Adding the first tests against X509 CSRs

- Also fixing some minor X509Name issues that showed up Change-Id: Ia722e6c9aad69f8700d8fefd7d5e04e88d3101ef
2015-01-12 17:58:48 +00:00 · 2015-01-12 17:58:48 +00:00 · c9940c4799
commit c9940c4799
parent 4b5e0bb7d1
4 changed files with 173 additions and 11 deletions
--- a/anchor/X509/name.py
+++ b/anchor/X509/name.py
@ -21,6 +21,7 @@ class X509Name(object):

    # NOTE(tkelsey): this is not exhaustive
    nid = {'C': backend._lib.NID_countryName,
+           'countryName': backend._lib.NID_countryName,
           'SP': backend._lib.NID_stateOrProvinceName,
           'ST': backend._lib.NID_stateOrProvinceName,
           'stateOrProvinceName': backend._lib.NID_stateOrProvinceName,
@ -29,7 +30,7 @@ class X509Name(object):
           'O': backend._lib.NID_organizationName,
           'organizationName': backend._lib.NID_organizationName,
           'OU': backend._lib.NID_organizationalUnitName,
-           'organizationUnitName': backend._lib.NID_organizationalUnitName,
+           'organizationalUnitName': backend._lib.NID_organizationalUnitName,
           'CN': backend._lib.NID_commonName,
           'commonName': backend._lib.NID_commonName,
           'Email': backend._lib.NID_pkcs9_emailAddress,
@ -52,15 +53,7 @@ class X509Name(object):
            return "%s %s" % (self.get_name(), self.get_value())

        def __cmp__(self, other):
-            data = str(other)
-            asn1_str_1 = self._lib.ASN1_STRING_new()
-            asn1_str_1 = self._ffi.gc(asn1_str_1, self._lib.ASN1_STRING_free)
-            ret = self._lib.ASN1_STRING_set(asn1_str_1, data, len(data))
-            if ret != 0:
-                asn1_str_2 = self._lib.X509_NAME_ENTRY_get_string(self._entry)
-                ret = self._lib.ASN1_STRING_cmp(asn1_str_1, asn1_str_2)
-                return (ret == 1)
-            raise errors.X509Error("Could not setup ASN1 string data.")
+            return (str(self) == str(other))

        def get_name(self):
            """Get the name of this entry.
--- a/anchor/app.py
+++ b/anchor/app.py
@ -12,7 +12,6 @@
 # under the License.

 import paste
-from paste import translogger
 from pecan import make_app

 import validators
--- a/tests/X509/init.py
+++ b/tests/X509/init.py
--- a/tests/X509/test_x509_csr.py
+++ b/tests/X509/test_x509_csr.py
@ -0,0 +1,170 @@
+# -*- coding:utf-8 -*-
+#
+# Copyright 2014 Hewlett-Packard Development Company, L.P.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+import os
+
+import unittest
+
+from anchor.X509 import errors as x509_errors
+from anchor.X509 import signing_request
+
+
+class TestX509Csr(unittest.TestCase):
+    csr_data = (
+        "-----BEGIN CERTIFICATE REQUEST-----\n"""
+        "MIIBWTCCARMCAQAwgZQxCzAJBgNVBAYTAlVLMQ8wDQYDVQQIEwZOYXJuaWExEjAQ\n"
+        "BgNVBAcTCUZ1bmt5dG93bjEXMBUGA1UEChMOQW5jaG9yIFRlc3RpbmcxEDAOBgNV\n"
+        "BAsTB3Rlc3RpbmcxFDASBgNVBAMTC2FuY2hvci50ZXN0MR8wHQYJKoZIhvcNAQkB\n"
+        "FhB0ZXN0QGFuY2hvci50ZXN0MEwwDQYJKoZIhvcNAQEBBQADOwAwOAIxAOpvxkCx\n"
+        "NNTc86GVnP4rWvaniOnHaemXbhBOoFxhMwaghiq7u5V9ZKkUZfbu+L+ZSQIDAQAB\n"
+        "oCkwJwYJKoZIhvcNAQkOMRowGDAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DANBgkq\n"
+        "hkiG9w0BAQUFAAMxALaK8/HR73ZSvHiWo7Mduin0S519aJBm+gO8d9iliUkK00gQ\n"
+        "VMs9DuTAxljX7t7Eug==\n"
+        "-----END CERTIFICATE REQUEST-----\n"
+        )
+
+    def setUp(self):
+        super(TestX509Csr, self).setUp()
+        self.csr = signing_request.X509Csr()
+        self.csr.from_buffer(TestX509Csr.csr_data)
+
+    def tearDown(self):
+        pass
+
+    def test_get_bad_elem(self):
+        name = self.csr.get_subject()
+        self.assertRaises(x509_errors.X509Error,
+                          name.get_entries_by_nid_name,
+                          'BAD')
+
+    def test_get_subject_c(self):
+        name = self.csr.get_subject()
+        entries = name.get_entries_by_nid_name('C')
+        self.assertEqual(len(entries), 1)
+        self.assertEqual(entries[0].get_name(), "countryName")
+        self.assertEqual(entries[0].get_value(), "UK")
+
+    def test_get_subject_countryName(self):
+        name = self.csr.get_subject()
+        entries = name.get_entries_by_nid_name('countryName')
+        self.assertEqual(len(entries), 1)
+        self.assertEqual(entries[0].get_name(), "countryName")
+        self.assertEqual(entries[0].get_value(), "UK")
+
+    def test_get_subject_st(self):
+        name = self.csr.get_subject()
+        entries = name.get_entries_by_nid_name('ST')
+        self.assertEqual(len(entries), 1)
+        self.assertEqual(entries[0].get_name(), "stateOrProvinceName")
+        self.assertEqual(entries[0].get_value(), "Narnia")
+
+    def test_get_subject_sp(self):
+        name = self.csr.get_subject()
+        entries = name.get_entries_by_nid_name('SP')
+        self.assertEqual(len(entries), 1)
+        self.assertEqual(entries[0].get_name(), "stateOrProvinceName")
+        self.assertEqual(entries[0].get_value(), "Narnia")
+
+    def test_get_subject_stateOrProvinceName(self):
+        name = self.csr.get_subject()
+        entries = name.get_entries_by_nid_name('stateOrProvinceName')
+        self.assertEqual(len(entries), 1)
+        self.assertEqual(entries[0].get_name(), "stateOrProvinceName")
+        self.assertEqual(entries[0].get_value(), "Narnia")
+
+    def test_get_subject_l(self):
+        name = self.csr.get_subject()
+        entries = name.get_entries_by_nid_name('L')
+        self.assertEqual(len(entries), 1)
+        self.assertEqual(entries[0].get_name(), "localityName")
+        self.assertEqual(entries[0].get_value(), "Funkytown")
+
+    def test_get_subject_localityName(self):
+        name = self.csr.get_subject()
+        entries = name.get_entries_by_nid_name('localityName')
+        self.assertEqual(len(entries), 1)
+        self.assertEqual(entries[0].get_name(), "localityName")
+        self.assertEqual(entries[0].get_value(), "Funkytown")
+
+    def test_get_subject_l(self):
+        name = self.csr.get_subject()
+        entries = name.get_entries_by_nid_name('L')
+        self.assertEqual(len(entries), 1)
+        self.assertEqual(entries[0].get_name(), "localityName")
+        self.assertEqual(entries[0].get_value(), "Funkytown")
+
+    def test_get_subject_localityName(self):
+        name = self.csr.get_subject()
+        entries = name.get_entries_by_nid_name('localityName')
+        self.assertEqual(len(entries), 1)
+        self.assertEqual(entries[0].get_name(), "localityName")
+        self.assertEqual(entries[0].get_value(), "Funkytown")
+
+    def test_get_subject_o(self):
+        name = self.csr.get_subject()
+        entries = name.get_entries_by_nid_name('O')
+        self.assertEqual(len(entries), 1)
+        self.assertEqual(entries[0].get_name(), "organizationName")
+        self.assertEqual(entries[0].get_value(), "Anchor Testing")
+
+    def test_get_subject_organizationName(self):
+        name = self.csr.get_subject()
+        entries = name.get_entries_by_nid_name('organizationName')
+        self.assertEqual(len(entries), 1)
+        self.assertEqual(entries[0].get_name(), "organizationName")
+        self.assertEqual(entries[0].get_value(), "Anchor Testing")
+
+    def test_get_subject_ou(self):
+        name = self.csr.get_subject()
+        entries = name.get_entries_by_nid_name('OU')
+        self.assertEqual(len(entries), 1)
+        self.assertEqual(entries[0].get_name(), "organizationalUnitName")
+        self.assertEqual(entries[0].get_value(), "testing")
+
+    def test_get_subject_organizationUnitName(self):
+        name = self.csr.get_subject()
+        entries = name.get_entries_by_nid_name('organizationalUnitName')
+        self.assertEqual(len(entries), 1)
+        self.assertEqual(entries[0].get_name(), "organizationalUnitName")
+        self.assertEqual(entries[0].get_value(), "testing")
+
+    def test_get_subject_cn(self):
+        name = self.csr.get_subject()
+        entries = name.get_entries_by_nid_name('CN')
+        self.assertEqual(len(entries), 1)
+        self.assertEqual(entries[0].get_name(), "commonName")
+        self.assertEqual(entries[0].get_value(), "anchor.test")
+
+    def test_get_subject_commonName(self):
+        name = self.csr.get_subject()
+        entries = name.get_entries_by_nid_name('commonName')
+        self.assertEqual(len(entries), 1)
+        self.assertEqual(entries[0].get_name(), "commonName")
+        self.assertEqual(entries[0].get_value(), "anchor.test")
+
+    def test_get_subject_email(self):
+        name = self.csr.get_subject()
+        entries = name.get_entries_by_nid_name('Email')
+        self.assertEqual(len(entries), 1)
+        self.assertEqual(entries[0].get_name(), "emailAddress")
+        self.assertEqual(entries[0].get_value(), "test@anchor.test")
+
+    def test_get_subject_emailAddress(self):
+        name = self.csr.get_subject()
+        entries = name.get_entries_by_nid_name('Email')
+        self.assertEqual(len(entries), 1)
+        self.assertEqual(entries[0].get_name(), "emailAddress")
+        self.assertEqual(entries[0].get_value(), "test@anchor.test")