1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
|
# Copyright (C) 2015 FreeIPA Project Contributors - see LICENSE file
from __future__ import print_function
from ipaserver.secrets.store import iSecStore, NAME_DB_MAP, NSSCertDB
import os
import shutil
import subprocess
import tempfile
import unittest
def _test_password_callback():
with open('test-ipa-sec-store/pwfile') as f:
password = f.read()
return password
class TestiSecStore(unittest.TestCase):
@classmethod
def setUpClass(cls):
cls.testdir = tempfile.mkdtemp(suffix='ipa-sec-store')
pwfile = os.path.join(cls.testdir, 'pwfile')
with open(pwfile, 'w') as f:
f.write('testpw')
cls.certdb = os.path.join(cls.testdir, 'certdb')
os.mkdir(cls.certdb)
cls.cert2db = os.path.join(cls.testdir, 'cert2db')
os.mkdir(cls.cert2db)
seedfile = os.path.join(cls.testdir, 'seedfile')
with open(seedfile, 'wb') as f:
seed = os.urandom(1024)
f.write(seed)
subprocess.call(
['certutil', '-d', cls.certdb, '-N', '-f', pwfile],
cwd=cls.testdir
)
subprocess.call(
['certutil', '-d', cls.cert2db, '-N', '-f', pwfile],
cwd=cls.testdir
)
subprocess.call(
['certutil', '-d', cls.certdb, '-S', '-f', pwfile,
'-s', 'CN=testCA', '-n', 'testCACert', '-x',
'-t', 'CT,C,C', '-m', '1', '-z', seedfile],
cwd=cls.testdir
)
@classmethod
def tearDownClass(cls):
shutil.rmtree(cls.testdir)
def test_iSecStore(self):
iss = iSecStore({})
NAME_DB_MAP['test'] = {
'type': 'NSSDB',
'path': self.certdb,
'handler': NSSCertDB,
'pwcallback': _test_password_callback,
}
value = iss.get('keys/test/testCACert')
NAME_DB_MAP['test']['path'] = self.cert2db
iss.set('keys/test/testCACert', value)
|
