M/e4FdZddlZddlZddlZddlZddlZddlZddlZddlm Z ddl Z ddl Z ddl Z ddlZddlmZddlmZGdde j&ZGdd e j&ZGd d e j&ZGd d e j&ZGdde j&ZGdde j&ZGdde j&ZGdde j&Zedk(r4ej:ej<ej>dde gzyy)zTests for acme.crypto_util.N)List)errors) test_utilc:eZdZdZdZdZdZdZdZdZ dZ y ) SSLSocketAndProbeSNITestz/Tests for acme.crypto_util.SSLSocket/probe_sni.ctjd|_tjd}d||jjfiddlmGfddtj}|dtj|_ |jjjd |_ tj|jj |_y) Nzrsa2048_cert.pemzrsa2048_key.pemfoor SSLSocketc$eZdZfdZxZS)3SSLSocketAndProbeSNITest.setUp.._TestServercTt||i||j|_yN)super__init__socket)selfargskwargsr __class__certss G/usr/lib/python3/dist-packages/acme/_internal/tests/crypto_util_test.pyrz._TestServer.__init__ s' $1&1' U; )__name__ __module__ __qualname__r __classcell__)rr rs@r _TestServerr s  < zASSLSocketTest.test_ssl_socket_invalid_arguments..Ssr)cert_selection)r&r rJrK ValueError)rr rZs r!test_ssl_socket_invalid_argumentsz/SSLSocketTest.test_ssl_socket_invalid_argumentsOsm. ]]: & 3$ 8#13A 3]]: & $A   3 3  sA" A."A+.A7N)rrrrSr^rTrrrVrVLs / rrVc8eZdZdZedZdZdZdZdZ y)PyOpenSSLCertOrReqAllNamesTestz;Test for acme.crypto_util._pyopenssl_cert_or_req_all_names.c*ddlm}|||S)Nr) _pyopenssl_cert_or_req_all_names)r&rb)clsloaderr?rbs r_callz$PyOpenSSLCertOrReqAllNamesTest._call[s F/t ==rcB|jtj|Srrer load_certrr?s r _call_certz)PyOpenSSLCertOrReqAllNamesTest._call_certazz)--t44rc2|jddgk(sJy)Nz cert-nocn.derzno-common-name.badssl.comrjr7s rtest_cert_one_san_no_commonz:PyOpenSSLCertOrReqAllNamesTest.test_cert_one_san_no_commonds#/567 77rc2|jddgk(sJy)Ncert.pem example.comrmr7s rtest_cert_no_sans_yes_commonz;PyOpenSSLCertOrReqAllNamesTest.test_cert_no_sans_yes_commonhsz*}o===rc4|jdddgk(sJyN cert-san.pemrqwww.example.comrmr7s rtest_cert_two_sans_yes_commonz> 57>CAsmL*11!4LM MML?cL|jd|jk(sJy)Ncert-idnsans.pem)rjrr7s rtest_cert_idn_sansz,PyOpenSSLCertOrReqSANTest.test_cert_idn_sanss*12,,./ //rc0|jdgk(sJyNzcsr-nosans.pemrr7s rtest_csr_no_sansz*PyOpenSSLCertOrReqSANTest.test_csr_no_sans~~./2555rc2|jddgk(sJy)Nzcsr.pemrqrr7s rtest_csr_one_sanz*PyOpenSSLCertOrReqSANTest.test_csr_one_sans~~i(]O;;;rc4|jdddgk(sJy)N csr-san.pemrqrvrr7s rtest_csr_two_sansz+PyOpenSSLCertOrReqSANTest.test_csr_two_sanss&~~m,'):;< <CAsmL*11!4LM MMLrcL|jd|jk(sJy)Nzcsr-idnsans.pem)rrr7s rtest_csr_idn_sansz+PyOpenSSLCertOrReqSANTest.test_csr_idn_sanss*~~/0,,./ //rc4|jdddgk(sJy)Nzcritical-san.pemzchicago-cubs.venafi.examplezcubs.venafi.examplermr7s rtest_critical_sanz+PyOpenSSLCertOrReqSANTest.test_critical_sans*1279NOP PPrN)rrrrSryrerrjrrrrrrrrrrrrrTrrr{r{pso?88 33541<M/6<<9 M/Prr{c\eZdZdZedZdZdZdZdZ dZ dZ d Z d Z d Zd Zy )PyOpenSSLCertOrReqSANIPTestz8Test for acme.crypto_util._pyopenssl_cert_or_req_san_ip.c*ddlm}|||S)Nr)_pyopenssl_cert_or_req_san_ip)r&r)rcrdr?rs rrez!PyOpenSSLCertOrReqSANIPTest._calls C,VD\::rcB|jtj|Srrgris rrjz&PyOpenSSLCertOrReqSANIPTest._call_certrkrcB|jtj|Srrris rrz%PyOpenSSLCertOrReqSANIPTest._call_csrrrc0|jdgk(sJyrrmr7s rrz-PyOpenSSLCertOrReqSANIPTest.test_cert_no_sansrrc0|jdgk(sJyrrr7s rrz,PyOpenSSLCertOrReqSANIPTest.test_csr_no_sansrrc0|jdgk(sJy)Nrurmr7s rtest_cert_domain_sansz1PyOpenSSLCertOrReqSANIPTest.test_cert_domain_sanss~."444rc0|jdgk(sJy)Nrrr7s rtest_csr_domain_sansz0PyOpenSSLCertOrReqSANIPTest.test_csr_domain_sanss~~m,222rc4|jdddgk(sJy)Nzcert-ipsans.pem 192.0.2.145 203.0.113.1rmr7s rtest_cert_ip_two_sansz1PyOpenSSLCertOrReqSANIPTest.test_cert_ip_two_sanss01m]5SSSSrc4|jdddgk(sJy)Nzcsr-ipsans.pemrrrr7s rtest_csr_ip_two_sansz0PyOpenSSLCertOrReqSANIPTest.test_csr_ip_two_sanss~~./M=3QQQQrc4|jdddgk(sJy)Nzcsr-ipv6sans.pem0:0:0:0:0:0:0:1%A3BE:32F3:206E:C75D:956:CEE:9858:5EC5rr7s rtest_csr_ipv6_sansz.PyOpenSSLCertOrReqSANIPTest.test_csr_ipv6_sanss*~~01+-TUV VVrc4|jdddgk(sJy)Nzcert-ipv6sans.pemrrrmr7s rtest_cert_ipv6_sansz/PyOpenSSLCertOrReqSANIPTest.test_cert_ipv6_sanss*23+-TUV VVrN)rrrrSryrerjrrrrrrrrrrTrrrrsMB;; 541653TRVVrrc"eZdZdZdZdZdZy) GenSsCertTestz6Test for gen_ss_cert (generation of self-signed cert).cd|_g|_tjj |_|j j tjjdy)N) cert_count serial_numOpenSSLcryptoPKeyr1 generate_keyTYPE_RSAr7s rr2zGenSsCertTest.setUpsB%'>>&&( gnn55t * " y';';I'F&G H  ! " " "s ;A$$A-N)rrrrSr2rrrTrrrrs@= <"rrc>eZdZdZedZdZdZdZdZ dZ y) MakeCSRTestzTest for standalone functions.c&tjj}|jtjjdtjj tjj |}ddlm}||g|i|S)Nrr)make_csr) rrrrrdump_privatekey FILETYPE_PEMr&r)rcrrprivkey privkey_pemrs r_call_with_keyzMakeCSRTest._call_with_keysg..%%'W^^44d;nn44W^^5P5PRYZ - 5d5f55rc|jddg}d|vsJd|vsJtjjtjj|}t |drst |jdk(sJ|jdjtjjdd d jk(sJyy) N a.examplez b.example--BEGIN CERTIFICATE REQUEST----END CERTIFICATE REQUEST--get_extensionsr rsubjectAltNameFsDNS:a.example, DNS:b.examplecriticalvalue) rrrload_certificate_requestrhasattrrrget_data X509Extensionrcsr_pemcsrs r test_make_csrzMakeCSRTest.test_make_csrs%%{K&@A/7:::-888nn55 NN ' '2 3( )s))+,1 11%%'*335,,%"9-(*   *rc|jdgdtjdtjdg}d|vsJd|vsJtjj tjj |}t|drst|jdk(sJ|jd jtjjd dd jk(sJyy) NrFr;z::1rrrr rrs#DNS:a.example, IP:127.0.0.1, IP:::1r) rrrrrrrrrrrrrs rtest_make_csr_ipzMakeCSRTest.test_make_csr_ips%%{mUY=Q=QR]=^`i`t`tuz`{<|}/7:::-888nn55 NN ' '2 3( )s))+,1 11%%'*335$^^99!2*/'M: (xz * ** *rc|jdgd}tjjtjj|}t |drdt |jdk(sJ|jDcgc]}|jdk(r|}}t |dk(sJdyycc}w) NrT) must_staplers0r z*Expected exactly one Must Staple extension) rrrrrrrrr)rrremust_staple_extss rtest_make_csr_must_staplez%MakeCSRTest.test_make_csr_must_staple)s%%{m%Fnn55 NN ' '2 3( )s))+,1 11,/+=+=+? 9a::<#77!" 9  9'(A- =< =- *  9s B>ctjt5|jdddy#1swYyxYwr)rJrKr]rr7s rtest_make_csr_without_hostnamez*MakeCSRTest.test_make_csr_without_hostname;s/ ]]: & "    ! " " "s4=c|jdg}tjjtjj|}|j dk(sJdy)NrrzEExpected CSR version to be v1 (encoded as 0), per RFC 2986, section 4)rrrrr get_versionrs rtest_make_csr_correct_versionz)MakeCSRTest.test_make_csr_correct_version?sZ%%{m4nn55 NN ' '2 A% T S T%rN) rrrrSryrrrrrr rTrrrrs1(66$*(=$"Trrc,eZdZdZedZdZdZy)DumpPyopensslChainTestzTest for dump_pyopenssl_chain.cddlm}||S)Nr)dump_pyopenssl_chain)r&r )rcloadedr s rrezDumpPyopensslChainTest._callKs :#F++rcgd}|Dcgc]}tj|}}td|D}t|j ||k(sJycc}w)Nrprurc3K|]E}ttjjtjj|Gywr)rrrdump_certificater).0r#s r zCDumpPyopensslChainTest.test_dump_pyopenssl_chain..Ts8  //0K0KTR S sA A )rrhsumrre)rnamesr?rlengths rtest_dump_pyopenssl_chainz0DumpPyopensslChainTest.test_dump_pyopenssl_chainQs_@8=>)%%d+>>   4::f%&&000 ?sAcJgd}|Dcgc]}tj|}}tj}|Dcgc] }|| }}tj j tfd|D}t|j||k(sJycc}wcc}w)Nrc3rK|].}ttjj|0ywr)rrrr)rr# dump_funcs rrzKDumpPyopensslChainTest.test_dump_pyopenssl_chain_wrapped.._s'Z4S7>>#>#>EFZs47) rrhr=r>rrrrrre) rrr?r wrap_funcr#r%rrs @r!test_dump_pyopenssl_chain_wrappedz8DumpPyopensslChainTest.test_dump_pyopenssl_chain_wrappedYs@8=>)%%d+>>'' /56t9T?66NN33 ZSYZZ4::g&'6111 ?6s BB N)rrrrSryrerrrTrrr r Hs!(,, 12rr __main__r )!rSrrrr'sysr-rCtypingrunittestjosepyr=rrJacmeracme._internal.testsrTestCaserrVr`r{rrrr rexitmainargv__file__rTrrr*s !    *57x0057p  H%%