diff --git a/letsencrypt/acme/challenges_test.py b/letsencrypt/acme/challenges_test.py index efae04740..9ca9f6dd8 100644 --- a/letsencrypt/acme/challenges_test.py +++ b/letsencrypt/acme/challenges_test.py @@ -12,11 +12,11 @@ from letsencrypt.acme import other CERT = jose.ComparableX509(M2Crypto.X509.load_cert( pkg_resources.resource_filename( - 'letsencrypt.client.tests', 'testdata/cert.pem'))) + 'letsencrypt.client.tests', os.path.join('testdata', 'cert.pem')))) KEY = jose.HashableRSAKey(Crypto.PublicKey.RSA.importKey( pkg_resources.resource_string( - 'letsencrypt.client.tests', - os.path.join('testdata', 'rsa256_key.pem')))) + 'letsencrypt.acme.jose', + os.path.join('testdata', 'rsa512_key.pem')))) class SimpleHTTPSTest(unittest.TestCase): diff --git a/letsencrypt/acme/jose/jwa.py b/letsencrypt/acme/jose/jwa.py index b32e6bc66..b1f058d77 100644 --- a/letsencrypt/acme/jose/jwa.py +++ b/letsencrypt/acme/jose/jwa.py @@ -18,7 +18,10 @@ from letsencrypt.acme.jose import interfaces from letsencrypt.acme.jose import jwk -class JWA(interfaces.JSONDeSerializable): # pylint: disable=abstract-method,too-few-public-methods +class JWA(interfaces.JSONDeSerializable): # pylint: disable=abstract-method + # pylint: disable=too-few-public-methods + # for some reason disable=abstract-method has to be on the line + # above... """JSON Web Algorithm.""" @@ -92,11 +95,11 @@ class _JWARS(JWASignature): def sign(self, key, msg): try: return self.padding.new(key).sign(self.digestmod.new(msg)) - except TypeError as error: # key has no private part - raise errors.Error(error) - except (AttributeError, ValueError) as error: - # key is too small: ValueError for PS, AttributeError for RS - raise errors.Error(error) + except TypeError: + raise errors.Error('Key has no private part necessary for signing') + except (AttributeError, ValueError): + # ValueError for PS, AttributeError for RS + raise errors.Error('Key too small ({0})'.format(key.size())) def verify(self, key, msg, sig): return self.padding.new(key).verify(self.digestmod.new(msg), sig) diff --git a/letsencrypt/acme/jose/jwa_test.py b/letsencrypt/acme/jose/jwa_test.py index 91f5c2114..48fdfce0d 100644 --- a/letsencrypt/acme/jose/jwa_test.py +++ b/letsencrypt/acme/jose/jwa_test.py @@ -83,10 +83,10 @@ class JWARSTest(unittest.TestCase): def test_rs(self): from letsencrypt.acme.jose.jwa import RS256 sig = ( - '\x13\xf0\xe5\x83\x91\xd8~\x02q\xdf\xbdwX\x97\xecn\xe4UH\xb0' - '\xe1oq\x94\x9f\xf4\x0f\xcb0\x05\xa9\x0fs\xea\xf3\xe3\xe7' - '\x1cAh\xb3@\xb8\xe4UnG\xa0\xb2K\xac-\x1c1\x1c\xe9dw}2@\xa7' - '\xf0\xe8' + '|\xc6\xb2\xa4\xab(\x87\x99\xfa*:\xea\xf8\xa0N&}\x9f\x0f\xc0O' + '\xc6t\xa3\xe6\xfa\xbb"\x15Y\x80Y\xe0\x81\xb8\x88)\xba\x0c\x9c' + '\xa4\x99\x1e\x19&\xd8\xc7\x99S\x97\xfc\x85\x0cOV\xe6\x07\x99' + '\xd2\xb9.>}\xfd' ) self.assertEqual(RS256.sign(RSA512_KEY, 'foo'), sig) # next tests guard that only True/False are return as oppossed diff --git a/letsencrypt/acme/jose/jwk.py b/letsencrypt/acme/jose/jwk.py index f79e39a33..ec35baa18 100644 --- a/letsencrypt/acme/jose/jwk.py +++ b/letsencrypt/acme/jose/jwk.py @@ -28,6 +28,8 @@ class JWK(json_util.TypedJSONObjectWithFields): For symmetric cryptosystems, this would return ``self``. """ + # TODO: rename publickey to stay consistent with + # HashableRSAKey.publickey raise NotImplementedError() diff --git a/letsencrypt/acme/jose/jwk_test.py b/letsencrypt/acme/jose/jwk_test.py index a37ddb467..1328528e8 100644 --- a/letsencrypt/acme/jose/jwk_test.py +++ b/letsencrypt/acme/jose/jwk_test.py @@ -9,10 +9,10 @@ from letsencrypt.acme.jose import errors from letsencrypt.acme.jose import util -RSA256_KEY = RSA.importKey(pkg_resources.resource_string( - 'letsencrypt.client.tests', os.path.join('testdata', 'rsa256_key.pem'))) -RSA512_KEY = RSA.importKey(pkg_resources.resource_string( - 'letsencrypt.client.tests', os.path.join('testdata', 'rsa512_key.pem'))) +RSA256_KEY = util.HashableRSAKey(RSA.importKey(pkg_resources.resource_string( + __name__, os.path.join('testdata', 'rsa256_key.pem')))) +RSA512_KEY = util.HashableRSAKey(RSA.importKey(pkg_resources.resource_string( + __name__, os.path.join('testdata', 'rsa512_key.pem')))) class JWKOctTest(unittest.TestCase): @@ -47,21 +47,20 @@ class JWKRSATest(unittest.TestCase): def setUp(self): from letsencrypt.acme.jose.jwk import JWKRSA - self.jwk256 = JWKRSA(key=util.HashableRSAKey(RSA256_KEY.publickey())) - self.jwk256_private = JWKRSA(key=util.HashableRSAKey(RSA256_KEY)) + self.jwk256 = JWKRSA(key=RSA256_KEY.publickey()) + self.jwk256_private = JWKRSA(key=RSA256_KEY) self.jwk256json = { + 'kty': 'RSA', + 'e': 'AQAB', + 'n': 'm2Fylv-Uz7trgTW8EBHP3FQSMeZs2GNQ6VRo1sIVJEk', + } + self.jwk512 = JWKRSA(key=RSA512_KEY.publickey()) + self.jwk512json = { 'kty': 'RSA', 'e': 'AQAB', 'n': 'rHVztFHtH92ucFJD_N_HW9AsdRsUuHUBBBDlHwNlRd3fp5' '80rv2-6QWE30cWgdmJS86ObRz6lUTor4R0T-3C5Q', } - self.jwk512 = JWKRSA(key=util.HashableRSAKey(RSA512_KEY.publickey())) - self.jwk512json = { - 'kty': 'RSA', - 'e': 'AQAB', - 'n': '9LYRcVE3Nr-qleecEcX8JwVDnjeG1X7ucsCasuuZM0e09c' - 'mYuUzxIkMjO_9x4AVcvXXRXPEV-LzWWkfkTlzRMw', - } def test_equals(self): self.assertEqual(self.jwk256, self.jwk256) @@ -76,8 +75,7 @@ class JWKRSATest(unittest.TestCase): self.assertEqual( JWKRSA(key=util.HashableRSAKey(RSA256_KEY)), JWKRSA.load( pkg_resources.resource_string( - 'letsencrypt.client.tests', - os.path.join('testdata', 'rsa256_key.pem')))) + __name__, os.path.join('testdata', 'rsa256_key.pem')))) def test_public(self): self.assertEqual(self.jwk256, self.jwk256_private.public()) diff --git a/letsencrypt/acme/jose/jws_test.py b/letsencrypt/acme/jose/jws_test.py index fcae71cf4..dca61c3d9 100644 --- a/letsencrypt/acme/jose/jws_test.py +++ b/letsencrypt/acme/jose/jws_test.py @@ -136,8 +136,8 @@ class JWSTest(unittest.TestCase): def test_compact_lost_unprotected(self): compact = self.mixed.to_compact() self.assertEqual( - 'eyJhbGciOiAiUlMyNTYifQ.Zm9v.KBvYScRMEqJlp2xsReoY3CNDpVCWEU' - '1PyRrf44nPBsmyQz__iuNR56pPNcACeHzJQnXhTVTxqFgjge2i_vw9NA', + 'eyJhbGciOiAiUlMyNTYifQ.Zm9v.OHdxFVj73l5LpxbFp1AmYX4yJM0Pyb' + '_893n1zQjpim_eLS5J1F61lkvrCrCDErTEJnBGOGesJ72M7b6Ve1cAJA', compact) from letsencrypt.acme.jose.jws import JWS diff --git a/letsencrypt/acme/jose/testdata/rsa512_key.pem b/letsencrypt/acme/jose/testdata/rsa512_key.pem index 77627dcd2..610c8d315 100644 --- a/letsencrypt/acme/jose/testdata/rsa512_key.pem +++ b/letsencrypt/acme/jose/testdata/rsa512_key.pem @@ -1,9 +1,9 @@ -----BEGIN RSA PRIVATE KEY----- -MIIBPAIBAAJBAJ+afYCLq33YTZumktV+Lg9LpDGKCv/DxuXkXc40mFc+82KbsyR8 -5/S2pmNQrKzL/jLmenQT67PnRaVNqEsvj2UCAwEAAQJAJWqOaYhU19fRud+/JJXE -LonJIGQAWB2Jj3OOGj1ySWF13ahdsQxXKQoVSUTnrvLJkrQwXwNFck9BnZ1otL6u -MQIhAMw84RdsMJufn7bCMe6ppVukoGKRbjxE8ar/tBGUOOFrAiEAyA2ysBdOXF8z -FweoKED11siyJbHuuavMaoL1ZI779m8CIQCWuf8seA3PbBhEmkCbb9u3LGGpHMcL -952aoydTKd5ojQIhAKuSA+O9uTjDdL+Vk4QiYjS4nwBxH3ohewkGE4sQjcsFAiEA -uToAFyz5vUHnk8vME9y+ZIHSePBqckGwXVOfgIbATF0= +MIIBOgIBAAJBAKx1c7RR7R/drnBSQ/zfx1vQLHUbFLh1AQQQ5R8DZUXd36efNK79 +vukFhN9HFoHZiUvOjm0c+pVE6K+EdE/twuUCAwEAAQJAMbrEnJCrQe8YqAbw1/Bn +elAzIamndfE3U8bTavf9sgFpS4HL83rhd6PDbvx81ucaJAT/5x048fM/nFl4fzAc +mQIhAOF/a9o3EIsDKEmUl+Z1OaOiUxDF3kqWSmALEsmvDhwXAiEAw8ljV5RO/rUp +Zu2YMDFq3MKpyyMgBIJ8CxmGRc6gCmMCIGRQzkcmhfqBrhOFwkmozrqIBRIKJIjj +8TRm2LXWZZ2DAiAqVO7PztdNpynugUy4jtbGKKjBrTSNBRGA7OHlUgm0dQIhALQq +6oGU29Vxlvt3k0vmiRKU4AVfLyNXIGtcWcNG46h/ -----END RSA PRIVATE KEY----- diff --git a/letsencrypt/acme/messages2_test.py b/letsencrypt/acme/messages2_test.py index 33a55dcf3..d45aa7f9e 100644 --- a/letsencrypt/acme/messages2_test.py +++ b/letsencrypt/acme/messages2_test.py @@ -12,6 +12,10 @@ from letsencrypt.acme import challenges from letsencrypt.acme import jose +KEY = jose.util.HashableRSAKey(RSA.importKey(pkg_resources.resource_string( + 'letsencrypt.acme.jose', os.path.join('testdata', 'rsa512_key.pem')))) + + class ErrorTest(unittest.TestCase): """Tests for letsencrypt.acme.messages2.Error.""" @@ -87,10 +91,7 @@ class RegistrationTest(unittest.TestCase): """Tests for letsencrypt.acme.messages2.Registration.""" def setUp(self): - key = jose.jwk.JWKRSA(key=jose.util.HashableRSAKey( - RSA.importKey(pkg_resources.resource_string( - 'letsencrypt.client.tests', os.path.join( - 'testdata', 'rsa256_key.pem'))).publickey())) + key = jose.jwk.JWKRSA(key=KEY.publickey()) contact = ('mailto:letsencrypt-client@letsencrypt.org',) recovery_token = 'XYZ' agreement = 'https://letsencrypt.org/terms' diff --git a/letsencrypt/acme/messages_test.py b/letsencrypt/acme/messages_test.py index 46c2c74cc..56781db18 100644 --- a/letsencrypt/acme/messages_test.py +++ b/letsencrypt/acme/messages_test.py @@ -1,4 +1,5 @@ """Tests for letsencrypt.acme.messages.""" +import os import pkg_resources import unittest @@ -13,16 +14,16 @@ from letsencrypt.acme import other KEY = jose.HashableRSAKey(Crypto.PublicKey.RSA.importKey( pkg_resources.resource_string( - 'letsencrypt.client.tests', 'testdata/rsa256_key.pem'))) + 'letsencrypt.acme.jose', os.path.join('testdata', 'rsa512_key.pem')))) CERT = jose.ComparableX509(M2Crypto.X509.load_cert( pkg_resources.resource_filename( - 'letsencrypt.client.tests', 'testdata/cert.pem'))) + 'letsencrypt.client.tests', os.path.join('testdata', 'cert.pem')))) CSR = jose.ComparableX509(M2Crypto.X509.load_request( pkg_resources.resource_filename( - 'letsencrypt.client.tests', 'testdata/csr.pem'))) + 'letsencrypt.client.tests', os.path.join('testdata', 'csr.pem')))) CSR2 = jose.ComparableX509(M2Crypto.X509.load_request( pkg_resources.resource_filename( - 'letsencrypt.acme.jose', 'testdata/csr2.pem'))) + 'letsencrypt.acme.jose', os.path.join('testdata', 'csr2.pem')))) class MessageTest(unittest.TestCase): diff --git a/letsencrypt/acme/other_test.py b/letsencrypt/acme/other_test.py index 6ca5f5dd2..eefcb2fc5 100644 --- a/letsencrypt/acme/other_test.py +++ b/letsencrypt/acme/other_test.py @@ -1,4 +1,5 @@ """Tests for letsencrypt.acme.sig.""" +import os import pkg_resources import unittest @@ -7,12 +8,9 @@ import Crypto.PublicKey.RSA from letsencrypt.acme import jose -RSA256_KEY = jose.HashableRSAKey(Crypto.PublicKey.RSA.importKey( +KEY = jose.HashableRSAKey(Crypto.PublicKey.RSA.importKey( pkg_resources.resource_string( - 'letsencrypt.client.tests', 'testdata/rsa256_key.pem'))) -RSA512_KEY = jose.HashableRSAKey( - Crypto.PublicKey.RSA.importKey(pkg_resources.resource_string( - 'letsencrypt.client.tests', 'testdata/rsa512_key.pem'))) + 'letsencrypt.acme.jose', os.path.join('testdata', 'rsa512_key.pem')))) class SignatureTest(unittest.TestCase): @@ -28,7 +26,7 @@ class SignatureTest(unittest.TestCase): self.nonce = '\xec\xd6\xf2oYH\xeb\x13\xd5#q\xe0\xdd\xa2\x92\xa9' self.alg = jose.RS256 - self.jwk = jose.JWKRSA(key=RSA256_KEY.publickey()) + self.jwk = jose.JWKRSA(key=KEY.publickey()) b64sig = ('SUPYKucUnhlTt8_sMxLiigOYdf_wlOLXPI-o7aRLTsOquVjDd6r' 'AX9AFJHk-bCMQPJbSzXKjG6H1IWbvxjS2Ew') @@ -69,11 +67,11 @@ class SignatureTest(unittest.TestCase): return Signature.from_msg(*args, **kwargs) def test_create_from_msg(self): - signature = self._from_msg(self.msg, RSA256_KEY, self.nonce) + signature = self._from_msg(self.msg, KEY, self.nonce) self.assertEqual(self.signature, signature) def test_create_from_msg_random_nonce(self): - signature = self._from_msg(self.msg, RSA256_KEY) + signature = self._from_msg(self.msg, KEY) self.assertEqual(signature.alg, self.alg) self.assertEqual(signature.jwk, self.jwk) self.assertTrue(signature.verify(self.msg)) diff --git a/letsencrypt/client/plugins/apache/tests/dvsni_test.py b/letsencrypt/client/plugins/apache/tests/dvsni_test.py index 1d1b0e652..2780749b5 100644 --- a/letsencrypt/client/plugins/apache/tests/dvsni_test.py +++ b/letsencrypt/client/plugins/apache/tests/dvsni_test.py @@ -34,9 +34,9 @@ class DvsniPerformTest(util.ApacheTest): self.sni = dvsni.ApacheDvsni(config) rsa256_file = pkg_resources.resource_filename( - "letsencrypt.client.tests", "testdata/rsa256_key.pem") + "letsencrypt.acme.jose", "testdata/rsa256_key.pem") rsa256_pem = pkg_resources.resource_string( - "letsencrypt.client.tests", "testdata/rsa256_key.pem") + "letsencrypt.acme.jose", "testdata/rsa256_key.pem") auth_key = le_util.Key(rsa256_file, rsa256_pem) self.achalls = [ diff --git a/letsencrypt/client/plugins/apache/tests/util.py b/letsencrypt/client/plugins/apache/tests/util.py index d1ba17f5a..488ecffea 100644 --- a/letsencrypt/client/plugins/apache/tests/util.py +++ b/letsencrypt/client/plugins/apache/tests/util.py @@ -26,9 +26,9 @@ class ApacheTest(unittest.TestCase): # pylint: disable=too-few-public-methods self.temp_dir, "debian_apache_2_4/two_vhost_80/apache2") self.rsa256_file = pkg_resources.resource_filename( - "letsencrypt.client.tests", "testdata/rsa256_key.pem") + "letsencrypt.acme.jose", "testdata/rsa256_key.pem") self.rsa256_pem = pkg_resources.resource_string( - "letsencrypt.client.tests", "testdata/rsa256_key.pem") + "letsencrypt.acme.jose", "testdata/rsa256_key.pem") def dir_setup(test_dir="debian_apache_2_4/two_vhost_80"): diff --git a/letsencrypt/client/plugins/nginx/tests/dvsni_test.py b/letsencrypt/client/plugins/nginx/tests/dvsni_test.py index 66e0cc704..bf66367e6 100644 --- a/letsencrypt/client/plugins/nginx/tests/dvsni_test.py +++ b/letsencrypt/client/plugins/nginx/tests/dvsni_test.py @@ -25,9 +25,9 @@ class DvsniPerformTest(util.NginxTest): self.ssl_options) rsa256_file = pkg_resources.resource_filename( - "letsencrypt.client.tests", "testdata/rsa256_key.pem") + "letsencrypt.acme.jose", "testdata/rsa256_key.pem") rsa256_pem = pkg_resources.resource_string( - "letsencrypt.client.tests", "testdata/rsa256_key.pem") + "letsencrypt.acme.jose", "testdata/rsa256_key.pem") auth_key = le_util.Key(rsa256_file, rsa256_pem) diff --git a/letsencrypt/client/plugins/nginx/tests/util.py b/letsencrypt/client/plugins/nginx/tests/util.py index 4570f2de2..58c5730cf 100644 --- a/letsencrypt/client/plugins/nginx/tests/util.py +++ b/letsencrypt/client/plugins/nginx/tests/util.py @@ -25,9 +25,9 @@ class NginxTest(unittest.TestCase): # pylint: disable=too-few-public-methods self.temp_dir, "testdata") self.rsa256_file = pkg_resources.resource_filename( - "letsencrypt.client.tests", "testdata/rsa256_key.pem") + "letsencrypt.acme.jose", "testdata/rsa256_key.pem") self.rsa256_pem = pkg_resources.resource_string( - "letsencrypt.client.tests", "testdata/rsa256_key.pem") + "letsencrypt.acme.jose", "testdata/rsa256_key.pem") def get_data_filename(filename): diff --git a/letsencrypt/client/plugins/standalone/tests/authenticator_test.py b/letsencrypt/client/plugins/standalone/tests/authenticator_test.py index 23cd43bd5..c69e5399e 100644 --- a/letsencrypt/client/plugins/standalone/tests/authenticator_test.py +++ b/letsencrypt/client/plugins/standalone/tests/authenticator_test.py @@ -18,6 +18,12 @@ from letsencrypt.client import le_util from letsencrypt.client.tests import acme_util +KEY = le_util.Key("foo", pkg_resources.resource_string( + "letsencrypt.acme.jose", os.path.join("testdata", "rsa512_key.pem"))) +PRIVATE_KEY = OpenSSL.crypto.load_privatekey( + OpenSSL.crypto.FILETYPE_PEM, KEY.pem) + + # Classes based on to allow interrupting infinite loop under test # after one iteration, based on. # http://igorsobreira.com/2013/03/17/testing-infinite-loops.html @@ -66,15 +72,10 @@ class SNICallbackTest(unittest.TestCase): from letsencrypt.client.plugins.standalone.authenticator import \ StandaloneAuthenticator self.authenticator = StandaloneAuthenticator(None) - test_key = pkg_resources.resource_string( - "letsencrypt.client.tests", "testdata/rsa256_key.pem") - key = le_util.Key("foo", test_key) self.cert = achallenges.DVSNI( challb=acme_util.DVSNI_P, - domain="example.com", key=key).gen_cert_and_response()[0] - private_key = OpenSSL.crypto.load_privatekey( - OpenSSL.crypto.FILETYPE_PEM, key.pem) - self.authenticator.private_key = private_key + domain="example.com", key=KEY).gen_cert_and_response()[0] + self.authenticator.private_key = PRIVATE_KEY self.authenticator.tasks = {"abcdef.acme.invalid": self.cert} self.authenticator.child_pid = 12345 @@ -298,18 +299,14 @@ class PerformTest(unittest.TestCase): StandaloneAuthenticator self.authenticator = StandaloneAuthenticator(None) - test_key = pkg_resources.resource_string( - "letsencrypt.client.tests", "testdata/rsa256_key.pem") - self.key = le_util.Key("something", test_key) - self.achall1 = achallenges.DVSNI( challb=acme_util.chall_to_challb( challenges.DVSNI(r="whee", nonce="foo"), "pending"), - domain="foo.example.com", key=self.key) + domain="foo.example.com", key=KEY) self.achall2 = achallenges.DVSNI( challb=acme_util.chall_to_challb( challenges.DVSNI(r="whee", nonce="bar"), "pending"), - domain="bar.example.com", key=self.key) + domain="bar.example.com", key=KEY) bad_achall = ("This", "Represents", "A Non-DVSNI", "Challenge") self.achalls = [self.achall1, self.achall2, bad_achall] @@ -334,7 +331,7 @@ class PerformTest(unittest.TestCase): self.assertTrue(isinstance(result[0], challenges.ChallengeResponse)) self.assertTrue(isinstance(result[1], challenges.ChallengeResponse)) self.assertFalse(result[2]) - self.authenticator.start_listener.assert_called_once_with(443, self.key) + self.authenticator.start_listener.assert_called_once_with(443, KEY) def test_cannot_perform(self): """What happens if start_listener() returns False.""" @@ -349,8 +346,7 @@ class PerformTest(unittest.TestCase): self.assertTrue(isinstance(result, list)) self.assertEqual(len(result), 3) self.assertEqual(result, [None, None, False]) - self.authenticator.start_listener.assert_called_once_with( - 443, self. key) + self.authenticator.start_listener.assert_called_once_with(443, KEY) def test_perform_with_pending_tasks(self): self.authenticator.tasks = {"foononce.acme.invalid": "cert_data"} @@ -465,17 +461,11 @@ class DoChildProcessTest(unittest.TestCase): from letsencrypt.client.plugins.standalone.authenticator import \ StandaloneAuthenticator self.authenticator = StandaloneAuthenticator(None) - test_key = pkg_resources.resource_string( - "letsencrypt.client.tests", "testdata/rsa256_key.pem") - key = le_util.Key("foo", test_key) - self.key = key self.cert = achallenges.DVSNI( challb=acme_util.chall_to_challb( - challenges.DVSNI(r="x"*32, nonce="abcdef"), "pending"), - domain="example.com", key=key).gen_cert_and_response()[0] - private_key = OpenSSL.crypto.load_privatekey( - OpenSSL.crypto.FILETYPE_PEM, key.pem) - self.authenticator.private_key = private_key + challenges.DVSNI(r=("x" * 32), nonce="abcdef"), "pending"), + domain="example.com", key=KEY).gen_cert_and_response()[0] + self.authenticator.private_key = PRIVATE_KEY self.authenticator.tasks = {"abcdef.acme.invalid": self.cert} self.authenticator.parent_pid = 12345 @@ -497,8 +487,7 @@ class DoChildProcessTest(unittest.TestCase): # do_child_process code assumes that calling sys.exit() will # cause subsequent code not to be executed.) self.assertRaises( - IndentationError, self.authenticator.do_child_process, 1717, - self.key) + IndentationError, self.authenticator.do_child_process, 1717, KEY) mock_exit.assert_called_once_with(1) mock_kill.assert_called_once_with(12345, signal.SIGUSR2) @@ -514,8 +503,7 @@ class DoChildProcessTest(unittest.TestCase): sample_socket.bind.side_effect = eaccess mock_socket.return_value = sample_socket self.assertRaises( - IndentationError, self.authenticator.do_child_process, 1717, - self.key) + IndentationError, self.authenticator.do_child_process, 1717, KEY) mock_exit.assert_called_once_with(1) mock_kill.assert_called_once_with(12345, signal.SIGUSR1) @@ -531,7 +519,7 @@ class DoChildProcessTest(unittest.TestCase): sample_socket.bind.side_effect = eio mock_socket.return_value = sample_socket self.assertRaises( - socket.error, self.authenticator.do_child_process, 1717, self.key) + socket.error, self.authenticator.do_child_process, 1717, KEY) @mock.patch("letsencrypt.client.plugins.standalone.authenticator." "OpenSSL.SSL.Connection") @@ -545,8 +533,7 @@ class DoChildProcessTest(unittest.TestCase): mock_socket.return_value = sample_socket mock_connection.return_value = mock.MagicMock() self.assertRaises( - CallableExhausted, self.authenticator.do_child_process, 1717, - self.key) + CallableExhausted, self.authenticator.do_child_process, 1717, KEY) mock_socket.assert_called_once_with() sample_socket.bind.assert_called_once_with(("0.0.0.0", 1717)) sample_socket.listen.assert_called_once_with(1) diff --git a/letsencrypt/client/tests/account_test.py b/letsencrypt/client/tests/account_test.py index a8005ea9b..6a79a94c7 100644 --- a/letsencrypt/client/tests/account_test.py +++ b/letsencrypt/client/tests/account_test.py @@ -33,12 +33,12 @@ class AccountTest(unittest.TestCase): account_keys_dir=self.account_keys_dir, rsa_key_size=2048, server="letsencrypt-demo.org") - rsa256_file = pkg_resources.resource_filename( - "letsencrypt.client.tests", "testdata/rsa256_key.pem") - rsa256_pem = pkg_resources.resource_string( - "letsencrypt.client.tests", "testdata/rsa256_key.pem") + key_file = pkg_resources.resource_filename( + "letsencrypt.acme.jose", os.path.join("testdata", "rsa512_key.pem")) + key_pem = pkg_resources.resource_string( + "letsencrypt.acme.jose", os.path.join("testdata", "rsa512_key.pem")) - self.key = le_util.Key(rsa256_file, rsa256_pem) + self.key = le_util.Key(key_file, key_pem) self.email = "client@letsencrypt.org" self.regr = messages2.RegistrationResource( uri="uri", diff --git a/letsencrypt/client/tests/achallenges_test.py b/letsencrypt/client/tests/achallenges_test.py index c186ef19e..72c610f31 100644 --- a/letsencrypt/client/tests/achallenges_test.py +++ b/letsencrypt/client/tests/achallenges_test.py @@ -19,7 +19,8 @@ class DVSNITest(unittest.TestCase): challenges.DVSNI(r="r_value", nonce="12345ABCDE"), "pending") self.response = challenges.DVSNIResponse() key = le_util.Key("path", pkg_resources.resource_string( - __name__, os.path.join("testdata", "rsa256_key.pem"))) + "letsencrypt.acme.jose", + os.path.join("testdata", "rsa512_key.pem"))) from letsencrypt.client.achallenges import DVSNI self.achall = DVSNI(challb=self.chall, domain="example.com", key=key) diff --git a/letsencrypt/client/tests/acme_util.py b/letsencrypt/client/tests/acme_util.py index 724b95a2a..0036844e0 100644 --- a/letsencrypt/client/tests/acme_util.py +++ b/letsencrypt/client/tests/acme_util.py @@ -13,8 +13,7 @@ from letsencrypt.acme import messages2 KEY = jose.HashableRSAKey(Crypto.PublicKey.RSA.importKey( pkg_resources.resource_string( - "letsencrypt.client.tests", - os.path.join("testdata", "rsa256_key.pem")))) + "letsencrypt.acme.jose", os.path.join("testdata", "rsa512_key.pem")))) # Challenges SIMPLE_HTTPS = challenges.SimpleHTTPS( diff --git a/letsencrypt/client/tests/crypto_util_test.py b/letsencrypt/client/tests/crypto_util_test.py index 38fb7ef2d..a36b96c99 100644 --- a/letsencrypt/client/tests/crypto_util_test.py +++ b/letsencrypt/client/tests/crypto_util_test.py @@ -10,8 +10,10 @@ import M2Crypto import mock -RSA256_KEY = pkg_resources.resource_string(__name__, 'testdata/rsa256_key.pem') -RSA512_KEY = pkg_resources.resource_string(__name__, 'testdata/rsa512_key.pem') +RSA256_KEY = pkg_resources.resource_string( + 'letsencrypt.acme.jose', os.path.join('testdata', 'rsa256_key.pem')) +RSA512_KEY = pkg_resources.resource_string( + 'letsencrypt.acme.jose', os.path.join('testdata', 'rsa512_key.pem')) class InitSaveKeyTest(unittest.TestCase): @@ -106,10 +108,10 @@ class CSRMatchesPubkeyTest(unittest.TestCase): __name__, os.path.join('testdata', name)), privkey) def test_valid_true(self): - self.assertTrue(self._call_testdata('csr.pem', RSA256_KEY)) + self.assertTrue(self._call_testdata('csr.pem', RSA512_KEY)) def test_invalid_false(self): - self.assertFalse(self._call_testdata('csr.pem', RSA512_KEY)) + self.assertFalse(self._call_testdata('csr.pem', RSA256_KEY)) class MakeKeyTest(unittest.TestCase): # pylint: disable=too-few-public-methods @@ -145,7 +147,7 @@ class MakeSSCertTest(unittest.TestCase): def test_it(self): # pylint: disable=no-self-use from letsencrypt.client.crypto_util import make_ss_cert - make_ss_cert(RSA256_KEY, ['example.com', 'www.example.com']) + make_ss_cert(RSA512_KEY, ['example.com', 'www.example.com']) if __name__ == '__main__': diff --git a/letsencrypt/client/tests/network2_test.py b/letsencrypt/client/tests/network2_test.py index 5ef9981d4..195788d66 100644 --- a/letsencrypt/client/tests/network2_test.py +++ b/letsencrypt/client/tests/network2_test.py @@ -19,17 +19,17 @@ from letsencrypt.client import errors CERT = jose.ComparableX509(M2Crypto.X509.load_cert_string( pkg_resources.resource_string( - __name__, os.path.join('testdata/cert.pem')))) + __name__, os.path.join('testdata', 'cert.pem')))) CERT2 = jose.ComparableX509(M2Crypto.X509.load_cert_string( pkg_resources.resource_string( - __name__, os.path.join('testdata/cert-san.pem')))) + __name__, os.path.join('testdata', 'cert-san.pem')))) CSR = jose.ComparableX509(M2Crypto.X509.load_request_string( pkg_resources.resource_string( - __name__, os.path.join('testdata/csr.pem')))) + __name__, os.path.join('testdata', 'csr.pem')))) KEY = jose.JWKRSA.load(pkg_resources.resource_string( - __name__, os.path.join('testdata/rsa512_key.pem'))) + 'letsencrypt.acme.jose', os.path.join('testdata', 'rsa512_key.pem'))) KEY2 = jose.JWKRSA.load(pkg_resources.resource_string( - __name__, os.path.join('testdata/rsa256_key.pem'))) + 'letsencrypt.acme.jose', os.path.join('testdata', 'rsa256_key.pem'))) class NetworkTest(unittest.TestCase): diff --git a/letsencrypt/client/tests/revoker_test.py b/letsencrypt/client/tests/revoker_test.py index ff2ce6aca..1ceb8ae9a 100644 --- a/letsencrypt/client/tests/revoker_test.py +++ b/letsencrypt/client/tests/revoker_test.py @@ -99,7 +99,7 @@ class RevokerTest(RevokerBase): mock_display().confirm_revocation.return_value = True key_path = pkg_resources.resource_filename( - "letsencrypt.client.tests", os.path.join( + "letsencrypt.acme.jose", os.path.join( "testdata", "rsa256_key.pem")) wrong_key = le_util.Key(key_path, open(key_path).read()) diff --git a/letsencrypt/client/tests/testdata/rsa256_key.pem b/letsencrypt/client/tests/testdata/rsa256_key.pem deleted file mode 100644 index 610c8d315..000000000 --- a/letsencrypt/client/tests/testdata/rsa256_key.pem +++ /dev/null @@ -1,9 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIBOgIBAAJBAKx1c7RR7R/drnBSQ/zfx1vQLHUbFLh1AQQQ5R8DZUXd36efNK79 -vukFhN9HFoHZiUvOjm0c+pVE6K+EdE/twuUCAwEAAQJAMbrEnJCrQe8YqAbw1/Bn -elAzIamndfE3U8bTavf9sgFpS4HL83rhd6PDbvx81ucaJAT/5x048fM/nFl4fzAc -mQIhAOF/a9o3EIsDKEmUl+Z1OaOiUxDF3kqWSmALEsmvDhwXAiEAw8ljV5RO/rUp -Zu2YMDFq3MKpyyMgBIJ8CxmGRc6gCmMCIGRQzkcmhfqBrhOFwkmozrqIBRIKJIjj -8TRm2LXWZZ2DAiAqVO7PztdNpynugUy4jtbGKKjBrTSNBRGA7OHlUgm0dQIhALQq -6oGU29Vxlvt3k0vmiRKU4AVfLyNXIGtcWcNG46h/ ------END RSA PRIVATE KEY-----