def test_invalid_sig(self): sig = self._makeSwixSignature() self._addSigToSwix(sig) retCode = verifyswi.verifySwi(self.test_swix, rootCA=self.root_crt) self.assertEqual(retCode, VERIFY_SWI_RESULT.ERROR_VERIFICATION)
def test_invalid_hash_algo(self): sig = self._makeSwixSignature(hashAlgo='SHA-512') self._addSigToSwix(sig) retCode = verifyswi.verifySwi(self.test_swix, rootCA=self.root_crt) self.assertEqual(retCode, VERIFY_SWI_RESULT.ERROR_HASH_ALGORITHM)
def test_not_a_zip_file(self): testFile = self._writeFile('notaswix', 'stuff') retCode = verifyswi.verifySwi(testFile) self.assertEqual(retCode, VERIFY_SWI_RESULT.ERROR_NOT_A_SWI)
def test_untrusted_signing_cert(self): sig = self._makeSwixSignature(signingCert=BAD_SIGNING_CERT) self._addSigToSwix(sig) retCode = verifyswi.verifySwi(self.test_swix, rootCA=self.root_crt) self.assertEqual(retCode, VERIFY_SWI_RESULT.ERROR_CERT_MISMATCH)
def test_use_arista_default_root_ca(self): sig = self._makeSwixSignature() self._addSigToSwix(sig) retCode = verifyswi.verifySwi(self.test_swix) self.assertEqual(retCode, VERIFY_SWI_RESULT.ERROR_CERT_MISMATCH)
def test_no_signature(self): retCode = verifyswi.verifySwi(self.test_swix) self.assertEqual(retCode, VERIFY_SWI_RESULT.ERROR_SIGNATURE_FILE)
def test_malformed_root_crt(self): sig = self._makeSwixSignature() self._addSigToSwix(sig) rootCa = self._writeFile('root.crt', 'bad cert') retCode = verifyswi.verifySwi(self.test_swix, rootCA=rootCa) self.assertEqual(retCode, VERIFY_SWI_RESULT.ERROR_INVALID_ROOT_CERT)
def test_malformed_signing_crt(self): sig = self._makeSwixSignature(signingCert='bad cert') self._addSigToSwix(sig) retCode = verifyswi.verifySwi(self.test_swix, rootCA=self.root_crt) self.assertEqual(retCode, VERIFY_SWI_RESULT.ERROR_INVALID_SIGNING_CERT)
def test_malformed_signature_key_value(self): self._addSigToSwix('a:b\nc:d') retCode = verifyswi.verifySwi(self.test_swix, rootCA=self.root_crt) self.assertEqual(retCode, VERIFY_SWI_RESULT.ERROR_SIGNATURE_FORMAT)
def _verifySignature(self, filename): retCode = verifyswi.verifySwi(filename, rootCA=self.root_crt) self.assertEqual(retCode, 0)
def test_malformed_signature( self ): self._addSigToSwi( 'bad sig' ) retCode = verifyswi.verifySwi( self.test_swi, rootCA=self.root_crt ) self.assertEqual( retCode, VERIFY_SWI_RESULT.ERROR_SIGNATURE_FORMAT )