4
4
Unit tests for L{OpenSSL.crypto}.
7
from unittest import TestCase
7
from unittest import TestCase, main
9
10
from OpenSSL.crypto import TYPE_RSA, TYPE_DSA, Error, PKey, PKeyType
10
11
from OpenSSL.crypto import X509, X509Type, X509Name, X509NameType
11
12
from OpenSSL.crypto import X509Req, X509ReqType
12
13
from OpenSSL.crypto import X509Extension, X509ExtensionType
13
from OpenSSL.crypto import FILETYPE_PEM, load_certificate, load_privatekey
14
from OpenSSL.crypto import dump_privatekey
14
from OpenSSL.crypto import load_certificate, load_privatekey
15
from OpenSSL.crypto import FILETYPE_PEM, FILETYPE_ASN1, FILETYPE_TEXT
16
from OpenSSL.crypto import dump_certificate, load_certificate_request
17
from OpenSSL.crypto import dump_certificate_request, dump_privatekey
17
20
cleartextCertificatePEM = """-----BEGIN CERTIFICATE-----
51
54
-----END RSA PRIVATE KEY-----
57
cleartextCertificateRequestPEM = (
58
"-----BEGIN CERTIFICATE REQUEST-----\n"
59
"MIIBnjCCAQcCAQAwXjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAklMMRAwDgYDVQQH\n"
60
"EwdDaGljYWdvMRcwFQYDVQQKEw5NeSBDb21wYW55IEx0ZDEXMBUGA1UEAxMORnJl\n"
61
"ZGVyaWNrIERlYW4wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANp6Y17WzKSw\n"
62
"BsUWkXdqg6tnXy8H8hA1msCMWpc+/2KJ4mbv5NyD6UD+/SqagQqulPbF/DFea9nA\n"
63
"E0zhmHJELcM8gUTIlXv/cgDWnmK4xj8YkjVUiCdqKRAKeuzLG1pGmwwF5lGeJpXN\n"
64
"xQn5ecR0UYSOWj6TTGXB9VyUMQzCClcBAgMBAAGgADANBgkqhkiG9w0BAQUFAAOB\n"
65
"gQAAJGuF/R/GGbeC7FbFW+aJgr9ee0Xbl6nlhu7pTe67k+iiKT2dsl2ti68MVTnu\n"
66
"Vrb3HUNqOkiwsJf6kCtq5oPn3QVYzTa76Dt2y3Rtzv6boRSlmlfrgS92GNma8JfR\n"
67
"oICQk3nAudi6zl1Dix3BCv1pUp5KMtGn3MeDEi6QFGy2rA==\n"
68
"-----END CERTIFICATE REQUEST-----\n")
54
70
encryptedPrivateKeyPEM = """-----BEGIN RSA PRIVATE KEY-----
55
71
Proc-Type: 4,ENCRYPTED
56
72
DEK-Info: DES-EDE3-CBC,9573604A18579E9E
711
727
self.assertEqual(loadedKey.bits(), key.bits())
730
def _runopenssl(self, pem, *args):
732
Run the command line openssl tool with the given arguments and write
733
the given PEM to its stdin.
735
write, read = popen2(" ".join(("openssl",) + args))
741
def test_dump_certificate(self):
743
L{dump_certificate} writes PEM, DER, and text.
745
pemData = cleartextCertificatePEM + cleartextPrivateKeyPEM
746
cert = load_certificate(FILETYPE_PEM, pemData)
747
dumped_pem = dump_certificate(FILETYPE_PEM, cert)
748
self.assertEqual(dumped_pem, cleartextCertificatePEM)
749
dumped_der = dump_certificate(FILETYPE_ASN1, cert)
750
good_der = self._runopenssl(dumped_pem, "x509", "-outform", "DER")
751
self.assertEqual(dumped_der, good_der)
752
cert2 = load_certificate(FILETYPE_ASN1, dumped_der)
753
dumped_pem2 = dump_certificate(FILETYPE_PEM, cert2)
754
self.assertEqual(dumped_pem2, cleartextCertificatePEM)
755
dumped_text = dump_certificate(FILETYPE_TEXT, cert)
756
good_text = self._runopenssl(dumped_pem, "x509", "-noout", "-text")
757
self.assertEqual(dumped_text, good_text)
760
def test_dump_privatekey(self):
762
L{dump_privatekey} writes a PEM, DER, and text.
764
key = load_privatekey(FILETYPE_PEM, cleartextPrivateKeyPEM)
765
dumped_pem = dump_privatekey(FILETYPE_PEM, key)
766
self.assertEqual(dumped_pem, cleartextPrivateKeyPEM)
767
dumped_der = dump_privatekey(FILETYPE_ASN1, key)
768
# XXX This OpenSSL call writes "writing RSA key" to standard out. Sad.
769
good_der = self._runopenssl(dumped_pem, "rsa", "-outform", "DER")
770
self.assertEqual(dumped_der, good_der)
771
key2 = load_privatekey(FILETYPE_ASN1, dumped_der)
772
dumped_pem2 = dump_privatekey(FILETYPE_PEM, key2)
773
self.assertEqual(dumped_pem2, cleartextPrivateKeyPEM)
774
dumped_text = dump_privatekey(FILETYPE_TEXT, key)
775
good_text = self._runopenssl(dumped_pem, "rsa", "-noout", "-text")
776
self.assertEqual(dumped_text, good_text)
779
def test_dump_certificate_request(self):
781
L{dump_certificate_request} writes a PEM, DER, and text.
783
req = load_certificate_request(FILETYPE_PEM, cleartextCertificateRequestPEM)
784
dumped_pem = dump_certificate_request(FILETYPE_PEM, req)
785
self.assertEqual(dumped_pem, cleartextCertificateRequestPEM)
786
dumped_der = dump_certificate_request(FILETYPE_ASN1, req)
787
good_der = self._runopenssl(dumped_pem, "req", "-outform", "DER")
788
self.assertEqual(dumped_der, good_der)
789
req2 = load_certificate_request(FILETYPE_ASN1, dumped_der)
790
dumped_pem2 = dump_certificate_request(FILETYPE_PEM, req2)
791
self.assertEqual(dumped_pem2, cleartextCertificateRequestPEM)
792
dumped_text = dump_certificate_request(FILETYPE_TEXT, req)
793
good_text = self._runopenssl(dumped_pem, "req", "-noout", "-text")
794
self.assertEqual(dumped_text, good_text)
714
797
def test_dump_privatekey_passphraseCallback(self):
716
799
L{dump_privatekey} writes an encrypted PEM when given a callback which