Changeset 3029

Timestamp:

21/11/07 13:53:45 (13 years ago)

Author:

pjkersha

Message:

 

Location:

TI12-security/trunk/python/ndg.security.test/ndg/security/test/X509

Files:

• X509Test.py (copied) (copied from TI12-security/trunk/python/ndg.security.test/ndg/security/test/AttCert/X509Test.py) (6 diffs)
• __init__.py (added)
• x509Test.cfg (copied) (copied from TI12-security/trunk/python/ndg.security.test/ndg/security/test/AttCert/x509Test.cfg) (1 diff)

TI12-security/trunk/python/ndg.security.test/ndg/security/test/X509/X509Test.py

@@ -32 +32 @@
         for section in configParser.sections():
             self.cfg[section] = dict(configParser.items(section))
+        
             
             
@@ -37 +38 @@
         'test1X509CertRead: read in a cert from file'
         print self.test1X509CertRead.__doc__
-        self.X509Cert=X509CertRead(self.cfg['test1X509CertRead']['certfile'])
-        assert(self.X509Cert)
+        self.x509Cert=X509CertRead(self.cfg['test1X509CertRead']['certfile'])
+        assert(self.x509Cert)
 
     def test2X509CertAsPEM(self):
@@ -44 +45 @@
         self.test1X509CertRead()
         print self.test2X509CertAsPEM.__doc__
-        self.pemString = self.X509Cert.asPEM()
+        self.pemString = self.x509Cert.asPEM()
         print self.pemString
 
@@ -59 +60 @@
         self.test1X509CertRead()
         print self.test4GetDN.__doc__
-        self.dn = self.X509Cert.dn
+        self.dn = self.x509Cert.dn
         print self.dn
         
@@ -81 +82 @@
         assert(not(self.dn != self.dn))
             
+    def test7x509Stack(self):
+        '''test7x509Stack: test X509Stack functionality'''
+        print self.test7x509Stack.__doc__
+        self.test1X509CertRead()
+        stack = X509Stack()
+        assert(len(stack)==0)
+        assert(stack.push(self.x509Cert))
+        assert(len(stack)==1)
+        print "stack[0] = %s" % stack[0]
+        for i in stack:
+            print "stack iterator i = %s" % i
+        print "stack.pop() = %s" % stack.pop()
+        assert(len(stack)==0)
+            
+    def test8x509StackVerifyCertChain(self):
+        '''test8x509StackVerifyCertChain: testVerifyCertChain method'''
+        print self.test8x509StackVerifyCertChain.__doc__
+        self.test1X509CertRead()
+        proxyCert=X509CertRead(\
+                   self.cfg['test8x509StackVerifyCertChain']['proxycertfile'])
+
+        stack1 = X509Stack()
+        stack1.push(self.x509Cert)
         
+        caCert=X509CertRead(\
+                   self.cfg['test8x509StackVerifyCertChain']['cacertfile'])
+        caStack = X509Stack()
+        caStack.push(caCert)
+        
+        print "Verification of external cert with external CA stack..."
+        stack1.verifyCertChain(x509Cert2Verify=proxyCert, 
+                               caX509Stack=caStack)
+        
+        print "Verification of stack content using CA stack..."
+        stack1.push(proxyCert)
+        stack1.verifyCertChain(caX509Stack=caStack)
+        
+        print "Verification of stack alone..."
+        stack1.push(caCert)
+        stack1.verifyCertChain()
+        
+        print "Reject self-signed cert. ..."
+        stack2 = X509Stack()
+        try:
+            stack2.verifyCertChain()
+            raise Exception, "Empty stack error expected"
+        except X509StackError:
+            pass
+
+        stack2.push(caCert)
+        try:
+            stack2.verifyCertChain()
+            raise Exception, "Reject of self-signed cert. expected"
+        except SelfSignedCert:
+            pass
+        
+        print "Accept self-signed cert. ..."
+        stack2.verifyCertChain(rejectSelfSignedCert=False)
+        
+        assert(stack2.pop())
+        print "Test no cert. issuer found ..."
+        stack2.push(proxyCert)
+        try:
+            stack2.verifyCertChain()
+            raise Exception, "No cert. issuer error expected"
+        except CertIssuerNotFound:
+            pass
+        
+        print "Test no cert. issuer found again with incomplete chain ..."
+        stack2.push(self.x509Cert)
+        try:
+            stack2.verifyCertChain()
+            raise Exception, "No cert. issuer error expected"
+        except CertIssuerNotFound:
+            pass
+        
+
 class X509TestSuite(unittest.TestSuite):
     def __init__(self):
@@ -91 +168 @@
                     "test4GetDN",
                     "test5DN",
-                    "test6DNCmp"
+                    "test6DNCmp",
+                    "test7x509Stack",
+                    "test8x509StackVerifyCertChain"
                   ))
         unittest.TestSuite.__init__(self, map)

TI12-security/trunk/python/ndg.security.test/ndg/security/test/X509/x509Test.cfg

@@ -10 +10 @@
 
 [test1X509CertRead]
-#certfile: cert.pem
-certfile: proxy-cert.pem
+certfile: user-cert.pem
 
+[test8x509StackVerifyCertChain]
+certfile: user-cert.pem
+proxycertfile: proxy-cert.pem
+cacertfile: cacert.pem
+