diff options
| author | Cyrille Bagard <nocbos@gmail.com> | 2017-02-07 22:41:07 (GMT) | 
|---|---|---|
| committer | Cyrille Bagard <nocbos@gmail.com> | 2017-02-07 22:41:07 (GMT) | 
| commit | 7778a0c082c4969ed6184883b2d96d8a851def99 (patch) | |
| tree | 296cde845f5a086688f2e9b5c8555a06f55d99a8 /tests/analysis/db/certs.py | |
| parent | 2834917e0e3b5e9ea3e6ea0fb90cdbf066ea9da7 (diff) | |
Provided a way to create SSL certificates.
Diffstat (limited to 'tests/analysis/db/certs.py')
| -rw-r--r-- | tests/analysis/db/certs.py | 112 | 
1 files changed, 112 insertions, 0 deletions
| diff --git a/tests/analysis/db/certs.py b/tests/analysis/db/certs.py new file mode 100644 index 0000000..c4dfa32 --- /dev/null +++ b/tests/analysis/db/certs.py @@ -0,0 +1,112 @@ +#!/usr/bin/python3-dbg +# -*- coding: utf-8 -*- + + +# Tests validant la génération de certificats + + +from chrysacase import ChrysalideTestCase +from pychrysalide.analysis.db import certs +import shutil +import subprocess +import tempfile + + +class TestRestrictedContent(ChrysalideTestCase): +    """TestCase for analysis.db.certs.""" + +    @classmethod +    def setUpClass(cls): + +        super(TestRestrictedContent, cls).setUpClass() + +        cls._tmppath = tempfile.mkdtemp() + +        cls.log('Using temporary directory "%s"' % cls._tmppath) + + +    @classmethod +    def tearDownClass(cls): + +        super(TestRestrictedContent, cls).tearDownClass() + +        cls.log('Delete directory "%s"' % cls._tmppath) + +        shutil.rmtree(cls._tmppath) + + +    def checkOutput(self, cmd, expected): +        """Run a command and check its output.""" + +        output = '' + +        try: +            output = subprocess.check_output(cmd, stderr=subprocess.STDOUT, shell=True) +        except: +            pass + +        self.assertEqual(output, expected) + + +    def testMakeCA(self): +        """Check for building a valid CA.""" + +        identity = { + +            'C': 'UK', +            'CN': 'OpenSSL Group' + +        } + +        ret = certs.make_ca(self._tmppath, 'ca', 3650 * 24 * 60 * 60, identity) +        self.assertTrue(ret) + +        cmd = 'openssl x509 -in %s/ca-cert.pem -subject -noout' % self._tmppath + +        expected = b'subject= /C=UK/CN=OpenSSL Group\n' + +        self.checkOutput(cmd, expected) + +        cmd = 'openssl verify -CApath %s -CAfile %s/ca-cert.pem %s/ca-cert.pem' \ +              % (self._tmppath, self._tmppath, self._tmppath) + +        expected = bytes('%s/ca-cert.pem: OK\n' % self._tmppath, 'utf-8') + +        self.checkOutput(cmd, expected) + + +    def testMakeCSR(self): +        """Check for requesting a valid signing request.""" + +        identity = { + +            'C': 'UK', +            'CN': 'OpenSSL Group' + +        } + +        ret = certs.make_request(self._tmppath, 'server', identity); +        self.assertTrue(ret) + + +    def testSignCert(self): +        """Check for properly signing a certificate.""" + +        ret = certs.sign_cert('%s/server-csr.pem' % self._tmppath, '%s/ca-cert.pem' % self._tmppath, \ +                              '%s/ca-key.pem' % self._tmppath, '%s/server-cert.pem' % self._tmppath, \ +                              3650 * 24 * 60 * 60) +        self.assertTrue(ret) + +        cmd = 'openssl x509 -in %s/server-cert.pem -subject -noout' % self._tmppath + +        expected = b'subject= /C=UK/CN=OpenSSL Group\n' + +        self.checkOutput(cmd, expected) + +        cmd = 'openssl verify -CApath %s -CAfile %s/ca-cert.pem %s/server-cert.pem' \ +              % (self._tmppath, self._tmppath, self._tmppath) + +        expected = bytes('%s/server-cert.pem: OK\n' % self._tmppath, 'utf-8') + +        self.checkOutput(cmd, expected) + | 
