upstream/certbot
1
0
Fork 0
mirror of https://github.com/certbot/certbot.git synced 2026-06-07 07:42:08 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Merge branch 'master' of ssh://github.com/letsencrypt/lets-encrypt-preview into renewer

Browse source
This commit is contained in:
Seth Schoen 2015-05-01 21:47:47 -07:00
commit 40091cf60e
27 changed files with 120 additions and 142 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
letsencrypt/acme/challenges.py
View file

@ -88,6 +88,9 @@ class DVSNI(DVChallenge):
NONCE_SIZE = 16
"""Required size of the :attr:`nonce` in bytes."""
PORT = 443
"""Port to perform DVSNI challenge."""
r = jose.Field("r", encoder=jose.b64encode, # pylint: disable=invalid-name
decoder=functools.partial(jose.decode_b64jose, size=R_SIZE))
nonce = jose.Field("nonce", encoder=binascii.hexlify,

6
letsencrypt/acme/challenges_test.py
View file

@ -12,11 +12,11 @@ from letsencrypt.acme import other
CERT = jose.ComparableX509(M2Crypto.X509.load_cert(
pkg_resources.resource_filename(
'letsencrypt.client.tests', 'testdata/cert.pem')))
'letsencrypt.client.tests', os.path.join('testdata', 'cert.pem'))))
KEY = jose.HashableRSAKey(Crypto.PublicKey.RSA.importKey(
pkg_resources.resource_string(
'letsencrypt.client.tests',
os.path.join('testdata', 'rsa256_key.pem'))))
'letsencrypt.acme.jose',
os.path.join('testdata', 'rsa512_key.pem'))))
class SimpleHTTPSTest(unittest.TestCase):

15
letsencrypt/acme/jose/jwa.py
View file

@ -18,7 +18,10 @@ from letsencrypt.acme.jose import interfaces
from letsencrypt.acme.jose import jwk
class JWA(interfaces.JSONDeSerializable): # pylint: disable=abstract-method,too-few-public-methods
class JWA(interfaces.JSONDeSerializable): # pylint: disable=abstract-method
# pylint: disable=too-few-public-methods
# for some reason disable=abstract-method has to be on the line
# above...
"""JSON Web Algorithm."""
@ -92,11 +95,11 @@ class _JWARS(JWASignature):
def sign(self, key, msg):
try:
return self.padding.new(key).sign(self.digestmod.new(msg))
except TypeError as error: # key has no private part
raise errors.Error(error)
except (AttributeError, ValueError) as error:
# key is too small: ValueError for PS, AttributeError for RS
raise errors.Error(error)
except TypeError:
raise errors.Error('Key has no private part necessary for signing')
except (AttributeError, ValueError):
# ValueError for PS, AttributeError for RS
raise errors.Error('Key too small ({0})'.format(key.size()))
def verify(self, key, msg, sig):
return self.padding.new(key).verify(self.digestmod.new(msg), sig)

8
letsencrypt/acme/jose/jwa_test.py
View file

@ -83,10 +83,10 @@ class JWARSTest(unittest.TestCase):
def test_rs(self):
from letsencrypt.acme.jose.jwa import RS256
sig = (
'\x13\xf0\xe5\x83\x91\xd8~\x02q\xdf\xbdwX\x97\xecn\xe4UH\xb0'
'\xe1oq\x94\x9f\xf4\x0f\xcb0\x05\xa9\x0fs\xea\xf3\xe3\xe7'
'\x1cAh\xb3@\xb8\xe4UnG\xa0\xb2K\xac-\x1c1\x1c\xe9dw}2@\xa7'
'\xf0\xe8'
'|\xc6\xb2\xa4\xab(\x87\x99\xfa*:\xea\xf8\xa0N&}\x9f\x0f\xc0O'
'\xc6t\xa3\xe6\xfa\xbb"\x15Y\x80Y\xe0\x81\xb8\x88)\xba\x0c\x9c'
'\xa4\x99\x1e\x19&\xd8\xc7\x99S\x97\xfc\x85\x0cOV\xe6\x07\x99'
'\xd2\xb9.>}\xfd'
)
self.assertEqual(RS256.sign(RSA512_KEY, 'foo'), sig)
# next tests guard that only True/False are return as oppossed

2
letsencrypt/acme/jose/jwk.py
View file

@ -28,6 +28,8 @@ class JWK(json_util.TypedJSONObjectWithFields):
For symmetric cryptosystems, this would return ``self``.
"""
# TODO: rename publickey to stay consistent with
# HashableRSAKey.publickey
raise NotImplementedError()

28
letsencrypt/acme/jose/jwk_test.py
View file

@ -9,10 +9,10 @@ from letsencrypt.acme.jose import errors
from letsencrypt.acme.jose import util
RSA256_KEY = RSA.importKey(pkg_resources.resource_string(
'letsencrypt.client.tests', os.path.join('testdata', 'rsa256_key.pem')))
RSA512_KEY = RSA.importKey(pkg_resources.resource_string(
'letsencrypt.client.tests', os.path.join('testdata', 'rsa512_key.pem')))
RSA256_KEY = util.HashableRSAKey(RSA.importKey(pkg_resources.resource_string(
__name__, os.path.join('testdata', 'rsa256_key.pem'))))
RSA512_KEY = util.HashableRSAKey(RSA.importKey(pkg_resources.resource_string(
__name__, os.path.join('testdata', 'rsa512_key.pem'))))
class JWKOctTest(unittest.TestCase):
@ -47,21 +47,20 @@ class JWKRSATest(unittest.TestCase):
def setUp(self):
from letsencrypt.acme.jose.jwk import JWKRSA
self.jwk256 = JWKRSA(key=util.HashableRSAKey(RSA256_KEY.publickey()))
self.jwk256_private = JWKRSA(key=util.HashableRSAKey(RSA256_KEY))
self.jwk256 = JWKRSA(key=RSA256_KEY.publickey())
self.jwk256_private = JWKRSA(key=RSA256_KEY)
self.jwk256json = {
'kty': 'RSA',
'e': 'AQAB',
'n': 'm2Fylv-Uz7trgTW8EBHP3FQSMeZs2GNQ6VRo1sIVJEk',
}
self.jwk512 = JWKRSA(key=RSA512_KEY.publickey())
self.jwk512json = {
'kty': 'RSA',
'e': 'AQAB',
'n': 'rHVztFHtH92ucFJD_N_HW9AsdRsUuHUBBBDlHwNlRd3fp5'
'80rv2-6QWE30cWgdmJS86ObRz6lUTor4R0T-3C5Q',
}
self.jwk512 = JWKRSA(key=util.HashableRSAKey(RSA512_KEY.publickey()))
self.jwk512json = {
'kty': 'RSA',
'e': 'AQAB',
'n': '9LYRcVE3Nr-qleecEcX8JwVDnjeG1X7ucsCasuuZM0e09c'
'mYuUzxIkMjO_9x4AVcvXXRXPEV-LzWWkfkTlzRMw',
}
def test_equals(self):
self.assertEqual(self.jwk256, self.jwk256)
@ -76,8 +75,7 @@ class JWKRSATest(unittest.TestCase):
self.assertEqual(
JWKRSA(key=util.HashableRSAKey(RSA256_KEY)), JWKRSA.load(
pkg_resources.resource_string(
'letsencrypt.client.tests',
os.path.join('testdata', 'rsa256_key.pem'))))
__name__, os.path.join('testdata', 'rsa256_key.pem'))))
def test_public(self):
self.assertEqual(self.jwk256, self.jwk256_private.public())

4
letsencrypt/acme/jose/jws_test.py
View file

@ -136,8 +136,8 @@ class JWSTest(unittest.TestCase):
def test_compact_lost_unprotected(self):
compact = self.mixed.to_compact()
self.assertEqual(
'eyJhbGciOiAiUlMyNTYifQ.Zm9v.KBvYScRMEqJlp2xsReoY3CNDpVCWEU'
'1PyRrf44nPBsmyQz__iuNR56pPNcACeHzJQnXhTVTxqFgjge2i_vw9NA',
'eyJhbGciOiAiUlMyNTYifQ.Zm9v.OHdxFVj73l5LpxbFp1AmYX4yJM0Pyb'
'_893n1zQjpim_eLS5J1F61lkvrCrCDErTEJnBGOGesJ72M7b6Ve1cAJA',
compact)
from letsencrypt.acme.jose.jws import JWS

14
letsencrypt/acme/jose/testdata/rsa512_key.pem vendored
View file

@ -1,9 +1,9 @@
-----BEGIN RSA PRIVATE KEY-----
MIIBPAIBAAJBAJ+afYCLq33YTZumktV+Lg9LpDGKCv/DxuXkXc40mFc+82KbsyR8
5/S2pmNQrKzL/jLmenQT67PnRaVNqEsvj2UCAwEAAQJAJWqOaYhU19fRud+/JJXE
LonJIGQAWB2Jj3OOGj1ySWF13ahdsQxXKQoVSUTnrvLJkrQwXwNFck9BnZ1otL6u
MQIhAMw84RdsMJufn7bCMe6ppVukoGKRbjxE8ar/tBGUOOFrAiEAyA2ysBdOXF8z
FweoKED11siyJbHuuavMaoL1ZI779m8CIQCWuf8seA3PbBhEmkCbb9u3LGGpHMcL
952aoydTKd5ojQIhAKuSA+O9uTjDdL+Vk4QiYjS4nwBxH3ohewkGE4sQjcsFAiEA
uToAFyz5vUHnk8vME9y+ZIHSePBqckGwXVOfgIbATF0=
MIIBOgIBAAJBAKx1c7RR7R/drnBSQ/zfx1vQLHUbFLh1AQQQ5R8DZUXd36efNK79
vukFhN9HFoHZiUvOjm0c+pVE6K+EdE/twuUCAwEAAQJAMbrEnJCrQe8YqAbw1/Bn
elAzIamndfE3U8bTavf9sgFpS4HL83rhd6PDbvx81ucaJAT/5x048fM/nFl4fzAc
mQIhAOF/a9o3EIsDKEmUl+Z1OaOiUxDF3kqWSmALEsmvDhwXAiEAw8ljV5RO/rUp
Zu2YMDFq3MKpyyMgBIJ8CxmGRc6gCmMCIGRQzkcmhfqBrhOFwkmozrqIBRIKJIjj
8TRm2LXWZZ2DAiAqVO7PztdNpynugUy4jtbGKKjBrTSNBRGA7OHlUgm0dQIhALQq
6oGU29Vxlvt3k0vmiRKU4AVfLyNXIGtcWcNG46h/
-----END RSA PRIVATE KEY-----

9
letsencrypt/acme/messages2_test.py
View file

@ -12,6 +12,10 @@ from letsencrypt.acme import challenges
from letsencrypt.acme import jose
KEY = jose.util.HashableRSAKey(RSA.importKey(pkg_resources.resource_string(
'letsencrypt.acme.jose', os.path.join('testdata', 'rsa512_key.pem'))))
class ErrorTest(unittest.TestCase):
"""Tests for letsencrypt.acme.messages2.Error."""
@ -87,10 +91,7 @@ class RegistrationTest(unittest.TestCase):
"""Tests for letsencrypt.acme.messages2.Registration."""
def setUp(self):
key = jose.jwk.JWKRSA(key=jose.util.HashableRSAKey(
RSA.importKey(pkg_resources.resource_string(
'letsencrypt.client.tests', os.path.join(
'testdata', 'rsa256_key.pem'))).publickey()))
key = jose.jwk.JWKRSA(key=KEY.publickey())
contact = ('mailto:letsencrypt-client@letsencrypt.org',)
recovery_token = 'XYZ'
agreement = 'https://letsencrypt.org/terms'

9
letsencrypt/acme/messages_test.py
View file

@ -1,4 +1,5 @@
"""Tests for letsencrypt.acme.messages."""
import os
import pkg_resources
import unittest
@ -13,16 +14,16 @@ from letsencrypt.acme import other
KEY = jose.HashableRSAKey(Crypto.PublicKey.RSA.importKey(
pkg_resources.resource_string(
'letsencrypt.client.tests', 'testdata/rsa256_key.pem')))
'letsencrypt.acme.jose', os.path.join('testdata', 'rsa512_key.pem'))))
CERT = jose.ComparableX509(M2Crypto.X509.load_cert(
pkg_resources.resource_filename(
'letsencrypt.client.tests', 'testdata/cert.pem')))
'letsencrypt.client.tests', os.path.join('testdata', 'cert.pem'))))
CSR = jose.ComparableX509(M2Crypto.X509.load_request(
pkg_resources.resource_filename(
'letsencrypt.client.tests', 'testdata/csr.pem')))
'letsencrypt.client.tests', os.path.join('testdata', 'csr.pem'))))
CSR2 = jose.ComparableX509(M2Crypto.X509.load_request(
pkg_resources.resource_filename(
'letsencrypt.acme.jose', 'testdata/csr2.pem')))
'letsencrypt.acme.jose', os.path.join('testdata', 'csr2.pem'))))
class MessageTest(unittest.TestCase):

14
letsencrypt/acme/other_test.py
View file

@ -1,4 +1,5 @@
"""Tests for letsencrypt.acme.sig."""
import os
import pkg_resources
import unittest
@ -7,12 +8,9 @@ import Crypto.PublicKey.RSA
from letsencrypt.acme import jose
RSA256_KEY = jose.HashableRSAKey(Crypto.PublicKey.RSA.importKey(
KEY = jose.HashableRSAKey(Crypto.PublicKey.RSA.importKey(
pkg_resources.resource_string(
'letsencrypt.client.tests', 'testdata/rsa256_key.pem')))
RSA512_KEY = jose.HashableRSAKey(
Crypto.PublicKey.RSA.importKey(pkg_resources.resource_string(
'letsencrypt.client.tests', 'testdata/rsa512_key.pem')))
'letsencrypt.acme.jose', os.path.join('testdata', 'rsa512_key.pem'))))
class SignatureTest(unittest.TestCase):
@ -28,7 +26,7 @@ class SignatureTest(unittest.TestCase):
self.nonce = '\xec\xd6\xf2oYH\xeb\x13\xd5#q\xe0\xdd\xa2\x92\xa9'
self.alg = jose.RS256
self.jwk = jose.JWKRSA(key=RSA256_KEY.publickey())
self.jwk = jose.JWKRSA(key=KEY.publickey())
b64sig = ('SUPYKucUnhlTt8_sMxLiigOYdf_wlOLXPI-o7aRLTsOquVjDd6r'
'AX9AFJHk-bCMQPJbSzXKjG6H1IWbvxjS2Ew')
@ -69,11 +67,11 @@ class SignatureTest(unittest.TestCase):
return Signature.from_msg(*args, **kwargs)
def test_create_from_msg(self):
signature = self._from_msg(self.msg, RSA256_KEY, self.nonce)
signature = self._from_msg(self.msg, KEY, self.nonce)
self.assertEqual(self.signature, signature)
def test_create_from_msg_random_nonce(self):
signature = self._from_msg(self.msg, RSA256_KEY)
signature = self._from_msg(self.msg, KEY)
self.assertEqual(signature.alg, self.alg)
self.assertEqual(signature.jwk, self.jwk)
self.assertTrue(signature.verify(self.msg))

12
letsencrypt/client/constants.py
View file

@ -4,14 +4,6 @@ import pkg_resources
from letsencrypt.acme import challenges
S_SIZE = 32
"""Size (in bytes) of secret base64-encoded octet string "s" used in
challenges."""
NONCE_SIZE = 16
"""Size of nonce used in JWS objects (in bytes)."""
EXCLUSIVE_CHALLENGES = frozenset([frozenset([
challenges.DVSNI, challenges.SimpleHTTPS])])
"""Mutually exclusive challenges."""
@ -46,10 +38,6 @@ NGINX_MOD_SSL_CONF = pkg_resources.resource_filename(
distribution."""
DVSNI_CHALLENGE_PORT = 443
"""Port to perform DVSNI challenge."""
CONFIG_DIRS_MODE = 0o755
"""Directory mode for ``.IConfig.config_dir`` et al."""

2
letsencrypt/client/log.py
View file

@ -37,7 +37,7 @@ class DialogHandler(logging.Handler): # pylint: disable=too-few-public-methods
lines.
"""
for line in (record.msg % record.args).splitlines():
for line in record.getMessage().splitlines():
# check for lines that would wrap
cur_out = line
while len(cur_out) > self.width:

4
letsencrypt/client/plugins/apache/tests/dvsni_test.py
View file

@ -34,9 +34,9 @@ class DvsniPerformTest(util.ApacheTest):
self.sni = dvsni.ApacheDvsni(config)
rsa256_file = pkg_resources.resource_filename(
"letsencrypt.client.tests", "testdata/rsa256_key.pem")
"letsencrypt.acme.jose", "testdata/rsa256_key.pem")
rsa256_pem = pkg_resources.resource_string(
"letsencrypt.client.tests", "testdata/rsa256_key.pem")
"letsencrypt.acme.jose", "testdata/rsa256_key.pem")
auth_key = le_util.Key(rsa256_file, rsa256_pem)
self.achalls = [

4
letsencrypt/client/plugins/apache/tests/util.py
View file

@ -26,9 +26,9 @@ class ApacheTest(unittest.TestCase): # pylint: disable=too-few-public-methods
self.temp_dir, "debian_apache_2_4/two_vhost_80/apache2")
self.rsa256_file = pkg_resources.resource_filename(
"letsencrypt.client.tests", "testdata/rsa256_key.pem")
"letsencrypt.acme.jose", "testdata/rsa256_key.pem")
self.rsa256_pem = pkg_resources.resource_string(
"letsencrypt.client.tests", "testdata/rsa256_key.pem")
"letsencrypt.acme.jose", "testdata/rsa256_key.pem")
def dir_setup(test_dir="debian_apache_2_4/two_vhost_80"):

4
letsencrypt/client/plugins/nginx/tests/dvsni_test.py
View file

@ -25,9 +25,9 @@ class DvsniPerformTest(util.NginxTest):
self.ssl_options)
rsa256_file = pkg_resources.resource_filename(
"letsencrypt.client.tests", "testdata/rsa256_key.pem")
"letsencrypt.acme.jose", "testdata/rsa256_key.pem")
rsa256_pem = pkg_resources.resource_string(
"letsencrypt.client.tests", "testdata/rsa256_key.pem")
"letsencrypt.acme.jose", "testdata/rsa256_key.pem")
auth_key = le_util.Key(rsa256_file, rsa256_pem)

4
letsencrypt/client/plugins/nginx/tests/util.py
View file

@ -25,9 +25,9 @@ class NginxTest(unittest.TestCase): # pylint: disable=too-few-public-methods
self.temp_dir, "testdata")
self.rsa256_file = pkg_resources.resource_filename(
"letsencrypt.client.tests", "testdata/rsa256_key.pem")
"letsencrypt.acme.jose", "testdata/rsa256_key.pem")
self.rsa256_pem = pkg_resources.resource_string(
"letsencrypt.client.tests", "testdata/rsa256_key.pem")
"letsencrypt.acme.jose", "testdata/rsa256_key.pem")
def get_data_filename(filename):

5
letsencrypt/client/plugins/standalone/authenticator.py
View file

@ -15,7 +15,6 @@ import zope.interface
from letsencrypt.acme import challenges
from letsencrypt.client import achallenges
from letsencrypt.client import constants
from letsencrypt.client import interfaces
@ -362,7 +361,7 @@ class StandaloneAuthenticator(object):
results_if_failure.append(False)
if not self.tasks:
raise ValueError("nothing for .perform() to do")
if self.already_listening(constants.DVSNI_CHALLENGE_PORT):
if self.already_listening(challenges.DVSNI.PORT):
# If we know a process is already listening on this port,
# tell the user, and don't even attempt to bind it. (This
# test is Linux-specific and won't indicate that the port
@ -370,7 +369,7 @@ class StandaloneAuthenticator(object):
return results_if_failure
# Try to do the authentication; note that this creates
# the listener subprocess via os.fork()
if self.start_listener(constants.DVSNI_CHALLENGE_PORT, key):
if self.start_listener(challenges.DVSNI.PORT, key):
return results_if_success
else:
# TODO: This should probably raise a DVAuthError exception

51
letsencrypt/client/plugins/standalone/tests/authenticator_test.py
View file

@ -18,6 +18,12 @@ from letsencrypt.client import le_util
from letsencrypt.client.tests import acme_util
KEY = le_util.Key("foo", pkg_resources.resource_string(
"letsencrypt.acme.jose", os.path.join("testdata", "rsa512_key.pem")))
PRIVATE_KEY = OpenSSL.crypto.load_privatekey(
OpenSSL.crypto.FILETYPE_PEM, KEY.pem)
# Classes based on to allow interrupting infinite loop under test
# after one iteration, based on.
# http://igorsobreira.com/2013/03/17/testing-infinite-loops.html
@ -66,15 +72,10 @@ class SNICallbackTest(unittest.TestCase):
from letsencrypt.client.plugins.standalone.authenticator import \
StandaloneAuthenticator
self.authenticator = StandaloneAuthenticator(None)
test_key = pkg_resources.resource_string(
"letsencrypt.client.tests", "testdata/rsa256_key.pem")
key = le_util.Key("foo", test_key)
self.cert = achallenges.DVSNI(
challb=acme_util.DVSNI_P,
domain="example.com", key=key).gen_cert_and_response()[0]
private_key = OpenSSL.crypto.load_privatekey(
OpenSSL.crypto.FILETYPE_PEM, key.pem)
self.authenticator.private_key = private_key
domain="example.com", key=KEY).gen_cert_and_response()[0]
self.authenticator.private_key = PRIVATE_KEY
self.authenticator.tasks = {"abcdef.acme.invalid": self.cert}
self.authenticator.child_pid = 12345
@ -298,18 +299,14 @@ class PerformTest(unittest.TestCase):
StandaloneAuthenticator
self.authenticator = StandaloneAuthenticator(None)
test_key = pkg_resources.resource_string(
"letsencrypt.client.tests", "testdata/rsa256_key.pem")
self.key = le_util.Key("something", test_key)
self.achall1 = achallenges.DVSNI(
challb=acme_util.chall_to_challb(
challenges.DVSNI(r="whee", nonce="foo"), "pending"),
domain="foo.example.com", key=self.key)
domain="foo.example.com", key=KEY)
self.achall2 = achallenges.DVSNI(
challb=acme_util.chall_to_challb(
challenges.DVSNI(r="whee", nonce="bar"), "pending"),
domain="bar.example.com", key=self.key)
domain="bar.example.com", key=KEY)
bad_achall = ("This", "Represents", "A Non-DVSNI", "Challenge")
self.achalls = [self.achall1, self.achall2, bad_achall]
@ -334,7 +331,7 @@ class PerformTest(unittest.TestCase):
self.assertTrue(isinstance(result[0], challenges.ChallengeResponse))
self.assertTrue(isinstance(result[1], challenges.ChallengeResponse))
self.assertFalse(result[2])
self.authenticator.start_listener.assert_called_once_with(443, self.key)
self.authenticator.start_listener.assert_called_once_with(443, KEY)
def test_cannot_perform(self):
"""What happens if start_listener() returns False."""
@ -349,8 +346,7 @@ class PerformTest(unittest.TestCase):
self.assertTrue(isinstance(result, list))
self.assertEqual(len(result), 3)
self.assertEqual(result, [None, None, False])
self.authenticator.start_listener.assert_called_once_with(
443, self. key)
self.authenticator.start_listener.assert_called_once_with(443, KEY)
def test_perform_with_pending_tasks(self):
self.authenticator.tasks = {"foononce.acme.invalid": "cert_data"}
@ -465,17 +461,11 @@ class DoChildProcessTest(unittest.TestCase):
from letsencrypt.client.plugins.standalone.authenticator import \
StandaloneAuthenticator
self.authenticator = StandaloneAuthenticator(None)
test_key = pkg_resources.resource_string(
"letsencrypt.client.tests", "testdata/rsa256_key.pem")
key = le_util.Key("foo", test_key)
self.key = key
self.cert = achallenges.DVSNI(
challb=acme_util.chall_to_challb(
challenges.DVSNI(r="x"*32, nonce="abcdef"), "pending"),
domain="example.com", key=key).gen_cert_and_response()[0]
private_key = OpenSSL.crypto.load_privatekey(
OpenSSL.crypto.FILETYPE_PEM, key.pem)
self.authenticator.private_key = private_key
challenges.DVSNI(r=("x" * 32), nonce="abcdef"), "pending"),
domain="example.com", key=KEY).gen_cert_and_response()[0]
self.authenticator.private_key = PRIVATE_KEY
self.authenticator.tasks = {"abcdef.acme.invalid": self.cert}
self.authenticator.parent_pid = 12345
@ -497,8 +487,7 @@ class DoChildProcessTest(unittest.TestCase):
# do_child_process code assumes that calling sys.exit() will
# cause subsequent code not to be executed.)
self.assertRaises(
IndentationError, self.authenticator.do_child_process, 1717,
self.key)
IndentationError, self.authenticator.do_child_process, 1717, KEY)
mock_exit.assert_called_once_with(1)
mock_kill.assert_called_once_with(12345, signal.SIGUSR2)
@ -514,8 +503,7 @@ class DoChildProcessTest(unittest.TestCase):
sample_socket.bind.side_effect = eaccess
mock_socket.return_value = sample_socket
self.assertRaises(
IndentationError, self.authenticator.do_child_process, 1717,
self.key)
IndentationError, self.authenticator.do_child_process, 1717, KEY)
mock_exit.assert_called_once_with(1)
mock_kill.assert_called_once_with(12345, signal.SIGUSR1)
@ -531,7 +519,7 @@ class DoChildProcessTest(unittest.TestCase):
sample_socket.bind.side_effect = eio
mock_socket.return_value = sample_socket
self.assertRaises(
socket.error, self.authenticator.do_child_process, 1717, self.key)
socket.error, self.authenticator.do_child_process, 1717, KEY)
@mock.patch("letsencrypt.client.plugins.standalone.authenticator."
"OpenSSL.SSL.Connection")
@ -545,8 +533,7 @@ class DoChildProcessTest(unittest.TestCase):
mock_socket.return_value = sample_socket
mock_connection.return_value = mock.MagicMock()
self.assertRaises(
CallableExhausted, self.authenticator.do_child_process, 1717,
self.key)
CallableExhausted, self.authenticator.do_child_process, 1717, KEY)
mock_socket.assert_called_once_with()
sample_socket.bind.assert_called_once_with(("0.0.0.0", 1717))
sample_socket.listen.assert_called_once_with(1)

10
letsencrypt/client/tests/account_test.py
View file

@ -33,12 +33,12 @@ class AccountTest(unittest.TestCase):
account_keys_dir=self.account_keys_dir, rsa_key_size=2048,
server="letsencrypt-demo.org")
rsa256_file = pkg_resources.resource_filename(
"letsencrypt.client.tests", "testdata/rsa256_key.pem")
rsa256_pem = pkg_resources.resource_string(
"letsencrypt.client.tests", "testdata/rsa256_key.pem")
key_file = pkg_resources.resource_filename(
"letsencrypt.acme.jose", os.path.join("testdata", "rsa512_key.pem"))
key_pem = pkg_resources.resource_string(
"letsencrypt.acme.jose", os.path.join("testdata", "rsa512_key.pem"))
self.key = le_util.Key(rsa256_file, rsa256_pem)
self.key = le_util.Key(key_file, key_pem)
self.email = "client@letsencrypt.org"
self.regr = messages2.RegistrationResource(
uri="uri",

3
letsencrypt/client/tests/achallenges_test.py
View file

@ -19,7 +19,8 @@ class DVSNITest(unittest.TestCase):
challenges.DVSNI(r="r_value", nonce="12345ABCDE"), "pending")
self.response = challenges.DVSNIResponse()
key = le_util.Key("path", pkg_resources.resource_string(
__name__, os.path.join("testdata", "rsa256_key.pem")))
"letsencrypt.acme.jose",
os.path.join("testdata", "rsa512_key.pem")))
from letsencrypt.client.achallenges import DVSNI
self.achall = DVSNI(challb=self.chall, domain="example.com", key=key)

3
letsencrypt/client/tests/acme_util.py
View file

@ -13,8 +13,7 @@ from letsencrypt.acme import messages2
KEY = jose.HashableRSAKey(Crypto.PublicKey.RSA.importKey(
pkg_resources.resource_string(
"letsencrypt.client.tests",
os.path.join("testdata", "rsa256_key.pem"))))
"letsencrypt.acme.jose", os.path.join("testdata", "rsa512_key.pem"))))
# Challenges
SIMPLE_HTTPS = challenges.SimpleHTTPS(

12
letsencrypt/client/tests/crypto_util_test.py
View file

@ -10,8 +10,10 @@ import M2Crypto
import mock
RSA256_KEY = pkg_resources.resource_string(__name__, 'testdata/rsa256_key.pem')
RSA512_KEY = pkg_resources.resource_string(__name__, 'testdata/rsa512_key.pem')
RSA256_KEY = pkg_resources.resource_string(
'letsencrypt.acme.jose', os.path.join('testdata', 'rsa256_key.pem'))
RSA512_KEY = pkg_resources.resource_string(
'letsencrypt.acme.jose', os.path.join('testdata', 'rsa512_key.pem'))
class InitSaveKeyTest(unittest.TestCase):
@ -106,10 +108,10 @@ class CSRMatchesPubkeyTest(unittest.TestCase):
__name__, os.path.join('testdata', name)), privkey)
def test_valid_true(self):
self.assertTrue(self._call_testdata('csr.pem', RSA256_KEY))
self.assertTrue(self._call_testdata('csr.pem', RSA512_KEY))
def test_invalid_false(self):
self.assertFalse(self._call_testdata('csr.pem', RSA512_KEY))
self.assertFalse(self._call_testdata('csr.pem', RSA256_KEY))
class MakeKeyTest(unittest.TestCase): # pylint: disable=too-few-public-methods
@ -145,7 +147,7 @@ class MakeSSCertTest(unittest.TestCase):
def test_it(self): # pylint: disable=no-self-use
from letsencrypt.client.crypto_util import make_ss_cert
make_ss_cert(RSA256_KEY, ['example.com', 'www.example.com'])
make_ss_cert(RSA512_KEY, ['example.com', 'www.example.com'])
if __name__ == '__main__':

15
letsencrypt/client/tests/log_test.py
View file

@ -1,4 +1,5 @@
"""Tests for letsencrypt.client.log."""
import logging
import unittest
import mock
@ -15,29 +16,33 @@ class DialogHandlerTest(unittest.TestCase):
self.handler.PADDING_WIDTH = 4
def test_adds_padding(self):
self.handler.emit(mock.MagicMock())
self.handler.emit(logging.makeLogRecord({}))
self.d.infobox.assert_called_once_with(mock.ANY, 4, 10)
def test_args_in_msg_get_replaced(self):
assert len('123456') <= self.handler.width
self.handler.emit(mock.MagicMock(msg='123%s', args=(456,)))
self.handler.emit(logging.makeLogRecord(
{'msg': '123%s', 'args': (456,)}))
self.d.infobox.assert_called_once_with('123456', mock.ANY, mock.ANY)
def test_wraps_nospace_is_greedy(self):
assert len('1234567') > self.handler.width
self.handler.emit(mock.MagicMock(msg='1234567'))
self.handler.emit(logging.makeLogRecord({'msg': '1234567'}))
self.d.infobox.assert_called_once_with('123456\n7', mock.ANY, mock.ANY)
def test_wraps_at_whitespace(self):
assert len('123 567') > self.handler.width
self.handler.emit(mock.MagicMock(msg='123 567'))
self.handler.emit(logging.makeLogRecord({'msg': '123 567'}))
self.d.infobox.assert_called_once_with('123\n567', mock.ANY, mock.ANY)
def test_only_last_lines_are_printed(self):
assert len('a\nb\nc'.split()) > self.handler.height
self.handler.emit(mock.MagicMock(msg='a\n\nb\nc'))
self.handler.emit(logging.makeLogRecord({'msg': 'a\n\nb\nc'}))
self.d.infobox.assert_called_once_with('b\nc', mock.ANY, mock.ANY)
def test_non_str(self):
self.handler.emit(logging.makeLogRecord({'msg': {'foo': 'bar'}}))
if __name__ == '__main__':
unittest.main()

10
letsencrypt/client/tests/network2_test.py
View file

@ -19,17 +19,17 @@ from letsencrypt.client import errors
CERT = jose.ComparableX509(M2Crypto.X509.load_cert_string(
pkg_resources.resource_string(
__name__, os.path.join('testdata/cert.pem'))))
__name__, os.path.join('testdata', 'cert.pem'))))
CERT2 = jose.ComparableX509(M2Crypto.X509.load_cert_string(
pkg_resources.resource_string(
__name__, os.path.join('testdata/cert-san.pem'))))
__name__, os.path.join('testdata', 'cert-san.pem'))))
CSR = jose.ComparableX509(M2Crypto.X509.load_request_string(
pkg_resources.resource_string(
__name__, os.path.join('testdata/csr.pem'))))
__name__, os.path.join('testdata', 'csr.pem'))))
KEY = jose.JWKRSA.load(pkg_resources.resource_string(
__name__, os.path.join('testdata/rsa512_key.pem')))
'letsencrypt.acme.jose', os.path.join('testdata', 'rsa512_key.pem')))
KEY2 = jose.JWKRSA.load(pkg_resources.resource_string(
__name__, os.path.join('testdata/rsa256_key.pem')))
'letsencrypt.acme.jose', os.path.join('testdata', 'rsa256_key.pem')))
class NetworkTest(unittest.TestCase):

2
letsencrypt/client/tests/revoker_test.py
View file

@ -99,7 +99,7 @@ class RevokerTest(RevokerBase):
mock_display().confirm_revocation.return_value = True
key_path = pkg_resources.resource_filename(
"letsencrypt.client.tests", os.path.join(
"letsencrypt.acme.jose", os.path.join(
"testdata", "rsa256_key.pem"))
wrong_key = le_util.Key(key_path, open(key_path).read())

9
letsencrypt/client/tests/testdata/rsa256_key.pem vendored
View file

@ -1,9 +0,0 @@
-----BEGIN RSA PRIVATE KEY-----
MIIBOgIBAAJBAKx1c7RR7R/drnBSQ/zfx1vQLHUbFLh1AQQQ5R8DZUXd36efNK79
vukFhN9HFoHZiUvOjm0c+pVE6K+EdE/twuUCAwEAAQJAMbrEnJCrQe8YqAbw1/Bn
elAzIamndfE3U8bTavf9sgFpS4HL83rhd6PDbvx81ucaJAT/5x048fM/nFl4fzAc
mQIhAOF/a9o3EIsDKEmUl+Z1OaOiUxDF3kqWSmALEsmvDhwXAiEAw8ljV5RO/rUp
Zu2YMDFq3MKpyyMgBIJ8CxmGRc6gCmMCIGRQzkcmhfqBrhOFwkmozrqIBRIKJIjj
8TRm2LXWZZ2DAiAqVO7PztdNpynugUy4jtbGKKjBrTSNBRGA7OHlUgm0dQIhALQq
6oGU29Vxlvt3k0vmiRKU4AVfLyNXIGtcWcNG46h/
-----END RSA PRIVATE KEY-----