mitmproxy/test/test_certutils.py

import os
from netlib import certutils
import tutils


class TestCertStore:
    def test_create_explicit(self):
        with tutils.tmpdir() as d:
            ca = certutils.CertStore.from_store(d, "test")
            assert ca.get_cert("foo", [])

            ca2 = certutils.CertStore.from_store(d, "test")
            assert ca2.get_cert("foo", [])

            assert ca.cert.get_serial_number() == ca2.cert.get_serial_number()

    def test_create_tmp(self):
        with tutils.tmpdir() as d:
            ca = certutils.CertStore.from_store(d, "test")
            assert ca.get_cert("foo.com", [])
            assert ca.get_cert("foo.com", [])
            assert ca.get_cert("*.foo.com", [])


class TestDummyCert:
    def test_with_ca(self):
        with tutils.tmpdir() as d:
            ca = certutils.CertStore.from_store(d, "test")
            r = certutils.dummy_cert(
                ca.pkey,
                ca.cert,
                "foo.com",
                ["one.com", "two.com", "*.three.com"]
            )
            assert r.cn == "foo.com"


class TestSSLCert:
    def test_simple(self):
        c = certutils.SSLCert.from_pem(file(tutils.test_data.path("data/text_cert"), "rb").read())
        assert c.cn == "google.com"
        assert len(c.altnames) == 436

        c = certutils.SSLCert.from_pem(file(tutils.test_data.path("data/text_cert_2"), "rb").read())
        assert c.cn == "www.inode.co.nz"
        assert len(c.altnames) == 2
        assert c.digest("sha1")
        assert c.notbefore
        assert c.notafter
        assert c.subject
        assert c.keyinfo == ("RSA", 2048)
        assert c.serial
        assert c.issuer
        assert c.to_pem()
        c.has_expired

    def test_err_broken_sans(self):
        c = certutils.SSLCert.from_pem(file(tutils.test_data.path("data/text_cert_weird1"), "rb").read())
        # This breaks unless we ignore a decoding error.
        c.altnames

    def test_der(self):
        d = file(tutils.test_data.path("data/dercert"),"rb").read()
        s = certutils.SSLCert.from_der(d)
        assert s.cn
Add certutils to netlib. 2012-06-27 04:42:00 +00:00			`import os`
			`from netlib import certutils`
			`import tutils`


Basic certificate store implementation and cert utils API cleanup. 2013-01-05 12:15:53 +00:00			`class TestCertStore:`
			`def test_create_explicit(self):`
			`with tutils.tmpdir() as d:`
Beef up CertStore, add DH params. 2014-03-04 01:12:58 +00:00			`ca = certutils.CertStore.from_store(d, "test")`
			`assert ca.get_cert("foo", [])`

			`ca2 = certutils.CertStore.from_store(d, "test")`
			`assert ca2.get_cert("foo", [])`

			`assert ca.cert.get_serial_number() == ca2.cert.get_serial_number()`
Basic certificate store implementation and cert utils API cleanup. 2013-01-05 12:15:53 +00:00
			`def test_create_tmp(self):`
			`with tutils.tmpdir() as d:`
Beef up CertStore, add DH params. 2014-03-04 01:12:58 +00:00			`ca = certutils.CertStore.from_store(d, "test")`
			`assert ca.get_cert("foo.com", [])`
			`assert ca.get_cert("foo.com", [])`
			`assert ca.get_cert("*.foo.com", [])`
Basic certificate store implementation and cert utils API cleanup. 2013-01-05 12:15:53 +00:00

Add certutils to netlib. 2012-06-27 04:42:00 +00:00			`class TestDummyCert:`
			`def test_with_ca(self):`
			`with tutils.tmpdir() as d:`
Beef up CertStore, add DH params. 2014-03-04 01:12:58 +00:00			`ca = certutils.CertStore.from_store(d, "test")`
Revamp dummy cert generation. We no longer use on-disk storage - we just keep the certs in memory. 2013-08-12 04:03:29 +00:00			`r = certutils.dummy_cert(`
Beef up CertStore, add DH params. 2014-03-04 01:12:58 +00:00			`ca.pkey,`
			`ca.cert,`
Add certutils to netlib. 2012-06-27 04:42:00 +00:00			`"foo.com",`
			`["one.com", "two.com", "*.three.com"]`
			`)`
Revamp dummy cert generation. We no longer use on-disk storage - we just keep the certs in memory. 2013-08-12 04:03:29 +00:00			`assert r.cn == "foo.com"`
Add certutils to netlib. 2012-06-27 04:42:00 +00:00

			`class TestSSLCert:`
			`def test_simple(self):`
always read files in binary mode 2013-06-15 22:28:21 +00:00			`c = certutils.SSLCert.from_pem(file(tutils.test_data.path("data/text_cert"), "rb").read())`
Add certutils to netlib. 2012-06-27 04:42:00 +00:00			`assert c.cn == "google.com"`
			`assert len(c.altnames) == 436`

always read files in binary mode 2013-06-15 22:28:21 +00:00			`c = certutils.SSLCert.from_pem(file(tutils.test_data.path("data/text_cert_2"), "rb").read())`
Add certutils to netlib. 2012-06-27 04:42:00 +00:00			`assert c.cn == "www.inode.co.nz"`
			`assert len(c.altnames) == 2`
			`assert c.digest("sha1")`
			`assert c.notbefore`
			`assert c.notafter`
			`assert c.subject`
			`assert c.keyinfo == ("RSA", 2048)`
			`assert c.serial`
			`assert c.issuer`
Add utility function for converstion to PEM. 2012-06-28 02:56:21 +00:00			`assert c.to_pem()`
Add certutils to netlib. 2012-06-27 04:42:00 +00:00			`c.has_expired`

Ignore SAN entries that we don't understand. 2012-07-24 02:55:54 +00:00			`def test_err_broken_sans(self):`
always read files in binary mode 2013-06-15 22:28:21 +00:00			`c = certutils.SSLCert.from_pem(file(tutils.test_data.path("data/text_cert_weird1"), "rb").read())`
Ignore SAN entries that we don't understand. 2012-07-24 02:55:54 +00:00			`# This breaks unless we ignore a decoding error.`
			`c.altnames`

Add certutils to netlib. 2012-06-27 04:42:00 +00:00			`def test_der(self):`
always read files in binary mode 2013-06-15 22:28:21 +00:00			`d = file(tutils.test_data.path("data/dercert"),"rb").read()`
Add certutils to netlib. 2012-06-27 04:42:00 +00:00			`s = certutils.SSLCert.from_der(d)`
			`assert s.cn`