1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
|
"""Unit tests for M2Crypto.SSL offline parts
Copyright (C) 2006 Open Source Applications Foundation. All Rights Reserved.
Copyright (C) 2009-2010 Heikki Toivonen. All Rights Reserved.
"""
import doctest
from M2Crypto import Rand, SSL, X509
from tests import unittest
from tests.test_ssl import srv_host
class CheckerTestCase(unittest.TestCase):
def test_checker(self):
check = SSL.Checker.Checker(
host=srv_host,
peerCertHash="9917962167CFDB8BCFAC775093E79A1113B3DA146EA4E1EB1FEFC6E58770D158",
)
x509 = X509.load_cert("tests/server.pem")
self.assertTrue(check(x509, srv_host))
with self.assertRaises(SSL.Checker.WrongHost):
check(x509, "example.com")
doctest.testmod(SSL.Checker)
class ContextTestCase(unittest.TestCase):
def test_ctx_load_verify_locations(self):
ctx = SSL.Context()
with self.assertRaises(ValueError):
ctx.load_verify_locations(None, None)
def test_ctx_set_default_verify_paths(self):
ctx = SSL.Context()
ctx.set_default_verify_paths()
# test will get here only if the previous won't fail
def test_map(self):
from M2Crypto.SSL.Context import ctxmap, _ctxmap
self.assertIsInstance(ctxmap(), _ctxmap)
ctx = SSL.Context()
assert ctxmap()
ctx.close()
self.assertIs(ctxmap(), _ctxmap.singleton)
def test_certstore(self):
ctx = SSL.Context()
ctx.set_verify(SSL.verify_peer | SSL.verify_fail_if_no_peer_cert, 9)
ctx.load_verify_locations("tests/ca.pem")
ctx.load_cert("tests/x509.pem")
store = ctx.get_cert_store()
self.assertIsInstance(store, X509.X509_Store)
def suite():
t_suite = unittest.TestSuite()
t_suite.addTest(unittest.TestLoader().loadTestsFromTestCase(CheckerTestCase))
t_suite.addTest(unittest.TestLoader().loadTestsFromTestCase(ContextTestCase))
return t_suite
if __name__ == "__main__":
Rand.load_file("randpool.dat", -1)
unittest.TextTestRunner().run(suite())
Rand.save_file("randpool.dat")
|
