← Back to branch summary

~ubuntu-branches/ubuntu/vivid/dnspython/vivid-proposed

« back to all changes in this revision

Viewing changes to tests/dnssec.py

  • Committer: Package Import Robot
  • Author(s): Scott Kitterman
  • Date: 2014-09-14 22:46:43 UTC
  • mfrom: (10.1.1 sid)
  • Revision ID: package-import@ubuntu.com-20140914224643-lo3b4m85cm901ql4
Tags: 1.12.0-1
* New upstream release
* Add explicit build-dep on dh-python to make use of the newer version

Show diffs side-by-side

added added

removed removed

Lines of Context:
tests/dnssec.py
1
 
# Copyright (C) 2011 Nominum, Inc.
2
 
#
3
 
# Permission to use, copy, modify, and distribute this software and its
4
 
# documentation for any purpose with or without fee is hereby granted,
5
 
# provided that the above copyright notice and this permission notice
6
 
# appear in all copies.
7
 
#
8
 
# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
9
 
# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10
 
# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
11
 
# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12
 
# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13
 
# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
14
 
# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15
 
 
16
 
import unittest
17
 
 
18
 
import dns.dnssec
19
 
import dns.name
20
 
import dns.rdata
21
 
import dns.rdataclass
22
 
import dns.rdatatype
23
 
import dns.rrset
24
 
 
25
 
abs_dnspython_org = dns.name.from_text('dnspython.org')
26
 
 
27
 
abs_keys = { abs_dnspython_org :
28
 
             dns.rrset.from_text('dnspython.org.', 3600, 'IN', 'DNSKEY',
29
 
                                 '257 3 5 AwEAAenVTr9L1OMlL1/N2ta0Qj9LLLnnmFWIr1dJoAsWM9BQfsbV7kFZ XbAkER/FY9Ji2o7cELxBwAsVBuWn6IUUAJXLH74YbC1anY0lifjgt29z SwDzuB7zmC7yVYZzUunBulVW4zT0tg1aePbpVL2EtTL8VzREqbJbE25R KuQYHZtFwG8S4iBxJUmT2Bbd0921LLxSQgVoFXlQx/gFV2+UERXcJ5ce iX6A6wc02M/pdg/YbJd2rBa0MYL3/Fz/Xltre0tqsImZGxzi6YtYDs45 NC8gH+44egz82e2DATCVM1ICPmRDjXYTLldQiWA2ZXIWnK0iitl5ue24 7EsWJefrIhE=',
30
 
                                 '256 3 5 AwEAAdSSghOGjU33IQZgwZM2Hh771VGXX05olJK49FxpSyuEAjDBXY58 LGU9R2Zgeecnk/b9EAhFu/vCV9oECtiTCvwuVAkt9YEweqYDluQInmgP NGMJCKdSLlnX93DkjDw8rMYv5dqXCuSGPlKChfTJOLQxIAxGloS7lL+c 0CTZydAF')
31
 
         }
32
 
 
33
 
abs_keys_duplicate_keytag = { abs_dnspython_org :
34
 
             dns.rrset.from_text('dnspython.org.', 3600, 'IN', 'DNSKEY',
35
 
                                 '257 3 5 AwEAAenVTr9L1OMlL1/N2ta0Qj9LLLnnmFWIr1dJoAsWM9BQfsbV7kFZ XbAkER/FY9Ji2o7cELxBwAsVBuWn6IUUAJXLH74YbC1anY0lifjgt29z SwDzuB7zmC7yVYZzUunBulVW4zT0tg1aePbpVL2EtTL8VzREqbJbE25R KuQYHZtFwG8S4iBxJUmT2Bbd0921LLxSQgVoFXlQx/gFV2+UERXcJ5ce iX6A6wc02M/pdg/YbJd2rBa0MYL3/Fz/Xltre0tqsImZGxzi6YtYDs45 NC8gH+44egz82e2DATCVM1ICPmRDjXYTLldQiWA2ZXIWnK0iitl5ue24 7EsWJefrIhE=',
36
 
                                 '256 3 5 AwEAAdSSg++++THIS/IS/NOT/THE/CORRECT/KEY++++++++++++++++ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ AaOSydAF',
37
 
                                 '256 3 5 AwEAAdSSghOGjU33IQZgwZM2Hh771VGXX05olJK49FxpSyuEAjDBXY58 LGU9R2Zgeecnk/b9EAhFu/vCV9oECtiTCvwuVAkt9YEweqYDluQInmgP NGMJCKdSLlnX93DkjDw8rMYv5dqXCuSGPlKChfTJOLQxIAxGloS7lL+c 0CTZydAF')
38
 
         }
39
 
 
40
 
rel_keys = { dns.name.empty :
41
 
             dns.rrset.from_text('@', 3600, 'IN', 'DNSKEY',
42
 
                                 '257 3 5 AwEAAenVTr9L1OMlL1/N2ta0Qj9LLLnnmFWIr1dJoAsWM9BQfsbV7kFZ XbAkER/FY9Ji2o7cELxBwAsVBuWn6IUUAJXLH74YbC1anY0lifjgt29z SwDzuB7zmC7yVYZzUunBulVW4zT0tg1aePbpVL2EtTL8VzREqbJbE25R KuQYHZtFwG8S4iBxJUmT2Bbd0921LLxSQgVoFXlQx/gFV2+UERXcJ5ce iX6A6wc02M/pdg/YbJd2rBa0MYL3/Fz/Xltre0tqsImZGxzi6YtYDs45 NC8gH+44egz82e2DATCVM1ICPmRDjXYTLldQiWA2ZXIWnK0iitl5ue24 7EsWJefrIhE=',
43
 
                                 '256 3 5 AwEAAdSSghOGjU33IQZgwZM2Hh771VGXX05olJK49FxpSyuEAjDBXY58 LGU9R2Zgeecnk/b9EAhFu/vCV9oECtiTCvwuVAkt9YEweqYDluQInmgP NGMJCKdSLlnX93DkjDw8rMYv5dqXCuSGPlKChfTJOLQxIAxGloS7lL+c 0CTZydAF')
44
 
         }
45
 
 
46
 
when = 1290250287
47
 
 
48
 
abs_soa = dns.rrset.from_text('dnspython.org.', 3600, 'IN', 'SOA',
49
 
                              'howl.dnspython.org. hostmaster.dnspython.org. 2010020047 3600 1800 604800 3600')
50
 
 
51
 
abs_other_soa = dns.rrset.from_text('dnspython.org.', 3600, 'IN', 'SOA',
52
 
                                    'foo.dnspython.org. hostmaster.dnspython.org. 2010020047 3600 1800 604800 3600')
53
 
 
54
 
abs_soa_rrsig = dns.rrset.from_text('dnspython.org.', 3600, 'IN', 'RRSIG',
55
 
                                    'SOA 5 2 3600 20101127004331 20101119213831 61695 dnspython.org. sDUlltRlFTQw5ITFxOXW3TgmrHeMeNpdqcZ4EXxM9FHhIlte6V9YCnDw t6dvM9jAXdIEi03l9H/RAd9xNNW6gvGMHsBGzpvvqFQxIBR2PoiZA1mX /SWHZFdbt4xjYTtXqpyYvrMK0Dt7bUYPadyhPFCJ1B+I8Zi7B5WJEOd0 8vs=')
56
 
 
57
 
rel_soa = dns.rrset.from_text('@', 3600, 'IN', 'SOA',
58
 
                              'howl hostmaster 2010020047 3600 1800 604800 3600')
59
 
 
60
 
rel_other_soa = dns.rrset.from_text('@', 3600, 'IN', 'SOA',
61
 
                                    'foo hostmaster 2010020047 3600 1800 604800 3600')
62
 
 
63
 
rel_soa_rrsig = dns.rrset.from_text('@', 3600, 'IN', 'RRSIG',
64
 
                                    'SOA 5 2 3600 20101127004331 20101119213831 61695 @ sDUlltRlFTQw5ITFxOXW3TgmrHeMeNpdqcZ4EXxM9FHhIlte6V9YCnDw t6dvM9jAXdIEi03l9H/RAd9xNNW6gvGMHsBGzpvvqFQxIBR2PoiZA1mX /SWHZFdbt4xjYTtXqpyYvrMK0Dt7bUYPadyhPFCJ1B+I8Zi7B5WJEOd0 8vs=')
65
 
 
66
 
sep_key = dns.rdata.from_text(dns.rdataclass.IN, dns.rdatatype.DNSKEY,
67
 
                              '257 3 5 AwEAAenVTr9L1OMlL1/N2ta0Qj9LLLnnmFWIr1dJoAsWM9BQfsbV7kFZ XbAkER/FY9Ji2o7cELxBwAsVBuWn6IUUAJXLH74YbC1anY0lifjgt29z SwDzuB7zmC7yVYZzUunBulVW4zT0tg1aePbpVL2EtTL8VzREqbJbE25R KuQYHZtFwG8S4iBxJUmT2Bbd0921LLxSQgVoFXlQx/gFV2+UERXcJ5ce iX6A6wc02M/pdg/YbJd2rBa0MYL3/Fz/Xltre0tqsImZGxzi6YtYDs45 NC8gH+44egz82e2DATCVM1ICPmRDjXYTLldQiWA2ZXIWnK0iitl5ue24 7EsWJefrIhE=')
68
 
 
69
 
good_ds = dns.rdata.from_text(dns.rdataclass.IN, dns.rdatatype.DS,
70
 
                              '57349 5 2 53A79A3E7488AB44FFC56B2D1109F0699D1796DD977E72108B841F96 E47D7013')
71
 
 
72
 
when2 = 1290425644
73
 
 
74
 
abs_example = dns.name.from_text('example')
75
 
 
76
 
abs_dsa_keys = { abs_example :
77
 
                 dns.rrset.from_text('example.', 86400, 'IN', 'DNSKEY',
78
 
                                     '257 3 3 CI3nCqyJsiCJHTjrNsJOT4RaszetzcJPYuoH3F9ZTVt3KJXncCVR3bwn 1w0iavKljb9hDlAYSfHbFCp4ic/rvg4p1L8vh5s8ToMjqDNl40A0hUGQ Ybx5hsECyK+qHoajilUX1phYSAD8d9WAGO3fDWzUPBuzR7o85NiZCDxz yXuNVfni0uhj9n1KYhEO5yAbbruDGN89wIZcxMKuQsdUY2GYD93ssnBv a55W6XRABYWayKZ90WkRVODLVYLSn53Pj/wwxGH+XdhIAZJXimrZL4yl My7rtBsLMqq8Ihs4Tows7LqYwY7cp6y/50tw6pj8tFqMYcPUjKZV36l1 M/2t5BVg3i7IK61Aidt6aoC3TDJtzAxg3ZxfjZWJfhHjMJqzQIfbW5b9 q1mjFsW5EUv39RaNnX+3JWPRLyDqD4pIwDyqfutMsdk/Py3paHn82FGp CaOg+nicqZ9TiMZURN/XXy5JoXUNQ3RNvbHCUiPUe18KUkY6mTfnyHld 1l9YCWmzXQVClkx/hOYxjJ4j8Ife58+Obu5X',
79
 
                                     '256 3 3 CJE1yb9YRQiw5d2xZrMUMR+cGCTt1bp1KDCefmYKmS+Z1+q9f42ETVhx JRiQwXclYwmxborzIkSZegTNYIV6mrYwbNB27Q44c3UGcspb3PiOw5TC jNPRYEcdwGvDZ2wWy+vkSV/S9tHXY8O6ODiE6abZJDDg/RnITyi+eoDL R3KZ5n/V1f1T1b90rrV6EewhBGQJpQGDogaXb2oHww9Tm6NfXyo7SoMM pbwbzOckXv+GxRPJIQNSF4D4A9E8XCksuzVVdE/0lr37+uoiAiPia38U 5W2QWe/FJAEPLjIp2eTzf0TrADc1pKP1wrA2ASpdzpm/aX3IB5RPp8Ew S9U72eBFZJAUwg635HxJVxH1maG6atzorR566E+e0OZSaxXS9o1o6QqN 3oPlYLGPORDiExilKfez3C/x/yioOupW9K5eKF0gmtaqrHX0oq9s67f/ RIM2xVaKHgG9Vf2cgJIZkhv7sntujr+E4htnRmy9P9BxyFxsItYxPI6Z bzygHAZpGhlI/7ltEGlIwKxyTK3ZKBm67q7B')
80
 
                 }
81
 
 
82
 
abs_dsa_soa = dns.rrset.from_text('example.', 86400, 'IN', 'SOA',
83
 
                                  'ns1.example. hostmaster.example. 2 10800 3600 604800 86400')
84
 
 
85
 
abs_other_dsa_soa = dns.rrset.from_text('example.', 86400, 'IN', 'SOA',
86
 
                                        'ns1.example. hostmaster.example. 2 10800 3600 604800 86401')
87
 
 
88
 
abs_dsa_soa_rrsig = dns.rrset.from_text('example.', 86400, 'IN', 'RRSIG',
89
 
                                        'SOA 3 1 86400 20101129143231 20101122112731 42088 example. CGul9SuBofsktunV8cJs4eRs6u+3NCS3yaPKvBbD+pB2C76OUXDZq9U=')
90
 
 
91
 
example_sep_key = dns.rdata.from_text(dns.rdataclass.IN, dns.rdatatype.DNSKEY,
92
 
                                      '257 3 3 CI3nCqyJsiCJHTjrNsJOT4RaszetzcJPYuoH3F9ZTVt3KJXncCVR3bwn 1w0iavKljb9hDlAYSfHbFCp4ic/rvg4p1L8vh5s8ToMjqDNl40A0hUGQ Ybx5hsECyK+qHoajilUX1phYSAD8d9WAGO3fDWzUPBuzR7o85NiZCDxz yXuNVfni0uhj9n1KYhEO5yAbbruDGN89wIZcxMKuQsdUY2GYD93ssnBv a55W6XRABYWayKZ90WkRVODLVYLSn53Pj/wwxGH+XdhIAZJXimrZL4yl My7rtBsLMqq8Ihs4Tows7LqYwY7cp6y/50tw6pj8tFqMYcPUjKZV36l1 M/2t5BVg3i7IK61Aidt6aoC3TDJtzAxg3ZxfjZWJfhHjMJqzQIfbW5b9 q1mjFsW5EUv39RaNnX+3JWPRLyDqD4pIwDyqfutMsdk/Py3paHn82FGp CaOg+nicqZ9TiMZURN/XXy5JoXUNQ3RNvbHCUiPUe18KUkY6mTfnyHld 1l9YCWmzXQVClkx/hOYxjJ4j8Ife58+Obu5X')
93
 
 
94
 
example_ds_sha1 = dns.rdata.from_text(dns.rdataclass.IN, dns.rdatatype.DS,
95
 
                                      '18673 3 1 71b71d4f3e11bbd71b4eff12cde69f7f9215bbe7')
96
 
 
97
 
example_ds_sha256 = dns.rdata.from_text(dns.rdataclass.IN, dns.rdatatype.DS,
98
 
                                        '18673 3 2 eb8344cbbf07c9d3d3d6c81d10c76653e28d8611a65e639ef8f716e4e4e5d913')
99
 
 
100
 
class DNSSECValidatorTestCase(unittest.TestCase):
101
 
 
102
 
    def testAbsoluteRSAGood(self):
103
 
        dns.dnssec.validate(abs_soa, abs_soa_rrsig, abs_keys, None, when)
104
 
 
105
 
    def testDuplicateKeytag(self):
106
 
        dns.dnssec.validate(abs_soa, abs_soa_rrsig, abs_keys_duplicate_keytag, None, when)
107
 
 
108
 
    def testAbsoluteRSABad(self):
109
 
        def bad():
110
 
            dns.dnssec.validate(abs_other_soa, abs_soa_rrsig, abs_keys, None,
111
 
                                when)
112
 
        self.failUnlessRaises(dns.dnssec.ValidationFailure, bad)
113
 
 
114
 
    def testRelativeRSAGood(self):
115
 
        dns.dnssec.validate(rel_soa, rel_soa_rrsig, rel_keys,
116
 
                            abs_dnspython_org, when)
117
 
 
118
 
    def testRelativeRSABad(self):
119
 
        def bad():
120
 
            dns.dnssec.validate(rel_other_soa, rel_soa_rrsig, rel_keys,
121
 
                                abs_dnspython_org, when)
122
 
        self.failUnlessRaises(dns.dnssec.ValidationFailure, bad)
123
 
 
124
 
    def testMakeSHA256DS(self):
125
 
        ds = dns.dnssec.make_ds(abs_dnspython_org, sep_key, 'SHA256')
126
 
        self.failUnless(ds == good_ds)
127
 
 
128
 
    def testAbsoluteDSAGood(self):
129
 
        dns.dnssec.validate(abs_dsa_soa, abs_dsa_soa_rrsig, abs_dsa_keys, None,
130
 
                            when2)
131
 
 
132
 
    def testAbsoluteDSABad(self):
133
 
        def bad():
134
 
            dns.dnssec.validate(abs_other_dsa_soa, abs_dsa_soa_rrsig,
135
 
                                abs_dsa_keys, None, when2)
136
 
        self.failUnlessRaises(dns.dnssec.ValidationFailure, bad)
137
 
 
138
 
    def testMakeExampleSHA1DS(self):
139
 
        ds = dns.dnssec.make_ds(abs_example, example_sep_key, 'SHA1')
140
 
        self.failUnless(ds == example_ds_sha1)
141
 
 
142
 
    def testMakeExampleSHA256DS(self):
143
 
        ds = dns.dnssec.make_ds(abs_example, example_sep_key, 'SHA256')
144
 
        self.failUnless(ds == example_ds_sha256)
145
 
 
146
 
if __name__ == '__main__':
147
 
    import_ok = False
148
 
    try:
149
 
        import Crypto.Util.number
150
 
        import_ok = True
151
 
    except:
152
 
        pass
153
 
    if import_ok:
154
 
        unittest.main()
155
 
    else:
156
 
        print 'skipping DNSSEC tests because pycrypto is not installed'