From 4af0c197e1cdaf91df1e90c354315c713d2d1dab Mon Sep 17 00:00:00 2001
From: Seth Schoen <schoen@eff.org>
Date: Sun, 15 Feb 2015 23:25:41 -0800
Subject: [PATCH 1/4] Trivial test for ClientAuthenticator get_chall_pref

---
 letsencrypt/client/tests/client_authenticator_test.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/letsencrypt/client/tests/client_authenticator_test.py b/letsencrypt/client/tests/client_authenticator_test.py
index 83a7d50d8..c79f26e0a 100644
--- a/letsencrypt/client/tests/client_authenticator_test.py
+++ b/letsencrypt/client/tests/client_authenticator_test.py
@@ -41,6 +41,10 @@ class PerformTest(unittest.TestCase):
         self.assertRaises(
             errors.LetsEncryptClientAuthError, self.auth.perform, [unexpected])
 
+    def test_chall_pref(self):
+        self.assertEqual(
+            self.auth.get_chall_pref("example.com"), ["recoveryToken"])
+
 
 class CleanupTest(unittest.TestCase):
     """Test the Authenticator cleanup function."""

From dd3e10eb423b4c926425b291beae3beb405025b5 Mon Sep 17 00:00:00 2001
From: Seth Schoen <schoen@eff.org>
Date: Mon, 16 Feb 2015 00:10:26 -0800
Subject: [PATCH 2/4] 100% coverage for crypto_util (test for make_csr)

---
 letsencrypt/client/tests/crypto_util_test.py | 34 ++++++++++++++++++++
 1 file changed, 34 insertions(+)

diff --git a/letsencrypt/client/tests/crypto_util_test.py b/letsencrypt/client/tests/crypto_util_test.py
index cb047281f..f24dbb08e 100644
--- a/letsencrypt/client/tests/crypto_util_test.py
+++ b/letsencrypt/client/tests/crypto_util_test.py
@@ -68,6 +68,40 @@ class MakeKeyTest(unittest.TestCase):  # pylint: disable=too-few-public-methods
         M2Crypto.RSA.load_key_string(make_key(4096))
 
 
+class MakeCSRTest(unittest.TestCase):
+    # pylint: disable=too-few-public-methods,bad-continuation
+    """Tests for letsencrypt.client.crypto_util.make_csr."""
+    def test_make_csr(self):
+        from letsencrypt.client.crypto_util import make_csr
+        result = make_csr(RSA512_KEY, ["example.com", "foo.example.com"])
+        self.assertEqual(
+            result, (
+"""-----BEGIN CERTIFICATE REQUEST-----
+MIIBbjCCARgCAQAweTELMAkGA1UEBhMCVVMxETAPBgNVBAgTCE1pY2hpZ2FuMRIw
+EAYDVQQHEwlBbm4gQXJib3IxDDAKBgNVBAoTA0VGRjEfMB0GA1UECxMWVW5pdmVy
+c2l0eSBvZiBNaWNoaWdhbjEUMBIGA1UEAxMLZXhhbXBsZS5jb20wXDANBgkqhkiG
+9w0BAQEFAANLADBIAkEA9LYRcVE3Nr+qleecEcX8JwVDnjeG1X7ucsCasuuZM0e0
+9cmYuUzxIkMjO/9x4AVcvXXRXPEV+LzWWkfkTlzRMwIDAQABoDowOAYJKoZIhvcN
+AQkOMSswKTAnBgNVHREEIDAeggtleGFtcGxlLmNvbYIPZm9vLmV4YW1wbGUuY29t
+MA0GCSqGSIb3DQEBCwUAA0EAAkBBkne4LNwBaZ95i1qez4Ii4nuj4Y0MaYrOe6lh
+YdCQq5RRHEKCFwxcJSZQaWWwmfbR0C2E2H7SnEPrcn4Y8w==
+-----END CERTIFICATE REQUEST-----
+""",
+            "3082016e308201180201003079310b30090603550406130255533111300f"
+            "060355040813084d6963686967616e3112301006035504071309416e6e20"
+            "4172626f72310c300a060355040a1303454646311f301d060355040b1316"
+            "556e6976657273697479206f66204d6963686967616e3114301206035504"
+            "03130b6578616d706c652e636f6d305c300d06092a864886f70d01010105"
+            "00034b003048024100f4b61171513736bfaa95e79c11c5fc2705439e3786"
+            "d57eee72c09ab2eb993347b4f5c998b94cf12243233bff71e0055cbd75d1"
+            "5cf115f8bcd65a47e44e5cd1330203010001a03a303806092a864886f70d"
+            "01090e312b302930270603551d110420301e820b6578616d706c652e636f"
+            "6d820f666f6f2e6578616d706c652e636f6d300d06092a864886f70d0101"
+            "0b05000341000240419277b82cdc01699f798b5a9ecf8222e27ba3e18d0c"
+            "698ace7ba96161d090ab94511c4282170c5c2526506965b099f6d1d02d84"
+            "d87ed29c43eb727e18f3".decode("hex")))
+
+
 class ValidPrivkeyTest(unittest.TestCase):
     """Tests for letsencrypt.client.crypto_util.valid_privkey."""
 

From d4c1ceccac2da9484b021c3471e2798d365baca6 Mon Sep 17 00:00:00 2001
From: Seth Schoen <schoen@eff.org>
Date: Mon, 16 Feb 2015 00:10:55 -0800
Subject: [PATCH 3/4] 100% coverage for recovery_token

---
 letsencrypt/client/tests/recovery_token_test.py | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/letsencrypt/client/tests/recovery_token_test.py b/letsencrypt/client/tests/recovery_token_test.py
index 2476b0c34..f37dcbc4d 100644
--- a/letsencrypt/client/tests/recovery_token_test.py
+++ b/letsencrypt/client/tests/recovery_token_test.py
@@ -42,6 +42,11 @@ class RecoveryTokenTest(unittest.TestCase):
         # Shouldn't throw an error
         self.rec_token.cleanup(challenge_util.RecTokenChall("example4.com"))
 
+        # SHOULD throw an error (OSError other than nonexistent file)
+        self.assertRaises(
+            OSError, self.rec_token.cleanup,
+            challenge_util.RecTokenChall("a"+"r"*10000+".com"))
+
     def test_perform_stored(self):
         self.rec_token.store_token("example4.com", 444)
         response = self.rec_token.perform(

From 8ff99300e4c26252490c46cdab5281d319c2a6e6 Mon Sep 17 00:00:00 2001
From: Seth Schoen <schoen@eff.org>
Date: Mon, 16 Feb 2015 00:21:08 -0800
Subject: [PATCH 4/4] This is apparently not deterministic after all

---
 letsencrypt/client/tests/crypto_util_test.py | 34 --------------------
 1 file changed, 34 deletions(-)

diff --git a/letsencrypt/client/tests/crypto_util_test.py b/letsencrypt/client/tests/crypto_util_test.py
index f24dbb08e..cb047281f 100644
--- a/letsencrypt/client/tests/crypto_util_test.py
+++ b/letsencrypt/client/tests/crypto_util_test.py
@@ -68,40 +68,6 @@ class MakeKeyTest(unittest.TestCase):  # pylint: disable=too-few-public-methods
         M2Crypto.RSA.load_key_string(make_key(4096))
 
 
-class MakeCSRTest(unittest.TestCase):
-    # pylint: disable=too-few-public-methods,bad-continuation
-    """Tests for letsencrypt.client.crypto_util.make_csr."""
-    def test_make_csr(self):
-        from letsencrypt.client.crypto_util import make_csr
-        result = make_csr(RSA512_KEY, ["example.com", "foo.example.com"])
-        self.assertEqual(
-            result, (
-"""-----BEGIN CERTIFICATE REQUEST-----
-MIIBbjCCARgCAQAweTELMAkGA1UEBhMCVVMxETAPBgNVBAgTCE1pY2hpZ2FuMRIw
-EAYDVQQHEwlBbm4gQXJib3IxDDAKBgNVBAoTA0VGRjEfMB0GA1UECxMWVW5pdmVy
-c2l0eSBvZiBNaWNoaWdhbjEUMBIGA1UEAxMLZXhhbXBsZS5jb20wXDANBgkqhkiG
-9w0BAQEFAANLADBIAkEA9LYRcVE3Nr+qleecEcX8JwVDnjeG1X7ucsCasuuZM0e0
-9cmYuUzxIkMjO/9x4AVcvXXRXPEV+LzWWkfkTlzRMwIDAQABoDowOAYJKoZIhvcN
-AQkOMSswKTAnBgNVHREEIDAeggtleGFtcGxlLmNvbYIPZm9vLmV4YW1wbGUuY29t
-MA0GCSqGSIb3DQEBCwUAA0EAAkBBkne4LNwBaZ95i1qez4Ii4nuj4Y0MaYrOe6lh
-YdCQq5RRHEKCFwxcJSZQaWWwmfbR0C2E2H7SnEPrcn4Y8w==
------END CERTIFICATE REQUEST-----
-""",
-            "3082016e308201180201003079310b30090603550406130255533111300f"
-            "060355040813084d6963686967616e3112301006035504071309416e6e20"
-            "4172626f72310c300a060355040a1303454646311f301d060355040b1316"
-            "556e6976657273697479206f66204d6963686967616e3114301206035504"
-            "03130b6578616d706c652e636f6d305c300d06092a864886f70d01010105"
-            "00034b003048024100f4b61171513736bfaa95e79c11c5fc2705439e3786"
-            "d57eee72c09ab2eb993347b4f5c998b94cf12243233bff71e0055cbd75d1"
-            "5cf115f8bcd65a47e44e5cd1330203010001a03a303806092a864886f70d"
-            "01090e312b302930270603551d110420301e820b6578616d706c652e636f"
-            "6d820f666f6f2e6578616d706c652e636f6d300d06092a864886f70d0101"
-            "0b05000341000240419277b82cdc01699f798b5a9ecf8222e27ba3e18d0c"
-            "698ace7ba96161d090ab94511c4282170c5c2526506965b099f6d1d02d84"
-            "d87ed29c43eb727e18f3".decode("hex")))
-
-
 class ValidPrivkeyTest(unittest.TestCase):
     """Tests for letsencrypt.client.crypto_util.valid_privkey."""