def test_read(self): if verbose: print("test_read") create_pk12(cert_nickname, pk12_filename) slot = nss.get_internal_key_slot() pkcs12 = nss.PKCS12Decoder(pk12_filename, pk12_passwd, slot) self.assertEqual(len(pkcs12), 3) cert_bag_count = 0 key_seen = None for bag in pkcs12: if bag.type == nss.SEC_OID_PKCS12_V1_CERT_BAG_ID: self.assertIsNone(bag.shroud_algorithm_id) cert_bag_count += 1 if key_seen is None: key_seen = bag.has_key elif key_seen is True: self.assertIs(bag.has_key, False) elif key_seen is False: self.assertIs(bag.has_key, True) else: self.fail("unexpected has_key for bag type = %s(%d)" % (bag.has_key, nss.oid_tag_name(bag.type), bag.type)) elif bag.type == nss.SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID: self.assertIsInstance(bag.shroud_algorithm_id, nss.AlgorithmID) self.assertIs(bag.has_key, False) else: self.fail("unexpected bag type = %s(%d)" % (nss.oid_tag_name(bag.type), bag.type)) self.assertEqual(cert_bag_count, 2)
def test_import(self): if verbose: print "test_import" cmd = 'certutil -d pki -D -n %s' % (read_nickname) run_cmd(cmd) slot = nss.get_internal_key_slot() pkcs12 = nss.PKCS12Decoder(read_pkcs12_file, pkcs12_file_password, slot) slot.authenticate() pkcs12.database_import()
def test_import_filename(self): if verbose: print("test_import_filename") delete_cert_from_db(cert_nickname) self.assertEqual(get_cert_der_from_db(cert_nickname), None) slot = nss.get_internal_key_slot() pkcs12 = nss.PKCS12Decoder(pk12_filename, pk12_passwd, slot) slot.authenticate() pkcs12.database_import() cert_der = get_cert_der_from_db(cert_nickname) self.assertEqual(cert_der, self.cert_der)
def test_import_filelike(self): if verbose: print("test_import_filelike") delete_cert_from_db(cert_nickname) self.assertEqual(get_cert_der_from_db(cert_nickname), None) slot = nss.get_internal_key_slot() with open(pk12_filename, "rb") as f: data = f.read() file_obj = BytesIO(data) pkcs12 = nss.PKCS12Decoder(file_obj, pk12_passwd, slot) slot.authenticate() pkcs12.database_import() cert_der = get_cert_der_from_db(cert_nickname) self.assertEqual(cert_der, self.cert_der)