|
1
|
import pytest
|
|
2
|
|
|
3
|
from src.model.subject import Subject
|
|
4
|
from src.services.cryptography import CryptographyException
|
|
5
|
|
|
6
|
|
|
7
|
def test_verify_valid_ca(service):
|
|
8
|
# verify validation of valid certificates
|
|
9
|
private_key = service.create_private_key()
|
|
10
|
root_cert = service.create_sscrt(Subject(common_name="foo"), private_key)
|
|
11
|
child_cert = service.create_crt(Subject(common_name="Expired Foo"), private_key, root_cert, private_key, days=1)
|
|
12
|
|
|
13
|
assert service.verify_cert(root_cert)
|
|
14
|
assert service.verify_cert(child_cert)
|
|
15
|
|
|
16
|
|
|
17
|
def test_verify_invalid_ca(service):
|
|
18
|
# test whether expired certificate will fail to get verified
|
|
19
|
private_key = service.create_private_key()
|
|
20
|
root_cert = service.create_sscrt(Subject(common_name="foo"), private_key)
|
|
21
|
|
|
22
|
expired_cert = service.create_crt(Subject(common_name="Expired Foo"), private_key, root_cert, private_key, days=0)
|
|
23
|
|
|
24
|
assert not service.verify_cert(expired_cert)
|
|
25
|
|
|
26
|
|
|
27
|
def test_verify_invalid_cert_format(service):
|
|
28
|
# verify that certificate in invalid format raises <CryptographyException>
|
|
29
|
|
|
30
|
with pytest.raises(CryptographyException):
|
|
31
|
service.verify_cert("invalid cert")
|