diff --git a/letsencrypt/acme/challenges_test.py b/letsencrypt/acme/challenges_test.py index f1507c7fd..2e6fbd372 100644 --- a/letsencrypt/acme/challenges_test.py +++ b/letsencrypt/acme/challenges_test.py @@ -37,6 +37,10 @@ class SimpleHTTPSTest(unittest.TestCase): from letsencrypt.acme.challenges import SimpleHTTPS self.assertEqual(self.msg, SimpleHTTPS.from_json(self.jmsg)) + def test_from_json_hashable(self): + from letsencrypt.acme.challenges import SimpleHTTPS + hash(SimpleHTTPS.from_json(self.jmsg)) + class SimpleHTTPSResponseTest(unittest.TestCase): @@ -60,6 +64,10 @@ class SimpleHTTPSResponseTest(unittest.TestCase): self.assertEqual( self.msg, SimpleHTTPSResponse.from_json(self.jmsg)) + def test_from_json_hashable(self): + from letsencrypt.acme.challenges import SimpleHTTPSResponse + hash(SimpleHTTPSResponse.from_json(self.jmsg)) + class DVSNITest(unittest.TestCase): @@ -86,6 +94,10 @@ class DVSNITest(unittest.TestCase): from letsencrypt.acme.challenges import DVSNI self.assertEqual(self.msg, DVSNI.from_json(self.jmsg)) + def test_from_json_hashable(self): + from letsencrypt.acme.challenges import DVSNI + hash(DVSNI.from_json(self.jmsg)) + def test_from_json_invalid_r_length(self): from letsencrypt.acme.challenges import DVSNI self.jmsg['r'] = 'abcd' @@ -131,6 +143,10 @@ class DVSNIResponseTest(unittest.TestCase): from letsencrypt.acme.challenges import DVSNIResponse self.assertEqual(self.msg, DVSNIResponse.from_json(self.jmsg)) + def test_from_json_hashable(self): + from letsencrypt.acme.challenges import DVSNIResponse + hash(DVSNIResponse.from_json(self.jmsg)) + class RecoveryContactTest(unittest.TestCase): @@ -154,6 +170,10 @@ class RecoveryContactTest(unittest.TestCase): from letsencrypt.acme.challenges import RecoveryContact self.assertEqual(self.msg, RecoveryContact.from_json(self.jmsg)) + def test_from_json_hashable(self): + from letsencrypt.acme.challenges import RecoveryContact + hash(RecoveryContact.from_json(self.jmsg)) + def test_json_without_optionals(self): del self.jmsg['activationURL'] del self.jmsg['successURL'] @@ -183,6 +203,10 @@ class RecoveryContactResponseTest(unittest.TestCase): self.assertEqual( self.msg, RecoveryContactResponse.from_json(self.jmsg)) + def test_from_json_hashable(self): + from letsencrypt.acme.challenges import RecoveryContactResponse + hash(RecoveryContactResponse.from_json(self.jmsg)) + def test_json_without_optionals(self): del self.jmsg['token'] @@ -207,6 +231,10 @@ class RecoveryTokenTest(unittest.TestCase): from letsencrypt.acme.challenges import RecoveryToken self.assertEqual(self.msg, RecoveryToken.from_json(self.jmsg)) + def test_from_json_hashable(self): + from letsencrypt.acme.challenges import RecoveryToken + hash(RecoveryToken.from_json(self.jmsg)) + class RecoveryTokenResponseTest(unittest.TestCase): @@ -223,6 +251,10 @@ class RecoveryTokenResponseTest(unittest.TestCase): self.assertEqual( self.msg, RecoveryTokenResponse.from_json(self.jmsg)) + def test_from_json_hashable(self): + from letsencrypt.acme.challenges import RecoveryTokenResponse + hash(RecoveryTokenResponse.from_json(self.jmsg)) + def test_json_without_optionals(self): del self.jmsg['token'] @@ -276,6 +308,10 @@ class ProofOfPossessionHintsTest(unittest.TestCase): self.assertEqual( self.msg, ProofOfPossession.Hints.from_json(self.jmsg_from)) + def test_from_json_hashable(self): + from letsencrypt.acme.challenges import ProofOfPossession + hash(ProofOfPossession.Hints.from_json(self.jmsg_from)) + def test_json_without_optionals(self): for optional in ['certFingerprints', 'certs', 'subjectKeyIdentifiers', 'serialNumbers', 'issuers', 'authorizedFor']: @@ -328,6 +364,10 @@ class ProofOfPossessionTest(unittest.TestCase): self.assertEqual( self.msg, ProofOfPossession.from_json(self.jmsg_from)) + def test_from_json_hashable(self): + from letsencrypt.acme.challenges import ProofOfPossession + hash(ProofOfPossession.from_json(self.jmsg_from)) + class ProofOfPossessionResponseTest(unittest.TestCase): @@ -371,6 +411,10 @@ class ProofOfPossessionResponseTest(unittest.TestCase): self.assertEqual( self.msg, ProofOfPossessionResponse.from_json(self.jmsg_from)) + def test_from_json_hashable(self): + from letsencrypt.acme.challenges import ProofOfPossessionResponse + hash(ProofOfPossessionResponse.from_json(self.jmsg_from)) + class DNSTest(unittest.TestCase): @@ -386,6 +430,10 @@ class DNSTest(unittest.TestCase): from letsencrypt.acme.challenges import DNS self.assertEqual(self.msg, DNS.from_json(self.jmsg)) + def test_from_json_hashable(self): + from letsencrypt.acme.challenges import DNS + hash(DNS.from_json(self.jmsg)) + class DNSResponseTest(unittest.TestCase): @@ -401,6 +449,10 @@ class DNSResponseTest(unittest.TestCase): from letsencrypt.acme.challenges import DNSResponse self.assertEqual(self.msg, DNSResponse.from_json(self.jmsg)) + def test_from_json_hashable(self): + from letsencrypt.acme.challenges import DNSResponse + hash(DNSResponse.from_json(self.jmsg)) + if __name__ == '__main__': unittest.main() diff --git a/letsencrypt/acme/jose/jwk.py b/letsencrypt/acme/jose/jwk.py index 1b7e00e56..58cc89dad 100644 --- a/letsencrypt/acme/jose/jwk.py +++ b/letsencrypt/acme/jose/jwk.py @@ -126,9 +126,10 @@ class JWKRSA(JWK): @classmethod def fields_from_json(cls, jobj): - return cls(key=Crypto.PublicKey.RSA.construct( - (cls._decode_param(jobj['n']), - cls._decode_param(jobj['e'])))) + return cls(key=util.HashableRSAKey( + Crypto.PublicKey.RSA.construct( + (cls._decode_param(jobj['n']), + cls._decode_param(jobj['e']))))) def fields_to_json(self): return { diff --git a/letsencrypt/acme/jose/jwk_test.py b/letsencrypt/acme/jose/jwk_test.py index b75d3e1ce..4e7c4e596 100644 --- a/letsencrypt/acme/jose/jwk_test.py +++ b/letsencrypt/acme/jose/jwk_test.py @@ -6,6 +6,7 @@ import unittest from Crypto.PublicKey import RSA from letsencrypt.acme.jose import errors +from letsencrypt.acme.jose import util RSA256_KEY = RSA.importKey(pkg_resources.resource_string( @@ -29,6 +30,10 @@ class JWKOctTest(unittest.TestCase): from letsencrypt.acme.jose.jwk import JWKOct self.assertEqual(self.jwk, JWKOct.from_json(self.jobj)) + def test_from_json_hashable(self): + from letsencrypt.acme.jose.jwk import JWKOct + hash(JWKOct.from_json(self.jobj)) + def test_load(self): from letsencrypt.acme.jose.jwk import JWKOct self.assertEqual(self.jwk, JWKOct.load('foo')) @@ -42,15 +47,15 @@ class JWKRSATest(unittest.TestCase): def setUp(self): from letsencrypt.acme.jose.jwk import JWKRSA - self.jwk256 = JWKRSA(key=RSA256_KEY.publickey()) - self.jwk256_private = JWKRSA(key=RSA256_KEY) + self.jwk256 = JWKRSA(key=util.HashableRSAKey(RSA256_KEY.publickey())) + self.jwk256_private = JWKRSA(key=util.HashableRSAKey(RSA256_KEY)) self.jwk256json = { 'kty': 'RSA', 'e': 'AQAB', 'n': 'rHVztFHtH92ucFJD_N_HW9AsdRsUuHUBBBDlHwNlRd3fp5' '80rv2-6QWE30cWgdmJS86ObRz6lUTor4R0T-3C5Q', } - self.jwk512 = JWKRSA(key=RSA512_KEY.publickey()) + self.jwk512 = JWKRSA(key=util.HashableRSAKey(RSA512_KEY.publickey())) self.jwk512json = { 'kty': 'RSA', 'e': 'AQAB', @@ -68,10 +73,11 @@ class JWKRSATest(unittest.TestCase): def test_load(self): from letsencrypt.acme.jose.jwk import JWKRSA - self.assertEqual(JWKRSA(key=RSA256_KEY), JWKRSA.load( - pkg_resources.resource_string( - 'letsencrypt.client.tests', - os.path.join('testdata', 'rsa256_key.pem')))) + self.assertEqual( + JWKRSA(key=util.HashableRSAKey(RSA256_KEY)), JWKRSA.load( + pkg_resources.resource_string( + 'letsencrypt.client.tests', + os.path.join('testdata', 'rsa256_key.pem')))) def test_public(self): self.assertEqual(self.jwk256, self.jwk256_private.public()) @@ -86,6 +92,10 @@ class JWKRSATest(unittest.TestCase): # TODO: fix schemata to allow RSA512 #self.assertEqual(self.jwk512, JWK.from_json(self.jwk512json)) + def test_from_json_hashable(self): + from letsencrypt.acme.jose.jwk import JWK + hash(JWK.from_json(self.jwk256json)) + def test_from_json_non_schema_errors(self): # valid against schema, but still failing from letsencrypt.acme.jose.jwk import JWK diff --git a/letsencrypt/acme/jose/jws_test.py b/letsencrypt/acme/jose/jws_test.py index 215960e15..96a9c2070 100644 --- a/letsencrypt/acme/jose/jws_test.py +++ b/letsencrypt/acme/jose/jws_test.py @@ -196,6 +196,10 @@ class JWSTest(unittest.TestCase): self.assertRaises(errors.DeserializationError, JWS.from_json, {'signatures': (), 'signature': 'foo'}) + def test_from_json_hashable(self): + from letsencrypt.acme.jose.jws import JWS + hash(JWS.from_json(self.mixed.fully_serialize())) + class CLITest(unittest.TestCase): diff --git a/letsencrypt/acme/messages2_test.py b/letsencrypt/acme/messages2_test.py index 5297d6362..bebed64fa 100644 --- a/letsencrypt/acme/messages2_test.py +++ b/letsencrypt/acme/messages2_test.py @@ -1,9 +1,12 @@ """Tests for letsencrypt.acme.messages2.""" import datetime +import os +import pkg_resources import unittest import mock import pytz +from Crypto.PublicKey import RSA from letsencrypt.acme import challenges from letsencrypt.acme import jose @@ -39,6 +42,10 @@ class ErrorTest(unittest.TestCase): self.assertEqual( 'The request message was malformed', self.error.description) + def test_from_json_hashable(self): + from letsencrypt.acme.messages2 import Error + hash(Error.from_json(self.error.fully_serialize())) + class ConstantTest(unittest.TestCase): """Tests for letsencrypt.acme.messages2._Constant.""" @@ -61,11 +68,52 @@ class ConstantTest(unittest.TestCase): self.assertRaises( jose.DeserializationError, self.MockConstant.from_json, 'c') + def test_from_json_hashable(self): + hash(self.MockConstant.from_json('a')) + def test_repr(self): self.assertEqual('MockConstant(a)', repr(self.const_a)) self.assertEqual('MockConstant(b)', repr(self.const_b)) +class RegistrationTest(unittest.TestCase): + """Tests for letsencrypt.acme.messages2.Registration.""" + + def setUp(self): + key = jose.jwk.JWKRSA(key=jose.util.HashableRSAKey( + RSA.importKey(pkg_resources.resource_string( + 'letsencrypt.client.tests', os.path.join( + 'testdata', 'rsa256_key.pem'))).publickey())) + contact = ('mailto:letsencrypt-client@letsencrypt.org',) + recovery_token = 'XYZ' + agreement = 'https://letsencrypt.org/terms' + + from letsencrypt.acme.messages2 import Registration + self.reg = Registration( + key=key, contact=contact, recovery_token=recovery_token, + agreement=agreement) + + self.jobj_to = { + 'contact': contact, + 'recoveryToken': recovery_token, + 'agreement': agreement, + 'key': key, + } + self.jobj_from = self.jobj_to.copy() + self.jobj_from['key'] = key.fully_serialize() + + def test_to_json(self): + self.assertEqual(self.jobj_to, self.reg.to_json()) + + def test_from_json(self): + from letsencrypt.acme.messages2 import Registration + self.assertEqual(self.reg, Registration.from_json(self.jobj_from)) + + def test_from_json_hashable(self): + from letsencrypt.acme.messages2 import Registration + hash(Registration.from_json(self.jobj_from)) + + class ChallengeResourceTest(unittest.TestCase): """Tests for letsencrypt.acme.messages2.ChallengeResource.""" @@ -99,10 +147,14 @@ class ChallengeBodyTest(unittest.TestCase): def test_to_json(self): self.assertEqual(self.jobj_to, self.challb.to_json()) - def test_fields_from_json(self): + def test_from_json(self): from letsencrypt.acme.messages2 import ChallengeBody self.assertEqual(self.challb, ChallengeBody.from_json(self.jobj_from)) + def test_from_json_hashable(self): + from letsencrypt.acme.messages2 import ChallengeBody + hash(ChallengeBody.from_json(self.jobj_from)) + class AuthorizationTest(unittest.TestCase): """Tests for letsencrypt.acme.messages2.Authorization.""" @@ -139,6 +191,10 @@ class AuthorizationTest(unittest.TestCase): from letsencrypt.acme.messages2 import Authorization Authorization.from_json(self.jobj_from) + def test_from_json_hashable(self): + from letsencrypt.acme.messages2 import Authorization + hash(Authorization.from_json(self.jobj_from)) + def test_resolved_combinations(self): self.assertEqual(self.authz.resolved_combinations, ( (self.challbs[0], self.challbs[2]), @@ -167,6 +223,10 @@ class RevocationTest(unittest.TestCase): self.assertEqual(self.jobj_now, self.rev_now.to_json()) self.assertEqual(self.jobj_date, self.rev_date.to_json()) + def test_from_json_hashable(self): + from letsencrypt.acme.messages2 import Revocation + hash(Revocation.from_json(self.rev_now.fully_serialize())) + if __name__ == '__main__': unittest.main()