Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / asn1crypto / 093f9867650d164db4de32981bd2cfc3098ea922 / . / tests / test_x509.py
blob: aebda27da844aa7fb3862120a73a38327bdef764 [file] [log] [blame]
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]1# coding: utf-8
wbond284814a2015-08-24 09:36:27 -0400[diff] [blame]2from __future__ import unicode_literals, division, absolute_import, print_function
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]3
4import unittest
5import sys
6import os
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]7from datetime import datetime
8
wbonde9142152015-07-30 09:05:19 -0400[diff] [blame]9from asn1crypto import x509, core, pem, util
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]10
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]11from .unittest_data import data_decorator, data
wbond9d65e682015-08-24 09:38:56 -0400[diff] [blame]12from ._unittest_compat import patch
13
14patch()
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]15
16if sys.version_info < (3,):
17 byte_cls = str
18else:
19 byte_cls = bytes
20
21
22tests_root = os.path.dirname(__file__)
23fixtures_dir = os.path.join(tests_root, 'fixtures')
24
25
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]26@data_decorator
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]27class X509Tests(unittest.TestCase):
28
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]29 def _load_cert(self, relative_path):
30 with open(os.path.join(fixtures_dir, relative_path), 'rb') as f:
31 cert_bytes = f.read()
32 if pem.detect(cert_bytes):
33 _, _, cert_bytes = pem.unarmor(cert_bytes)
34 return x509.Certificate.load(cert_bytes)
wbond8bb77d02015-07-13 17:44:29 -0400[diff] [blame]35
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]36 @staticmethod
wbondd4fc7ea2015-08-31 11:44:11 -0400[diff] [blame]37 def is_valid_domain_ip_info():
38 return (
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]39 (
40 'geotrust_certs/codex.crt',
41 'codexns.io',
42 True
43 ),
44 (
45 'geotrust_certs/codex.crt',
46 'dev.codexns.io',
47 True
48 ),
49 (
50 'geotrust_certs/codex.crt',
51 'rc.codexns.io',
52 True
53 ),
54 (
55 'geotrust_certs/codex.crt',
56 'foo.codexns.io',
57 False
58 ),
59 (
60 'geotrust_certs/codex.crt',
61 '1.2.3.4',
62 False
63 ),
64 (
65 'geotrust_certs/codex.crt',
66 '1::1',
67 False
68 ),
wbondd4fc7ea2015-08-31 11:44:11 -0400[diff] [blame]69 )
70
71 @data('is_valid_domain_ip_info')
72 def is_valid_domain_ip(self, cert, domain_ip, result):
73 cert = self._load_cert(cert)
74 self.assertEqual(result, cert.is_valid_domain_ip(domain_ip))
75
wbondd4fc7ea2015-08-31 11:44:11 -0400[diff] [blame]76 @staticmethod
wbondf4645722015-07-22 12:36:37 -0400[diff] [blame]77 def ip_address_info():
78 return (
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]79 (
80 '127.0.0.1',
81 b'\x04\x04\x7F\x00\x00\x01'
82 ),
83 (
84 '255.255.255.255',
85 b'\x04\x04\xFF\xFF\xFF\xFF'
86 ),
87 (
88 '127.0.0.1/28',
89 b'\x04\x08\x7F\x00\x00\x01\xFF\xFF\xFF\xF0'
90 ),
91 (
92 '255.255.255.255/0',
93 b'\x04\x08\xFF\xFF\xFF\xFF\x00\x00\x00\x00'
94 ),
95 (
96 'af::ed',
97 b'\x04\x10\x00\xAF\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xED'
98 ),
99 (
100 'af::ed/128',
101 b'\x04\x20\x00\xAF\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
102 b'\xED\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF'
103 ),
104 (
105 'af::ed/0',
106 b'\x04\x20\x00\xAF\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
107 b'\xED\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
108 ),
wbondf4645722015-07-22 12:36:37 -0400[diff] [blame]109 )
110
111 @data('ip_address_info')
112 def ip_address(self, unicode_string, der_bytes):
113 self.assertEqual(der_bytes, x509.IPAddress(unicode_string).dump())
114 self.assertEqual(unicode_string, x509.IPAddress.load(der_bytes).native)
115
wbondf4645722015-07-22 12:36:37 -0400[diff] [blame]116 @staticmethod
wbond35701c92015-08-07 13:45:21 -0400[diff] [blame]117 def compare_dnsname_info():
118 return (
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]119 (
120 'google.com',
121 'google.com',
122 True
123 ),
124 (
125 'google.com',
126 'Google.com',
127 True
128 ),
129 (
130 'Bücher.ch',
131 b'\x16\x10xn--bcher-kva.ch',
132 True
133 ),
134 (
135 'google.com',
136 b'\x16\x0AGoogle.com',
137 True
138 ),
139 (
140 'google.com',
141 b'\x16\x09Google.co',
142 False
143 ),
wbond35701c92015-08-07 13:45:21 -0400[diff] [blame]144 )
145
146 @data('compare_dnsname_info')
147 def compare_dnsname(self, domain_one, domain_two, equal):
148 one = x509.DNSName(domain_one)
149 if isinstance(domain_two, byte_cls):
150 two = x509.DNSName.load(domain_two)
151 else:
152 two = x509.DNSName(domain_two)
153 if equal:
154 self.assertEqual(one, two)
155 else:
156 self.assertNotEqual(one, two)
157
wbond35701c92015-08-07 13:45:21 -0400[diff] [blame]158 @staticmethod
159 def compare_uri_info():
160 return (
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]161 (
162 'http://google.com',
163 'http://google.com',
164 True
165 ),
166 (
167 'http://google.com/',
168 'http://Google.com',
169 True
170 ),
171 (
172 'http://google.com:80',
173 'http://google.com',
174 True
175 ),
176 (
177 'https://google.com',
178 'https://google.com:443/',
179 True
180 ),
181 (
182 'http://google.com/%41%42%43',
183 'http://google.com/ABC',
184 True
185 ),
186 (
187 'http://google.com/%41%42%43',
188 'http://google.com/abc',
189 False
190 ),
191 (
192 'http://google.com/%41%42%43/',
193 'http://google.com/ABC%2F',
194 False
195 ),
wbond35701c92015-08-07 13:45:21 -0400[diff] [blame]196 )
197
198 @data('compare_uri_info')
199 def compare_uri(self, uri_one, uri_two, equal):
200 one = x509.URI(uri_one)
201 if isinstance(uri_two, byte_cls):
202 two = x509.URI.load(uri_two)
203 else:
204 two = x509.URI(uri_two)
205 if equal:
206 self.assertEqual(one, two)
207 else:
208 self.assertNotEqual(one, two)
209
wbond35701c92015-08-07 13:45:21 -0400[diff] [blame]210 @staticmethod
211 def compare_email_address_info():
212 return (
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]213 (
214 'john@google.com',
215 'john@google.com',
216 True
217 ),
218 (
219 'john@google.com',
220 'john@Google.com',
221 True
222 ),
223 (
224 'john@google.com',
225 'John@google.com',
226 False
227 ),
228 (
229 'john@Bücher.ch',
230 b'\x16\x15john@xn--bcher-kva.ch',
231 True
232 ),
233 (
234 'John@Bücher.ch',
235 b'\x16\x15john@xn--bcher-kva.ch',
236 False
237 ),
238 (
239 'john@google.com',
240 b'\x16\x0Fjohn@Google.com',
241 True
242 ),
243 (
244 'john@google.com',
245 b'\x16\x0FJohn@google.com',
246 False
247 ),
248 (
249 'john@google.com',
250 b'\x16\x0Ejohn@Google.co',
251 False
252 ),
wbond35701c92015-08-07 13:45:21 -0400[diff] [blame]253 )
254
255 @data('compare_email_address_info')
256 def compare_email_address(self, email_one, email_two, equal):
257 one = x509.EmailAddress(email_one)
258 if isinstance(email_two, byte_cls):
259 two = x509.EmailAddress.load(email_two)
260 else:
261 two = x509.EmailAddress(email_two)
262 if equal:
263 self.assertEqual(one, two)
264 else:
265 self.assertNotEqual(one, two)
266
wbond35701c92015-08-07 13:45:21 -0400[diff] [blame]267 @staticmethod
268 def compare_ip_address_info():
269 return (
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]270 (
271 '127.0.0.1',
272 '127.0.0.1',
273 True
274 ),
275 (
276 '127.0.0.1',
277 '127.0.0.2',
278 False
279 ),
280 (
281 '127.0.0.1',
282 '127.0.0.1/32',
283 False
284 ),
285 (
286 '127.0.0.1/32',
287 b'\x04\x08\x7F\x00\x00\x01\xFF\xFF\xFF\xFF',
288 True
289 ),
290 (
291 '127.0.0.1',
292 b'\x04\x08\x7F\x00\x00\x01\xFF\xFF\xFF\xFF',
293 False
294 ),
wbond35701c92015-08-07 13:45:21 -0400[diff] [blame]295 )
296
297 @data('compare_ip_address_info')
298 def compare_ip_address(self, email_one, email_two, equal):
299 one = x509.IPAddress(email_one)
300 if isinstance(email_two, byte_cls):
301 two = x509.IPAddress.load(email_two)
302 else:
303 two = x509.IPAddress(email_two)
304 if equal:
305 self.assertEqual(one, two)
306 else:
307 self.assertNotEqual(one, two)
308
wbond35701c92015-08-07 13:45:21 -0400[diff] [blame]309 @staticmethod
wbondfd65d602015-07-23 07:16:44 -0400[diff] [blame]310 def compare_name_info():
311 return (
312 (
313 True,
314 x509.Name.build({
315 'common_name': 'Will Bond'
316 }),
317 x509.Name.build({
318 'common_name': 'will bond'
319 })
320 ),
321 (
322 True,
323 x509.Name.build({
324 'common_name': 'Will Bond'
325 }),
326 x509.Name.build({
327 'common_name': 'will\tbond'
328 })
329 ),
330 (
wbond3ce3aec2015-07-27 10:23:19 -0400[diff] [blame]331 True,
332 x509.Name.build({
333 'common_name': 'Will Bond'
334 }),
335 x509.Name.build({
336 'common_name': 'Will Bond \U0001D173\U000E007F'
337 })
338 ),
339 (
wbondfd65d602015-07-23 07:16:44 -0400[diff] [blame]340 False,
341 x509.Name.build({
342 'country_name': 'US',
343 'common_name': 'Will Bond'
344 }),
345 x509.Name.build({
346 'country_name': 'US',
347 'state_or_province_name': 'Massachusetts',
348 'common_name': 'Will Bond'
349 })
350 ),
351 )
352
353 @data('compare_name_info')
354 def compare_name(self, are_equal, general_name_1, general_name_2):
355 if are_equal:
356 self.assertEqual(general_name_1, general_name_2)
357 else:
358 self.assertNotEqual(general_name_1, general_name_2)
359
wbondfd65d602015-07-23 07:16:44 -0400[diff] [blame]360 @staticmethod
wbond1cfca232015-07-20 08:51:58 -0400[diff] [blame]361 def signature_algo_info():
362 return (
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]363 (
364 'keys/test-der.crt',
365 'rsassa_pkcs1v15',
366 'sha256'
367 ),
368 (
369 'keys/test-inter-der.crt',
370 'rsassa_pkcs1v15',
371 'sha256'
372 ),
373 (
374 'keys/test-dsa-der.crt',
375 'dsa',
376 'sha256'
377 ),
378 (
379 'keys/test-third-der.crt',
380 'rsassa_pkcs1v15',
381 'sha256'
382 ),
383 (
384 'keys/test-ec-der.crt',
385 'ecdsa',
386 'sha256'
387 ),
wbond1cfca232015-07-20 08:51:58 -0400[diff] [blame]388 )
389
390 @data('signature_algo_info')
391 def signature_algo(self, relative_path, signature_algo, hash_algo):
392 cert = self._load_cert(relative_path)
393 self.assertEqual(signature_algo, cert['signature_algorithm'].signature_algo)
394 self.assertEqual(hash_algo, cert['signature_algorithm'].hash_algo)
395
wbond1cfca232015-07-20 08:51:58 -0400[diff] [blame]396 @staticmethod
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]397 def critical_extensions_info():
398 return (
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]399 (
400 'keys/test-der.crt',
401 set()
402 ),
403 (
404 'keys/test-inter-der.crt',
405 set()
406 ),
407 (
408 'keys/test-third-der.crt',
409 set()
410 ),
411 (
412 'geotrust_certs/GeoTrust_Universal_CA.crt',
413 set(['basic_constraints', 'key_usage'])
414 ),
415 (
416 'geotrust_certs/GeoTrust_Primary_CA.crt',
417 set(['basic_constraints', 'key_usage'])
418 ),
419 (
420 'geotrust_certs/GeoTrust_EV_SSL_CA_-_G4.crt',
421 set(['basic_constraints', 'key_usage'])
422 ),
423 (
424 'geotrust_certs/codex.crt',
425 set(['key_usage'])
426 ),
427 (
428 'lets_encrypt/isrgrootx1.pem',
429 set(['key_usage', 'basic_constraints'])
430 ),
431 (
432 'lets_encrypt/letsencryptauthorityx1.pem',
433 set(['key_usage', 'basic_constraints'])
434 ),
435 (
436 'lets_encrypt/letsencryptauthorityx2.pem',
437 set(['key_usage', 'basic_constraints'])
438 ),
439 (
440 'globalsign_example_keys/IssuingCA-der.cer',
441 set(['basic_constraints', 'key_usage'])
442 ),
443 (
444 'globalsign_example_keys/rootCA.cer',
445 set(['basic_constraints', 'key_usage'])
446 ),
447 (
448 'globalsign_example_keys/SSL1.cer',
449 set(['key_usage', 'extended_key_usage', 'basic_constraints'])
450 ),
451 (
452 'globalsign_example_keys/SSL2.cer',
453 set(['key_usage', 'extended_key_usage', 'basic_constraints'])
454 ),
455 (
456 'globalsign_example_keys/SSL3.cer',
457 set(['key_usage', 'extended_key_usage', 'basic_constraints'])
458 ),
wbond8bb77d02015-07-13 17:44:29 -0400[diff] [blame]459 )
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]460
461 @data('critical_extensions_info')
462 def critical_extensions(self, relative_path, critical_extensions):
463 cert = self._load_cert(relative_path)
464 self.assertEqual(critical_extensions, cert.critical_extensions)
465
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]466 @staticmethod
467 def key_identifier_value_info():
468 return (
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]469 (
470 'keys/test-der.crt',
471 b'\xbeB\x85=\xcc\xff\xe3\xf9(\x02\x8f~XV\xb4\xfd\x03\\\xeaK'
472 ),
473 (
474 'keys/test-inter-der.crt',
475 b'\xd2\n\xfd.%\xd1\xb7!\xd7P~\xbb\xa4}\xbf4\xefR^\x02'
476 ),
477 (
478 'keys/test-third-der.crt',
479 b'D8\xe0\xe0&\x85\xbf\x98\x86\xdc\x1b\xe1\x1d\xf520\xbe\xab\xac\r'
480 ),
481 (
482 'geotrust_certs/GeoTrust_Universal_CA.crt',
483 b'\xda\xbb.\xaa\xb0\x0c\xb8\x88&Qt\\m\x03\xd3\xc0\xd8\x8fz\xd6'
484 ),
485 (
486 'geotrust_certs/GeoTrust_Primary_CA.crt',
487 b',\xd5PA\x97\x15\x8b\xf0\x8f6a[J\xfbk\xd9\x99\xc93\x92'
488 ),
489 (
490 'geotrust_certs/GeoTrust_EV_SSL_CA_-_G4.crt',
491 b'\xde\xcf\\P\xb7\xae\x02\x1f\x15\x17\xaa\x16\xe8\r\xb5(\x9djZ\xf3'
492 ),
493 (
494 'geotrust_certs/codex.crt',
495 None
496 ),
497 (
498 'lets_encrypt/isrgrootx1.pem',
499 b'y\xb4Y\xe6{\xb6\xe5\xe4\x01s\x80\x08\x88\xc8\x1aX\xf6\xe9\x9bn'
500 ),
501 (
502 'lets_encrypt/letsencryptauthorityx1.pem',
503 b'\xa8Jjc\x04}\xdd\xba\xe6\xd19\xb7\xa6Ee\xef\xf3\xa8\xec\xa1'
504 ),
505 (
506 'lets_encrypt/letsencryptauthorityx2.pem',
507 b'\xc5\xb1\xabNL\xb1\xcdd0\x93~\xc1\x84\x99\x05\xab\xe6\x03\xe2%'
508 ),
509 (
510 'globalsign_example_keys/IssuingCA-der.cer',
511 b"'\xf8/\xe9]\xd7\r\xf4\xa8\xea\x87\x99=\xfd\x8e\xb3\x9e@\xd0\x91"
512 ),
513 (
514 'globalsign_example_keys/rootCA.cer',
515 b'd|\\\xe1\xe0`8NH\x9f\x05\xbcUc~?\xaeM\xf7\x1e'
516 ),
517 (
518 'globalsign_example_keys/SSL1.cer',
519 b'\x94a\x04\x92\x04L\xe6\xffh\xa8\x96\xafy\xd2\xf32\x84\xae[\xcf'
520 ),
521 (
522 'globalsign_example_keys/SSL2.cer',
523 b'\xd2\xb7\x15\x7fd0\x07(p\x83\xca(\xfa\x88\x96\xde\x9e\xfc\x8a='
524 ),
525 (
526 'globalsign_example_keys/SSL3.cer',
527 b'G\xde\xa4\xe7\xea`\xe7\xee6\xc8\xf1\xd5\xb0F\x07\x07\x9eBh\xce'
528 ),
wbond8bb77d02015-07-13 17:44:29 -0400[diff] [blame]529 )
wbond8bb77d02015-07-13 17:44:29 -0400[diff] [blame]530
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]531 @data('key_identifier_value_info')
532 def key_identifier_value(self, relative_path, key_identifier_value):
533 cert = self._load_cert(relative_path)
534 value = cert.key_identifier_value
535 self.assertEqual(key_identifier_value, value.native if value else None)
wbond8bb77d02015-07-13 17:44:29 -0400[diff] [blame]536
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]537 @staticmethod
538 def key_usage_value_info():
539 return (
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]540 (
541 'keys/test-der.crt',
542 None
543 ),
544 (
545 'keys/test-inter-der.crt',
546 None
547 ),
548 (
549 'keys/test-third-der.crt',
550 None
551 ),
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]552 (
553 'geotrust_certs/GeoTrust_Universal_CA.crt',
wbond407e9e32015-08-24 09:35:28 -0400[diff] [blame]554 set(['digital_signature', 'key_cert_sign', 'crl_sign'])
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]555 ),
556 (
557 'geotrust_certs/GeoTrust_Primary_CA.crt',
wbond407e9e32015-08-24 09:35:28 -0400[diff] [blame]558 set(['key_cert_sign', 'crl_sign'])
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]559 ),
560 (
561 'geotrust_certs/GeoTrust_EV_SSL_CA_-_G4.crt',
wbond407e9e32015-08-24 09:35:28 -0400[diff] [blame]562 set(['key_cert_sign', 'crl_sign'])
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]563 ),
564 (
565 'geotrust_certs/codex.crt',
wbond407e9e32015-08-24 09:35:28 -0400[diff] [blame]566 set(['digital_signature', 'key_encipherment'])
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]567 ),
568 (
569 'lets_encrypt/isrgrootx1.pem',
wbond407e9e32015-08-24 09:35:28 -0400[diff] [blame]570 set(['key_cert_sign', 'crl_sign'])
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]571 ),
572 (
573 'lets_encrypt/letsencryptauthorityx1.pem',
wbond407e9e32015-08-24 09:35:28 -0400[diff] [blame]574 set(['digital_signature', 'key_cert_sign', 'crl_sign'])
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]575 ),
576 (
577 'lets_encrypt/letsencryptauthorityx2.pem',
wbond407e9e32015-08-24 09:35:28 -0400[diff] [blame]578 set(['digital_signature', 'key_cert_sign', 'crl_sign'])
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]579 ),
580 (
581 'globalsign_example_keys/IssuingCA-der.cer',
wbond407e9e32015-08-24 09:35:28 -0400[diff] [blame]582 set(['key_cert_sign', 'crl_sign'])
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]583 ),
584 (
585 'globalsign_example_keys/rootCA.cer',
wbond407e9e32015-08-24 09:35:28 -0400[diff] [blame]586 set(['key_cert_sign', 'crl_sign'])
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]587 ),
588 (
589 'globalsign_example_keys/SSL1.cer',
wbond407e9e32015-08-24 09:35:28 -0400[diff] [blame]590 set(['digital_signature', 'key_encipherment'])
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]591 ),
592 (
593 'globalsign_example_keys/SSL2.cer',
wbond407e9e32015-08-24 09:35:28 -0400[diff] [blame]594 set(['digital_signature', 'key_encipherment'])
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]595 ),
596 (
597 'globalsign_example_keys/SSL3.cer',
wbond407e9e32015-08-24 09:35:28 -0400[diff] [blame]598 set(['digital_signature', 'key_encipherment'])
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]599 ),
600 )
601
602 @data('key_usage_value_info')
603 def key_usage_value(self, relative_path, key_usage_value):
604 cert = self._load_cert(relative_path)
605 value = cert.key_usage_value
606 self.assertEqual(key_usage_value, value.native if value else None)
607
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]608 @staticmethod
609 def subject_alt_name_value_info():
610 return (
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]611 (
612 'keys/test-der.crt',
613 None
614 ),
615 (
616 'keys/test-inter-der.crt',
617 None
618 ),
619 (
620 'keys/test-third-der.crt',
621 None
622 ),
623 (
624 'geotrust_certs/GeoTrust_Universal_CA.crt',
625 None
626 ),
627 (
628 'geotrust_certs/GeoTrust_Primary_CA.crt',
629 None
630 ),
631 (
632 'geotrust_certs/GeoTrust_EV_SSL_CA_-_G4.crt',
633 [
634 util.OrderedDict([
635 ('common_name', 'SymantecPKI-1-538')
636 ])
637 ]
638 ),
639 (
640 'geotrust_certs/codex.crt',
641 ['dev.codexns.io', 'rc.codexns.io', 'packagecontrol.io', 'wbond.net', 'codexns.io']
642 ),
643 (
644 'lets_encrypt/isrgrootx1.pem',
645 None
646 ),
647 (
648 'lets_encrypt/letsencryptauthorityx1.pem',
649 None
650 ),
651 (
652 'lets_encrypt/letsencryptauthorityx2.pem',
653 None
654 ),
655 (
656 'globalsign_example_keys/IssuingCA-der.cer',
657 None
658 ),
659 (
660 'globalsign_example_keys/rootCA.cer',
661 None
662 ),
663 (
664 'globalsign_example_keys/SSL1.cer',
665 ['anything.example.com']
666 ),
667 (
668 'globalsign_example_keys/SSL2.cer',
669 ['anything.example.com']
670 ),
671 (
672 'globalsign_example_keys/SSL3.cer',
673 None
674 ),
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]675 )
676
677 @data('subject_alt_name_value_info')
678 def subject_alt_name_value(self, relative_path, subject_alt_name_value):
679 cert = self._load_cert(relative_path)
680 value = cert.subject_alt_name_value
681 self.assertEqual(subject_alt_name_value, value.native if value else None)
682
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]683 @staticmethod
684 def basic_constraints_value_info():
685 return (
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]686 (
687 'keys/test-der.crt',
688 {'ca': True, 'path_len_constraint': None}
689 ),
690 (
691 'keys/test-inter-der.crt',
692 {'ca': True, 'path_len_constraint': None}
693 ),
694 (
695 'keys/test-third-der.crt',
696 None
697 ),
698 (
699 'geotrust_certs/GeoTrust_Universal_CA.crt',
700 {'ca': True, 'path_len_constraint': None}
701 ),
702 (
703 'geotrust_certs/GeoTrust_Primary_CA.crt',
704 {'ca': True, 'path_len_constraint': None}
705 ),
706 (
707 'geotrust_certs/GeoTrust_EV_SSL_CA_-_G4.crt',
708 {'ca': True, 'path_len_constraint': 0}
709 ),
710 (
711 'geotrust_certs/codex.crt',
712 {'ca': False, 'path_len_constraint': None}
713 ),
714 (
715 'lets_encrypt/isrgrootx1.pem',
716 {'ca': True, 'path_len_constraint': None}
717 ),
718 (
719 'lets_encrypt/letsencryptauthorityx1.pem',
720 {'ca': True, 'path_len_constraint': 0}
721 ),
722 (
723 'lets_encrypt/letsencryptauthorityx2.pem',
724 {'ca': True, 'path_len_constraint': 0}
725 ),
726 (
727 'globalsign_example_keys/IssuingCA-der.cer',
728 {'ca': True, 'path_len_constraint': None}
729 ),
730 (
731 'globalsign_example_keys/rootCA.cer',
732 {'ca': True, 'path_len_constraint': None}
733 ),
734 (
735 'globalsign_example_keys/SSL1.cer',
736 {'ca': False, 'path_len_constraint': None}
737 ),
738 (
739 'globalsign_example_keys/SSL2.cer',
740 {'ca': False, 'path_len_constraint': None}
741 ),
742 (
743 'globalsign_example_keys/SSL3.cer',
744 {'ca': False, 'path_len_constraint': None}
745 ),
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]746 )
747
748 @data('basic_constraints_value_info')
749 def basic_constraints_value(self, relative_path, basic_constraints_value):
750 cert = self._load_cert(relative_path)
751 value = cert.basic_constraints_value
752 self.assertEqual(basic_constraints_value, value.native if value else None)
753
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]754 @staticmethod
755 def name_constraints_value_info():
756 return (
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]757 (
758 'keys/test-der.crt',
759 None
760 ),
761 (
762 'keys/test-inter-der.crt',
763 None
764 ),
765 (
766 'keys/test-third-der.crt',
767 None
768 ),
769 (
770 'geotrust_certs/GeoTrust_Universal_CA.crt',
771 None
772 ),
773 (
774 'geotrust_certs/GeoTrust_Primary_CA.crt',
775 None
776 ),
777 (
778 'geotrust_certs/GeoTrust_EV_SSL_CA_-_G4.crt',
779 None
780 ),
781 (
782 'geotrust_certs/codex.crt',
783 None
784 ),
785 (
786 'lets_encrypt/isrgrootx1.pem',
787 None
788 ),
789 (
790 'lets_encrypt/letsencryptauthorityx1.pem',
791 None
792 ),
793 (
794 'lets_encrypt/letsencryptauthorityx2.pem',
795 None
796 ),
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]797 (
798 'globalsign_example_keys/IssuingCA-der.cer',
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]799 util.OrderedDict([
wbond8bb77d02015-07-13 17:44:29 -0400[diff] [blame]800 (
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]801 'permitted_subtrees',
wbond8bb77d02015-07-13 17:44:29 -0400[diff] [blame]802 [
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]803 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]804 ('base', 'onlythis.com'),
805 ('minimum', 0),
806 ('maximum', None)
807 ]),
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]808 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]809 (
810 'base',
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]811 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]812 ('country_name', 'US'),
813 ('state_or_province_name', 'MA'),
814 ('locality_name', 'Boston'),
815 ('organization_name', 'Example LLC')
816 ])
817 ),
818 ('minimum', 0),
819 ('maximum', None)
wbond8bb77d02015-07-13 17:44:29 -0400[diff] [blame]820 ])
821 ]
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]822 ),
823 (
824 'excluded_subtrees',
825 [
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]826 util.OrderedDict([
wbondf4645722015-07-22 12:36:37 -0400[diff] [blame]827 ('base', '0.0.0.0/0'),
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]828 ('minimum', 0),
829 ('maximum', None)
830 ]),
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]831 util.OrderedDict([
wbondf4645722015-07-22 12:36:37 -0400[diff] [blame]832 ('base', '::/0'),
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]833 ('minimum', 0),
834 ('maximum', None)
835 ])
836 ]
837 ),
wbond8bb77d02015-07-13 17:44:29 -0400[diff] [blame]838 ])
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]839 ),
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]840 (
841 'globalsign_example_keys/rootCA.cer',
842 None
843 ),
844 (
845 'globalsign_example_keys/SSL1.cer',
846 None
847 ),
848 (
849 'globalsign_example_keys/SSL2.cer',
850 None
851 ),
852 (
853 'globalsign_example_keys/SSL3.cer',
854 None
855 ),
wbond8bb77d02015-07-13 17:44:29 -0400[diff] [blame]856 )
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]857
858 @data('name_constraints_value_info')
859 def name_constraints_value(self, relative_path, name_constraints_value):
860 cert = self._load_cert(relative_path)
861 value = cert.name_constraints_value
862 self.assertEqual(name_constraints_value, value.native if value else None)
863
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]864 @staticmethod
865 def crl_distribution_points_value_info():
866 return (
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]867 (
868 'keys/test-der.crt',
869 None
870 ),
871 (
872 'keys/test-inter-der.crt',
873 None
874 ),
875 (
876 'keys/test-third-der.crt',
877 None
878 ),
879 (
880 'geotrust_certs/GeoTrust_Universal_CA.crt',
881 None
882 ),
883 (
884 'geotrust_certs/GeoTrust_Primary_CA.crt',
885 None
886 ),
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]887 (
888 'geotrust_certs/GeoTrust_EV_SSL_CA_-_G4.crt',
889 [
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]890 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]891 ('distribution_point', ['http://g1.symcb.com/GeoTrustPCA.crl']),
892 ('reasons', None),
893 ('crl_issuer', None)
894 ])
895 ]
896 ),
897 (
898 'geotrust_certs/codex.crt',
899 [
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]900 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]901 ('distribution_point', ['http://gm.symcb.com/gm.crl']),
902 ('reasons', None),
903 ('crl_issuer', None)
904 ])
905 ]
906 ),
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]907 (
908 'lets_encrypt/isrgrootx1.pem',
909 None
910 ),
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]911 (
912 'lets_encrypt/letsencryptauthorityx1.pem',
913 [
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]914 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]915 ('distribution_point', ['http://crl.root-x1.letsencrypt.org']),
916 ('reasons', None),
917 ('crl_issuer', None)
918 ])
919 ]
920 ),
921 (
922 'lets_encrypt/letsencryptauthorityx2.pem',
923 [
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]924 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]925 ('distribution_point', ['http://crl.root-x1.letsencrypt.org']),
926 ('reasons', None),
927 ('crl_issuer', None)
928 ])
929 ]
930 ),
931 (
932 'globalsign_example_keys/IssuingCA-der.cer',
933 [
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]934 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]935 ('distribution_point', ['http://crl.globalsign.com/gs/trustrootcatg2.crl']),
936 ('reasons', None),
937 ('crl_issuer', None)
938 ])
939 ]),
940 (
941 'globalsign_example_keys/rootCA.cer',
942 [
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]943 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]944 ('distribution_point', ['http://crl.globalsign.com/gs/trustrootcatg2.crl']),
945 ('reasons', None),
946 ('crl_issuer', None)
947 ])
948 ]),
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]949 (
950 'globalsign_example_keys/SSL1.cer',
951 None
952 ),
953 (
954 'globalsign_example_keys/SSL2.cer',
955 None
956 ),
957 (
958 'globalsign_example_keys/SSL3.cer',
959 None
960 ),
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]961 )
962
963 @data('crl_distribution_points_value_info')
964 def crl_distribution_points_value(self, relative_path, crl_distribution_points_value):
965 cert = self._load_cert(relative_path)
966 value = cert.crl_distribution_points_value
967 self.assertEqual(crl_distribution_points_value, value.native if value else None)
968
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]969 @staticmethod
970 def certificate_policies_value_info():
971 return (
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]972 (
973 'keys/test-der.crt',
974 None
975 ),
976 (
977 'keys/test-inter-der.crt',
978 None
979 ),
980 (
981 'keys/test-third-der.crt',
982 None
983 ),
984 (
985 'geotrust_certs/GeoTrust_Universal_CA.crt',
986 None
987 ),
988 (
989 'geotrust_certs/GeoTrust_Primary_CA.crt',
990 None
991 ),
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]992 (
993 'geotrust_certs/GeoTrust_EV_SSL_CA_-_G4.crt',
994 [
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]995 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]996 ('policy_identifier', 'any_policy'),
997 (
998 'policy_qualifiers',
999 [
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]1000 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1001 ('policy_qualifier_id', 'certification_practice_statement'),
1002 ('qualifier', 'https://www.geotrust.com/resources/cps')
1003 ])
1004 ]
1005 )
1006 ])
1007 ]
1008 ),
1009 (
1010 'geotrust_certs/codex.crt',
1011 [
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]1012 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1013 ('policy_identifier', '1.3.6.1.4.1.14370.1.6'),
1014 (
1015 'policy_qualifiers',
1016 [
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]1017 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1018 ('policy_qualifier_id', 'certification_practice_statement'),
1019 ('qualifier', 'https://www.geotrust.com/resources/repository/legal')
1020 ]),
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]1021 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1022 ('policy_qualifier_id', 'user_notice'),
1023 (
1024 'qualifier',
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]1025 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1026 ('notice_ref', None),
1027 ('explicit_text', 'https://www.geotrust.com/resources/repository/legal')
1028 ])
1029 )
1030 ])
1031 ]
1032 )
1033 ])
1034 ]
1035 ),
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]1036 (
1037 'lets_encrypt/isrgrootx1.pem',
1038 None
1039 ),
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1040 (
1041 'lets_encrypt/letsencryptauthorityx1.pem',
1042 [
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]1043 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1044 ('policy_identifier', '2.23.140.1.2.1'),
1045 ('policy_qualifiers', None)
1046 ]),
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]1047 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1048 ('policy_identifier', '1.3.6.1.4.1.44947.1.1.1'),
1049 (
1050 'policy_qualifiers',
1051 [
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]1052 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1053 ('policy_qualifier_id', 'certification_practice_statement'),
1054 ('qualifier', 'http://cps.root-x1.letsencrypt.org')
1055 ])
1056 ]
1057 )
1058 ])
1059 ]
1060 ),
1061 (
1062 'lets_encrypt/letsencryptauthorityx2.pem',
1063 [
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]1064 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1065 ('policy_identifier', '2.23.140.1.2.1'),
1066 ('policy_qualifiers', None)
1067 ]),
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]1068 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1069 ('policy_identifier', '1.3.6.1.4.1.44947.1.1.1'),
1070 (
1071 'policy_qualifiers',
1072 [
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]1073 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1074 ('policy_qualifier_id', 'certification_practice_statement'),
1075 ('qualifier', 'http://cps.root-x1.letsencrypt.org')
1076 ])
1077 ]
1078 )
1079 ])
1080 ]
1081 ),
1082 (
1083 'globalsign_example_keys/IssuingCA-der.cer',
1084 [
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]1085 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1086 ('policy_identifier', '1.3.6.1.4.1.4146.1.60'),
1087 (
1088 'policy_qualifiers',
1089 [
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]1090 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1091 ('policy_qualifier_id', 'certification_practice_statement'),
1092 ('qualifier', 'https://www.globalsign.com/repository/')
1093 ])
1094 ]
1095 )
1096 ])
1097 ]
1098 ),
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]1099 (
1100 'globalsign_example_keys/rootCA.cer',
1101 None
1102 ),
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1103 (
1104 'globalsign_example_keys/SSL1.cer',
1105 [
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]1106 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1107 ('policy_identifier', '1.3.6.1.4.1.4146.1.60'),
1108 (
1109 'policy_qualifiers',
1110 [
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]1111 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1112 ('policy_qualifier_id', 'certification_practice_statement'),
1113 ('qualifier', 'https://www.globalsign.com/repository/')
1114 ])
1115 ]
1116 )
1117 ])
1118 ]
1119 ),
1120 (
1121 'globalsign_example_keys/SSL2.cer',
1122 [
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]1123 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1124 ('policy_identifier', '1.3.6.1.4.1.4146.1.60'),
1125 (
1126 'policy_qualifiers',
1127 [
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]1128 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1129 ('policy_qualifier_id', 'certification_practice_statement'),
1130 ('qualifier', 'https://www.globalsign.com/repository/')
1131 ])
1132 ]
1133 )
1134 ])
1135 ]
1136 ),
1137 (
1138 'globalsign_example_keys/SSL3.cer',
1139 [
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]1140 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1141 ('policy_identifier', '1.3.6.1.4.1.4146.1.60'),
1142 (
1143 'policy_qualifiers',
1144 [
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]1145 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1146 ('policy_qualifier_id', 'certification_practice_statement'),
1147 ('qualifier', 'https://www.globalsign.com/repository/')
1148 ])
1149 ]
1150 )
1151 ])
1152 ]
1153 ),
1154 )
1155
1156 @data('certificate_policies_value_info')
1157 def certificate_policies_value(self, relative_path, certificate_policies_value):
1158 cert = self._load_cert(relative_path)
1159 value = cert.certificate_policies_value
1160 self.assertEqual(certificate_policies_value, value.native if value else None)
1161
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1162 @staticmethod
1163 def policy_mappings_value_info():
1164 return (
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]1165 (
1166 'keys/test-der.crt',
1167 None
1168 ),
1169 (
1170 'keys/test-inter-der.crt',
1171 None
1172 ),
1173 (
1174 'keys/test-third-der.crt',
1175 None
1176 ),
1177 (
1178 'geotrust_certs/GeoTrust_Universal_CA.crt',
1179 None
1180 ),
1181 (
1182 'geotrust_certs/GeoTrust_Primary_CA.crt',
1183 None
1184 ),
1185 (
1186 'geotrust_certs/GeoTrust_EV_SSL_CA_-_G4.crt',
1187 None
1188 ),
1189 (
1190 'geotrust_certs/codex.crt',
1191 None
1192 ),
1193 (
1194 'lets_encrypt/isrgrootx1.pem',
1195 None
1196 ),
1197 (
1198 'lets_encrypt/letsencryptauthorityx1.pem',
1199 None
1200 ),
1201 (
1202 'lets_encrypt/letsencryptauthorityx2.pem',
1203 None
1204 ),
1205 (
1206 'globalsign_example_keys/IssuingCA-der.cer',
1207 None
1208 ),
1209 (
1210 'globalsign_example_keys/rootCA.cer',
1211 None
1212 ),
1213 (
1214 'globalsign_example_keys/SSL1.cer',
1215 None
1216 ),
1217 (
1218 'globalsign_example_keys/SSL2.cer',
1219 None
1220 ),
1221 (
1222 'globalsign_example_keys/SSL3.cer',
1223 None
1224 ),
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1225 )
1226
1227 @data('policy_mappings_value_info')
1228 def policy_mappings_value(self, relative_path, policy_mappings_value):
1229 cert = self._load_cert(relative_path)
1230 value = cert.policy_mappings_value
1231 self.assertEqual(policy_mappings_value, value.native if value else None)
1232
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1233 @staticmethod
1234 def authority_key_identifier_value_info():
1235 return (
1236 (
1237 'keys/test-der.crt',
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]1238 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1239 ('key_identifier', b'\xbeB\x85=\xcc\xff\xe3\xf9(\x02\x8f~XV\xb4\xfd\x03\\\xeaK'),
1240 (
1241 'authority_cert_issuer',
1242 [
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]1243 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1244 ('country_name', 'US'),
1245 ('state_or_province_name', 'Massachusetts'),
1246 ('locality_name', 'Newbury'),
1247 ('organization_name', 'Codex Non Sufficit LC'),
1248 ('organizational_unit_name', 'Testing'),
1249 ('common_name', 'Will Bond'),
1250 ('email_address', 'will@codexns.io')
1251 ])
1252 ]
1253 ),
1254 ('authority_cert_serial_number', 13683582341504654466)
wbond08c60fa2015-07-13 23:02:13 -0400[diff] [blame]1255 ])
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1256 ),
1257 (
1258 'keys/test-inter-der.crt',
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]1259 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1260 ('key_identifier', b'\xbeB\x85=\xcc\xff\xe3\xf9(\x02\x8f~XV\xb4\xfd\x03\\\xeaK'),
1261 ('authority_cert_issuer', None),
1262 ('authority_cert_serial_number', None)
1263 ])
1264 ),
1265 (
1266 'keys/test-third-der.crt',
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]1267 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1268 ('key_identifier', b'\xd2\n\xfd.%\xd1\xb7!\xd7P~\xbb\xa4}\xbf4\xefR^\x02'),
1269 ('authority_cert_issuer', None),
1270 ('authority_cert_serial_number', None)
1271 ])
1272 ),
1273 (
1274 'geotrust_certs/GeoTrust_Universal_CA.crt',
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]1275 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1276 ('key_identifier', b'\xda\xbb.\xaa\xb0\x0c\xb8\x88&Qt\\m\x03\xd3\xc0\xd8\x8fz\xd6'),
1277 ('authority_cert_issuer', None),
1278 ('authority_cert_serial_number', None)
1279 ])
1280 ),
1281 (
1282 'geotrust_certs/GeoTrust_Primary_CA.crt',
1283 None
1284 ),
1285 (
1286 'geotrust_certs/GeoTrust_EV_SSL_CA_-_G4.crt',
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]1287 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1288 ('key_identifier', b',\xd5PA\x97\x15\x8b\xf0\x8f6a[J\xfbk\xd9\x99\xc93\x92'),
1289 ('authority_cert_issuer', None),
1290 ('authority_cert_serial_number', None)
1291 ])
1292 ),
1293 (
1294 'geotrust_certs/codex.crt',
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]1295 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1296 ('key_identifier', b'\xde\xcf\\P\xb7\xae\x02\x1f\x15\x17\xaa\x16\xe8\r\xb5(\x9djZ\xf3'),
1297 ('authority_cert_issuer', None),
1298 ('authority_cert_serial_number', None)
1299 ])
1300 ),
1301 (
1302 'lets_encrypt/isrgrootx1.pem',
1303 None
1304 ),
1305 (
1306 'lets_encrypt/letsencryptauthorityx1.pem',
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]1307 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1308 ('key_identifier', b'y\xb4Y\xe6{\xb6\xe5\xe4\x01s\x80\x08\x88\xc8\x1aX\xf6\xe9\x9bn'),
1309 ('authority_cert_issuer', None),
1310 ('authority_cert_serial_number', None)
1311 ])
1312 ),
1313 (
1314 'lets_encrypt/letsencryptauthorityx2.pem',
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]1315 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1316 ('key_identifier', b'y\xb4Y\xe6{\xb6\xe5\xe4\x01s\x80\x08\x88\xc8\x1aX\xf6\xe9\x9bn'),
1317 ('authority_cert_issuer', None),
1318 ('authority_cert_serial_number', None)
1319 ])
1320 ),
1321 (
1322 'globalsign_example_keys/IssuingCA-der.cer',
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]1323 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1324 ('key_identifier', b'd|\\\xe1\xe0`8NH\x9f\x05\xbcUc~?\xaeM\xf7\x1e'),
1325 ('authority_cert_issuer', None),
1326 ('authority_cert_serial_number', None)
1327 ])
1328 ),
1329 (
1330 'globalsign_example_keys/rootCA.cer',
1331 None
1332 ),
1333 (
1334 'globalsign_example_keys/SSL1.cer',
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]1335 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1336 ('key_identifier', b"'\xf8/\xe9]\xd7\r\xf4\xa8\xea\x87\x99=\xfd\x8e\xb3\x9e@\xd0\x91"),
1337 ('authority_cert_issuer', None),
1338 ('authority_cert_serial_number', None)
1339 ])
1340 ),
1341 (
1342 'globalsign_example_keys/SSL2.cer',
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]1343 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1344 ('key_identifier', b"'\xf8/\xe9]\xd7\r\xf4\xa8\xea\x87\x99=\xfd\x8e\xb3\x9e@\xd0\x91"),
1345 ('authority_cert_issuer', None),
1346 ('authority_cert_serial_number', None)
1347 ])
1348 ),
1349 (
1350 'globalsign_example_keys/SSL3.cer',
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]1351 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1352 ('key_identifier', b"'\xf8/\xe9]\xd7\r\xf4\xa8\xea\x87\x99=\xfd\x8e\xb3\x9e@\xd0\x91"),
1353 ('authority_cert_issuer', None),
1354 ('authority_cert_serial_number', None)
1355 ])
1356 ),
wbond08c60fa2015-07-13 23:02:13 -0400[diff] [blame]1357 )
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1358
1359 @data('authority_key_identifier_value_info')
1360 def authority_key_identifier_value(self, relative_path, authority_key_identifier_value):
1361 cert = self._load_cert(relative_path)
1362 value = cert.authority_key_identifier_value
1363 self.assertEqual(authority_key_identifier_value, value.native if value else None)
1364
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1365 @staticmethod
1366 def policy_constraints_value_info():
1367 return (
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]1368 (
1369 'keys/test-der.crt',
1370 None
1371 ),
1372 (
1373 'keys/test-inter-der.crt',
1374 None
1375 ),
1376 (
1377 'keys/test-third-der.crt',
1378 None
1379 ),
1380 (
1381 'geotrust_certs/GeoTrust_Universal_CA.crt',
1382 None
1383 ),
1384 (
1385 'geotrust_certs/GeoTrust_Primary_CA.crt',
1386 None
1387 ),
1388 (
1389 'geotrust_certs/GeoTrust_EV_SSL_CA_-_G4.crt',
1390 None
1391 ),
1392 (
1393 'geotrust_certs/codex.crt',
1394 None
1395 ),
1396 (
1397 'lets_encrypt/isrgrootx1.pem',
1398 None
1399 ),
1400 (
1401 'lets_encrypt/letsencryptauthorityx1.pem',
1402 None
1403 ),
1404 (
1405 'lets_encrypt/letsencryptauthorityx2.pem',
1406 None
1407 ),
1408 (
1409 'globalsign_example_keys/IssuingCA-der.cer',
1410 None
1411 ),
1412 (
1413 'globalsign_example_keys/rootCA.cer',
1414 None
1415 ),
1416 (
1417 'globalsign_example_keys/SSL1.cer',
1418 None
1419 ),
1420 (
1421 'globalsign_example_keys/SSL2.cer',
1422 None
1423 ),
1424 (
1425 'globalsign_example_keys/SSL3.cer',
1426 None
1427 ),
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1428 )
1429
1430 @data('policy_constraints_value_info')
1431 def policy_constraints_value(self, relative_path, policy_constraints_value):
1432 cert = self._load_cert(relative_path)
1433 value = cert.policy_constraints_value
1434 self.assertEqual(policy_constraints_value, value.native if value else None)
1435
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1436 @staticmethod
1437 def extended_key_usage_value_info():
1438 return (
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]1439 (
1440 'keys/test-der.crt',
1441 None
1442 ),
1443 (
1444 'keys/test-inter-der.crt',
1445 None
1446 ),
1447 (
1448 'keys/test-third-der.crt',
1449 None
1450 ),
1451 (
1452 'geotrust_certs/GeoTrust_Universal_CA.crt',
1453 None
1454 ),
1455 (
1456 'geotrust_certs/GeoTrust_Primary_CA.crt',
1457 None
1458 ),
1459 (
1460 'geotrust_certs/GeoTrust_EV_SSL_CA_-_G4.crt',
1461 None
1462 ),
1463 (
1464 'geotrust_certs/codex.crt',
1465 ['server_auth', 'client_auth']),
1466 (
1467 'lets_encrypt/isrgrootx1.pem',
1468 None
1469 ),
1470 (
1471 'lets_encrypt/letsencryptauthorityx1.pem',
1472 None
1473 ),
1474 (
1475 'lets_encrypt/letsencryptauthorityx2.pem',
1476 None
1477 ),
1478 (
1479 'globalsign_example_keys/IssuingCA-der.cer',
1480 None
1481 ),
1482 (
1483 'globalsign_example_keys/rootCA.cer',
1484 None
1485 ),
1486 (
1487 'globalsign_example_keys/SSL1.cer',
1488 ['server_auth', 'client_auth']
1489 ),
1490 (
1491 'globalsign_example_keys/SSL2.cer',
1492 ['server_auth', 'client_auth']
1493 ),
1494 (
1495 'globalsign_example_keys/SSL3.cer',
1496 ['server_auth', 'client_auth']
1497 ),
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1498 )
1499
1500 @data('extended_key_usage_value_info')
1501 def extended_key_usage_value(self, relative_path, extended_key_usage_value):
1502 cert = self._load_cert(relative_path)
1503 value = cert.extended_key_usage_value
1504 self.assertEqual(extended_key_usage_value, value.native if value else None)
1505
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1506 @staticmethod
1507 def authority_information_access_value_info():
1508 return (
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]1509 (
1510 'keys/test-der.crt',
1511 None
1512 ),
1513 (
1514 'keys/test-inter-der.crt',
1515 None
1516 ),
1517 (
1518 'keys/test-third-der.crt',
1519 None
1520 ),
1521 (
1522 'geotrust_certs/GeoTrust_Universal_CA.crt',
1523 None
1524 ),
1525 (
1526 'geotrust_certs/GeoTrust_Primary_CA.crt',
1527 None
1528 ),
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1529 (
1530 'geotrust_certs/GeoTrust_EV_SSL_CA_-_G4.crt',
1531 [
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]1532 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1533 ('access_method', 'ocsp'),
1534 ('access_location', 'http://g2.symcb.com')
1535 ])
1536 ]
1537 ),
1538 (
1539 'geotrust_certs/codex.crt',
1540 [
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]1541 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1542 ('access_method', 'ocsp'),
1543 ('access_location', 'http://gm.symcd.com')
1544 ]),
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]1545 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1546 ('access_method', 'ca_issuers'),
1547 ('access_location', 'http://gm.symcb.com/gm.crt')
1548 ]),
1549 ]
1550 ),
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]1551 (
1552 'lets_encrypt/isrgrootx1.pem',
1553 None
1554 ),
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1555 (
1556 'lets_encrypt/letsencryptauthorityx1.pem',
1557 [
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]1558 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1559 ('access_method', 'ocsp'),
1560 ('access_location', 'http://ocsp.root-x1.letsencrypt.org/')
1561 ]),
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]1562 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1563 ('access_method', 'ca_issuers'),
1564 ('access_location', 'http://cert.root-x1.letsencrypt.org/')
1565 ])
1566 ]
1567 ),
1568 (
1569 'lets_encrypt/letsencryptauthorityx2.pem',
1570 [
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]1571 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1572 ('access_method', 'ocsp'),
1573 ('access_location', 'http://ocsp.root-x1.letsencrypt.org/')
1574 ]),
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]1575 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1576 ('access_method', 'ca_issuers'),
1577 ('access_location', 'http://cert.root-x1.letsencrypt.org/')
1578 ])
1579 ]
1580 ),
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]1581 (
1582 'globalsign_example_keys/IssuingCA-der.cer',
1583 None
1584 ),
1585 (
1586 'globalsign_example_keys/rootCA.cer',
1587 None
1588 ),
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1589 (
1590 'globalsign_example_keys/SSL1.cer',
1591 [
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]1592 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1593 ('access_method', 'ocsp'),
1594 ('access_location', 'http://ocsp.exampleovca.com/')
1595 ]),
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]1596 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1597 ('access_method', 'ca_issuers'),
1598 ('access_location', 'http://secure.globalsign.com/cacert/trustrootcatg2.crt')
1599 ])
1600 ]
1601 ),
1602 (
1603 'globalsign_example_keys/SSL2.cer',
1604 [
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]1605 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1606 ('access_method', 'ocsp'),
1607 ('access_location', 'http://ocsp.exampleovca.com/')
1608 ]),
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]1609 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1610 ('access_method', 'ca_issuers'),
1611 ('access_location', 'http://secure.globalsign.com/cacert/trustrootcatg2.crt')
1612 ])
1613 ]
1614 ),
1615 (
1616 'globalsign_example_keys/SSL3.cer',
1617 [
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]1618 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1619 ('access_method', 'ocsp'),
1620 ('access_location', 'http://ocsp.exampleovca.com/')
1621 ]),
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]1622 util.OrderedDict([
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1623 ('access_method', 'ca_issuers'),
1624 ('access_location', 'http://secure.globalsign.com/cacert/trustrootcatg2.crt')
1625 ])
1626 ]
1627 ),
1628 )
1629
1630 @data('authority_information_access_value_info')
1631 def authority_information_access_value(self, relative_path, authority_information_access_value):
1632 cert = self._load_cert(relative_path)
1633 value = cert.authority_information_access_value
1634 self.assertEqual(authority_information_access_value, value.native if value else None)
1635
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1636 @staticmethod
1637 def ocsp_no_check_value_info():
1638 return (
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]1639 (
1640 'keys/test-der.crt',
1641 None
1642 ),
1643 (
1644 'keys/test-inter-der.crt',
1645 None
1646 ),
1647 (
1648 'keys/test-third-der.crt',
1649 None
1650 ),
1651 (
1652 'geotrust_certs/GeoTrust_Universal_CA.crt',
1653 None
1654 ),
1655 (
1656 'geotrust_certs/GeoTrust_Primary_CA.crt',
1657 None
1658 ),
1659 (
1660 'geotrust_certs/GeoTrust_EV_SSL_CA_-_G4.crt',
1661 None
1662 ),
1663 (
1664 'geotrust_certs/codex.crt',
1665 None
1666 ),
1667 (
1668 'lets_encrypt/isrgrootx1.pem',
1669 None
1670 ),
1671 (
1672 'lets_encrypt/letsencryptauthorityx1.pem',
1673 None
1674 ),
1675 (
1676 'lets_encrypt/letsencryptauthorityx2.pem',
1677 None
1678 ),
1679 (
1680 'globalsign_example_keys/IssuingCA-der.cer',
1681 None
1682 ),
1683 (
1684 'globalsign_example_keys/rootCA.cer',
1685 None
1686 ),
1687 (
1688 'globalsign_example_keys/SSL1.cer',
1689 None
1690 ),
1691 (
1692 'globalsign_example_keys/SSL2.cer',
1693 None
1694 ),
1695 (
1696 'globalsign_example_keys/SSL3.cer',
1697 None
1698 ),
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1699 )
1700
1701 @data('ocsp_no_check_value_info')
1702 def ocsp_no_check_value(self, relative_path, ocsp_no_check_value):
1703 cert = self._load_cert(relative_path)
1704 value = cert.ocsp_no_check_value
1705 self.assertEqual(ocsp_no_check_value, value.native if value else None)
1706
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1707 @staticmethod
1708 def serial_number_info():
1709 return (
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]1710 (
1711 'keys/test-der.crt',
1712 13683582341504654466
1713 ),
1714 (
1715 'keys/test-inter-der.crt',
1716 1590137
1717 ),
1718 (
1719 'keys/test-third-der.crt',
1720 2474902313
1721 ),
1722 (
1723 'geotrust_certs/GeoTrust_Universal_CA.crt',
1724 1
1725 ),
1726 (
1727 'geotrust_certs/GeoTrust_Primary_CA.crt',
1728 32798226551256963324313806436981982369
1729 ),
1730 (
1731 'geotrust_certs/GeoTrust_EV_SSL_CA_-_G4.crt',
1732 146934555852773531829332059263122711876
1733 ),
1734 (
1735 'geotrust_certs/codex.crt',
1736 130338219198307073574879940486642352162
1737 ),
1738 (
1739 'lets_encrypt/isrgrootx1.pem',
1740 172886928669790476064670243504169061120
1741 ),
1742 (
1743 'lets_encrypt/letsencryptauthorityx1.pem',
1744 307817870430047279283060309415759825539
1745 ),
1746 (
1747 'lets_encrypt/letsencryptauthorityx2.pem',
1748 199666138109676817050168330923544141416
1749 ),
1750 (
1751 'globalsign_example_keys/IssuingCA-der.cer',
1752 43543335419752
1753 ),
1754 (
1755 'globalsign_example_keys/rootCA.cer',
1756 342514332211132
1757 ),
1758 (
1759 'globalsign_example_keys/SSL1.cer',
1760 425155524522
1761 ),
1762 (
1763 'globalsign_example_keys/SSL2.cer',
1764 425155524522
1765 ),
1766 (
1767 'globalsign_example_keys/SSL3.cer',
1768 425155524522
1769 ),
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1770 )
1771
1772 @data('serial_number_info')
1773 def serial_number(self, relative_path, serial_number):
1774 cert = self._load_cert(relative_path)
1775 self.assertEqual(serial_number, cert.serial_number)
1776
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1777 @staticmethod
1778 def key_identifier_info():
1779 return (
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]1780 (
1781 'keys/test-der.crt',
1782 b'\xbeB\x85=\xcc\xff\xe3\xf9(\x02\x8f~XV\xb4\xfd\x03\\\xeaK'
1783 ),
1784 (
1785 'keys/test-inter-der.crt',
1786 b'\xd2\n\xfd.%\xd1\xb7!\xd7P~\xbb\xa4}\xbf4\xefR^\x02'
1787 ),
1788 (
1789 'keys/test-third-der.crt',
1790 b'D8\xe0\xe0&\x85\xbf\x98\x86\xdc\x1b\xe1\x1d\xf520\xbe\xab\xac\r'
1791 ),
1792 (
1793 'geotrust_certs/GeoTrust_Universal_CA.crt',
1794 b'\xda\xbb.\xaa\xb0\x0c\xb8\x88&Qt\\m\x03\xd3\xc0\xd8\x8fz\xd6'
1795 ),
1796 (
1797 'geotrust_certs/GeoTrust_Primary_CA.crt',
1798 b',\xd5PA\x97\x15\x8b\xf0\x8f6a[J\xfbk\xd9\x99\xc93\x92'
1799 ),
1800 (
1801 'geotrust_certs/GeoTrust_EV_SSL_CA_-_G4.crt',
1802 b'\xde\xcf\\P\xb7\xae\x02\x1f\x15\x17\xaa\x16\xe8\r\xb5(\x9djZ\xf3'
1803 ),
1804 (
1805 'geotrust_certs/codex.crt',
1806 None
1807 ),
1808 (
1809 'lets_encrypt/isrgrootx1.pem',
1810 b'y\xb4Y\xe6{\xb6\xe5\xe4\x01s\x80\x08\x88\xc8\x1aX\xf6\xe9\x9bn'
1811 ),
1812 (
1813 'lets_encrypt/letsencryptauthorityx1.pem',
1814 b'\xa8Jjc\x04}\xdd\xba\xe6\xd19\xb7\xa6Ee\xef\xf3\xa8\xec\xa1'
1815 ),
1816 (
1817 'lets_encrypt/letsencryptauthorityx2.pem',
1818 b'\xc5\xb1\xabNL\xb1\xcdd0\x93~\xc1\x84\x99\x05\xab\xe6\x03\xe2%'
1819 ),
1820 (
1821 'globalsign_example_keys/IssuingCA-der.cer',
1822 b"'\xf8/\xe9]\xd7\r\xf4\xa8\xea\x87\x99=\xfd\x8e\xb3\x9e@\xd0\x91"
1823 ),
1824 (
1825 'globalsign_example_keys/rootCA.cer',
1826 b'd|\\\xe1\xe0`8NH\x9f\x05\xbcUc~?\xaeM\xf7\x1e'
1827 ),
1828 (
1829 'globalsign_example_keys/SSL1.cer',
1830 b'\x94a\x04\x92\x04L\xe6\xffh\xa8\x96\xafy\xd2\xf32\x84\xae[\xcf'
1831 ),
1832 (
1833 'globalsign_example_keys/SSL2.cer',
1834 b'\xd2\xb7\x15\x7fd0\x07(p\x83\xca(\xfa\x88\x96\xde\x9e\xfc\x8a='
1835 ),
1836 (
1837 'globalsign_example_keys/SSL3.cer',
1838 b'G\xde\xa4\xe7\xea`\xe7\xee6\xc8\xf1\xd5\xb0F\x07\x07\x9eBh\xce'
1839 ),
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1840 )
1841
1842 @data('key_identifier_info')
1843 def key_identifier(self, relative_path, key_identifier):
1844 cert = self._load_cert(relative_path)
1845 self.assertEqual(key_identifier, cert.key_identifier)
1846
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1847 @staticmethod
1848 def issuer_serial_info():
1849 return (
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]1850 (
1851 'keys/test-der.crt',
1852 b'\xdd\x8a\x19x\xae`\x19=\xa7\xf8\x00\xb9\xfbx\xf8\xedu\xb8!\xf8\x8c'
1853 b'\xdb\x1f\x99\'7w\x93\xb4\xa4\'\xa0:13683582341504654466'
1854 ),
1855 (
1856 'keys/test-inter-der.crt',
1857 b'\xdd\x8a\x19x\xae`\x19=\xa7\xf8\x00\xb9\xfbx\xf8\xedu\xb8!\xf8\x8c'
1858 b'\xdb\x1f\x99\'7w\x93\xb4\xa4\'\xa0:1590137'
1859 ),
1860 (
1861 'keys/test-third-der.crt',
1862 b'\xed{\x9b\xbf\x9b\xdbd\xa4\xea\xf2#+H\x96\xcd\x80\x99\xf6\xecCM\x94'
1863 b'\x07\x02\xe2\x18\xf3\x83\x8c8%\x01:2474902313'
1864 ),
1865 (
1866 'geotrust_certs/GeoTrust_Universal_CA.crt',
1867 b'\xa1\x848\xf2\xe5w\xee\xec\xce\xfefJC+\xdf\x97\x7f\xd2Y\xe3\xdc\xa0D7~\x07\xd9\x9dzL@g:1'
1868 ),
1869 (
1870 'geotrust_certs/GeoTrust_Primary_CA.crt',
1871 b'\xdcg\x0c\x80\x03\xb3D\xa0v\xe2\xee\xec\x8b\xd6\x82\x01\xf0\x13\x0cwT'
1872 b'\xb4\x8f\x80\x0eT\x9d\xbf\xbf\xa4\x11\x80:32798226551256963324313806436981982369'
1873 ),
1874 (
1875 'geotrust_certs/GeoTrust_EV_SSL_CA_-_G4.crt',
1876 b'\xdcg\x0c\x80\x03\xb3D\xa0v\xe2\xee\xec\x8b\xd6\x82\x01\xf0\x13\x0cwT'
1877 b'\xb4\x8f\x80\x0eT\x9d\xbf\xbf\xa4\x11\x80:146934555852773531829332059263122711876'
1878 ),
1879 (
1880 'geotrust_certs/codex.crt',
1881 b'x\x12\xe0\x15\x00d;\xc3\xb9/\xf6\x13\n\xd8\xe2\xddY\xf7\xaf*=C\x01<\x86\xf5\x9f'
1882 b'_\xab;e\xd1:130338219198307073574879940486642352162'
1883 ),
1884 (
1885 'lets_encrypt/isrgrootx1.pem',
1886 b'\xf6\xdb/\xbd\x9d\xd8]\x92Y\xdd\xb3\xc6\xde}{/\xec?>\x0c\xef\x17a\xbc\xbf3 W\x1e'
1887 b'-0\xf8:172886928669790476064670243504169061120'
1888 ),
1889 (
1890 'lets_encrypt/letsencryptauthorityx1.pem',
1891 b'\xf6\xdb/\xbd\x9d\xd8]\x92Y\xdd\xb3\xc6\xde}{/\xec?>\x0c\xef\x17a\xbc\xbf3 W\x1e-'
1892 b'0\xf8:307817870430047279283060309415759825539'
1893 ),
1894 (
1895 'lets_encrypt/letsencryptauthorityx2.pem',
1896 b'\xf6\xdb/\xbd\x9d\xd8]\x92Y\xdd\xb3\xc6\xde}{/\xec?>\x0c\xef\x17a\xbc\xbf3 W\x1e-'
1897 b'0\xf8:199666138109676817050168330923544141416'
1898 ),
1899 (
1900 'globalsign_example_keys/IssuingCA-der.cer',
1901 b'\xd2\xe7\xca\x10\xc1\x91\x92Y^A\x11\xd3Rz\xd5\x93\x19wk\x11\xef\xaa\x9c\xad\x10'
1902 b'\x8ak\x8a\x08-\x0c\xff:43543335419752'
1903 ),
1904 (
1905 'globalsign_example_keys/rootCA.cer',
1906 b'\xd2\xe7\xca\x10\xc1\x91\x92Y^A\x11\xd3Rz\xd5\x93\x19wk\x11\xef\xaa\x9c\xad\x10'
1907 b'\x8ak\x8a\x08-\x0c\xff:342514332211132'
1908 ),
1909 (
1910 'globalsign_example_keys/SSL1.cer',
1911 b'_\xc0S\xb1\xeb}\xe3\x8e\xe4{\xdb\xd7\xe2\xd9}=3\x97|\x0c\x1e\xecz\xcc\x92u\x1f'
1912 b'\xf0\x1d\xbc\x9f\xe4:425155524522'
1913 ),
1914 (
1915 'globalsign_example_keys/SSL2.cer',
1916 b'_\xc0S\xb1\xeb}\xe3\x8e\xe4{\xdb\xd7\xe2\xd9}=3\x97|\x0c\x1e\xecz\xcc\x92u\x1f'
1917 b'\xf0\x1d\xbc\x9f\xe4:425155524522'
1918 ),
1919 (
1920 'globalsign_example_keys/SSL3.cer',
1921 b'_\xc0S\xb1\xeb}\xe3\x8e\xe4{\xdb\xd7\xe2\xd9}=3\x97|\x0c\x1e\xecz\xcc\x92u\x1f'
1922 b'\xf0\x1d\xbc\x9f\xe4:425155524522'
1923 ),
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1924 )
1925
1926 @data('issuer_serial_info')
1927 def issuer_serial(self, relative_path, issuer_serial):
1928 cert = self._load_cert(relative_path)
1929 self.assertEqual(issuer_serial, cert.issuer_serial)
1930
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1931 @staticmethod
1932 def authority_key_identifier_info():
1933 return (
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]1934 (
1935 'keys/test-der.crt',
1936 b'\xbeB\x85=\xcc\xff\xe3\xf9(\x02\x8f~XV\xb4\xfd\x03\\\xeaK'
1937 ),
1938 (
1939 'keys/test-inter-der.crt',
1940 b'\xbeB\x85=\xcc\xff\xe3\xf9(\x02\x8f~XV\xb4\xfd\x03\\\xeaK'
1941 ),
1942 (
1943 'keys/test-third-der.crt',
1944 b'\xd2\n\xfd.%\xd1\xb7!\xd7P~\xbb\xa4}\xbf4\xefR^\x02'
1945 ),
1946 (
1947 'geotrust_certs/GeoTrust_Universal_CA.crt',
1948 b'\xda\xbb.\xaa\xb0\x0c\xb8\x88&Qt\\m\x03\xd3\xc0\xd8\x8fz\xd6'
1949 ),
1950 (
1951 'geotrust_certs/GeoTrust_Primary_CA.crt',
1952 None
1953 ),
1954 (
1955 'geotrust_certs/GeoTrust_EV_SSL_CA_-_G4.crt',
1956 b',\xd5PA\x97\x15\x8b\xf0\x8f6a[J\xfbk\xd9\x99\xc93\x92'
1957 ),
1958 (
1959 'geotrust_certs/codex.crt',
1960 b'\xde\xcf\\P\xb7\xae\x02\x1f\x15\x17\xaa\x16\xe8\r\xb5(\x9djZ\xf3'
1961 ),
1962 (
1963 'lets_encrypt/isrgrootx1.pem',
1964 None
1965 ),
1966 (
1967 'lets_encrypt/letsencryptauthorityx1.pem',
1968 b'y\xb4Y\xe6{\xb6\xe5\xe4\x01s\x80\x08\x88\xc8\x1aX\xf6\xe9\x9bn'
1969 ),
1970 (
1971 'lets_encrypt/letsencryptauthorityx2.pem',
1972 b'y\xb4Y\xe6{\xb6\xe5\xe4\x01s\x80\x08\x88\xc8\x1aX\xf6\xe9\x9bn'
1973 ),
1974 (
1975 'globalsign_example_keys/IssuingCA-der.cer',
1976 b'd|\\\xe1\xe0`8NH\x9f\x05\xbcUc~?\xaeM\xf7\x1e'
1977 ),
1978 (
1979 'globalsign_example_keys/rootCA.cer',
1980 None
1981 ),
1982 (
1983 'globalsign_example_keys/SSL1.cer',
1984 b"'\xf8/\xe9]\xd7\r\xf4\xa8\xea\x87\x99=\xfd\x8e\xb3\x9e@\xd0\x91"
1985 ),
1986 (
1987 'globalsign_example_keys/SSL2.cer',
1988 b"'\xf8/\xe9]\xd7\r\xf4\xa8\xea\x87\x99=\xfd\x8e\xb3\x9e@\xd0\x91"
1989 ),
1990 (
1991 'globalsign_example_keys/SSL3.cer',
1992 b"'\xf8/\xe9]\xd7\r\xf4\xa8\xea\x87\x99=\xfd\x8e\xb3\x9e@\xd0\x91"
1993 ),
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]1994 )
1995
1996 @data('authority_key_identifier_info')
1997 def authority_key_identifier(self, relative_path, authority_key_identifier):
1998 cert = self._load_cert(relative_path)
1999 self.assertEqual(authority_key_identifier, cert.authority_key_identifier)
2000
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]2001 @staticmethod
2002 def authority_issuer_serial_info():
2003 return (
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]2004 (
2005 'keys/test-der.crt',
2006 b'\xdd\x8a\x19x\xae`\x19=\xa7\xf8\x00\xb9\xfbx\xf8\xedu\xb8!\xf8\x8c'
2007 b'\xdb\x1f\x99\'7w\x93\xb4\xa4\'\xa0:13683582341504654466'
2008 ),
2009 (
2010 'keys/test-inter-der.crt',
2011 None
2012 ),
2013 (
2014 'keys/test-third-der.crt',
2015 None
2016 ),
2017 (
2018 'geotrust_certs/GeoTrust_Universal_CA.crt',
2019 None
2020 ),
2021 (
2022 'geotrust_certs/GeoTrust_Primary_CA.crt',
2023 None
2024 ),
2025 (
2026 'geotrust_certs/GeoTrust_EV_SSL_CA_-_G4.crt',
2027 None
2028 ),
2029 (
2030 'geotrust_certs/codex.crt',
2031 None
2032 ),
2033 (
2034 'lets_encrypt/isrgrootx1.pem',
2035 None
2036 ),
2037 (
2038 'lets_encrypt/letsencryptauthorityx1.pem',
2039 None
2040 ),
2041 (
2042 'lets_encrypt/letsencryptauthorityx2.pem',
2043 None
2044 ),
2045 (
2046 'globalsign_example_keys/IssuingCA-der.cer',
2047 None
2048 ),
2049 (
2050 'globalsign_example_keys/rootCA.cer',
2051 None
2052 ),
2053 (
2054 'globalsign_example_keys/SSL1.cer',
2055 None
2056 ),
2057 (
2058 'globalsign_example_keys/SSL2.cer',
2059 None
2060 ),
2061 (
2062 'globalsign_example_keys/SSL3.cer',
2063 None
2064 ),
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]2065 )
2066
2067 @data('authority_issuer_serial_info')
2068 def authority_issuer_serial(self, relative_path, authority_issuer_serial):
2069 cert = self._load_cert(relative_path)
2070 self.assertEqual(authority_issuer_serial, cert.authority_issuer_serial)
2071
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]2072 @staticmethod
2073 def ocsp_urls_info():
2074 return (
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]2075 (
2076 'keys/test-der.crt',
2077 []
2078 ),
2079 (
2080 'keys/test-inter-der.crt',
2081 []
2082 ),
2083 (
2084 'keys/test-third-der.crt',
2085 []
2086 ),
2087 (
2088 'geotrust_certs/GeoTrust_Universal_CA.crt',
2089 []
2090 ),
2091 (
2092 'geotrust_certs/GeoTrust_Primary_CA.crt',
2093 []
2094 ),
2095 (
2096 'geotrust_certs/GeoTrust_EV_SSL_CA_-_G4.crt',
2097 ['http://g2.symcb.com']
2098 ),
2099 (
2100 'geotrust_certs/codex.crt',
2101 ['http://gm.symcd.com']
2102 ),
2103 (
2104 'lets_encrypt/isrgrootx1.pem',
2105 []
2106 ),
2107 (
2108 'lets_encrypt/letsencryptauthorityx1.pem',
2109 ['http://ocsp.root-x1.letsencrypt.org/']
2110 ),
2111 (
2112 'lets_encrypt/letsencryptauthorityx2.pem',
2113 ['http://ocsp.root-x1.letsencrypt.org/']
2114 ),
2115 (
2116 'globalsign_example_keys/IssuingCA-der.cer',
2117 []
2118 ),
2119 (
2120 'globalsign_example_keys/rootCA.cer',
2121 []
2122 ),
2123 (
2124 'globalsign_example_keys/SSL1.cer',
2125 ['http://ocsp.exampleovca.com/']
2126 ),
2127 (
2128 'globalsign_example_keys/SSL2.cer',
2129 ['http://ocsp.exampleovca.com/']
2130 ),
2131 (
2132 'globalsign_example_keys/SSL3.cer',
2133 ['http://ocsp.exampleovca.com/']
2134 ),
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]2135 )
2136
2137 @data('ocsp_urls_info')
2138 def ocsp_urls(self, relative_path, ocsp_url):
2139 cert = self._load_cert(relative_path)
2140 self.assertEqual(ocsp_url, cert.ocsp_urls)
2141
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]2142 @staticmethod
wbond6888bc62015-07-21 15:05:59 -0400[diff] [blame]2143 def crl_distribution_points_info():
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]2144 return (
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]2145 (
2146 'keys/test-der.crt',
2147 []
2148 ),
2149 (
2150 'keys/test-inter-der.crt',
2151 []
2152 ),
2153 (
2154 'keys/test-third-der.crt',
2155 []
2156 ),
2157 (
2158 'geotrust_certs/GeoTrust_Universal_CA.crt',
2159 []
2160 ),
2161 (
2162 'geotrust_certs/GeoTrust_Primary_CA.crt',
2163 []
2164 ),
wbond6888bc62015-07-21 15:05:59 -0400[diff] [blame]2165 (
2166 'geotrust_certs/GeoTrust_EV_SSL_CA_-_G4.crt',
2167 [
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]2168 util.OrderedDict([
wbond6888bc62015-07-21 15:05:59 -0400[diff] [blame]2169 ('distribution_point', ['http://g1.symcb.com/GeoTrustPCA.crl']),
2170 ('reasons', None),
2171 ('crl_issuer', None)
2172 ])
2173 ]
2174 ),
2175 (
2176 'geotrust_certs/codex.crt',
2177 [
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]2178 util.OrderedDict([
wbond6888bc62015-07-21 15:05:59 -0400[diff] [blame]2179 ('distribution_point', ['http://gm.symcb.com/gm.crl']),
2180 ('reasons', None),
2181 ('crl_issuer', None)
2182 ])
2183 ]
2184 ),
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]2185 (
2186 'lets_encrypt/isrgrootx1.pem',
2187 []
2188 ),
wbond6888bc62015-07-21 15:05:59 -0400[diff] [blame]2189 (
2190 'lets_encrypt/letsencryptauthorityx1.pem',
2191 [
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]2192 util.OrderedDict([
wbond6888bc62015-07-21 15:05:59 -0400[diff] [blame]2193 ('distribution_point', ['http://crl.root-x1.letsencrypt.org']),
2194 ('reasons', None),
2195 ('crl_issuer', None)
2196 ])
2197 ]
2198 ),
2199 (
2200 'lets_encrypt/letsencryptauthorityx2.pem',
2201 [
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]2202 util.OrderedDict([
wbond6888bc62015-07-21 15:05:59 -0400[diff] [blame]2203 ('distribution_point', ['http://crl.root-x1.letsencrypt.org']),
2204 ('reasons', None),
2205 ('crl_issuer', None)
2206 ])
2207 ]
2208 ),
2209 (
2210 'globalsign_example_keys/IssuingCA-der.cer',
2211 [
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]2212 util.OrderedDict([
wbond6888bc62015-07-21 15:05:59 -0400[diff] [blame]2213 ('distribution_point', ['http://crl.globalsign.com/gs/trustrootcatg2.crl']),
2214 ('reasons', None),
2215 ('crl_issuer', None)
2216 ])
2217 ]
2218 ),
2219 (
2220 'globalsign_example_keys/rootCA.cer',
2221 [
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]2222 util.OrderedDict([
wbond6888bc62015-07-21 15:05:59 -0400[diff] [blame]2223 ('distribution_point', ['http://crl.globalsign.com/gs/trustrootcatg2.crl']),
2224 ('reasons', None),
2225 ('crl_issuer', None)
2226 ])
2227 ]
2228 ),
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]2229 (
2230 'globalsign_example_keys/SSL1.cer',
2231 []
2232 ),
2233 (
2234 'globalsign_example_keys/SSL2.cer',
2235 []
2236 ),
2237 (
2238 'globalsign_example_keys/SSL3.cer',
2239 []
2240 ),
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]2241 )
2242
wbond6888bc62015-07-21 15:05:59 -0400[diff] [blame]2243 @data('crl_distribution_points_info')
2244 def crl_distribution_points(self, relative_path, crl_distribution_point):
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]2245 cert = self._load_cert(relative_path)
wbond6888bc62015-07-21 15:05:59 -0400[diff] [blame]2246 points = [point.native for point in cert.crl_distribution_points]
2247 self.assertEqual(crl_distribution_point, points)
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]2248
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]2249 @staticmethod
2250 def valid_domains_info():
2251 return (
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]2252 (
2253 'keys/test-der.crt',
2254 []
2255 ),
2256 (
2257 'keys/test-inter-der.crt',
2258 []
2259 ),
2260 (
2261 'keys/test-third-der.crt',
2262 []
2263 ),
2264 (
2265 'geotrust_certs/GeoTrust_Universal_CA.crt',
2266 []
2267 ),
2268 (
2269 'geotrust_certs/GeoTrust_Primary_CA.crt',
2270 []
2271 ),
2272 (
2273 'geotrust_certs/GeoTrust_EV_SSL_CA_-_G4.crt',
2274 []
2275 ),
2276 (
2277 'geotrust_certs/codex.crt',
2278 ['dev.codexns.io', 'rc.codexns.io', 'packagecontrol.io', 'wbond.net', 'codexns.io']
2279 ),
2280 (
2281 'lets_encrypt/isrgrootx1.pem',
2282 []
2283 ),
2284 (
2285 'lets_encrypt/letsencryptauthorityx1.pem',
2286 []
2287 ),
2288 (
2289 'lets_encrypt/letsencryptauthorityx2.pem',
2290 []
2291 ),
2292 (
2293 'globalsign_example_keys/IssuingCA-der.cer',
2294 []
2295 ),
2296 (
2297 'globalsign_example_keys/rootCA.cer',
2298 []
2299 ),
2300 (
2301 'globalsign_example_keys/SSL1.cer',
2302 ['anything.example.com']
2303 ),
2304 (
2305 'globalsign_example_keys/SSL2.cer',
2306 ['anything.example.com']
2307 ),
2308 (
2309 'globalsign_example_keys/SSL3.cer',
2310 ['*.google.com']
2311 ),
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]2312 )
2313
2314 @data('valid_domains_info')
2315 def valid_domains(self, relative_path, valid_domains):
2316 cert = self._load_cert(relative_path)
2317 self.assertEqual(valid_domains, cert.valid_domains)
2318
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]2319 @staticmethod
2320 def valid_ips_info():
2321 return (
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]2322 (
2323 'keys/test-der.crt',
2324 []
2325 ),
2326 (
2327 'keys/test-inter-der.crt',
2328 []
2329 ),
2330 (
2331 'keys/test-third-der.crt',
2332 []
2333 ),
2334 (
2335 'geotrust_certs/GeoTrust_Universal_CA.crt',
2336 []
2337 ),
2338 (
2339 'geotrust_certs/GeoTrust_Primary_CA.crt',
2340 []
2341 ),
2342 (
2343 'geotrust_certs/GeoTrust_EV_SSL_CA_-_G4.crt',
2344 []
2345 ),
2346 (
2347 'geotrust_certs/codex.crt',
2348 []
2349 ),
2350 (
2351 'lets_encrypt/isrgrootx1.pem',
2352 []
2353 ),
2354 (
2355 'lets_encrypt/letsencryptauthorityx1.pem',
2356 []
2357 ),
2358 (
2359 'lets_encrypt/letsencryptauthorityx2.pem',
2360 []
2361 ),
2362 (
2363 'globalsign_example_keys/IssuingCA-der.cer',
2364 []
2365 ),
2366 (
2367 'globalsign_example_keys/rootCA.cer',
2368 []
2369 ),
2370 (
2371 'globalsign_example_keys/SSL1.cer',
2372 []
2373 ),
2374 (
2375 'globalsign_example_keys/SSL2.cer',
2376 []
2377 ),
2378 (
2379 'globalsign_example_keys/SSL3.cer',
2380 []
2381 ),
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]2382 )
2383
2384 @data('valid_ips_info')
2385 def valid_ips(self, relative_path, crl_url):
2386 cert = self._load_cert(relative_path)
2387 self.assertEqual(crl_url, cert.valid_ips)
wbond8bb77d02015-07-13 17:44:29 -0400[diff] [blame]2388
wbond9a7a0992015-07-23 09:59:06 -0400[diff] [blame]2389 @staticmethod
2390 def self_issued_info():
2391 return (
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]2392 (
2393 'keys/test-der.crt',
2394 True
2395 ),
2396 (
2397 'keys/test-inter-der.crt',
2398 False
2399 ),
2400 (
2401 'keys/test-third-der.crt',
2402 False
2403 ),
2404 (
2405 'geotrust_certs/GeoTrust_Universal_CA.crt',
2406 True
2407 ),
2408 (
2409 'geotrust_certs/GeoTrust_Primary_CA.crt',
2410 True
2411 ),
2412 (
2413 'geotrust_certs/GeoTrust_EV_SSL_CA_-_G4.crt',
2414 False
2415 ),
2416 (
2417 'geotrust_certs/codex.crt',
2418 False
2419 ),
2420 (
2421 'lets_encrypt/isrgrootx1.pem',
2422 True
2423 ),
2424 (
2425 'lets_encrypt/letsencryptauthorityx1.pem',
2426 False
2427 ),
2428 (
2429 'lets_encrypt/letsencryptauthorityx2.pem',
2430 False
2431 ),
2432 (
2433 'globalsign_example_keys/IssuingCA-der.cer',
2434 False
2435 ),
2436 (
2437 'globalsign_example_keys/rootCA.cer',
2438 True
2439 ),
2440 (
2441 'globalsign_example_keys/SSL1.cer',
2442 False
2443 ),
2444 (
2445 'globalsign_example_keys/SSL2.cer',
2446 False
2447 ),
2448 (
2449 'globalsign_example_keys/SSL3.cer',
2450 False
2451 ),
wbond9a7a0992015-07-23 09:59:06 -0400[diff] [blame]2452 )
2453
2454 @data('self_issued_info')
2455 def self_issued(self, relative_path, self_issued):
2456 cert = self._load_cert(relative_path)
2457 self.assertEqual(self_issued, cert.self_issued)
2458
wbond9a7a0992015-07-23 09:59:06 -0400[diff] [blame]2459 @staticmethod
2460 def self_signed_info():
2461 return (
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]2462 (
2463 'keys/test-der.crt',
2464 'yes'
2465 ),
2466 (
2467 'keys/test-inter-der.crt',
2468 'no'
2469 ),
2470 (
2471 'keys/test-third-der.crt',
2472 'no'
2473 ),
2474 (
2475 'geotrust_certs/GeoTrust_Universal_CA.crt',
2476 'yes'
2477 ),
2478 (
2479 'geotrust_certs/GeoTrust_Primary_CA.crt',
2480 'yes'
2481 ),
2482 (
2483 'geotrust_certs/GeoTrust_EV_SSL_CA_-_G4.crt',
2484 'no'
2485 ),
2486 (
2487 'geotrust_certs/codex.crt',
2488 'no'
2489 ),
2490 (
2491 'lets_encrypt/isrgrootx1.pem',
2492 'yes'
2493 ),
2494 (
2495 'lets_encrypt/letsencryptauthorityx1.pem',
2496 'no'
2497 ),
2498 (
2499 'lets_encrypt/letsencryptauthorityx2.pem',
2500 'no'
2501 ),
2502 (
2503 'globalsign_example_keys/IssuingCA-der.cer',
2504 'no'
2505 ),
2506 (
2507 'globalsign_example_keys/rootCA.cer',
2508 'yes'
2509 ),
2510 (
2511 'globalsign_example_keys/SSL1.cer',
2512 'no'
2513 ),
2514 (
2515 'globalsign_example_keys/SSL2.cer',
2516 'no'
2517 ),
2518 (
2519 'globalsign_example_keys/SSL3.cer',
2520 'no'
2521 ),
wbond9a7a0992015-07-23 09:59:06 -0400[diff] [blame]2522 )
2523
2524 @data('self_signed_info')
2525 def self_signed(self, relative_path, self_signed):
2526 cert = self._load_cert(relative_path)
2527 self.assertEqual(self_signed, cert.self_signed)
2528
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]2529 def test_parse_certificate(self):
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]2530 cert = self._load_cert('keys/test-der.crt')
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]2531
2532 tbs_certificate = cert['tbs_certificate']
2533 signature = tbs_certificate['signature']
2534 issuer = tbs_certificate['issuer']
2535 validity = tbs_certificate['validity']
2536 subject = tbs_certificate['subject']
2537 subject_public_key_info = tbs_certificate['subject_public_key_info']
2538 subject_public_key_algorithm = subject_public_key_info['algorithm']
2539 subject_public_key = subject_public_key_info['public_key'].parsed
2540 extensions = tbs_certificate['extensions']
2541
2542 self.assertEqual(
2543 'v3',
2544 tbs_certificate['version'].native
2545 )
2546 self.assertEqual(
2547 13683582341504654466,
2548 tbs_certificate['serial_number'].native
2549 )
2550 self.assertEqual(
2551 'sha256_rsa',
2552 signature['algorithm'].native
2553 )
2554 self.assertEqual(
2555 None,
2556 signature['parameters'].native
2557 )
2558 self.assertEqual(
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]2559 util.OrderedDict([
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]2560 ('country_name', 'US'),
2561 ('state_or_province_name', 'Massachusetts'),
2562 ('locality_name', 'Newbury'),
2563 ('organization_name', 'Codex Non Sufficit LC'),
2564 ('organizational_unit_name', 'Testing'),
2565 ('common_name', 'Will Bond'),
2566 ('email_address', 'will@codexns.io'),
2567 ]),
2568 issuer.native
2569 )
2570 self.assertEqual(
wbonde9142152015-07-30 09:05:19 -0400[diff] [blame]2571 datetime(2015, 5, 6, 14, 37, 16, tzinfo=util.timezone.utc),
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]2572 validity['not_before'].native
2573 )
2574 self.assertEqual(
wbonde9142152015-07-30 09:05:19 -0400[diff] [blame]2575 datetime(2025, 5, 3, 14, 37, 16, tzinfo=util.timezone.utc),
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]2576 validity['not_after'].native
2577 )
2578 self.assertEqual(
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]2579 util.OrderedDict([
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]2580 ('country_name', 'US'),
2581 ('state_or_province_name', 'Massachusetts'),
2582 ('locality_name', 'Newbury'),
2583 ('organization_name', 'Codex Non Sufficit LC'),
2584 ('organizational_unit_name', 'Testing'),
2585 ('common_name', 'Will Bond'),
2586 ('email_address', 'will@codexns.io'),
2587 ]),
2588 subject.native
2589 )
2590 self.assertEqual(
2591 'rsa',
2592 subject_public_key_algorithm['algorithm'].native
2593 )
2594 self.assertEqual(
2595 None,
2596 subject_public_key_algorithm['parameters'].native
2597 )
2598 self.assertEqual(
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]2599 23903990516906431865559598284199534387004799030432486061102966678620221767754702651554142956492614440585611990224871381291841413369032752409360196079700921141819811294444393525264295297988924243231844876926173670633422654261873814968313363171188082579071492839040415373948505938897419917635370450127498164824808630475648771544810334682447182123219422360569466851807131368135806769502898151721274383486320505905826683946456552230958810028663378886363555981449715929872558073101554364803925363048965464124465016494920967179276744892632783712377912841537032383450409486298694116013299423220523450956288827030007092359007, # noqa
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]2600 subject_public_key['modulus'].native
2601 )
2602 self.assertEqual(
2603 65537,
2604 subject_public_key['public_exponent'].native
2605 )
2606 self.assertEqual(
2607 None,
2608 tbs_certificate['issuer_unique_id'].native
2609 )
2610 self.assertIsInstance(
2611 tbs_certificate['issuer_unique_id'],
wbond093f9862015-10-22 11:54:37 -0400[diff] [blame^]2612 core.Void
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]2613 )
2614 self.assertEqual(
2615 None,
2616 tbs_certificate['subject_unique_id'].native
2617 )
2618 self.assertIsInstance(
2619 tbs_certificate['subject_unique_id'],
wbond093f9862015-10-22 11:54:37 -0400[diff] [blame^]2620 core.Void
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]2621 )
2622
2623 self.maxDiff = None
2624 for extension in extensions:
2625 self.assertIsInstance(
2626 extension,
2627 x509.Extension
2628 )
2629 self.assertEqual(
2630 [
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]2631 util.OrderedDict([
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]2632 ('extn_id', 'key_identifier'),
2633 ('critical', False),
2634 ('extn_value', b'\xBE\x42\x85\x3D\xCC\xFF\xE3\xF9\x28\x02\x8F\x7E\x58\x56\xB4\xFD\x03\x5C\xEA\x4B'),
2635 ]),
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]2636 util.OrderedDict([
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]2637 ('extn_id', 'authority_key_identifier'),
2638 ('critical', False),
2639 (
2640 'extn_value',
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]2641 util.OrderedDict([
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]2642 (
2643 'key_identifier',
2644 b'\xBE\x42\x85\x3D\xCC\xFF\xE3\xF9\x28\x02\x8F\x7E\x58\x56\xB4\xFD\x03\x5C\xEA\x4B'
2645 ),
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]2646 (
2647 'authority_cert_issuer',
2648 [
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]2649 util.OrderedDict([
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]2650 ('country_name', 'US'),
2651 ('state_or_province_name', 'Massachusetts'),
2652 ('locality_name', 'Newbury'),
2653 ('organization_name', 'Codex Non Sufficit LC'),
2654 ('organizational_unit_name', 'Testing'),
2655 ('common_name', 'Will Bond'),
2656 ('email_address', 'will@codexns.io'),
2657 ])
2658 ]
2659 ),
2660 ('authority_cert_serial_number', 13683582341504654466),
2661 ])
2662 ),
2663 ]),
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]2664 util.OrderedDict([
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]2665 ('extn_id', 'basic_constraints'),
2666 ('critical', False),
2667 (
2668 'extn_value',
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]2669 util.OrderedDict([
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]2670 ('ca', True),
2671 ('path_len_constraint', None)
2672 ])
2673 ),
2674 ]),
2675 ],
2676 extensions.native
2677 )
2678
2679 def test_parse_dsa_certificate(self):
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]2680 cert = self._load_cert('keys/test-dsa-der.crt')
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]2681
2682 tbs_certificate = cert['tbs_certificate']
2683 signature = tbs_certificate['signature']
2684 issuer = tbs_certificate['issuer']
2685 validity = tbs_certificate['validity']
2686 subject = tbs_certificate['subject']
2687 subject_public_key_info = tbs_certificate['subject_public_key_info']
2688 subject_public_key_algorithm = subject_public_key_info['algorithm']
2689 subject_public_key = subject_public_key_info['public_key'].parsed
2690 extensions = tbs_certificate['extensions']
2691
2692 self.assertEqual(
2693 'v3',
2694 tbs_certificate['version'].native
2695 )
2696 self.assertEqual(
2697 14308214745771946523,
2698 tbs_certificate['serial_number'].native
2699 )
2700 self.assertEqual(
2701 'sha256_dsa',
2702 signature['algorithm'].native
2703 )
2704 self.assertEqual(
2705 None,
2706 signature['parameters'].native
2707 )
2708 self.assertEqual(
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]2709 util.OrderedDict([
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]2710 ('country_name', 'US'),
2711 ('state_or_province_name', 'Massachusetts'),
2712 ('locality_name', 'Newbury'),
2713 ('organization_name', 'Codex Non Sufficit LC'),
2714 ('organizational_unit_name', 'Testing'),
2715 ('common_name', 'Will Bond'),
2716 ('email_address', 'will@codexns.io'),
2717 ]),
2718 issuer.native
2719 )
2720 self.assertEqual(
wbonde9142152015-07-30 09:05:19 -0400[diff] [blame]2721 datetime(2015, 5, 20, 13, 9, 2, tzinfo=util.timezone.utc),
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]2722 validity['not_before'].native
2723 )
2724 self.assertEqual(
wbonde9142152015-07-30 09:05:19 -0400[diff] [blame]2725 datetime(2025, 5, 17, 13, 9, 2, tzinfo=util.timezone.utc),
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]2726 validity['not_after'].native
2727 )
2728 self.assertEqual(
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]2729 util.OrderedDict([
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]2730 ('country_name', 'US'),
2731 ('state_or_province_name', 'Massachusetts'),
2732 ('locality_name', 'Newbury'),
2733 ('organization_name', 'Codex Non Sufficit LC'),
2734 ('organizational_unit_name', 'Testing'),
2735 ('common_name', 'Will Bond'),
2736 ('email_address', 'will@codexns.io'),
2737 ]),
2738 subject.native
2739 )
2740 self.assertEqual(
2741 'dsa',
2742 subject_public_key_algorithm['algorithm'].native
2743 )
2744 self.assertEqual(
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]2745 util.OrderedDict([
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]2746 ('p', 4511743893397705393934377497936985478231822206263141826261443300639402520800626925517264115785551703273809312112372693877437137848393530691841757974971843334497076835630893064661599193178307024379015589119302113551197423138934242435710226975119594589912289060014025377813473273600967729027125618396732574594753039493158066887433778053086408525146692226448554390096911703556213619406958876388642882534250747780313634767409586007581976273681005928967585750017105562145167146445061803488570714706090280814293902464230717946651489964409785146803791743658888866280873858000476717727810363942159874283767926511678640730707887895260274767195555813448140889391762755466967436731106514029224490921857229134393798015954890071206959203407845438863870686180087606429828973298318856683615900474921310376145478859687052812749087809700610549251964102790514588562086548577933609968589710807989944739877028770343142449461177732058649962678857), # noqa
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]2747 ('q', 71587850165936478337655415373676526523562874562337607790945426056266440596923),
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]2748 ('g', 761437146067908309288345767887973163494473925243194806582679580640442238588269326525839153095505341738937595419375068472941615006110237832663093084973431440436421580371384720052414080562019831325744042316268714195397974084616335082272743706567701546951285088540646372701485690904535540223121118329044403681933304838754517522024738251994717369464179515923093116622352823578284891812676662979104509631349201801577889230316128523885862472086364717411346341249139971907827526291913249445756671582283459372536334490171231311487207683108274785825764378203622999309355578169139646003751751448501475767709869676880946562283552431757983801739671783678927397420797147373441051876558068212062253171347849380506793433921881336652424898488378657239798694995315456959568806256079056461448199493507273882763491729787817044805150879660784158902456811649964987582162907020243296662602990514615480712948126671999033658064244112238138589732202), # noqa
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]2749 ]),
2750 subject_public_key_algorithm['parameters'].native
2751 )
2752 self.assertEqual(
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]2753 934231235067929794039535952071098031636053793876274937162425423023735221571983693370780054696865229184537343792766496068557051933738826401423094028670222490622041397241325320965905259541032379046252395145258594355589801644789631904099105867133976990593761395721476198083091062806327384261369876465927159169400428623265291958463077792777155465482611741502621885386691681062128487785344975981628995609792181581218570320181053055516069553767918513262908069925035292416868414952256645902605335068760774106734518308281769128146479819566784704033671969858507248124850451414380441279385481154336362988505436125981975735568289420374790767927084033441728922597082155884801013899630856890463962357814273014111039522903328923758417820349377075487103441305806369234738881875734407495707878637895190993370257589211331043479113328811265005530361001980539377903738453549980082795009589559114091215518866106998956304437954236070776810740036, # noqa
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]2754 subject_public_key.native
2755 )
2756 self.assertEqual(
2757 None,
2758 tbs_certificate['issuer_unique_id'].native
2759 )
2760 self.assertIsInstance(
2761 tbs_certificate['issuer_unique_id'],
wbond093f9862015-10-22 11:54:37 -0400[diff] [blame^]2762 core.Void
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]2763 )
2764 self.assertEqual(
2765 None,
2766 tbs_certificate['subject_unique_id'].native
2767 )
2768 self.assertIsInstance(
2769 tbs_certificate['subject_unique_id'],
wbond093f9862015-10-22 11:54:37 -0400[diff] [blame^]2770 core.Void
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]2771 )
2772
2773 self.maxDiff = None
2774 for extension in extensions:
2775 self.assertIsInstance(
2776 extension,
2777 x509.Extension
2778 )
2779 self.assertEqual(
2780 [
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]2781 util.OrderedDict([
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]2782 ('extn_id', 'key_identifier'),
2783 ('critical', False),
2784 ('extn_value', b'\x81\xA3\x37\x86\xF9\x99\x28\xF2\x74\x70\x60\x87\xF2\xD3\x7E\x8D\x19\x61\xA8\xBE'),
2785 ]),
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]2786 util.OrderedDict([
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]2787 ('extn_id', 'authority_key_identifier'),
2788 ('critical', False),
2789 (
2790 'extn_value',
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]2791 util.OrderedDict([
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]2792 (
2793 'key_identifier',
2794 b'\x81\xA3\x37\x86\xF9\x99\x28\xF2\x74\x70\x60\x87\xF2\xD3\x7E\x8D\x19\x61\xA8\xBE'
2795 ),
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]2796 ('authority_cert_issuer', None),
2797 ('authority_cert_serial_number', None),
2798 ])
2799 ),
2800 ]),
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]2801 util.OrderedDict([
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]2802 ('extn_id', 'basic_constraints'),
2803 ('critical', False),
2804 (
2805 'extn_value',
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]2806 util.OrderedDict([
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]2807 ('ca', True),
2808 ('path_len_constraint', None)
2809 ])
2810 ),
2811 ]),
2812 ],
2813 extensions.native
2814 )
2815
wbond0d9d8332015-10-08 11:55:40 -0400[diff] [blame]2816 def test_parse_dsa_certificate_inheritance(self):
2817 cert = self._load_cert('DSAParametersInheritedCACert.crt')
2818
2819 tbs_certificate = cert['tbs_certificate']
2820 signature = tbs_certificate['signature']
2821 issuer = tbs_certificate['issuer']
2822 validity = tbs_certificate['validity']
2823 subject = tbs_certificate['subject']
2824 subject_public_key_info = tbs_certificate['subject_public_key_info']
2825 subject_public_key_algorithm = subject_public_key_info['algorithm']
2826
2827 self.assertEqual(
2828 'v3',
2829 tbs_certificate['version'].native
2830 )
2831 self.assertEqual(
2832 2,
2833 tbs_certificate['serial_number'].native
2834 )
2835 self.assertEqual(
2836 'sha1_dsa',
2837 signature['algorithm'].native
2838 )
2839 self.assertEqual(
2840 None,
2841 signature['parameters'].native
2842 )
2843 self.assertEqual(
2844 util.OrderedDict([
2845 ('country_name', 'US'),
2846 ('organization_name', 'Test Certificates 2011'),
2847 ('common_name', 'DSA CA'),
2848 ]),
2849 issuer.native
2850 )
2851 self.assertEqual(
2852 datetime(2010, 1, 1, 8, 30, tzinfo=util.timezone.utc),
2853 validity['not_before'].native
2854 )
2855 self.assertEqual(
2856 datetime(2030, 12, 31, 8, 30, tzinfo=util.timezone.utc),
2857 validity['not_after'].native
2858 )
2859 self.assertEqual(
2860 util.OrderedDict([
2861 ('country_name', 'US'),
2862 ('organization_name', 'Test Certificates 2011'),
2863 ('common_name', 'DSA Parameters Inherited CA'),
2864 ]),
2865 subject.native
2866 )
2867 self.assertEqual(
2868 'dsa',
2869 subject_public_key_algorithm['algorithm'].native
2870 )
2871 self.assertEqual(
2872 None,
2873 subject_public_key_algorithm['parameters'].native
2874 )
2875 self.assertEqual(
2876 'dsa',
2877 subject_public_key_info.algorithm
2878 )
2879 self.assertEqual(
2880 None,
2881 subject_public_key_info.hash_algo
2882 )
2883
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]2884 def test_parse_ec_certificate(self):
wbondaf1f5a82015-07-17 12:13:15 -0400[diff] [blame]2885 cert = self._load_cert('keys/test-ec-der.crt')
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]2886
2887 tbs_certificate = cert['tbs_certificate']
2888 signature = tbs_certificate['signature']
2889 issuer = tbs_certificate['issuer']
2890 validity = tbs_certificate['validity']
2891 subject = tbs_certificate['subject']
2892 subject_public_key_info = tbs_certificate['subject_public_key_info']
2893 subject_public_key_algorithm = subject_public_key_info['algorithm']
2894 public_key_params = subject_public_key_info['algorithm']['parameters'].chosen
2895 field_id = public_key_params['field_id']
2896 curve = public_key_params['curve']
wbonde5a1c6e2015-08-03 07:42:28 -0400[diff] [blame]2897 subject_public_key = subject_public_key_info['public_key']
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]2898 extensions = tbs_certificate['extensions']
2899
2900 self.assertEqual(
2901 'v3',
2902 tbs_certificate['version'].native
2903 )
2904 self.assertEqual(
2905 15854128451240978884,
2906 tbs_certificate['serial_number'].native
2907 )
2908 self.assertEqual(
2909 'sha256_ecdsa',
2910 signature['algorithm'].native
2911 )
2912 self.assertEqual(
2913 None,
2914 signature['parameters'].native
2915 )
2916 self.assertEqual(
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]2917 util.OrderedDict([
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]2918 ('country_name', 'US'),
2919 ('state_or_province_name', 'Massachusetts'),
2920 ('locality_name', 'Newbury'),
2921 ('organization_name', 'Codex Non Sufficit LC'),
2922 ('organizational_unit_name', 'Testing'),
2923 ('common_name', 'Will Bond'),
2924 ('email_address', 'will@codexns.io'),
2925 ]),
2926 issuer.native
2927 )
2928 self.assertEqual(
wbonde9142152015-07-30 09:05:19 -0400[diff] [blame]2929 datetime(2015, 5, 20, 12, 56, 46, tzinfo=util.timezone.utc),
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]2930 validity['not_before'].native
2931 )
2932 self.assertEqual(
wbonde9142152015-07-30 09:05:19 -0400[diff] [blame]2933 datetime(2025, 5, 17, 12, 56, 46, tzinfo=util.timezone.utc),
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]2934 validity['not_after'].native
2935 )
2936 self.assertEqual(
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]2937 util.OrderedDict([
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]2938 ('country_name', 'US'),
2939 ('state_or_province_name', 'Massachusetts'),
2940 ('locality_name', 'Newbury'),
2941 ('organization_name', 'Codex Non Sufficit LC'),
2942 ('organizational_unit_name', 'Testing'),
2943 ('common_name', 'Will Bond'),
2944 ('email_address', 'will@codexns.io'),
2945 ]),
2946 subject.native
2947 )
2948 self.assertEqual(
wbond680cba12015-07-01 23:53:54 -0400[diff] [blame]2949 'ec',
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]2950 subject_public_key_algorithm['algorithm'].native
2951 )
2952 self.assertEqual(
2953 'ecdpVer1',
2954 public_key_params['version'].native
2955 )
2956 self.assertEqual(
2957 'prime_field',
2958 field_id['field_type'].native
2959 )
2960 self.assertEqual(
2961 115792089210356248762697446949407573530086143415290314195533631308867097853951,
2962 field_id['parameters'].native
2963 )
2964 self.assertEqual(
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]2965 b'\xFF\xFF\xFF\xFF\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00'
2966 b'\x00\x00\x00\x00\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFC',
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]2967 curve['a'].native
2968 )
2969 self.assertEqual(
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]2970 b'\x5A\xC6\x35\xD8\xAA\x3A\x93\xE7\xB3\xEB\xBD\x55\x76\x98\x86\xBC'
2971 b'\x65\x1D\x06\xB0\xCC\x53\xB0\xF6\x3B\xCE\x3C\x3E\x27\xD2\x60\x4B',
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]2972 curve['b'].native
2973 )
2974 self.assertEqual(
2975 b'\xC4\x9D\x36\x08\x86\xE7\x04\x93\x6A\x66\x78\xE1\x13\x9D\x26\xB7\x81\x9F\x7E\x90',
2976 curve['seed'].native
2977 )
2978 self.assertEqual(
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]2979 b'\x04\x6B\x17\xD1\xF2\xE1\x2C\x42\x47\xF8\xBC\xE6\xE5\x63\xA4\x40'
2980 b'\xF2\x77\x03\x7D\x81\x2D\xEB\x33\xA0\xF4\xA1\x39\x45\xD8\x98\xC2'
2981 b'\x96\x4F\xE3\x42\xE2\xFE\x1A\x7F\x9B\x8E\xE7\xEB\x4A\x7C\x0F\x9E'
2982 b'\x16\x2B\xCE\x33\x57\x6B\x31\x5E\xCE\xCB\xB6\x40\x68\x37\xBF\x51\xF5',
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]2983 public_key_params['base'].native
2984 )
2985 self.assertEqual(
2986 115792089210356248762697446949407573529996955224135760342422259061068512044369,
2987 public_key_params['order'].native
2988 )
2989 self.assertEqual(
2990 1,
2991 public_key_params['cofactor'].native
2992 )
2993 self.assertEqual(
2994 None,
2995 public_key_params['hash'].native
2996 )
2997 self.assertEqual(
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]2998 b'\x04\x8b]Lq\xf7\xd6\xc6\xa3IcB\\G\x9f\xcbs$\x1d\xc9\xdd\xd1-\xf1:\x9f'
2999 b'\xb7\x04\xde \xd0X\x00\x93T\xf6\x89\xc7/\x87+\xf7\xf9=;4\xed\x9e{\x0e'
3000 b'=WB\xdfx\x03\x0b\xcc1\xc6\x03\xd7\x9f`\x01',
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]3001 subject_public_key.native
3002 )
3003 self.assertEqual(
3004 None,
3005 tbs_certificate['issuer_unique_id'].native
3006 )
3007 self.assertIsInstance(
3008 tbs_certificate['issuer_unique_id'],
wbond093f9862015-10-22 11:54:37 -0400[diff] [blame^]3009 core.Void
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]3010 )
3011 self.assertEqual(
3012 None,
3013 tbs_certificate['subject_unique_id'].native
3014 )
3015 self.assertIsInstance(
3016 tbs_certificate['subject_unique_id'],
wbond093f9862015-10-22 11:54:37 -0400[diff] [blame^]3017 core.Void
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]3018 )
3019
3020 self.maxDiff = None
3021 for extension in extensions:
3022 self.assertIsInstance(
3023 extension,
3024 x509.Extension
3025 )
3026 self.assertEqual(
3027 [
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]3028 util.OrderedDict([
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]3029 ('extn_id', 'key_identifier'),
3030 ('critical', False),
3031 ('extn_value', b'\x54\xAA\x54\x70\x6C\x34\x1A\x6D\xEB\x5D\x97\xD7\x1E\xFC\xD5\x24\x3C\x8A\x0E\xD7'),
3032 ]),
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]3033 util.OrderedDict([
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]3034 ('extn_id', 'authority_key_identifier'),
3035 ('critical', False),
3036 (
3037 'extn_value',
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]3038 util.OrderedDict([
wbonda26664f2015-10-07 11:57:35 -0400[diff] [blame]3039 (
3040 'key_identifier',
3041 b'\x54\xAA\x54\x70\x6C\x34\x1A\x6D\xEB\x5D\x97\xD7\x1E\xFC\xD5\x24\x3C\x8A\x0E\xD7'
3042 ),
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]3043 ('authority_cert_issuer', None),
3044 ('authority_cert_serial_number', None),
3045 ])
3046 ),
3047 ]),
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]3048 util.OrderedDict([
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]3049 ('extn_id', 'basic_constraints'),
3050 ('critical', False),
3051 (
3052 'extn_value',
wbond44b89192015-08-24 09:34:01 -0400[diff] [blame]3053 util.OrderedDict([
wbonde91513e2015-06-03 14:52:18 -0400[diff] [blame]3054 ('ca', True),
3055 ('path_len_constraint', None)
3056 ])
3057 ),
3058 ]),
3059 ],
3060 extensions.native
3061 )