source: TI12-security/trunk/python/ndg.security.test/ndg/security/test/AttCert/X509Test.py @ 3026

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/python/ndg.security.test/ndg/security/test/AttCert/X509Test.py@3026
Revision 3026, 5.5 KB checked in by pjkersha, 13 years ago (diff)
  • Property svn:executable set to *
  • Property svn:keywords set to Id
Line 
1#!/usr/bin/env python
2"""NDG X509 Module unit tests
3
4NERC Data Grid Project
5"""
6__author__ = "P J Kershaw"
7__date__ = "03/01/07"
8__copyright__ = "(C) 2007 STFC & NERC"
9__license__ = \
10"""This software may be distributed under the terms of the Q Public
11License, version 1.0 or later."""
12__contact__ = "P.J.Kershaw@rl.ac.uk"
13__revision__ = '$Id$'
14
15import unittest
16import os
17import sys
18import getpass
19import traceback
20
21from ConfigParser import SafeConfigParser
22from ndg.security.common.X509 import *
23
24class X509TestCase(unittest.TestCase):
25   
26    def setUp(self):
27       
28        configParser = SafeConfigParser()
29        configParser.read("./x509Test.cfg")
30       
31        self.cfg = {}
32        for section in configParser.sections():
33            self.cfg[section] = dict(configParser.items(section))
34       
35           
36           
37    def test1X509CertRead(self):
38        'test1X509CertRead: read in a cert from file'
39        print self.test1X509CertRead.__doc__
40        self.x509Cert=X509CertRead(self.cfg['test1X509CertRead']['certfile'])
41        assert(self.x509Cert)
42
43    def test2X509CertAsPEM(self):
44        'test2X509CertAsPEM: display as a PEM format string'
45        self.test1X509CertRead()
46        print self.test2X509CertAsPEM.__doc__
47        self.pemString = self.x509Cert.asPEM()
48        print self.pemString
49
50
51    def test3X509CertParse(self):
52        'test3X509CertParse: parse from a PEM format string'
53        self.test2X509CertAsPEM()
54        print self.test3X509CertParse.__doc__
55        assert(X509CertParse(self.pemString))
56
57
58    def test4GetDN(self):
59        'test4GetDN: extract distinguished name'
60        self.test1X509CertRead()
61        print self.test4GetDN.__doc__
62        self.dn = self.x509Cert.dn
63        print self.dn
64       
65    def test5DN(self):
66        'test5DN: test X.500 Distinguished Name attributes'
67        print self.test5DN.__doc__
68        self.test4GetDN()
69        for item in self.dn.items():
70            print "%s=%s" % item
71       
72    def test6DNCmp(self):
73        '''test6DNCmp: test X.500 Distinguished Name comparison
74        operators'''
75        print self.test6DNCmp.__doc__
76        self.test4GetDN()
77        testDN = X500DN(dn="/O=a/OU=b/CN=c")
78
79        assert(not(testDN == self.dn))
80        assert(testDN != self.dn)
81        assert(self.dn == self.dn)
82        assert(not(self.dn != self.dn))
83           
84    def test7x509Stack(self):
85        '''test7x509Stack: test X509Stack functionality'''
86        print self.test7x509Stack.__doc__
87        self.test1X509CertRead()
88        stack = X509Stack()
89        assert(len(stack)==0)
90        assert(stack.push(self.x509Cert))
91        assert(len(stack)==1)
92        print "stack[0] = %s" % stack[0]
93        for i in stack:
94            print "stack iterator i = %s" % i
95        print "stack.pop() = %s" % stack.pop()
96        assert(len(stack)==0)
97           
98    def test8x509StackVerifyCertChain(self):
99        '''test8x509StackVerifyCertChain: testVerifyCertChain method'''
100        print self.test8x509StackVerifyCertChain.__doc__
101        self.test1X509CertRead()
102        proxyCert=X509CertRead(\
103                   self.cfg['test8x509StackVerifyCertChain']['proxycertfile'])
104
105        stack1 = X509Stack()
106        stack1.push(self.x509Cert)
107       
108        caCert=X509CertRead(\
109                   self.cfg['test8x509StackVerifyCertChain']['cacertfile'])
110        caStack = X509Stack()
111        caStack.push(caCert)
112       
113        print "Verification of external cert with external CA stack..."
114        stack1.verifyCertChain(x509Cert2Verify=proxyCert, 
115                               caX509Stack=caStack)
116       
117        print "Verification of stack content using CA stack..."
118        stack1.push(proxyCert)
119        stack1.verifyCertChain(caX509Stack=caStack)
120       
121        print "Verification of stack alone..."
122        stack1.push(caCert)
123        stack1.verifyCertChain()
124       
125        print "Reject self-signed cert. ..."
126        stack2 = X509Stack()
127        try:
128            stack2.verifyCertChain()
129            raise Exception, "Empty stack error expected"
130        except X509StackError:
131            pass
132
133        stack2.push(caCert)
134        try:
135            stack2.verifyCertChain()
136            raise Exception, "Reject of self-signed cert. expected"
137        except SelfSignedCert:
138            pass
139       
140        print "Accept self-signed cert. ..."
141        stack2.verifyCertChain(rejectSelfSignedCert=False)
142       
143        assert(stack2.pop())
144        print "Test no cert. issuer found ..."
145        stack2.push(proxyCert)
146        try:
147            stack2.verifyCertChain()
148            raise Exception, "No cert. issuer error expected"
149        except CertIssuerNotFound:
150            pass
151       
152        print "Test no cert. issuer found again with incomplete chain ..."
153        stack2.push(self.x509Cert)
154        try:
155            stack2.verifyCertChain()
156            raise Exception, "No cert. issuer error expected"
157        except CertIssuerNotFound:
158            pass
159       
160
161class X509TestSuite(unittest.TestSuite):
162    def __init__(self):
163        map = map(X509TestCase,
164                  (
165                    "test1X509CertRead",
166                    "test2X509CertAsPEM",
167                    "test3X509CertParse",
168                    "test4GetDN",
169                    "test5DN",
170                    "test6DNCmp",
171                    "test7x509Stack",
172                    "test8x509StackVerifyCertChain"
173                  ))
174        unittest.TestSuite.__init__(self, map)
175 
176                                       
177if __name__ == "__main__":
178    unittest.main()
Note: See TracBrowser for help on using the repository browser.