def test_split_pem_chain(self):
test_cases = [
('invalid/bytes.out', 0),
('invalid/garbage_key.pem', 0),
('invalid/glbc_le_stage_cert.pem', 1),
('invalid/expired_cert.pem', 1),
('invalid/le-staging-chain.pem', 1),
('invalid/cert_and_chain.pem', 2),
('invalid/duplicated_chain.pem', 4),
('valid/chains/comodo_chain.pem', 3),
]
for chain_path, chain_len in test_cases:
p = os.path.join(self.test_data_dir, chain_path)
with open(p, 'rb') as f:
chain = tls.split_pem_chain(f.read())
calced_chain_len = 0
if chain is not None:
calced_chain_len = len(chain)
self.assertEqual(calced_chain_len, chain_len)
# Check one time that the parse produced real results
if chain_path == 'invalid/cert_and_chain.pem':
self.assertEqual(self.valid_setup['cert'], chain[0])
self.assertEqual(self.valid_setup['chain'], chain[1])
def test_split_pem_chain(self):
test_cases = [
('invalid/bytes.out', 0),
('invalid/garbage_key.pem', 0),
('invalid/glbc_le_stage_cert.pem', 1),
('invalid/expired_cert.pem', 1),
('invalid/le-staging-chain.pem', 1),
('invalid/cert_and_chain.pem', 2),
('invalid/duplicated_chain.pem', 4),
('valid/chains/comodo_chain.pem', 3),
]
for chain_path, chain_len in test_cases:
p = os.path.join(self.test_data_dir, chain_path)
with open(p, 'rb') as f:
chain = tls.split_pem_chain(f.read())
calced_chain_len = 0
if chain is not None:
calced_chain_len = len(chain)
self.assertEqual(calced_chain_len, chain_len)
# Check one time that the parse produced real results
if chain_path == 'invalid/cert_and_chain.pem':
self.assertEqual(self.valid_setup['cert'], chain[0])
self.assertEqual(self.valid_setup['chain'], chain[1])
def db_serialize(session, tid):
c = ConfigFactory(session, tid).get_val('https_chain')
if not c:
return {
'name': 'chain',
'set': False
}
c = tls.split_pem_chain(c)[0]
x509 = crypto.load_certificate(crypto.FILETYPE_PEM, c)
expr_date = letsencrypt.convert_asn1_date(x509.get_notAfter())
return {
'name': 'chain',
'issuer': tls.parse_issuer_name(x509),
'expiration_date': expr_date,
'set': True
}
def test_split_pem_chain(self):
test_cases = [
('invalid/bytes.out', 0),
('invalid/garbage_key.pem', 0),
('invalid/glbc_le_stage_cert.pem', 1),
('invalid/expired_cert.pem', 1),
('invalid/le-staging-chain.pem', 1),
('valid/chains/comodo.pem', 3),
]
for chain_path, chain_len in test_cases:
p = os.path.join(self.test_data_dir, chain_path)
with open(p, 'rb') as f:
chain = tls.split_pem_chain(f.read())
calced_chain_len = 0
if chain is not None:
calced_chain_len = len(chain)
self.assertEqual(calced_chain_len, chain_len)
