1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
|
# coding: utf-8
from __future__ import unicode_literals, division, absolute_import, print_function
import unittest
import os
from asn1crypto import pem, x509
from certvalidator.registry import CertificateRegistry
tests_root = os.path.dirname(__file__)
fixtures_dir = os.path.join(tests_root, 'fixtures')
class RegistryTests(unittest.TestCase):
@unittest.skip("Not running tests")
def test_build_paths(self):
with open(os.path.join(fixtures_dir, 'codex.crt'), 'rb') as f:
cert_bytes = f.read()
if pem.detect(cert_bytes):
_, _, cert_bytes = pem.unarmor(cert_bytes)
cert = x509.Certificate.load(cert_bytes)
with open(os.path.join(fixtures_dir, 'GeoTrust_EV_SSL_CA_-_G4.crt'), 'rb') as f:
other_certs = [f.read()]
repo = CertificateRegistry(other_certs=other_certs)
paths = repo.build_paths(cert)
self.assertEqual(1, len(paths))
path = paths[0]
self.assertEqual(3, len(path))
self.assertEqual(
[
b'z\x10xI\xe1u\x1a@\x0e\r\xdb\xac0\xc8\xaaK\x12u\xd1\xac',
b'\xaa+\x03\x14\xafd.\x13\x0e\xd6\x92%\xe3\xff*\xba\xd7=b0',
b"\xfcq\x7f\x98='\xcc\xb3D\xfbK\x85\xf0\x81\x8f\xab\xcb\xf0\x9b\x14"
],
[item.subject.sha1 for item in path]
)
def test_build_paths_custom_ca_certs(self):
with open(os.path.join(fixtures_dir, 'codex.crt'), 'rb') as f:
cert_bytes = f.read()
if pem.detect(cert_bytes):
_, _, cert_bytes = pem.unarmor(cert_bytes)
cert = x509.Certificate.load(cert_bytes)
with open(os.path.join(fixtures_dir, 'GeoTrust_EV_SSL_CA_-_G4.crt'), 'rb') as f:
other_certs = [f.read()]
repo = CertificateRegistry(trust_roots=other_certs)
paths = repo.build_paths(cert)
self.assertEqual(1, len(paths))
path = paths[0]
self.assertEqual(2, len(path))
self.assertEqual(
[
b'\xaa+\x03\x14\xafd.\x13\x0e\xd6\x92%\xe3\xff*\xba\xd7=b0',
b"\xfcq\x7f\x98='\xcc\xb3D\xfbK\x85\xf0\x81\x8f\xab\xcb\xf0\x9b\x14"
],
[item.subject.sha1 for item in path]
)
|
