def testMismatchingKey(self): cert1_path = testutils.TestDataFilename("cert1.pem") cert2_path = testutils.TestDataFilename("cert2.pem") # Extract certificate cert1 = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM, utils.ReadFile(cert1_path)) cert1_pem = OpenSSL.crypto.dump_certificate(OpenSSL.crypto.FILETYPE_PEM, cert1) # Extract mismatching key key2 = OpenSSL.crypto.load_privatekey(OpenSSL.crypto.FILETYPE_PEM, utils.ReadFile(cert2_path)) key2_pem = OpenSSL.crypto.dump_privatekey(OpenSSL.crypto.FILETYPE_PEM, key2) try: common._VerifyCertificateStrong(cert1_pem + key2_pem, self.MyException, _check_fn=NotImplemented) except self.MyException, err: self.assertTrue("not signed with given key" in str(err))
def testSuccessfulCheck(self): cert_filename = testutils.TestDataFilename("cert2.pem") cert_pem = utils.ReadFile(cert_filename) result = \ common._VerifyCertificateStrong(cert_pem, self.MyException, _check_fn=self._Check) cert = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM, result) self.assertTrue(cert) key = OpenSSL.crypto.load_privatekey(OpenSSL.crypto.FILETYPE_PEM, result) self.assertTrue(key)