cam/tests/test_ca.py

   1 import logging
   2 import os
   3 import tempfile
   4 import shutil
   5 import subprocess
   6 import unittest
   7 from cam import ca
   8 from cam import openssl_wrap
   9
  10
  11 logging.basicConfig(level=logging.DEBUG)
  12
  13
  14 class CertStub(object):
  15
  16     def __init__(self, name, cn, tmpdir):
  17         self.name = name
  18         self.cn = cn
  19         self.alt_names = [cn]
  20         self.ou = None
  21         self.days = '365'
  22         self.public_key_file = os.path.join(tmpdir, '%s.pub' % name)
  23         self.private_key_file = os.path.join(tmpdir, '%s.priv' % name)
  24
  25     def get_expiration_date(self):
  26         return 123456789
  27
  28     def exists(self):
  29         return os.path.exists(self.public_key_file)
  30
  31
  32 class CATest(unittest.TestCase):
  33
  34     def setUp(self):
  35         self.tmpdir = tempfile.mkdtemp()
  36         self.ca = ca.CA(self.tmpdir,
  37                         {'cn': 'test ca', 'org': 'test',
  38                          'bits': '1024', 'email': 'test@test.com'},
  39                         password='testpw')
  40
  41     def tearDown(self):
  42         self.ca.close()
  43         shutil.rmtree(self.tmpdir)
  44
  45     def test_create(self):
  46         self.ca.create()
  47         self.assertTrue(os.path.exists(os.path.join(self.tmpdir, 'conf/ca.conf')))
  48
  49     def test_create_cert(self):
  50         self.ca.create()
  51         cert = CertStub('test', 'www.test.com', self.tmpdir)
  52         self.ca.generate(cert)
  53         self.assertTrue(os.path.exists(cert.public_key_file))
  54         self.assertTrue(os.path.exists(cert.private_key_file))
  55
  56     def test_create_cert_with_digest_override(self):
  57         self.ca.config['signature_algorithm'] = 'md5'
  58         self.ca.create()
  59         cert = CertStub('test', 'www.test.com', self.tmpdir)
  60         self.ca.generate(cert)
  61         self.assertTrue(os.path.exists(cert.public_key_file))
  62         self.assertTrue(os.path.exists(cert.private_key_file))
  63         self.assertTrue(
  64             'Signature Algorithm: md5WithRSAEncryption' in subprocess.check_output(
  65             ['openssl', 'x509', '-text', '-noout', '-in', cert.public_key_file]))
  66
  67     def test_revoke(self):
  68         self.ca.create()
  69         cert = CertStub('test', 'www.test.com', self.tmpdir)
  70         self.ca.generate(cert)
  71         self.ca.revoke(cert)
  72         self.assertTrue(os.path.exists(os.path.join(self.tmpdir, 'public/ca.crl')))