def test_generate_cert(self):
ca_cert_path = os.path.join(self._temp_dir, 'testCA.pem')
issuer = 'testIssuer'
certutils.write_dummy_ca_cert(
*certutils.generate_dummy_ca_cert(issuer), cert_path=ca_cert_path)
with open(ca_cert_path, 'r') as root_file:
root_string = root_file.read()
subject = 'testSubject'
cert_string = certutils.generate_cert(
root_string, '', subject)
cert = certutils.load_cert(cert_string)
self.assertEqual(issuer, cert.get_issuer().commonName)
self.assertEqual(subject, cert.get_subject().commonName)
with open(ca_cert_path, 'r') as ca_cert_file:
ca_cert_str = ca_cert_file.read()
cert_string = certutils.generate_cert(ca_cert_str, cert_string,
'host.com')
cert = certutils.load_cert(cert_string)
self.assertEqual(issuer, cert.get_issuer().commonName)
self.assertEqual(subject, cert.get_subject().commonName)
self.assertEqual(2, cert.get_version())
self.assertEqual(2, cert.get_extension_count())
self.assertEqual(b"subjectAltName", cert.get_extension(0).get_short_name())
self.assertEqual(b"extendedKeyUsage",
cert.get_extension(1).get_short_name())
def test_generate_cert(self):
ca_cert_path = os.path.join(self._temp_dir, 'testCA.pem')
issuer = 'testIssuer'
certutils.write_dummy_ca_cert(
*certutils.generate_dummy_ca_cert(issuer), cert_path=ca_cert_path)
with open(ca_cert_path, 'r') as root_file:
root_string = root_file.read()
subject = 'testSubject'
cert_string = certutils.generate_cert(root_string, '', subject)
cert = certutils.load_cert(cert_string)
self.assertEqual(issuer, cert.get_issuer().commonName)
self.assertEqual(subject, cert.get_subject().commonName)
with open(ca_cert_path, 'r') as ca_cert_file:
ca_cert_str = ca_cert_file.read()
cert_string = certutils.generate_cert(ca_cert_str, cert_string,
'host.com')
cert = certutils.load_cert(cert_string)
self.assertEqual(issuer, cert.get_issuer().commonName)
self.assertEqual(subject, cert.get_subject().commonName)
self.assertEqual(2, cert.get_version())
self.assertEqual(2, cert.get_extension_count())
self.assertEqual(b"subjectAltName",
cert.get_extension(0).get_short_name())
self.assertEqual(b"extendedKeyUsage",
cert.get_extension(1).get_short_name())
def test_get_host_cert(self):
ca_cert_path = os.path.join(self._temp_dir, 'rootCA.pem')
issuer = 'testCA'
certutils.write_dummy_ca_cert(
*certutils.generate_dummy_ca_cert(issuer), cert_path=ca_cert_path)
with Server(ca_cert_path) as server:
cert_str = certutils.get_host_cert('localhost', server.server_port)
cert = certutils.load_cert(cert_str)
self.assertEqual(issuer, cert.get_subject().commonName)
def test_get_host_cert(self):
ca_cert_path = os.path.join(self._temp_dir, 'rootCA.pem')
issuer = 'testCA'
certutils.write_dummy_ca_cert(*certutils.generate_dummy_ca_cert(issuer),
cert_path=ca_cert_path)
with Server(ca_cert_path) as server:
cert_str = certutils.get_host_cert('localhost', server.server_port)
cert = certutils.load_cert(cert_str)
self.assertEqual(issuer, cert.get_subject().commonName)
def test_generate_cert(self):
ca_cert_path = os.path.join(self._temp_dir, 'testCA.pem')
issuer = 'testIssuer'
certutils.write_dummy_ca_cert(
*certutils.generate_dummy_ca_cert(issuer), cert_path=ca_cert_path)
with open(ca_cert_path, 'r') as root_file:
root_string = root_file.read()
subject = 'testSubject'
cert_string = certutils.generate_cert(root_string, '', subject)
cert = certutils.load_cert(cert_string)
self.assertEqual(issuer, cert.get_issuer().commonName)
self.assertEqual(subject, cert.get_subject().commonName)
with open(ca_cert_path, 'r') as ca_cert_file:
ca_cert_str = ca_cert_file.read()
cert_string = certutils.generate_cert(ca_cert_str, cert_string, 'host')
cert = certutils.load_cert(cert_string)
self.assertEqual(issuer, cert.get_issuer().commonName)
self.assertEqual(subject, cert.get_subject().commonName)
def test_generate_cert(self):
ca_cert_path = os.path.join(self._temp_dir, 'testCA.pem')
issuer = 'testIssuer'
certutils.write_dummy_ca_cert(
*certutils.generate_dummy_ca_cert(issuer), cert_path=ca_cert_path)
with open(ca_cert_path, 'r') as root_file:
root_string = root_file.read()
subject = 'testSubject'
cert_string = certutils.generate_cert(
root_string, '', subject)
cert = certutils.load_cert(cert_string)
self.assertEqual(issuer, cert.get_issuer().commonName)
self.assertEqual(subject, cert.get_subject().commonName)
with open(ca_cert_path, 'r') as ca_cert_file:
ca_cert_str = ca_cert_file.read()
cert_string = certutils.generate_cert(ca_cert_str, cert_string,
'host')
cert = certutils.load_cert(cert_string)
self.assertEqual(issuer, cert.get_issuer().commonName)
self.assertEqual(subject, cert.get_subject().commonName)
def handle_servername(connection):
"""A SNI callback that happens during do_handshake()."""
try:
host = connection.get_servername()
if host:
cert_str = (handler.server.get_certificate(host))
new_context = certutils.get_ssl_context()
cert = certutils.load_cert(cert_str)
new_context.use_certificate(cert)
new_context.use_privatekey_file(handler.server.ca_cert_path)
connection.set_context(new_context)
return new_context
# else: fail with 'no domain.shared cipher'
except Exception, e:
# Do not leak any exceptions or else openssl crashes.
logging.error('Exception in SNI handler: %s', e)
def handle_servername(connection):
"""A SNI callback that happens during do_handshake()."""
try:
host = connection.get_servername()
if host:
cert_str = (
handler.server.get_certificate(host))
new_context = certutils.get_ssl_context()
cert = certutils.load_cert(cert_str)
new_context.use_certificate(cert)
new_context.use_privatekey_file(handler.server.ca_cert_path)
connection.set_context(new_context)
return new_context
# else: fail with 'no shared cipher'
except Exception, e:
# Do not leak any exceptions or else openssl crashes.
logging.error('Exception in SNI handler: %s', e)
def test_generate_dummy_ca_cert(self):
subject = 'testSubject'
c, _ = certutils.generate_dummy_ca_cert(subject)
c = certutils.load_cert(c)
self.assertEqual(c.get_subject().commonName, subject)
def test_generate_dummy_ca_cert(self): subject = 'testSubject' c, _ = certutils.generate_dummy_ca_cert(subject) c = certutils.load_cert(c) self.assertEqual(c.get_subject().commonName, subject)
