File: test_api.py

package info (click to toggle)
python-rfc3161ng 2.1.3-1
  • links: PTS, VCS
  • area: main
  • in suites: bookworm, forky, sid, trixie
  • size: 200 kB
  • sloc: python: 597; makefile: 3
file content (148 lines) | stat: -rwxr-xr-x 6,438 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
 
import os.path
import datetime
import dateutil.tz
import subprocess
import pytest

from tempfile import NamedTemporaryFile
from pyasn1.codec.der import encoder

import rfc3161ng


def _default_test(tsa_server, certificate=None, username=None, password=None, data='xx', nonce=None, **kwargs):
    if certificate:
        with open(certificate, 'rb') as f:
            certificate_data = f.read()

        kwargs.update({
            'certificate': certificate_data,
        })

    if username and password:
        kwargs.update({
            'username': username,
            'password': password,
        })

    timestamper = rfc3161ng.RemoteTimestamper(tsa_server, **kwargs)
    kwargs = {}
    if nonce:
        kwargs['nonce'] = nonce
    value = timestamper(data=data, **kwargs)
    assert value is not False
    assert isinstance(rfc3161ng.get_timestamp(value), datetime.datetime)
    assert value is not None


def test_verify_timestamp_response_with_openssl():
    with open(os.path.join(os.path.dirname(__file__), '../data/freetsa.crt'), 'rb') as f:
        certificate_data = f.read()

    timestamper = rfc3161ng.RemoteTimestamper('http://freetsa.org/tsr', certificate=certificate_data)

    with NamedTemporaryFile() as data_f, NamedTemporaryFile() as tsr_f:
        data_f.write(b"Hello World from rfc3161ng\n")
        data_f.flush()
        data_f.seek(0)

        tsr = timestamper(data=data_f.read(), return_tsr=True)
        tsr_f.write(encoder.encode(tsr))
        tsr_f.flush()

        args = ["openssl", "ts", "-verify", "-data", data_f.name, "-in", tsr_f.name, "-CAfile", "data/freetsa_cacert.pem", "-untrusted", "data/freetsa.crt"]
        subprocess.check_call(args)


def test_time_certum_pl():
    _default_test(
        'http://time.certum.pl',
        os.path.join(os.path.dirname(__file__), '../data/certum_certificate.crt'),
    )


@pytest.mark.xfail
def test_redwax_eu():
    # https://interop.redwax.eu/rs/timestamp/
    # CA:  https://interop.redwax.eu/test/simple/ca.der
    # Server: 'https://interop.redwax.eu/test/timestamp
    _default_test(
        'https://interop.redwax.eu/test/timestamp',
        certificate=os.path.join('data/redwax-interop-ca.crt'),
        data=b'The RedWax Project',
        hashname='sha256',
    )


@pytest.mark.xfail
def test_redwax_eu_no_certificate():
    # https://interop.redwax.eu/rs/timestamp/
    # CA:  https://interop.redwax.eu/test/simple/ca.der
    # Server: 'https://interop.redwax.eu/test/timestamp
    _default_test(
        'https://interop.redwax.eu/test/timestamp',
        data=b'The RedWax Project',
        hashname='sha256',
    )


def test_freetsa_org():
    _default_test(
        'http://freetsa.org/tsr',
        os.path.join('data/freetsa.crt'),
    )


def test_teszt_e_szigno_hu():
    data = '{"comment": "Envoi en Commission", "to": "Benjamin Dauvergne", "filetype": "Arr\u00eat CC", "from": "Benjamin Dauvergne", "files": [{"name": "affectations_ange1d.xlsx", "digest": "ce57e4ba353107dddaab91b9ad26c0569ffe0f94", "size": 16279}]}'
    _default_test(
        'https://teszt.e-szigno.hu:440/tsa',
        username='teszt',
        password='teszt',
        certificate=os.path.join(os.path.dirname(__file__), '../data/e_szigno_test_tsa2.crt'),
        data=data,
        hashname='sha256',
    )


def test_teszt_e_szigno_hu_with_nonce():
    data = '{"comment": "Envoi en Commission", "to": "Benjamin Dauvergne", "filetype": "Arr\u00eat CC", "from": "Benjamin Dauvergne", "files": [{"name": "affectations_ange1d.xlsx", "digest": "ce57e4ba353107dddaab91b9ad26c0569ffe0f94", "size": 16279}]}'
    _default_test(
        'https://teszt.e-szigno.hu:440/tsa',
        username='teszt',
        password='teszt',
        certificate=os.path.join(os.path.dirname(__file__), '../data/e_szigno_test_tsa2.crt'),
        data=data,
        nonce=2,
        hashname='sha256',
    )


def test_encode_decode_timestamp_request():
    tsq = rfc3161ng.make_timestamp_request(data="test")
    pretty_print_str = "TimeStampReq:\n version=v1\n messageImprint=MessageImprint:\n  hashAlgorithm=AlgorithmIdentifier:\n   algorithm=1.3.14.3.2.26\n\n  hashedMessage=0xa94a8fe5ccb19ba61c4c0873d391e987982fbbd3\n\n certReq=False\n"
    # Some versions of prettyPrint() include quotes, others do not.
    # Hide the difference by removing the quotes.
    assert tsq.prettyPrint().replace("'", "") == pretty_print_str
    bin_tsq = rfc3161ng.encode_timestamp_request(tsq)
    assert bin_tsq == b'0$\x02\x01\x010\x1f0\x07\x06\x05+\x0e\x03\x02\x1a\x04\x14\xa9J\x8f\xe5\xcc\xb1\x9b\xa6\x1cL\x08s\xd3\x91\xe9\x87\x98/\xbb\xd3'
    tsq2 = rfc3161ng.decode_timestamp_request(bin_tsq)
    assert tsq2.getComponentByPosition(1).getComponentByPosition(1) == tsq.getComponentByPosition(1).getComponentByPosition(1)
    # This test is probably still incomplete


def test_generalized_time_decoding():
    from rfc3161ng.api import generalizedtime_to_utc_datetime

    # generalizedTime string, naive == expected datetime
    assert generalizedtime_to_utc_datetime('20180208181004,948468', True) == datetime.datetime(2018, 2, 8, 18, 10, 4, 948468)
    assert generalizedtime_to_utc_datetime('20180208181004', True) == datetime.datetime(2018, 2, 8, 18, 10, 4, 0)
    assert generalizedtime_to_utc_datetime('201802081810', True) == datetime.datetime(2018, 2, 8, 18, 10, 0, 0)
    assert generalizedtime_to_utc_datetime('2018020818', True) == datetime.datetime(2018, 2, 8, 18, 0, 0, 0)
    assert generalizedtime_to_utc_datetime('20180208181004.948468Z', True) == datetime.datetime(2018, 2, 8, 18, 10, 4, 948468)
    assert generalizedtime_to_utc_datetime('20180208181004.948468+01', True) == datetime.datetime(2018, 2, 8, 17, 10, 4, 948468)
    assert generalizedtime_to_utc_datetime('20180208181004.948468-01', True) == datetime.datetime(2018, 2, 8, 19, 10, 4, 948468)
    assert generalizedtime_to_utc_datetime('20180208181004.948468+0130', True) == datetime.datetime(2018, 2, 8, 16, 40, 4, 948468)
    assert generalizedtime_to_utc_datetime('20180208181004.948468Z', False) == datetime.datetime(2018, 2, 8, 18, 10, 4, 948468, tzinfo=dateutil.tz.tzutc())
    assert generalizedtime_to_utc_datetime('20180208181004.948468-01', False) == datetime.datetime(2018, 2, 8, 19, 10, 4, 948468, tzinfo=dateutil.tz.tzutc())
    assert generalizedtime_to_utc_datetime('20180208181004.948468+0130', False) == datetime.datetime(2018, 2, 8, 16, 40, 4, 948468, tzinfo=dateutil.tz.tzutc())