source: TI12-security/trunk/python/ndg.security.test/ndg/security/test/X509/X509Test.py @ 3195

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/python/ndg.security.test/ndg/security/test/X509/X509Test.py@3195
Revision 3195, 6.1 KB checked in by pjkersha, 12 years ago (diff)

fixes to X509, XMLSecDoc, wsSecurity and sessionMgrClient unit tests - latter still to complete

security/python/ndg.security.test/ndg/security/test/SecurityCGItest.py: deleted as this code is no longer needed. Pylons code replaces it. The module that the unit test is based still exists.

security/python/ndg.security.test/ndg/security/test/sessionMgrClient/README: more detailed instructions

security/python/ndg.security.test/ndg/security/test/server.py: repalce equivalent .sh bash script with python version

security/python/ndg.security.test/ndg/security/test/sessionMgrClient/sessionMgrClient.cfg: extra comments and use unit test dir env var to ref all files to enable running from any dir

security/python/ndg.security.test/ndg/security/test/sessionMgrClient/SessionMgrClient.py: part way through refactoring for changes as of the previous

security/python/ndg.security.test/ndg/security/test/sessionMgrClient/sessionMgrProperties.xml: fix env var refs.

security/python/ndg.security.test/ndg/security/test/wsSecurity/*,
security/python/ndg.security.test/ndg/security/test/X509/*,
security/python/ndg.security.test/ndg/security/test/XMLSecDoc/*: fixed for use with env vars

  • Property svn:executable set to *
  • Property svn:keywords set to Id
Line 
1#!/usr/bin/env python
2"""NDG X509 Module unit tests
3
4NERC Data Grid Project
5"""
6__author__ = "P J Kershaw"
7__date__ = "03/01/07"
8__copyright__ = "(C) 2007 STFC & NERC"
9__license__ = \
10"""This software may be distributed under the terms of the Q Public
11License, version 1.0 or later."""
12__contact__ = "P.J.Kershaw@rl.ac.uk"
13__revision__ = '$Id$'
14
15import unittest
16import os
17import sys
18import getpass
19import traceback
20
21from ConfigParser import SafeConfigParser
22from ndg.security.common.X509 import X509CertRead, X509CertParse, X500DN, \
23    X509Stack, X509StackError, SelfSignedCert, CertIssuerNotFound
24
25from os.path import expandvars as xpdVars
26from os.path import join as jnPath
27mkPath = lambda file: jnPath(os.environ['NDGSEC_X509_UNITTEST_DIR'], file)
28
29class X509TestCase(unittest.TestCase):
30   
31    def setUp(self):
32       
33        if 'NDGSEC_INT_DEBUG' in os.environ:
34            import pdb
35            pdb.set_trace()
36       
37        if 'NDGSEC_X509_UNITTEST_DIR' not in os.environ:
38            os.environ['NDGSEC_X509_UNITTEST_DIR'] = \
39                os.path.abspath(os.path.dirname(__file__))
40       
41        configParser = SafeConfigParser()
42        configFilePath = jnPath(os.environ['NDGSEC_X509_UNITTEST_DIR'],
43                                "x509Test.cfg")
44        configParser.read(configFilePath)
45       
46        self.cfg = {}
47        for section in configParser.sections():
48            self.cfg[section] = dict(configParser.items(section))
49       
50           
51    def test1X509CertRead(self):
52        'test1X509CertRead: read in a cert from file'
53        print self.test1X509CertRead.__doc__
54        self.x509Cert = \
55            X509CertRead(xpdVars(self.cfg['test1X509CertRead']['certfile']))
56        assert(self.x509Cert)
57
58    def test2X509CertAsPEM(self):
59        'test2X509CertAsPEM: display as a PEM format string'
60        self.test1X509CertRead()
61        print self.test2X509CertAsPEM.__doc__
62        self.pemString = self.x509Cert.asPEM()
63        print self.pemString
64
65
66    def test3X509CertParse(self):
67        'test3X509CertParse: parse from a PEM format string'
68        self.test2X509CertAsPEM()
69        print self.test3X509CertParse.__doc__
70        assert(X509CertParse(self.pemString))
71
72
73    def test4GetDN(self):
74        'test4GetDN: extract distinguished name'
75        self.test1X509CertRead()
76        print self.test4GetDN.__doc__
77        self.dn = self.x509Cert.dn
78        print self.dn
79       
80    def test5DN(self):
81        'test5DN: test X.500 Distinguished Name attributes'
82        print self.test5DN.__doc__
83        self.test4GetDN()
84        for item in self.dn.items():
85            print "%s=%s" % item
86       
87    def test6DNCmp(self):
88        '''test6DNCmp: test X.500 Distinguished Name comparison
89        operators'''
90        print self.test6DNCmp.__doc__
91        self.test4GetDN()
92        testDN = X500DN(dn="/O=a/OU=b/CN=c")
93
94        assert(not(testDN == self.dn))
95        assert(testDN != self.dn)
96        assert(self.dn == self.dn)
97        assert(not(self.dn != self.dn))
98           
99    def test7X509Stack(self):
100        '''test7X509Stack: test X509Stack functionality'''
101        print self.test7X509Stack.__doc__
102        self.test1X509CertRead()
103        stack = X509Stack()
104        assert(len(stack)==0)
105        assert(stack.push(self.x509Cert))
106        assert(len(stack)==1)
107        print "stack[0] = %s" % stack[0]
108        for i in stack:
109            print "stack iterator i = %s" % i
110        print "stack.pop() = %s" % stack.pop()
111        assert(len(stack)==0)
112           
113    def test8X509StackVerifyCertChain(self):
114        '''test8X509StackVerifyCertChain: testVerifyCertChain method'''
115        print self.test8X509StackVerifyCertChain.__doc__
116        self.test1X509CertRead()
117        proxyCert=X509CertRead(xpdVars(\
118                   self.cfg['test8X509StackVerifyCertChain']['proxycertfile']))
119
120        stack1 = X509Stack()
121        stack1.push(self.x509Cert)
122       
123        caCert=X509CertRead(xpdVars(\
124                   self.cfg['test8X509StackVerifyCertChain']['cacertfile']))
125        caStack = X509Stack()
126        caStack.push(caCert)
127       
128        print "Verification of external cert with external CA stack..."
129        stack1.verifyCertChain(x509Cert2Verify=proxyCert, 
130                               caX509Stack=caStack)
131       
132        print "Verification of stack content using CA stack..."
133        stack1.push(proxyCert)
134        stack1.verifyCertChain(caX509Stack=caStack)
135       
136        print "Verification of stack alone..."
137        stack1.push(caCert)
138        stack1.verifyCertChain()
139       
140        print "Reject self-signed cert. ..."
141        stack2 = X509Stack()
142        try:
143            stack2.verifyCertChain()
144            raise Exception, "Empty stack error expected"
145        except X509StackError:
146            pass
147
148        stack2.push(caCert)
149        try:
150            stack2.verifyCertChain()
151            raise Exception, "Reject of self-signed cert. expected"
152        except SelfSignedCert:
153            pass
154       
155        print "Accept self-signed cert. ..."
156        stack2.verifyCertChain(rejectSelfSignedCert=False)
157       
158        assert(stack2.pop())
159        print "Test no cert. issuer found ..."
160        stack2.push(proxyCert)
161        try:
162            stack2.verifyCertChain()
163            raise Exception, "No cert. issuer error expected"
164        except CertIssuerNotFound:
165            pass
166       
167        print "Test no cert. issuer found again with incomplete chain ..."
168        stack2.push(self.x509Cert)
169        try:
170            stack2.verifyCertChain()
171            raise Exception, "No cert. issuer error expected"
172        except CertIssuerNotFound:
173            pass
174       
175
176class X509TestSuite(unittest.TestSuite):
177    def __init__(self):
178        map = map(X509TestCase,
179                  (
180                    "test1X509CertRead",
181                    "test2X509CertAsPEM",
182                    "test3X509CertParse",
183                    "test4GetDN",
184                    "test5DN",
185                    "test6DNCmp",
186                    "test7X509Stack",
187                    "test8X509StackVerifyCertChain"
188                  ))
189        unittest.TestSuite.__init__(self, map)
190 
191                                       
192if __name__ == "__main__":
193    unittest.main()
Note: See TracBrowser for help on using the repository browser.