1# coding: utf-8 2from __future__ import unicode_literals, division, absolute_import, print_function 3 4import unittest 5import sys 6import os 7 8from asn1crypto import csr, util 9from ._unittest_compat import patch 10 11patch() 12 13if sys.version_info < (3,): 14 byte_cls = str 15 num_cls = long # noqa 16else: 17 byte_cls = bytes 18 num_cls = int 19 20 21tests_root = os.path.dirname(__file__) 22fixtures_dir = os.path.join(tests_root, 'fixtures') 23 24 25class CSRTests(unittest.TestCase): 26 27 def test_parse_csr(self): 28 with open(os.path.join(fixtures_dir, 'test-inter-der.csr'), 'rb') as f: 29 certification_request = csr.CertificationRequest.load(f.read()) 30 31 cri = certification_request['certification_request_info'] 32 33 self.assertEqual( 34 'v1', 35 cri['version'].native 36 ) 37 38 self.assertEqual( 39 util.OrderedDict([ 40 ('country_name', 'US'), 41 ('state_or_province_name', 'Massachusetts'), 42 ('locality_name', 'Newbury'), 43 ('organization_name', 'Codex Non Sufficit LC'), 44 ('organizational_unit_name', 'Testing Intermediate'), 45 ('common_name', 'Will Bond'), 46 ('email_address', 'will@codexns.io'), 47 ]), 48 cri['subject'].native 49 ) 50 self.assertEqual( 51 util.OrderedDict([ 52 ('algorithm', 'rsa'), 53 ('parameters', None), 54 ]), 55 cri['subject_pk_info']['algorithm'].native 56 ) 57 self.assertEqual( 58 24141757533938720807477509823483015516687050697622322097001928034085434547050399731881871694642845241206788286795830006142635608141713689209738431462004600429798152826994774062467402648660593454536565119527837471261495586474194846971065722669734666949739228862107500673350843489920495869942508240779131331715037662761414997889327943217889802893638175792326783316531272170879284118280173511200768884738639370318760377047837471530387161553030663446359575963736475504659902898072137674205021477968813148345198711103071746476009234601299344030395455052526948041544669303473529511160643491569274897838845918784633403435929, # noqa 59 cri['subject_pk_info']['public_key'].parsed['modulus'].native 60 ) 61 self.assertEqual( 62 65537, 63 cri['subject_pk_info']['public_key'].parsed['public_exponent'].native 64 ) 65 self.assertEqual( 66 [], 67 cri['attributes'].native 68 ) 69 70 def test_parse_csr2(self): 71 with open(os.path.join(fixtures_dir, 'test-third-der.csr'), 'rb') as f: 72 certification_request = csr.CertificationRequest.load(f.read()) 73 74 cri = certification_request['certification_request_info'] 75 76 self.assertEqual( 77 'v1', 78 cri['version'].native 79 ) 80 81 self.assertEqual( 82 util.OrderedDict([ 83 ('country_name', 'US'), 84 ('state_or_province_name', 'Massachusetts'), 85 ('locality_name', 'Newbury'), 86 ('organization_name', 'Codex Non Sufficit LC'), 87 ('organizational_unit_name', 'Test Third-Level Certificate'), 88 ('common_name', 'Will Bond'), 89 ('email_address', 'will@codexns.io'), 90 ]), 91 cri['subject'].native 92 ) 93 self.assertEqual( 94 util.OrderedDict([ 95 ('algorithm', 'rsa'), 96 ('parameters', None), 97 ]), 98 cri['subject_pk_info']['algorithm'].native 99 ) 100 self.assertEqual( 101 24242772097421005542208203320016703216069397492249392798445262959177221203301502279838173203064357049006693856302147277901773700963054800321566171864477088538775137040886151390015408166478059887940234405152693144166884492162723776487601158833605063151869850475289834250129252480954724818505034734280077580919995584375189497366089269712298471489896645221362055822887892887126082288043106492130176555423739906252380437817155678204772878611148787130925042126257401487070141904017757131876614711613405231164930930771261221451019736883391322299033324412671768599041417705072563016759224152503535867541947310239343903761461, # noqa 102 cri['subject_pk_info']['public_key'].parsed['modulus'].native 103 ) 104 self.assertEqual( 105 65537, 106 cri['subject_pk_info']['public_key'].parsed['public_exponent'].native 107 ) 108 self.assertEqual( 109 [ 110 util.OrderedDict([ 111 ('type', 'extension_request'), 112 ( 113 'values', 114 [ 115 [ 116 util.OrderedDict([ 117 ('extn_id', 'basic_constraints'), 118 ('critical', False), 119 ( 120 'extn_value', 121 util.OrderedDict([ 122 ('ca', False), 123 ('path_len_constraint', None), 124 ]) 125 ), 126 ]), 127 util.OrderedDict([ 128 ('extn_id', 'key_usage'), 129 ('critical', False), 130 ( 131 'extn_value', 132 set(['digital_signature', 'non_repudiation', 'key_encipherment']), 133 ), 134 ]) 135 ] 136 ] 137 ), 138 ]), 139 ], 140 cri['attributes'].native 141 ) 142 143 def test_parse_csr3(self): 144 with open(os.path.join(fixtures_dir, 'test-windows-host.csr'), 'rb') as f: 145 certification_request = csr.CertificationRequest.load(f.read()) 146 147 cri = certification_request['certification_request_info'] 148 149 self.assertEqual( 150 'v1', 151 cri['version'].native 152 ) 153 154 self.assertEqual( 155 util.OrderedDict([ 156 ('common_name', 'windows.host.example.net'), 157 ]), 158 cri['subject'].native 159 ) 160 self.assertEqual( 161 util.OrderedDict([ 162 ('algorithm', 'rsa'), 163 ('parameters', None), 164 ]), 165 cri['subject_pk_info']['algorithm'].native 166 ) 167 self.assertEqual( 168 0x00bd5b280774e2e64a2c022abd50de7817aaec50367e94b9c6459ca876daaf3bc3d7ffc41bf902422ac9af7d369eeb23245c5d8e2dda5434463f1d3e596c066a3cbe936bd89b4b7b9923ff6e654608cd3aa1fbc36543165752dde12c889c7aee4b5423e311e507bfd9fa60166290ae766005209120b651c3cdeceabba90b115341d656cb1fe94f372ba7c170bd15261685e92303205a7e5141928415f748d77ee4c6ecf8749b80c07d99f99f9aff629be62840e43e4696d6602df2a7a5e1bf11925021f2df2f4d27ef42e4decb0dc615c29eecaca628721a0c3c70c2700b7c658d6b7b7b6285593fd7d5ae086447bdc30429c7231db6b831d44e4c019887542f5f, # noqa 169 cri['subject_pk_info']['public_key'].parsed['modulus'].native 170 ) 171 self.assertEqual( 172 65537, 173 cri['subject_pk_info']['public_key'].parsed['public_exponent'].native 174 ) 175 self.assertEqual( 176 [ 177 util.OrderedDict([ 178 ('type', 'microsoft_os_version'), 179 ('values', ['6.2.9200.2']), 180 ]), 181 util.OrderedDict([ 182 ('type', 'microsoft_request_client_info'), 183 ( 184 'values', 185 [ 186 util.OrderedDict([ 187 ('clientid', 5), 188 ('machinename', 'windows.host.example.net'), 189 ('username', 'locuser'), 190 ('processname', 'MMC.EXE'), 191 ]) 192 ]) 193 ] 194 ), 195 util.OrderedDict([ 196 ('type', 'microsoft_enrollment_csp_provider'), 197 ( 198 'values', 199 [ 200 util.OrderedDict([ 201 ('keyspec', 1), 202 ('cspname', 'Microsoft RSA SChannel Cryptographic Provider'), 203 ('signature', ()), 204 ]) 205 ] 206 ), 207 ]), 208 util.OrderedDict([ 209 ('type', 'extension_request'), 210 ( 211 'values', 212 [ 213 [ 214 util.OrderedDict([ 215 ('extn_id', 'microsoft_enroll_certtype'), 216 ('critical', False), 217 ( 218 'extn_value', 219 'Machine', 220 ) 221 ]), 222 util.OrderedDict([ 223 ('extn_id', 'extended_key_usage'), 224 ('critical', False), 225 ( 226 'extn_value', 227 ['client_auth', 'server_auth'], 228 ), 229 ]), 230 util.OrderedDict([ 231 ('extn_id', 'key_usage'), 232 ('critical', False), 233 ( 234 'extn_value', 235 set(['digital_signature', 'key_encipherment']), 236 ), 237 ]), 238 util.OrderedDict([ 239 ('extn_id', 'key_identifier'), 240 ('critical', False), 241 ( 242 'extn_value', 243 bytearray.fromhex('2a 98 4b c1 ff 6e 16 ed 2d 69 35 0a 26 e7 1f 8c 05 4f b8 e6'), # noqa 244 ), 245 ]), 246 ] 247 ] 248 ), 249 ]), 250 ], 251 cri['attributes'].native 252 ) 253