def test_1_read_config_file(self):
"""
A short test of 'read_config_file' method. Using a tuple
that contains config dictionary and a config file containing
the same dictionary, test if 'read_config_file' returns a
dictionary corresponding to the supplied config dictionary when
config file is passes.
"""
# SETUP
# 'base_config' is a tuple containing a config file path and
# a corresponding config dictionary. Note, make sure appropriate
# suffix is set. In our case it will be 'signerlib.CONFIG_FILENAME'.
base_config = self.make_temp_config_file(suffix=signerlib.CONFIG_FILENAME)
# TESTS
# Test: normal case.
self.assertTrue(signerlib.read_config_file(base_config[0]),
base_config[1])
# Test: Incorrect arguments.
self.assertRaises(tuf.FormatError, signerlib.read_config_file, 123)
self.assertRaises((tuf.Error, tuf.FormatError), signerlib.read_config_file,
'')
self.assertRaises((tuf.Error, tuf.FormatError), signerlib.read_config_file,
'junk/dir/'+self.random_string())
self.assertRaises(tuf.FormatError, signerlib.read_config_file,
[self.random_string()])
def test_1_read_config_file(self):
"""
A short test of 'read_config_file' method. Using a tuple
that contains config dictionary and a config file containing
the same dictionary, test if 'read_config_file' returns a
dictionary corresponding to the supplied config dictionary when
config file is passes.
"""
# SETUP
# 'base_config' is a tuple containing a config file path and
# a corresponding config dictionary. Note, make sure appropriate
# suffix is set. In our case it will be 'signerlib.CONFIG_FILENAME'.
base_config = self.make_temp_config_file(suffix=signerlib.CONFIG_FILENAME)
# TESTS
# Test: normal case.
self.assertTrue(signerlib.read_config_file(base_config[0]),
base_config[1])
# Test: Incorrect arguments.
self.assertRaises(tuf.FormatError, signerlib.read_config_file, 123)
self.assertRaises((tuf.Error, tuf.FormatError), signerlib.read_config_file,
'')
self.assertRaises((tuf.Error, tuf.FormatError), signerlib.read_config_file,
'junk/dir/'+self.random_string())
self.assertRaises(tuf.FormatError, signerlib.read_config_file,
[self.random_string()])
def test_2_build_config_file(self):
"""
This method tests build_config_file().
Previously tested signerlib's read_config_file() is used here.
"""
# SETUP
# Declare timeout.
days = 365 # number of days
# Make a temp directory for config file.
config_dir = self.make_temp_directory()
# For 'role_info' argument we going to use 'self.top_level_role_info'
# dictionary. There is more info in the beginning of this test
# module, also in the test.unittest_toolbox module.
roledict_info = self.top_level_role_info
# TESTS
# Test: normal case.
# Run build_config_file(). The method is expected to return file
# path of the config file. We'll compare it to 'roledict_info'.
build_config = signerlib.build_config_file
config_path = build_config(config_file_directory=config_dir,
timeout=days, role_info=roledict_info)
# Check if 'config_path' directory exists.
self.assertTrue(os.path.exists(config_path))
# Using 'signerlib.read_config_file' method extract config dictionary
# that was stored.
config_dict = signerlib.read_config_file(config_path)
# Remove 'expiration' key from the extracted config dictionary, since
# initial role dictionary does not have this field.
del config_dict['expiration']
# Compare the initial dictionary 'roledict_info' with extracted
# dictionary 'config_dict'. They have to match.
self.assertTrue(config_dict, roledict_info)
# Test: exceptions on bogus arguments.
self.assertRaises(tuf.Error, signerlib.build_config_file,
self.random_path(), 365, roledict_info)
self.assertRaises(tuf.FormatError, signerlib.build_config_file,
config_dir, -1, roledict_info)
self.assertRaises(tuf.FormatError, signerlib.build_config_file,
config_dir, 365, self.directory_dictionary)
def test_2_build_config_file(self):
"""
This method tests build_config_file().
Previously tested signerlib's read_config_file() is used here.
"""
# SETUP
# Declare timeout.
days = 365 # number of days
# Make a temp directory for config file.
config_dir = self.make_temp_directory()
# For 'role_info' argument we going to use 'self.top_level_role_info'
# dictionary. There is more info in the beginning of this test
# module, also in the test.unittest_toolbox module.
roledict_info = self.top_level_role_info
# TESTS
# Test: normal case.
# Run build_config_file(). The method is expected to return file
# path of the config file. We'll compare it to 'roledict_info'.
build_config = signerlib.build_config_file
config_path = build_config(config_file_directory=config_dir,
timeout=days, role_info=roledict_info)
# Check if 'config_path' directory exists.
self.assertTrue(os.path.exists(config_path))
# Using 'signerlib.read_config_file' method extract config dictionary
# that was stored.
config_dict = signerlib.read_config_file(config_path)
# Remove 'expiration' key from the extracted config dictionary, since
# initial role dictionary does not have this field.
del config_dict['expiration']
# Compare the initial dictionary 'roledict_info' with extracted
# dictionary 'config_dict'. They have to match.
self.assertTrue(config_dict, roledict_info)
# Test: exceptions on bogus arguments.
self.assertRaises(tuf.Error, signerlib.build_config_file,
self.random_path(), 365, roledict_info)
self.assertRaises(tuf.FormatError, signerlib.build_config_file,
config_dir, -1, roledict_info)
self.assertRaises(tuf.FormatError, signerlib.build_config_file,
config_dir, 365, self.directory_dictionary)
def get_keys_for_top_level_role(top_level_role_name):
# What are the keys of the top-level role?
configuration = signerlib.read_config_file(CONFIGURATION_FILE)
top_level_role_configuration = configuration[top_level_role_name]
top_level_role_keys = top_level_role_configuration['keyids']
top_level_role_passwords = ROLE_NAME_TO_PASSWORDS[top_level_role_name]
# Decrypt and load the keys of the timestamp role.
loaded_top_level_role_keys = \
keystore.load_keystore_from_keyfiles(KEYSTORE_DIRECTORY,
top_level_role_keys,
top_level_role_passwords)
assert top_level_role_keys == loaded_top_level_role_keys
return top_level_role_keys
def get_keys_for_top_level_role(top_level_role_name):
# What are the keys of the top-level role?
configuration = signerlib.read_config_file(CONFIGURATION_FILE)
top_level_role_configuration = configuration[top_level_role_name]
top_level_role_keys = top_level_role_configuration['keyids']
top_level_role_passwords = ROLE_NAME_TO_PASSWORDS[top_level_role_name]
# Decrypt and load the keys of the timestamp role.
loaded_top_level_role_keys = \
keystore.load_keystore_from_keyfiles(KEYSTORE_DIRECTORY,
top_level_role_keys,
top_level_role_passwords)
assert top_level_role_keys == loaded_top_level_role_keys
return top_level_role_keys
# Test: normal case.
# Run build_config_file(). The method is expected to return file
# path of the config file. We'll compare it to 'roledict_info'.
build_config = signerlib.build_config_file
try:
config_path = build_config(config_file_directory=config_dir,
timeout=days, role_info=roledict_info)
except Exception, e:
raise
# Check if 'config_path' directory exists.
self.assertTrue(os.path.exists(config_path))
# Using 'signerlib.read_config_file' method extract config dictionary
# that was stored.
config_dict = signerlib.read_config_file(config_path)
# Remove 'expiration' key from the extracted config dictionary, since
# initial role dictionary does not have this field.
del config_dict['expiration']
# Compare the initial dictionary 'roledict_info' with extracted
# dictionary 'config_dict'. They have to match.
self.assertTrue(config_dict, roledict_info)
# Test: exceptions on bogus arguments.
self.assertRaises(tuf.Error, signerlib.build_config_file,
self.random_path(), 365, roledict_info)
self.assertRaises(tuf.FormatError, signerlib.build_config_file,
config_dir, -1, roledict_info)
