Пример #1
0
    def setUp(self):
        # test_util.load_{csr,cert} return ComparableX509
        self.req1 = test_util.load_csr('csr.pem')
        self.req2 = test_util.load_csr('csr.pem')
        self.req_other = test_util.load_csr('csr-san.pem')

        self.cert1 = test_util.load_cert('cert.pem')
        self.cert2 = test_util.load_cert('cert.pem')
        self.cert_other = test_util.load_cert('cert-san.pem')
Пример #2
0
    def setUp(self):
        # test_util.load_{csr,cert} return ComparableX509
        self.req1 = test_util.load_csr('csr.pem')
        self.req2 = test_util.load_csr('csr.pem')
        self.req_other = test_util.load_csr('csr-san.pem')

        self.cert1 = test_util.load_cert('cert.pem')
        self.cert2 = test_util.load_cert('cert.pem')
        self.cert_other = test_util.load_cert('cert-san.pem')
Пример #3
0
 def test_dump_pyopenssl_chain(self):
     names = ['cert.pem', 'cert-san.pem', 'cert-idnsans.pem']
     loaded = [test_util.load_cert(name) for name in names]
     length = sum(
         len(OpenSSL.crypto.dump_certificate(OpenSSL.crypto.FILETYPE_PEM, cert))
         for cert in loaded)
     self.assertEqual(len(self._call(loaded)), length)
Пример #4
0
 def test_dump_pyopenssl_chain(self):
     names = ['cert.pem', 'cert-san.pem', 'cert-idnsans.pem']
     loaded = [test_util.load_cert(name) for name in names]
     length = sum(
         len(OpenSSL.crypto.dump_certificate(OpenSSL.crypto.FILETYPE_PEM, cert))
         for cert in loaded)
     self.assertEqual(len(self._call(loaded)), length)
Пример #5
0
 def test_dump_pyopenssl_chain_wrapped(self):
     names = ['cert.pem', 'cert-san.pem', 'cert-idnsans.pem']
     loaded = [test_util.load_cert(name) for name in names]
     wrap_func = jose.ComparableX509
     wrapped = [wrap_func(cert) for cert in loaded]
     dump_func = OpenSSL.crypto.dump_certificate
     length = sum(len(dump_func(OpenSSL.crypto.FILETYPE_PEM, cert)) for cert in loaded)
     self.assertEqual(len(self._call(wrapped)), length)
Пример #6
0
 def test_dump_pyopenssl_chain_wrapped(self):
     names = ['cert.pem', 'cert-san.pem', 'cert-idnsans.pem']
     loaded = [test_util.load_cert(name) for name in names]
     wrap_func = jose.ComparableX509
     wrapped = [wrap_func(cert) for cert in loaded]
     dump_func = OpenSSL.crypto.dump_certificate
     length = sum(len(dump_func(OpenSSL.crypto.FILETYPE_PEM, cert)) for cert in loaded)
     self.assertEqual(len(self._call(wrapped)), length)
Пример #7
0
 def setUp(self):
     self.certs = {b'localhost': (
         test_util.load_pyopenssl_private_key('rsa2048_key.pem'),
         test_util.load_cert('rsa2048_cert.pem'),
     )}
     from acme.standalone import TLSSNI01DualNetworkedServers
     self.servers = TLSSNI01DualNetworkedServers(('localhost', 0), certs=self.certs)
     self.servers.serve_forever()
Пример #8
0
 def setUp(self):
     self.certs = {b'localhost': (
         test_util.load_pyopenssl_private_key('rsa2048_key.pem'),
         test_util.load_cert('rsa2048_cert.pem'),
     )}
     from acme.standalone import TLSSNI01Server
     self.server = TLSSNI01Server(('localhost', 0), certs=self.certs)
     self.thread = threading.Thread(target=self.server.serve_forever)
     self.thread.start()
Пример #9
0
    def setUp(self):
        self.certs = {
            b"localhost": (test_util.load_pyopenssl_private_key("rsa512_key.pem"), test_util.load_cert("cert.pem"))
        }
        from acme.standalone import TLSSNI01Server

        self.server = TLSSNI01Server(("", 0), certs=self.certs)
        # pylint: disable=no-member
        self.thread = threading.Thread(target=self.server.serve_forever)
        self.thread.start()
Пример #10
0
 def setUp(self):
     self.certs = {b'localhost': (
         test_util.load_pyopenssl_private_key('rsa2048_key.pem'),
         test_util.load_cert('rsa2048_cert.pem'),
     )}
     from acme.standalone import TLSSNI01Server
     self.server = TLSSNI01Server(('localhost', 0), certs=self.certs)
     # pylint: disable=no-member
     self.thread = threading.Thread(target=self.server.serve_forever)
     self.thread.start()
Пример #11
0
 def setUp(self):
     self.certs = {
         b'localhost': (test_util.load_pyopenssl_private_key('rsa512_key.pem'),
                        # pylint: disable=protected-access
                        test_util.load_cert('cert.pem')._wrapped),
     }
     from acme.standalone import DVSNIServer
     self.server = DVSNIServer(("", 0), certs=self.certs)
     # pylint: disable=no-member
     self.thread = threading.Thread(target=self.server.handle_request)
     self.thread.start()
Пример #12
0
 def setUp(self):
     self.certs = {
         b'localhost': (test_util.load_pyopenssl_private_key('rsa512_key.pem'),
                        # pylint: disable=protected-access
                        test_util.load_cert('cert.pem')._wrapped),
     }
     from acme.standalone import DVSNIServer
     self.server = DVSNIServer(("", 0), certs=self.certs)
     # pylint: disable=no-member
     self.thread = threading.Thread(target=self.server.serve_forever)
     self.thread.start()
Пример #13
0
 def test_it(self):
     max_attempts = 5
     while max_attempts:
         max_attempts -= 1
         try:
             cert = crypto_util.probe_sni(b"localhost", b"0.0.0.0", self.port)
         except errors.Error:
             self.assertTrue(max_attempts > 0, "Timeout!")
             time.sleep(1)  # wait until thread starts
         else:
             self.assertEqual(jose.ComparableX509(cert), test_util.load_cert("cert.pem"))
             break
Пример #14
0
 def test_it(self):
     max_attempts = 5
     while max_attempts:
         max_attempts -= 1
         try:
             cert = crypto_util.probe_sni(b'localhost', b'0.0.0.0', self.port)
         except errors.Error:
             self.assertTrue(max_attempts > 0, "Timeout!")
             time.sleep(1)  # wait until thread starts
         else:
             self.assertEqual(jose.ComparableX509(cert),
                              test_util.load_cert('cert.pem'))
             break
Пример #15
0
    def setUp(self):
        self.certs = {
            b"localhost": (
                test_util.load_pyopenssl_private_key("rsa512_key.pem"),
                # pylint: disable=protected-access
                test_util.load_cert("cert.pem")._wrapped,
            )
        }
        from acme.standalone import DVSNIServer

        self.server = DVSNIServer(("", 0), certs=self.certs)
        # pylint: disable=no-member
        self.thread = threading.Thread(target=self.server.handle_request)
        self.thread.start()
Пример #16
0
    def setUp(self):
        self.cert = test_util.load_cert('cert.pem')
        key = OpenSSL.crypto.load_privatekey(
            OpenSSL.crypto.FILETYPE_PEM,
            test_util.load_vector('rsa512_key.pem'))
        # pylint: disable=protected-access
        certs = {b'foo': (key, self.cert._wrapped)}

        sock = socket.socket()
        sock.bind(('', 0))  # pick random port
        self.port = sock.getsockname()[1]

        self.server = threading.Thread(target=self._run_server, args=(certs, sock))
        self.server.start()
        time.sleep(1)  # TODO: avoid race conditions in other way
Пример #17
0
    def setUp(self):
        self.cert = test_util.load_cert('cert.pem')
        key = OpenSSL.crypto.load_privatekey(
            OpenSSL.crypto.FILETYPE_PEM,
            test_util.load_vector('rsa512_key.pem'))
        # pylint: disable=protected-access
        certs = {b'foo': (key, self.cert._wrapped)}

        sock = socket.socket()
        sock.bind(('', 0))  # pick random port
        self.port = sock.getsockname()[1]

        self.server = threading.Thread(target=self._run_server, args=(certs, sock))
        self.server.start()
        time.sleep(1)  # TODO: avoid race conditions in other way
    def setUp(self):
        self.cert = test_util.load_cert('cert.pem')
        key = test_util.load_pyopenssl_private_key('rsa512_key.pem')
        # pylint: disable=protected-access
        certs = {b'foo': (key, self.cert._wrapped)}

        from acme.crypto_util import SSLSocket

        class _TestServer(socketserver.TCPServer):

            # pylint: disable=too-few-public-methods
            # six.moves.* | pylint: disable=attribute-defined-outside-init,no-init

            def server_bind(self):  # pylint: disable=missing-docstring
                self.socket = SSLSocket(socket.socket(), certs=certs)
                socketserver.TCPServer.server_bind(self)

        self.server = _TestServer(('', 0), socketserver.BaseRequestHandler)
        self.port = self.server.socket.getsockname()[1]
        self.server_thread = threading.Thread(
            # pylint: disable=no-member
            target=self.server.handle_request)
        self.server_thread.start()
        time.sleep(1)  # TODO: avoid race conditions in other way
Пример #19
0
    def setUp(self):
        self.cert = test_util.load_cert('cert.pem')
        key = test_util.load_pyopenssl_private_key('rsa512_key.pem')
        # pylint: disable=protected-access
        certs = {b'foo': (key, self.cert._wrapped)}

        from acme.crypto_util import SSLSocket

        class _TestServer(socketserver.TCPServer):

            # pylint: disable=too-few-public-methods
            # six.moves.* | pylint: disable=attribute-defined-outside-init,no-init

            def server_bind(self):  # pylint: disable=missing-docstring
                self.socket = SSLSocket(socket.socket(), certs=certs)
                socketserver.TCPServer.server_bind(self)

        self.server = _TestServer(('', 0), socketserver.BaseRequestHandler)
        self.port = self.server.socket.getsockname()[1]
        self.server_thread = threading.Thread(
            # pylint: disable=no-member
            target=self.server.handle_request)
        self.server_thread.start()
        time.sleep(1)  # TODO: avoid race conditions in other way
Пример #20
0
"""Tests for acme.messages."""
import unittest

import mock

from acme import challenges
from acme import jose
from acme import test_util


CERT = test_util.load_cert('cert.der')
CSR = test_util.load_csr('csr.der')
KEY = test_util.load_rsa_private_key('rsa512_key.pem')


class ErrorTest(unittest.TestCase):
    """Tests for acme.messages.Error."""

    def setUp(self):
        from acme.messages import Error
        self.error = Error(detail='foo', typ='malformed', title='title')
        self.jobj = {'detail': 'foo', 'title': 'some title'}

    def test_typ_prefix(self):
        self.assertEqual('malformed', self.error.typ)
        self.assertEqual(
            'urn:acme:error:malformed', self.error.to_partial_json()['type'])
        self.assertEqual(
            'malformed', self.error.from_json(self.error.to_partial_json()).typ)

    def test_typ_decoder_missing_prefix(self):
"""Tests for acme.challenges."""
import unittest

import mock
import OpenSSL
import requests

from six.moves.urllib import parse as urllib_parse  # pylint: disable=import-error

from acme import errors
from acme import jose
from acme import other
from acme import test_util

CERT = test_util.load_cert('cert.pem')
KEY = test_util.load_rsa_private_key('rsa512_key.pem')


class SimpleHTTPTest(unittest.TestCase):
    def setUp(self):
        from acme.challenges import SimpleHTTP
        self.msg = SimpleHTTP(
            token='evaGxfADs6pSRb2LAv9IZf17Dt3juxGJ+PCt92wr+oA')
        self.jmsg = {
            'type': 'simpleHttp',
            'token': 'evaGxfADs6pSRb2LAv9IZf17Dt3juxGJ+PCt92wr+oA',
        }

    def test_to_partial_json(self):
        self.assertEqual(self.jmsg, self.msg.to_partial_json())
Пример #22
0
 def test_verify_bad_cert(self):
     self.assertFalse(
         self.response.verify_cert(test_util.load_cert('cert.pem')))
Пример #23
0
"""Tests for acme.challenges."""
import unittest

import mock
import OpenSSL
import requests

from six.moves.urllib import parse as urllib_parse  # pylint: disable=import-error

from acme import errors
from acme import jose
from acme import other
from acme import test_util


CERT = test_util.load_cert('cert.pem')
KEY = test_util.load_rsa_private_key('rsa512_key.pem')


class SimpleHTTPTest(unittest.TestCase):

    def setUp(self):
        from acme.challenges import SimpleHTTP
        self.msg = SimpleHTTP(
            token='evaGxfADs6pSRb2LAv9IZf17Dt3juxGJ+PCt92wr+oA')
        self.jmsg = {
            'type': 'simpleHttp',
            'token': 'evaGxfADs6pSRb2LAv9IZf17Dt3juxGJ+PCt92wr+oA',
        }

    def test_to_partial_json(self):
Пример #24
0
"""Tests for acme.challenges."""
import unittest

import mock
import OpenSSL
import requests

from six.moves.urllib import parse as urllib_parse  # pylint: disable=import-error

from acme import errors
from acme import jose
from acme import other
from acme import test_util


CERT = test_util.load_cert("cert.pem")
KEY = jose.JWKRSA(key=test_util.load_rsa_private_key("rsa512_key.pem"))


class ChallengeTest(unittest.TestCase):
    def test_from_json_unrecognized(self):
        from acme.challenges import Challenge
        from acme.challenges import UnrecognizedChallenge

        chall = UnrecognizedChallenge({"type": "foo"})
        # pylint: disable=no-member
        self.assertEqual(chall, Challenge.from_json(chall.jobj))


class UnrecognizedChallengeTest(unittest.TestCase):
    def setUp(self):
Пример #25
0
 def test_verify_bad_cert(self):
     self.assertFalse(self.response.verify_cert(test_util.load_cert("cert.pem")))
Пример #26
0
 def test_verify_bad_cert(self):
     self.assertFalse(self.msg.verify_cert(test_util.load_cert('cert.pem')))