Provided a way to create SSL certificates.

2 files changed, 112 insertions, 0 deletions

diff --git a/tests/analysis/db/__init__.py b/tests/analysis/db/__init__.py
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/analysis/db/__init__.py
diff --git a/tests/analysis/db/certs.py b/tests/analysis/db/certs.py
new file mode 100644
index 0000000..c4dfa32
--- /dev/null
+++ b/tests/analysis/db/certs.py
@@ -0,0 +1,112 @@
+#!/usr/bin/python3-dbg
+# -*- coding: utf-8 -*-
+
+
+# Tests validant la génération de certificats
+
+
+from chrysacase import ChrysalideTestCase
+from pychrysalide.analysis.db import certs
+import shutil
+import subprocess
+import tempfile
+
+
+class TestRestrictedContent(ChrysalideTestCase):
+    """TestCase for analysis.db.certs."""
+
+    @classmethod
+    def setUpClass(cls):
+
+        super(TestRestrictedContent, cls).setUpClass()
+
+        cls._tmppath = tempfile.mkdtemp()
+
+        cls.log('Using temporary directory "%s"' % cls._tmppath)
+
+
+    @classmethod
+    def tearDownClass(cls):
+
+        super(TestRestrictedContent, cls).tearDownClass()
+
+        cls.log('Delete directory "%s"' % cls._tmppath)
+
+        shutil.rmtree(cls._tmppath)
+
+
+    def checkOutput(self, cmd, expected):
+        """Run a command and check its output."""
+
+        output = ''
+
+        try:
+            output = subprocess.check_output(cmd, stderr=subprocess.STDOUT, shell=True)
+        except:
+            pass
+
+        self.assertEqual(output, expected)
+
+
+    def testMakeCA(self):
+        """Check for building a valid CA."""
+
+        identity = {
+
+            'C': 'UK',
+            'CN': 'OpenSSL Group'
+
+        }
+
+        ret = certs.make_ca(self._tmppath, 'ca', 3650 * 24 * 60 * 60, identity)
+        self.assertTrue(ret)
+
+        cmd = 'openssl x509 -in %s/ca-cert.pem -subject -noout' % self._tmppath
+
+        expected = b'subject= /C=UK/CN=OpenSSL Group\n'
+
+        self.checkOutput(cmd, expected)
+
+        cmd = 'openssl verify -CApath %s -CAfile %s/ca-cert.pem %s/ca-cert.pem' \
+              % (self._tmppath, self._tmppath, self._tmppath)
+
+        expected = bytes('%s/ca-cert.pem: OK\n' % self._tmppath, 'utf-8')
+
+        self.checkOutput(cmd, expected)
+
+
+    def testMakeCSR(self):
+        """Check for requesting a valid signing request."""
+
+        identity = {
+
+            'C': 'UK',
+            'CN': 'OpenSSL Group'
+
+        }
+
+        ret = certs.make_request(self._tmppath, 'server', identity);
+        self.assertTrue(ret)
+
+
+    def testSignCert(self):
+        """Check for properly signing a certificate."""
+
+        ret = certs.sign_cert('%s/server-csr.pem' % self._tmppath, '%s/ca-cert.pem' % self._tmppath, \
+                              '%s/ca-key.pem' % self._tmppath, '%s/server-cert.pem' % self._tmppath, \
+                              3650 * 24 * 60 * 60)
+        self.assertTrue(ret)
+
+        cmd = 'openssl x509 -in %s/server-cert.pem -subject -noout' % self._tmppath
+
+        expected = b'subject= /C=UK/CN=OpenSSL Group\n'
+
+        self.checkOutput(cmd, expected)
+
+        cmd = 'openssl verify -CApath %s -CAfile %s/ca-cert.pem %s/server-cert.pem' \
+              % (self._tmppath, self._tmppath, self._tmppath)
+
+        expected = bytes('%s/server-cert.pem: OK\n' % self._tmppath, 'utf-8')
+
+        self.checkOutput(cmd, expected)
+