diff options
author | Cyrille Bagard <nocbos@gmail.com> | 2017-02-07 22:41:07 (GMT) |
---|---|---|
committer | Cyrille Bagard <nocbos@gmail.com> | 2017-02-07 22:41:07 (GMT) |
commit | 7778a0c082c4969ed6184883b2d96d8a851def99 (patch) | |
tree | 296cde845f5a086688f2e9b5c8555a06f55d99a8 /tests | |
parent | 2834917e0e3b5e9ea3e6ea0fb90cdbf066ea9da7 (diff) |
Provided a way to create SSL certificates.
Diffstat (limited to 'tests')
-rw-r--r-- | tests/analysis/db/__init__.py | 0 | ||||
-rw-r--r-- | tests/analysis/db/certs.py | 112 |
2 files changed, 112 insertions, 0 deletions
diff --git a/tests/analysis/db/__init__.py b/tests/analysis/db/__init__.py new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/tests/analysis/db/__init__.py diff --git a/tests/analysis/db/certs.py b/tests/analysis/db/certs.py new file mode 100644 index 0000000..c4dfa32 --- /dev/null +++ b/tests/analysis/db/certs.py @@ -0,0 +1,112 @@ +#!/usr/bin/python3-dbg +# -*- coding: utf-8 -*- + + +# Tests validant la génération de certificats + + +from chrysacase import ChrysalideTestCase +from pychrysalide.analysis.db import certs +import shutil +import subprocess +import tempfile + + +class TestRestrictedContent(ChrysalideTestCase): + """TestCase for analysis.db.certs.""" + + @classmethod + def setUpClass(cls): + + super(TestRestrictedContent, cls).setUpClass() + + cls._tmppath = tempfile.mkdtemp() + + cls.log('Using temporary directory "%s"' % cls._tmppath) + + + @classmethod + def tearDownClass(cls): + + super(TestRestrictedContent, cls).tearDownClass() + + cls.log('Delete directory "%s"' % cls._tmppath) + + shutil.rmtree(cls._tmppath) + + + def checkOutput(self, cmd, expected): + """Run a command and check its output.""" + + output = '' + + try: + output = subprocess.check_output(cmd, stderr=subprocess.STDOUT, shell=True) + except: + pass + + self.assertEqual(output, expected) + + + def testMakeCA(self): + """Check for building a valid CA.""" + + identity = { + + 'C': 'UK', + 'CN': 'OpenSSL Group' + + } + + ret = certs.make_ca(self._tmppath, 'ca', 3650 * 24 * 60 * 60, identity) + self.assertTrue(ret) + + cmd = 'openssl x509 -in %s/ca-cert.pem -subject -noout' % self._tmppath + + expected = b'subject= /C=UK/CN=OpenSSL Group\n' + + self.checkOutput(cmd, expected) + + cmd = 'openssl verify -CApath %s -CAfile %s/ca-cert.pem %s/ca-cert.pem' \ + % (self._tmppath, self._tmppath, self._tmppath) + + expected = bytes('%s/ca-cert.pem: OK\n' % self._tmppath, 'utf-8') + + self.checkOutput(cmd, expected) + + + def testMakeCSR(self): + """Check for requesting a valid signing request.""" + + identity = { + + 'C': 'UK', + 'CN': 'OpenSSL Group' + + } + + ret = certs.make_request(self._tmppath, 'server', identity); + self.assertTrue(ret) + + + def testSignCert(self): + """Check for properly signing a certificate.""" + + ret = certs.sign_cert('%s/server-csr.pem' % self._tmppath, '%s/ca-cert.pem' % self._tmppath, \ + '%s/ca-key.pem' % self._tmppath, '%s/server-cert.pem' % self._tmppath, \ + 3650 * 24 * 60 * 60) + self.assertTrue(ret) + + cmd = 'openssl x509 -in %s/server-cert.pem -subject -noout' % self._tmppath + + expected = b'subject= /C=UK/CN=OpenSSL Group\n' + + self.checkOutput(cmd, expected) + + cmd = 'openssl verify -CApath %s -CAfile %s/ca-cert.pem %s/server-cert.pem' \ + % (self._tmppath, self._tmppath, self._tmppath) + + expected = bytes('%s/server-cert.pem: OK\n' % self._tmppath, 'utf-8') + + self.checkOutput(cmd, expected) + |