def testPreloadedCertificates(self): self.loadParcel("osaf.framework.certstore.data") view = self.view rootCerts = FilteredCollection( 'rootCertsQuery', itsView=view, source=utils.getExtent(certificate.Certificate, view, exact=True), filterExpression=u"view.findValue(uuid, 'purpose') & %d" % constants.PURPOSE_CA, filterAttributes=['purpose']) now = time.gmtime() format = '%b %d %H:%M:%S %Y %Z' self.assert_(not rootCerts.isEmpty()) for cert in rootCerts: x509 = cert.asX509() self.assertTrue(x509.verify()) # verify() should have caught bad times, but just in case: before = x509.get_not_before() after = x509.get_not_after() try: self.assert_( time.strptime(str(before), format) < now, '%s not yet valid:%s' % (cert.displayName, before)) self.assert_(now < time.strptime(str(after), format), '%s expired:%s' % (cert.displayName, after)) except ValueError: raise ValueError('bad time value in ' + cert.displayName.encode('utf8')) self.assertTrue(len(cert.displayName) > 0) self.assertTrue(cert.purpose & constants.PURPOSE_CA, cert.getAsTextAsString()) self.assertTrue(cert.trust == constants.TRUST_AUTHENTICITY | constants.TRUST_SERVER) self.assertTrue(cert.fingerprintAlgorithm == 'sha1') self.assertTrue(len(cert.fingerprint) > 3) self.assertTrue(cert.asTextAsString[:12] == 'Certificate:') self.assertTrue( certificate.certificatePurpose(x509) & constants.PURPOSE_CA, cert.getAsTextAsString())
def _importAndFind(self, pem, trust): x509 = X509.load_cert_string(pem) fingerprint = utils.fingerprint(x509) certificate.importCertificate(x509, fingerprint, trust, self.view) view = self.view matchingCerts = FilteredCollection( 'fpCertQuery' + fingerprint, itsView=view, source=utils.getExtent(certificate.Certificate, view, exact=True), filterExpression=u"view.findValue(uuid, 'fingerprint') == '%s'" % fingerprint, filterAttributes=['fingerprint']) self.assert_(len(matchingCerts) == 1) return iter(matchingCerts).next()