import os from netlib import certutils import tutils def test_dummy_ca(): with tutils.tmpdir() as d: path = os.path.join(d, "foo/cert.cnf") assert certutils.dummy_ca(path) assert os.path.exists(path) path = os.path.join(d, "foo/cert2.pem") assert certutils.dummy_ca(path) assert os.path.exists(path) assert os.path.exists(os.path.join(d, "foo/cert2-cert.pem")) assert os.path.exists(os.path.join(d, "foo/cert2-cert.p12")) class TestCertStore: def test_create_explicit(self): with tutils.tmpdir() as d: ca = os.path.join(d, "ca") assert certutils.dummy_ca(ca) c = certutils.CertStore(d) c.cleanup() assert os.path.exists(d) def test_create_tmp(self): with tutils.tmpdir() as d: ca = os.path.join(d, "ca") assert certutils.dummy_ca(ca) c = certutils.CertStore() assert not c.get_cert("../foo.com", []) assert not c.get_cert("foo.com", []) assert c.get_cert("foo.com", [], ca) assert c.get_cert("foo.com", [], ca) c.cleanup() def test_check_domain(self): c = certutils.CertStore() assert c.check_domain("foo") assert c.check_domain("\x01foo") assert not c.check_domain("\xfefoo") assert not c.check_domain("xn--\0") assert not c.check_domain("foo..foo") assert not c.check_domain("foo/foo") class TestDummyCert: def test_with_ca(self): with tutils.tmpdir() as d: cacert = os.path.join(d, "cacert") assert certutils.dummy_ca(cacert) p = os.path.join(d, "foo") certutils.dummy_cert( file(p, "wb"), cacert, "foo.com", ["one.com", "two.com", "*.three.com"] ) assert file(p,"rb").read() class TestSSLCert: def test_simple(self): c = certutils.SSLCert.from_pem(file(tutils.test_data.path("data/text_cert"), "rb").read()) assert c.cn == "google.com" assert len(c.altnames) == 436 c = certutils.SSLCert.from_pem(file(tutils.test_data.path("data/text_cert_2"), "rb").read()) assert c.cn == "www.inode.co.nz" assert len(c.altnames) == 2 assert c.digest("sha1") assert c.notbefore assert c.notafter assert c.subject assert c.keyinfo == ("RSA", 2048) assert c.serial assert c.issuer assert c.to_pem() c.has_expired def test_err_broken_sans(self): c = certutils.SSLCert.from_pem(file(tutils.test_data.path("data/text_cert_weird1"), "rb").read()) # This breaks unless we ignore a decoding error. c.altnames def test_der(self): d = file(tutils.test_data.path("data/dercert"),"rb").read() s = certutils.SSLCert.from_der(d) assert s.cn