summaryrefslogtreecommitdiff
path: root/tests/analysis/db
diff options
context:
space:
mode:
authorCyrille Bagard <nocbos@gmail.com>2017-02-07 22:41:07 (GMT)
committerCyrille Bagard <nocbos@gmail.com>2017-02-07 22:41:07 (GMT)
commit7778a0c082c4969ed6184883b2d96d8a851def99 (patch)
tree296cde845f5a086688f2e9b5c8555a06f55d99a8 /tests/analysis/db
parent2834917e0e3b5e9ea3e6ea0fb90cdbf066ea9da7 (diff)
Provided a way to create SSL certificates.
Diffstat (limited to 'tests/analysis/db')
-rw-r--r--tests/analysis/db/__init__.py0
-rw-r--r--tests/analysis/db/certs.py112
2 files changed, 112 insertions, 0 deletions
diff --git a/tests/analysis/db/__init__.py b/tests/analysis/db/__init__.py
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/analysis/db/__init__.py
diff --git a/tests/analysis/db/certs.py b/tests/analysis/db/certs.py
new file mode 100644
index 0000000..c4dfa32
--- /dev/null
+++ b/tests/analysis/db/certs.py
@@ -0,0 +1,112 @@
+#!/usr/bin/python3-dbg
+# -*- coding: utf-8 -*-
+
+
+# Tests validant la génération de certificats
+
+
+from chrysacase import ChrysalideTestCase
+from pychrysalide.analysis.db import certs
+import shutil
+import subprocess
+import tempfile
+
+
+class TestRestrictedContent(ChrysalideTestCase):
+ """TestCase for analysis.db.certs."""
+
+ @classmethod
+ def setUpClass(cls):
+
+ super(TestRestrictedContent, cls).setUpClass()
+
+ cls._tmppath = tempfile.mkdtemp()
+
+ cls.log('Using temporary directory "%s"' % cls._tmppath)
+
+
+ @classmethod
+ def tearDownClass(cls):
+
+ super(TestRestrictedContent, cls).tearDownClass()
+
+ cls.log('Delete directory "%s"' % cls._tmppath)
+
+ shutil.rmtree(cls._tmppath)
+
+
+ def checkOutput(self, cmd, expected):
+ """Run a command and check its output."""
+
+ output = ''
+
+ try:
+ output = subprocess.check_output(cmd, stderr=subprocess.STDOUT, shell=True)
+ except:
+ pass
+
+ self.assertEqual(output, expected)
+
+
+ def testMakeCA(self):
+ """Check for building a valid CA."""
+
+ identity = {
+
+ 'C': 'UK',
+ 'CN': 'OpenSSL Group'
+
+ }
+
+ ret = certs.make_ca(self._tmppath, 'ca', 3650 * 24 * 60 * 60, identity)
+ self.assertTrue(ret)
+
+ cmd = 'openssl x509 -in %s/ca-cert.pem -subject -noout' % self._tmppath
+
+ expected = b'subject= /C=UK/CN=OpenSSL Group\n'
+
+ self.checkOutput(cmd, expected)
+
+ cmd = 'openssl verify -CApath %s -CAfile %s/ca-cert.pem %s/ca-cert.pem' \
+ % (self._tmppath, self._tmppath, self._tmppath)
+
+ expected = bytes('%s/ca-cert.pem: OK\n' % self._tmppath, 'utf-8')
+
+ self.checkOutput(cmd, expected)
+
+
+ def testMakeCSR(self):
+ """Check for requesting a valid signing request."""
+
+ identity = {
+
+ 'C': 'UK',
+ 'CN': 'OpenSSL Group'
+
+ }
+
+ ret = certs.make_request(self._tmppath, 'server', identity);
+ self.assertTrue(ret)
+
+
+ def testSignCert(self):
+ """Check for properly signing a certificate."""
+
+ ret = certs.sign_cert('%s/server-csr.pem' % self._tmppath, '%s/ca-cert.pem' % self._tmppath, \
+ '%s/ca-key.pem' % self._tmppath, '%s/server-cert.pem' % self._tmppath, \
+ 3650 * 24 * 60 * 60)
+ self.assertTrue(ret)
+
+ cmd = 'openssl x509 -in %s/server-cert.pem -subject -noout' % self._tmppath
+
+ expected = b'subject= /C=UK/CN=OpenSSL Group\n'
+
+ self.checkOutput(cmd, expected)
+
+ cmd = 'openssl verify -CApath %s -CAfile %s/ca-cert.pem %s/server-cert.pem' \
+ % (self._tmppath, self._tmppath, self._tmppath)
+
+ expected = bytes('%s/server-cert.pem: OK\n' % self._tmppath, 'utf-8')
+
+ self.checkOutput(cmd, expected)
+