def test_create_new_x509_bundle_set():
bundle_bytes = read_bytes(_TEST_CERTS_PATH.format('cert.der'))
bundle_1 = X509Bundle.parse_raw(trust_domain_1, bundle_bytes)
bundle_2 = X509Bundle.parse_raw(trust_domain_2, bundle_bytes)
bundles = {trust_domain_1: bundle_1, trust_domain_2: bundle_2}
x509_bundle_set = X509BundleSet(bundles)
assert len(x509_bundle_set._bundles) == 2
# check that the bundle map was copied
assert x509_bundle_set._bundles is not bundles
found_bundle = x509_bundle_set.get_x509_bundle_for_trust_domain(
trust_domain_1)
assert found_bundle == bundle_1
found_bundle = x509_bundle_set.get_x509_bundle_for_trust_domain(
trust_domain_2)
assert found_bundle == bundle_2
found_bundle = x509_bundle_set.get_x509_bundle_for_trust_domain(
TrustDomain('other.test'))
assert found_bundle is None
def test_put_bundle():
bundle_bytes = read_bytes(_TEST_CERTS_PATH.format('certs.der'))
bundle_bytes_2 = read_bytes(_TEST_CERTS_PATH.format('certs.pem'))
bundle_1 = X509Bundle.parse_raw(trust_domain_1, bundle_bytes)
bundle_2 = X509Bundle.parse_raw(trust_domain_2, bundle_bytes)
other_bundle = X509Bundle.parse(trust_domain_1, bundle_bytes_2)
x509_bundle_set = X509BundleSet({})
assert len(x509_bundle_set._bundles) == 0
x509_bundle_set.put(bundle_1)
assert len(x509_bundle_set._bundles) == 1
found_bundle = x509_bundle_set.get_x509_bundle_for_trust_domain(
trust_domain_1)
assert found_bundle == bundle_1
found_bundle = x509_bundle_set.get_x509_bundle_for_trust_domain(
trust_domain_2)
assert found_bundle is None
x509_bundle_set.put(bundle_2)
assert len(x509_bundle_set._bundles) == 2
# putting other bundle for the trust domain 1
x509_bundle_set.put(other_bundle)
assert len(x509_bundle_set._bundles) == 2
found_bundle = x509_bundle_set.get_x509_bundle_for_trust_domain(
trust_domain_1)
assert found_bundle == other_bundle
def _create_bundle_set(self,
resp_bundles: Mapping[str, bytes]) -> X509BundleSet:
x509_bundles = [
self._create_x509_bundle(TrustDomain.parse(td), resp_bundles[td])
for td in resp_bundles
]
return X509BundleSet.of(x509_bundles)
def test_create_x509_bundle_set_from_list_of_bundles():
bundle_bytes = read_bytes(_TEST_CERTS_PATH.format('certs.der'))
bundle_1 = X509Bundle.parse_raw(trust_domain_1, bundle_bytes)
bundle_2 = X509Bundle.parse_raw(trust_domain_2, bundle_bytes)
bundles = [bundle_1, bundle_2]
x509_bundle_set = X509BundleSet.of(bundles)
assert len(x509_bundle_set._bundles) == 2
found_bundle = x509_bundle_set.get_x509_bundle_for_trust_domain(
trust_domain_1)
assert found_bundle == bundle_1
found_bundle = x509_bundle_set.get_x509_bundle_for_trust_domain(
trust_domain_2)
assert found_bundle == bundle_2
found_bundle = x509_bundle_set.get_x509_bundle_for_trust_domain(
TrustDomain('other.test'))
assert found_bundle is None
import pytest
from pyspiffe.bundle.x509_bundle.x509_bundle_set import X509BundleSet
from pyspiffe.exceptions import ArgumentError
from pyspiffe.svid.x509_svid import X509Svid
from pyspiffe.workloadapi.x509_context import X509Context
from test.utils.utils import read_file_bytes
_TEST_CERTS_PATH = 'test/svid/x509svid/certs/{}'
_CHAIN = read_file_bytes(_TEST_CERTS_PATH.format('1-chain.der'))
_KEY = read_file_bytes(_TEST_CERTS_PATH.format('1-key.der'))
_SVID1 = X509Svid.parse_raw(_CHAIN, _KEY)
_SVID2 = X509Svid.parse_raw(_CHAIN, _KEY)
_BUNDLE_SET = X509BundleSet()
def test_default_svid():
svids = [_SVID1, _SVID2]
x509_context = X509Context(svids, _BUNDLE_SET)
assert x509_context.default_svid() == _SVID1
def test_x509_bundle_set():
svids = [_SVID1, _SVID2]
x509_context = X509Context(svids, _BUNDLE_SET)
assert x509_context.x509_bundle_set() == _BUNDLE_SET
def test_default_svid_emtpy_list():
with pytest.raises(ArgumentError) as err:
X509Context([], _BUNDLE_SET)