Projekt

Obecné

Profil

Stáhnout (12.3 KB) Statistiky
| Větev: | Tag: | Revize:
1 aa740737 Captain_Trojan
# structure:
2
# 1->10
3
# 2->3->4->5->6->7
4
# 2->8->9
5 a0d4dda1 Captain_Trojan
6
7 aa740737 Captain_Trojan
def make_root_ca(server, title="Root CA s.r.o."):
8
    return server.post("/api/certificates", content_type="application/json", json={
9 a0d4dda1 Captain_Trojan
        "subject": {
10
            "C": "CZ",
11 aa740737 Captain_Trojan
            "CN": title,
12 a0d4dda1 Captain_Trojan
            "L": "Pilsen",
13 aa740737 Captain_Trojan
            "O": title,
14 a0d4dda1 Captain_Trojan
            "OU": "IT department",
15
            "ST": "Pilsen Region",
16
            "emailAddress": "root@ca.com"
17
        },
18
        "usage": {
19
            "CA": True,
20
            "SSL": True,
21
            "authentication": True,
22
            "digitalSignature": True
23
        },
24
        "validityDays": 30
25
    })
26
27 aa740737 Captain_Trojan
28
def make_inter_ca(server, parent, title="Intermediate CA s.r.o."):
29
    return server.post("/api/certificates", content_type="application/json", json={
30
        "CA": parent,
31
        "subject": {
32
            "C": "CZ",
33
            "CN": title,
34
            "L": "Pilsen",
35
            "O": title,
36
            "OU": "IT department",
37
            "ST": "Pilsen Region",
38
            "emailAddress": "inter@ca.com"
39
        },
40
        "usage": {
41
            "CA": True,
42
            "SSL": True,
43
            "authentication": True,
44
            "digitalSignature": True
45
        },
46
        "validityDays": 30
47
    })
48
49
50
def make_end_cert(server, parent, title="End certificate s.r.o.", usage=None):
51
    if usage is None:
52
        usage = {
53
            "CA": False,
54
            "SSL": True,
55
            "authentication": True,
56
            "digitalSignature": True
57
        }
58
59
    return server.post("/api/certificates", content_type="application/json", json={
60
        "CA": parent,
61
        "subject": {
62
            "C": "CZ",
63
            "CN": title,
64
            "L": "Pilsen",
65
            "O": title,
66
            "OU": "IT department",
67
            "ST": "Pilsen Region",
68
            "emailAddress": "end@ca.com"
69
        },
70
        "usage": usage,
71
        "validityDays": 30
72
    })
73
74
75
def test_import(server):
76
    assert 1 + 2 + 3 + 4 != -1 / 12
77
78
    ret = server.get("/")
79
    assert ret.status_code == 200
80
    assert str(ret.data, encoding='utf-8') == "Welcome to the X.509 management application homepage!"
81
82
83
def test_root_ca(server):
84
    ret = make_root_ca(server)
85
86 a0d4dda1 Captain_Trojan
    assert ret.status_code == 201
87
88
    d = ret.json
89
90
    assert "data" in d
91
    assert d["data"] == 1
92
    assert "success" in d
93
    assert d["success"]
94
95
96
def test_invalid_params_1(server):
97
    ret = server.post("/api/certificates", content_type="application/json", json={
98
        "subject": {
99
            "C": "CZ",
100
            "CN": "Root CA s.r.o.",
101
            "L": "Pilsen",
102
            "O": "Root CA s.r.o.",
103
            "OU": "IT department",
104
            "ST": "Pilsen Region",
105
            "emailAddress": "root@ca.com"
106
        },
107
        "validityDays": 30
108
    })
109
110
    assert ret.status_code == 400
111
112
    d = ret.json
113
114 5b57121e Captain_Trojan
    assert "data" in d
115
    assert d["data"] == "Invalid request, missing parameters."
116
    assert "success" in d
117
    assert not d["success"]
118 a0d4dda1 Captain_Trojan
119
120
def test_invalid_params_2(server):
121
    ret = server.post("/api/certificates", content_type="application/json", json={
122
        "subject": {
123
            "C": "CZ",
124
            "CN": "Root CA s.r.o.",
125
            "L": "Pilsen",
126
            "O": "Root CA s.r.o.",
127
            "OU": "IT department",
128
            "ST": "Pilsen Region",
129
            "emailAddress": "root@ca.com"
130
        },
131
        "usage": {
132
            "CA": True,
133
            "SSL": True,
134
            "authentication": True,
135
            "digitalSignature": True
136
        },
137
        "validityDays": "tak mesic treba plus minus"
138
    })
139
140
    assert ret.status_code == 400
141
142
    d = ret.json
143
144 5b57121e Captain_Trojan
    assert "data" in d
145
    assert d["data"] == "Invalid request, wrong parameters."
146
    assert "success" in d
147
    assert not d["success"]
148 a0d4dda1 Captain_Trojan
149
150
def test_invalid_params_3(server):
151
    ret = server.post("/api/certificates", content_type="application/json", json={
152
        "subject": {
153
            "C": "CZ",
154
            "CN": "Root CA s.r.o.",
155
            "L": "Pilsen",
156
            "O": "Root CA s.r.o.",
157
            "OU": "IT department",
158
            "ST": ["Bosna", "Herzegovina"],
159
            "emailAddress": "root@ca.com"
160
        },
161
        "usage": {
162
            "CA": True,
163
            "SSL": True,
164
            "authentication": True,
165
            "digitalSignature": True
166
        },
167
        "validityDays": 30
168
    })
169
170
    assert ret.status_code == 400
171
172
    d = ret.json
173
174 5b57121e Captain_Trojan
    assert "data" in d
175
    assert d["data"] == "Invalid request, wrong parameters."
176
    assert "success" in d
177
    assert not d["success"]
178 a0d4dda1 Captain_Trojan
179
180 fb987403 Captain_Trojan
def test_invalid_params_4(server):
181
    ret = server.post("/api/certificates", content_type="application/json", json={
182
        "CA": 80081358008135,
183
        "subject": {
184
            "C": "CZ",
185
            "CN": "Root CA s.r.o.",
186
            "L": "Pilsen",
187
            "O": "Root CA s.r.o.",
188
            "OU": "IT department",
189
            "ST": "Pilsen",
190
            "emailAddress": "root@ca.com"
191
        },
192
        "usage": {
193
            "CA": True,
194
            "SSL": True,
195
            "authentication": True,
196
            "digitalSignature": True
197
        },
198
        "validityDays": 30
199
    })
200
201
    assert ret.status_code == 400
202
203
    d = ret.json
204
205
    assert "data" in d
206
    assert d["data"] == "No certificate authority with such unique ID exists."
207
    assert "success" in d
208
    assert not d["success"]
209
210
211 d53c2fdc Captain_Trojan
def test_create_chain(server):
212 aa740737 Captain_Trojan
    ret = make_root_ca(server, "Another Root CA s.r.o.")
213 a0d4dda1 Captain_Trojan
214
    assert ret.status_code == 201
215
216
    d = ret.json
217
218
    assert "data" in d
219
    assert d["data"] == 2
220
    assert "success" in d
221
    assert d["success"]
222
223 aa740737 Captain_Trojan
    ret = make_inter_ca(server, 2)
224 a0d4dda1 Captain_Trojan
225
    assert ret.status_code == 201
226
227
    d = ret.json
228
229
    assert "data" in d
230
    assert d["data"] == 3
231
    assert "success" in d
232 1e07432d Captain_Trojan
    assert d["success"]
233
234 aa740737 Captain_Trojan
    ret = make_inter_ca(server, 3)
235 d53c2fdc Captain_Trojan
236
    assert ret.status_code == 201
237
238
    d = ret.json
239
240
    assert "data" in d
241
    assert d["data"] == 4
242
    assert "success" in d
243
    assert d["success"]
244
245 aa740737 Captain_Trojan
    ret = make_inter_ca(server, 4)
246
247
    assert ret.status_code == 201
248
249
    d = ret.json
250
251
    assert "data" in d
252
    assert d["data"] == 5
253
    assert "success" in d
254
    assert d["success"]
255
256
    ret = make_inter_ca(server, 5)
257
258
    assert ret.status_code == 201
259
260
    d = ret.json
261
262
    assert "data" in d
263
    assert d["data"] == 6
264
    assert "success" in d
265
    assert d["success"]
266
267
    ret = make_end_cert(server, 6)
268
269
    assert ret.status_code == 201
270
271
    d = ret.json
272
273
    assert "data" in d
274
    assert d["data"] == 7
275
    assert "success" in d
276
    assert d["success"]
277
278 1e07432d Captain_Trojan
279
def test_list_of_certificates(server):
280
    ret = server.get("/api/certificates")
281
282
    assert ret.status_code == 200
283
284
    usage_dict = {'CA': True, 'SSL': True, 'authentication': True, 'digitalSignature': True}
285
    s1 = "Root CA s.r.o."
286
    s2 = "Another Root CA s.r.o."
287
    s3 = "Intermediate CA s.r.o."
288
289
    assert "data" in ret.json
290
    assert "success" in ret.json
291
    assert ret.json["success"]
292
293
    d = ret.json["data"]
294
295
    # print(d)
296
297
    assert d[0]['CN'] == s1
298
    assert d[1]['CN'] == s2
299
    assert d[2]['CN'] == s3
300
301
    assert all(d[i]['id'] == i + 1 for i in range(3))
302
    assert all(d[i]['usage'] == usage_dict for i in range(3))
303
304
    assert d[0]['issuer']['CN'] == s1
305
    assert d[1]['issuer']['CN'] == s2
306
    assert d[2]['issuer']['CN'] == s2
307
308
    assert d[0]['issuer']['id'] == 1
309
    assert d[1]['issuer']['id'] == 2
310
    assert d[2]['issuer']['id'] == 2
311
312
313
def test_sign_by_non_ca(server):
314 aa740737 Captain_Trojan
    ret = make_end_cert(server, 2, "Fake intermediate cert s.r.o.", usage={
315 1e07432d Captain_Trojan
            "CA": False,
316
            "SSL": True,
317
            "authentication": True,
318
            "digitalSignature": True
319 aa740737 Captain_Trojan
        })
320 1e07432d Captain_Trojan
321
    assert ret.status_code == 201
322
323
    d = ret.json
324
325
    assert "data" in d
326 aa740737 Captain_Trojan
    assert d["data"] == 8
327 1e07432d Captain_Trojan
    assert "success" in d
328
    assert d["success"]
329
330 aa740737 Captain_Trojan
    ret = make_end_cert(server, 8, "End certificate signed by end certificate s.r.o.", usage={
331 1e07432d Captain_Trojan
            "CA": False,
332
            "SSL": True,
333 aa740737 Captain_Trojan
            "authentication": False,
334
            "digitalSignature": False
335
        })
336 1e07432d Captain_Trojan
337
    # TODO discussion -> assert ret.status_code == 400
338
    assert ret.status_code == 201
339
340
    d = ret.json
341
342
    assert "data" in d
343 aa740737 Captain_Trojan
    assert d["data"] == 9
344 1e07432d Captain_Trojan
    assert "success" in d
345 49f22fd9 Captain_Trojan
    assert d["success"]
346
347
348
def test_filtering(server):
349
    ret = server.get("/api/certificates", json={"filtering": {"CA": True}})
350
351
    assert ret.status_code == 200
352
353 aa740737 Captain_Trojan
    assert "data" in ret.json
354
    assert "success" in ret.json
355
    assert ret.json["success"]
356
357
    d = ret.json["data"]
358
359
    assert all(c["usage"]["CA"] for c in d)
360
361
    all_certs_expected = list(d)
362
363
    ret = server.get("/api/certificates", json={"filtering": {"CA": False}})
364
365
    assert ret.status_code == 200
366 49f22fd9 Captain_Trojan
367
    assert "data" in ret.json
368
    assert "success" in ret.json
369
    assert ret.json["success"]
370
371
    d = ret.json["data"]
372
373 aa740737 Captain_Trojan
    assert all(not c["usage"]["CA"] for c in d)
374 49f22fd9 Captain_Trojan
375 aa740737 Captain_Trojan
    for v in d:
376
        all_certs_expected.append(v)
377 49f22fd9 Captain_Trojan
378 aa740737 Captain_Trojan
    ret = server.get("/api/certificates")
379 49f22fd9 Captain_Trojan
380 aa740737 Captain_Trojan
    assert ret.status_code == 200
381 49f22fd9 Captain_Trojan
382 aa740737 Captain_Trojan
    assert "data" in ret.json
383
    assert "success" in ret.json
384
    assert ret.json["success"]
385
386
    all_certs_actual = ret.json["data"]
387
388
    assert len(all_certs_actual) == len(all_certs_expected)
389
    # TODO assert set(all_certs_expected) == set(all_certs_actual) or something like that instead
390 fb987403 Captain_Trojan
391
392
def test_get_one(server):
393
    ret = server.get("/api/certificates/1")
394
395
    assert ret.status_code == 200
396
397
    assert "data" in ret.json
398
    assert "success" in ret.json
399
    assert ret.json["success"]
400
401
    d = ret.json["data"]
402
403
    assert str(d).startswith("-----BEGIN CERTIFICATE-----")
404
405
406
def test_get_one_bad_param(server):
407
    ret = server.get("/api/certificates/whoopsie")
408
409
    assert ret.status_code == 400
410
    assert "data" in ret.json
411
    assert "success" in ret.json
412
    assert not ret.json["success"]
413
    assert ret.json["data"] == "Invalid request, wrong parameters."
414
415
416
def test_get_one_bad_param_2(server):
417
    ret = server.get("/api/certificates/805")
418
419
    assert ret.status_code == 205
420
    assert "data" in ret.json
421
    assert "success" in ret.json
422
    assert not ret.json["success"]
423 d53c2fdc Captain_Trojan
    assert ret.json["data"] == "No such certificate found."
424 5b6d9513 Captain_Trojan
425
426
def test_get_detes(server):
427
    original = {
428
        "CA": 1,
429
        "subject": {
430
            "C": "CZ",
431
            "CN": "Good boy end cert s.r.o.",
432
            "L": "Pilsen",
433
            "O": "This is most likely a good s.r.o.",
434
            "OU": "IT department",
435
            "ST": "Pilsen Region",
436
            "emailAddress": "end@ca.com"
437
        },
438
        "usage": {
439
            "CA": False,
440
            "SSL": True,
441
            "authentication": False,
442
            "digitalSignature": True
443
        },
444
        "validityDays": 30
445
    }
446
    ret = server.post("/api/certificates", content_type="application/json", json=original)
447
448
    assert ret.status_code == 201
449
450
    assert "data" in ret.json
451
    assert "success" in ret.json
452
    assert ret.json["success"]
453
454
    d = ret.json
455
456 aa740737 Captain_Trojan
    assert d["data"] == 10
457 5b6d9513 Captain_Trojan
458
    id = d["data"]
459
460
    ret = server.get(f"/api/certificates/{id}/details")
461
462
    assert ret.status_code == 200
463
464
    assert "data" in ret.json
465
    assert "success" in ret.json
466
    assert ret.json["success"]
467
468
    d = ret.json
469
470
    new = d["data"]
471
472
    assert original["CA"] == new["CA"]
473
    assert original["subject"] == new["subject"]
474 d53c2fdc Captain_Trojan
    assert original["usage"] == new["usage"]
475
476
477
def test_get_root(server):
478
    ret = server.get("/api/certificates/2")
479
480
    assert ret.status_code == 200
481
482
    assert "data" in ret.json
483
    assert "success" in ret.json
484
    assert ret.json["success"]
485
486
    original = ret.json["data"]
487
488
    ret = server.get("/api/certificates/4/root")
489
490
    assert ret.status_code == 200
491
492
    assert "data" in ret.json
493
    assert "success" in ret.json
494
    assert ret.json["success"]
495
496
    new = ret.json["data"]
497
498
    assert original == new
499
500
501
def test_get_root_invalid(server):
502
    ret = server.get("/api/certificates/805/root")
503
504
    assert ret.status_code == 205
505
    assert "data" in ret.json
506
    assert "success" in ret.json
507
    assert not ret.json["success"]
508
    assert ret.json["data"] == "No such certificate found."
509
510 aa740737 Captain_Trojan
511
def test_chain_of_trust(server):
512
    expected = []
513
    for i in range(6, 2, -1):
514
        ret = server.get(f"/api/certificates/{i}")
515
516
        assert ret.status_code == 200
517
518
        assert "data" in ret.json
519
        assert "success" in ret.json
520
        assert ret.json["success"]
521
522
        d = ret.json["data"]
523
        expected.append(d)
524
525
    ret = server.get(f"/api/certificates/7/chain")
526
    assert ret.status_code == 200
527
528
    assert "data" in ret.json
529
    assert "success" in ret.json
530
    assert ret.json["success"]
531
532
    actual = ret.json["data"]
533
534
    assert "".join(expected) == actual