diff options
Diffstat (limited to 'ipatests/test_ipapython/test_secrets.py')
| -rw-r--r-- | ipatests/test_ipapython/test_secrets.py | 55 |
1 files changed, 55 insertions, 0 deletions
diff --git a/ipatests/test_ipapython/test_secrets.py b/ipatests/test_ipapython/test_secrets.py new file mode 100644 index 000000000..d88659e6f --- /dev/null +++ b/ipatests/test_ipapython/test_secrets.py @@ -0,0 +1,55 @@ +# Copyright (C) 2015 FreeIPA Project Contributors - see LICENSE file + +from __future__ import print_function +from ipapython.secrets.store import iSecStore, NAME_DB_MAP, NSSCertDB +import os +import shutil +import subprocess +import unittest + + +def _test_password_callback(): + with open('test-ipa-sec-store/pwfile') as f: + password = f.read() + return password + + +class TestiSecStore(unittest.TestCase): + @classmethod + def setUpClass(cls): + try: + shutil.rmtree('test-ipa-sec-store') + except Exception: # pylint: disable=broad-except + pass + testdir = 'test-ipa-sec-store' + pwfile = os.path.join(testdir, 'pwfile') + os.mkdir(testdir) + with open(pwfile, 'w') as f: + f.write('testpw') + cls.certdb = os.path.join(testdir, 'certdb') + os.mkdir(cls.certdb) + cls.cert2db = os.path.join(testdir, 'cert2db') + os.mkdir(cls.cert2db) + seedfile = os.path.join(testdir, 'seedfile') + with open(seedfile, 'w') as f: + seed = os.urandom(1024) + f.write(seed) + subprocess.call(['certutil', '-d', cls.certdb, '-N', '-f', pwfile]) + subprocess.call(['certutil', '-d', cls.cert2db, '-N', '-f', pwfile]) + subprocess.call(['certutil', '-d', cls.certdb, '-S', '-f', pwfile, + '-s', 'CN=testCA', '-n', 'testCACert', '-x', + '-t', 'CT,C,C', '-m', '1', '-z', seedfile]) + + def test_iSecStore(self): + iss = iSecStore({}) + + NAME_DB_MAP['test'] = { + 'type': 'NSSDB', + 'path': self.certdb, + 'handler': NSSCertDB, + 'pwcallback': _test_password_callback, + } + value = iss.get('keys/test/testCACert') + + NAME_DB_MAP['test']['path'] = self.cert2db + iss.set('keys/test/testCACert', value) |