os_like
with mock.patch('os.path.isfile', return_value=True):
id_likes = get_systemd_os_like(test_util.vector_path("os-release"))
self.assertEqual(len(id_likes), 3)
self.assertTrue("debian" in id_likes)
def test_determine_ocsp_server(self):
cert_path = test_util.vector_path('google_certificate.pem')
from certbot import ocsp
result = ocsp._determine_ocsp_server(cert_path)
self.assertEqual(('http://ocsp.digicert.com', 'ocsp.digicert.com'),
result)
def test_systemd_os_release_like(self):
from certbot.util import get_systemd_os_like
with mock.patch('os.path.isfile', return_value=True):
id_likes = get_systemd_os_like(test_util.vector_path(
"os-release"))
self.assertEqual(len(id_likes), 3)
self.assertTrue("debian" in id_likes)
def test_determine_ocsp_server(self):
cert_path = test_util.vector_path('ocsp_certificate.pem')
from certbot._internal import ocsp
result = ocsp._determine_ocsp_server(cert_path)
self.assertEqual(
('http://ocsp.test4.buypass.com', 'ocsp.test4.buypass.com'),
result)
def test_der_csr(self):
csrfile = test_util.vector_path('csr.der')
data = test_util.load_vector('csr.der')
self.assertEqual((
OpenSSL.crypto.FILETYPE_ASN1,
util.CSR(file=csrfile, data=data, form="der"),
["example.com"],
), self._call(csrfile, data))
def test_pem_csr(self):
csrfile = test_util.vector_path('csr_512.pem')
data = test_util.load_vector('csr_512.pem')
self.assertEqual((
OpenSSL.crypto.FILETYPE_PEM,
util.CSR(file=csrfile, data=data, form="pem"),
["Example.com"],
), self._call(csrfile, data))
def test_pem_csr(self):
csrfile = test_util.vector_path('csr_512.pem')
data = test_util.load_vector('csr_512.pem')
self.assertEqual(
(OpenSSL.crypto.FILETYPE_PEM,
util.CSR(file=csrfile,
data=data,
form="pem"),
["Example.com"],),
self._call(csrfile, data))
def setUp(self):
self.renewable_cert = mock.MagicMock()
self.renewable_cert.cert_path = SS_CERT_PATH
self.renewable_cert.chain_path = SS_CERT_PATH
self.renewable_cert.key_path = RSA2048_KEY_PATH
self.renewable_cert.fullchain_path = test_util.vector_path('cert_fullchain_2048.pem')
self.bad_renewable_cert = mock.MagicMock()
self.bad_renewable_cert.chain_path = SS_CERT_PATH
self.bad_renewable_cert.cert_path = SS_CERT_PATH
self.bad_renewable_cert.fullchain_path = SS_CERT_PATH
def test_der_csr(self):
csrfile = test_util.vector_path('csr.der')
data = test_util.load_vector('csr.der')
self.assertEqual(
(OpenSSL.crypto.FILETYPE_ASN1,
util.CSR(file=csrfile,
data=data,
form="der"),
["example.com"],),
self._call(csrfile, data))
def set_up_command(config_dir, logs_dir, work_dir, nginx_dir):
"""Build the Certbot command to run for testing.
You can test different subcommands by appending the desired command
to the returned list.
:param str config_dir: path to the configuration directory
:param str logs_dir: path to the logs directory
:param str work_dir: path to the work directory
:param str nginx_dir: path to the nginx directory
:returns: certbot command to execute for testing
:rtype: `list` of `str`
"""
return ('certbot --cert-path {0} --key-path {1} --config-dir {2} '
'--logs-dir {3} --work-dir {4} --nginx-server-root {5} --debug '
'--force-renewal --nginx --verbose '.format(
test_util.vector_path('cert.pem'),
test_util.vector_path('rsa512_key.pem'), config_dir, logs_dir,
work_dir, nginx_dir).split())
def setUp(self):
super(VerifyCertSetup, self).setUp()
self.renewable_cert = mock.MagicMock()
self.renewable_cert.cert = SS_CERT_PATH
self.renewable_cert.chain = SS_CERT_PATH
self.renewable_cert.privkey = RSA2048_KEY_PATH
self.renewable_cert.fullchain = test_util.vector_path('cert_fullchain_2048.pem')
self.bad_renewable_cert = mock.MagicMock()
self.bad_renewable_cert.chain = SS_CERT_PATH
self.bad_renewable_cert.cert = SS_CERT_PATH
self.bad_renewable_cert.fullchain = SS_CERT_PATH
def set_up_command(config_dir, logs_dir, work_dir, nginx_dir):
"""Build the Certbot command to run for testing.
You can test different subcommands by appending the desired command
to the returned list.
:param str config_dir: path to the configuration directory
:param str logs_dir: path to the logs directory
:param str work_dir: path to the work directory
:param str nginx_dir: path to the nginx directory
:returns: certbot command to execute for testing
:rtype: `list` of `str`
"""
return (
'certbot --cert-path {0} --key-path {1} --config-dir {2} '
'--logs-dir {3} --work-dir {4} --nginx-server-root {5} --debug '
'--force-renewal --nginx --verbose '.format(
test_util.vector_path('cert.pem'),
test_util.vector_path('rsa512_key.pem'),
config_dir, logs_dir, work_dir, nginx_dir).split())
"""Tests for certbot.crypto_util."""
import logging
import unittest
import OpenSSL
import mock
import zope.component
import certbot.tests.util as test_util
from certbot import errors
from certbot import interfaces
from certbot import util
from certbot.compat import os
RSA256_KEY = test_util.load_vector('rsa256_key.pem')
RSA256_KEY_PATH = test_util.vector_path('rsa256_key.pem')
RSA512_KEY = test_util.load_vector('rsa512_key.pem')
RSA2048_KEY_PATH = test_util.vector_path('rsa2048_key.pem')
CERT_PATH = test_util.vector_path('cert_512.pem')
CERT = test_util.load_vector('cert_512.pem')
SS_CERT_PATH = test_util.vector_path('cert_2048.pem')
SS_CERT = test_util.load_vector('cert_2048.pem')
P256_KEY = test_util.load_vector('nistp256_key.pem')
P256_CERT_PATH = test_util.vector_path('cert-nosans_nistp256.pem')
P256_CERT = test_util.load_vector('cert-nosans_nistp256.pem')
class InitSaveKeyTest(test_util.TempDirTestCase):
"""Tests for certbot.crypto_util.init_save_key."""
def setUp(self):
super(InitSaveKeyTest, self).setUp()
def test_cert_sig_mismatch(self):
self.bad_renewable_cert.cert_path = test_util.vector_path(
'cert_512_bad.pem')
self.assertRaises(errors.Error, self._call, self.bad_renewable_cert)
def test_bad_csr(self):
self.assertRaises(errors.Error, self._call,
test_util.vector_path('cert_512.pem'),
test_util.load_vector('cert_512.pem'))
import logging
import os
import unittest
import OpenSSL
import mock
import zope.component
from certbot import errors
from certbot import interfaces
from certbot import util
import certbot.tests.util as test_util
RSA256_KEY = test_util.load_vector('rsa256_key.pem')
RSA256_KEY_PATH = test_util.vector_path('rsa256_key.pem')
RSA512_KEY = test_util.load_vector('rsa512_key.pem')
RSA2048_KEY_PATH = test_util.vector_path('rsa2048_key.pem')
CERT_PATH = test_util.vector_path('cert.pem')
CERT = test_util.load_vector('cert.pem')
SAN_CERT = test_util.load_vector('cert-san.pem')
SS_CERT_PATH = test_util.vector_path('self_signed_cert.pem')
SS_CERT = test_util.load_vector('self_signed_cert.pem')
class InitSaveKeyTest(test_util.TempDirTestCase):
"""Tests for certbot.crypto_util.init_save_key."""
def setUp(self):
super(InitSaveKeyTest, self).setUp()
logging.disable(logging.CRITICAL)
zope.component.provideUtility(
try:
import mock
except ImportError: # pragma: no cover
from unittest import mock
import OpenSSL
import zope.component
from certbot import errors
from certbot import interfaces
from certbot import util
from certbot.compat import filesystem
from certbot.compat import os
import certbot.tests.util as test_util
RSA256_KEY = test_util.load_vector('rsa256_key.pem')
RSA256_KEY_PATH = test_util.vector_path('rsa256_key.pem')
RSA512_KEY = test_util.load_vector('rsa512_key.pem')
RSA2048_KEY_PATH = test_util.vector_path('rsa2048_key.pem')
CERT_PATH = test_util.vector_path('cert_512.pem')
CERT = test_util.load_vector('cert_512.pem')
SS_CERT_PATH = test_util.vector_path('cert_2048.pem')
SS_CERT = test_util.load_vector('cert_2048.pem')
P256_KEY = test_util.load_vector('nistp256_key.pem')
P256_CERT_PATH = test_util.vector_path('cert-nosans_nistp256.pem')
P256_CERT = test_util.load_vector('cert-nosans_nistp256.pem')
# CERT_LEAF is signed by CERT_ISSUER. CERT_ALT_ISSUER is a cross-sign of CERT_ISSUER.
CERT_LEAF = test_util.load_vector('cert_leaf.pem')
CERT_ISSUER = test_util.load_vector('cert_intermediate_1.pem')
CERT_ALT_ISSUER = test_util.load_vector('cert_intermediate_2.pem')
"""Tests for certbot.crypto_util."""
import logging
import os
import unittest
import OpenSSL
import mock
import zope.component
from certbot import errors
from certbot import interfaces
from certbot import util
import certbot.tests.util as test_util
RSA256_KEY = test_util.load_vector('rsa256_key.pem')
RSA256_KEY_PATH = test_util.vector_path('rsa256_key.pem')
RSA512_KEY = test_util.load_vector('rsa512_key.pem')
RSA2048_KEY_PATH = test_util.vector_path('rsa2048_key.pem')
CERT_PATH = test_util.vector_path('cert.pem')
CERT = test_util.load_vector('cert.pem')
SAN_CERT = test_util.load_vector('cert-san.pem')
SS_CERT_PATH = test_util.vector_path('self_signed_cert.pem')
SS_CERT = test_util.load_vector('self_signed_cert.pem')
class InitSaveKeyTest(test_util.TempDirTestCase):
"""Tests for certbot.crypto_util.init_save_key."""
def setUp(self):
super(InitSaveKeyTest, self).setUp()
logging.disable(logging.CRITICAL)
import os
import unittest
import OpenSSL
import mock
import zope.component
from certbot import errors
from certbot import interfaces
from certbot import util
import certbot.tests.util as test_util
RSA256_KEY = test_util.load_vector('rsa256_key.pem')
RSA512_KEY = test_util.load_vector('rsa512_key.pem')
CERT_PATH = test_util.vector_path('cert.pem')
CERT = test_util.load_vector('cert.pem')
SAN_CERT = test_util.load_vector('cert-san.pem')
class InitSaveKeyTest(test_util.TempDirTestCase):
"""Tests for certbot.crypto_util.init_save_key."""
def setUp(self):
super(InitSaveKeyTest, self).setUp()
logging.disable(logging.CRITICAL)
zope.component.provideUtility(
mock.Mock(strict_permissions=True, dry_run=False),
interfaces.IConfig)
def tearDown(self):
def setUp(self):
from certbot import ocsp
self.checker = ocsp.RevocationChecker()
self.cert_path = test_util.vector_path('google_certificate.pem')
self.chain_path = test_util.vector_path('google_issuer_certificate.pem')
import shutil
import tempfile
import unittest
import OpenSSL
import mock
import zope.component
from certbot import errors
from certbot import interfaces
from certbot import util
import certbot.tests.util as test_util
RSA256_KEY = test_util.load_vector('rsa256_key.pem')
RSA512_KEY = test_util.load_vector('rsa512_key.pem')
CERT_PATH = test_util.vector_path('cert.pem')
CERT = test_util.load_vector('cert.pem')
SAN_CERT = test_util.load_vector('cert-san.pem')
class InitSaveKeyTest(unittest.TestCase):
"""Tests for certbot.crypto_util.init_save_key."""
def setUp(self):
logging.disable(logging.CRITICAL)
zope.component.provideUtility(
mock.Mock(strict_permissions=True, dry_run=False),
interfaces.IConfig)
self.key_dir = tempfile.mkdtemp('key_dir')
def tearDown(self):
logging.disable(logging.NOTSET)
def test_cert_sig_mismatch(self):
self.bad_renewable_cert.cert = test_util.vector_path('cert_512_bad.pem')
self.assertRaises(errors.Error, self._call, self.bad_renewable_cert)
def test_bad_csr(self):
self.assertRaises(errors.Error, self._call,
test_util.vector_path('cert_512.pem'),
test_util.load_vector('cert_512.pem'))
def test_determine_ocsp_server(self):
cert_path = test_util.vector_path('google_certificate.pem')
from certbot import ocsp
result = ocsp._determine_ocsp_server(cert_path)
self.assertEqual(('http://ocsp.digicert.com', 'ocsp.digicert.com'), result)
import argparse
import copy
import os
import re
import shutil
import tarfile
import josepy as jose
from certbot.tests import util as test_util
from certbot import constants
from certbot_compatibility_test import errors
_KEY_BASE = "rsa2048_key.pem"
KEY_PATH = test_util.vector_path(_KEY_BASE)
KEY = test_util.load_pyopenssl_private_key(_KEY_BASE)
JWK = jose.JWKRSA(key=test_util.load_rsa_private_key(_KEY_BASE))
IP_REGEX = re.compile(r"^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$")
def create_le_config(parent_dir):
"""Sets up LE dirs in parent_dir and returns the config dict"""
config = copy.deepcopy(constants.CLI_DEFAULTS)
le_dir = os.path.join(parent_dir, "certbot")
os.mkdir(le_dir)
for dir_name in ("config", "logs", "work"):
full_path = os.path.join(le_dir, dir_name)
os.mkdir(full_path)
full_name = dir_name + "_dir"