0001-tests-test-authentic2.saml.x509utils-46984.patch
src/authentic2/saml/x509utils.py | ||
---|---|---|
180 | 180 |
'<Modulus>%s</Modulus>\n\t' |
181 | 181 |
'<Exponent>%s</Exponent>\n</RSAKeyValue>' % ( |
182 | 182 |
base64.b64encode(int_to_bin(mod)), base64.b64encode(int_to_bin(exp)))) |
183 | ||
184 | ||
185 |
if __name__ == '__main__': |
|
186 |
assert(can_generate_rsa_key_pair()) |
|
187 |
publickey, privatekey = generate_rsa_keypair() |
|
188 |
assert(publickey is not None and privatekey is not None) |
|
189 |
assert(check_key_pair_consistency(publickey, privatekey)) |
|
190 |
_, privatekey = generate_rsa_keypair() |
|
191 |
assert(not check_key_pair_consistency(publickey, privatekey)) |
|
192 |
assert(get_xmldsig_rsa_key_value(publickey) is not None) |
|
193 |
assert(get_rsa_public_key_modulus(publickey) is not None) |
|
194 |
assert(get_rsa_public_key_exponent(publickey) is not None) |
|
195 |
# Certificate/key generated using |
|
196 |
# openssl req -x509 -newkey rsa:1024 -keyout key.pem -out req.pem |
|
197 |
cert = '''-----BEGIN CERTIFICATE----- |
|
198 |
MIICHjCCAYegAwIBAgIJALgmNSS3spUaMA0GCSqGSIb3DQEBBQUAMBUxEzARBgNV |
|
199 |
BAoTCkVudHJvdXZlcnQwHhcNMDkxMDI4MjIwODEzWhcNMDkxMTI3MjIwODEzWjAV |
|
200 |
MRMwEQYDVQQKEwpFbnRyb3V2ZXJ0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB |
|
201 |
gQCtTbDTe/LrD+gvK0Sgf/rnvAg4zcc/vJcEdsiGsJ3shTse7OPf5fIaD7lry+jm |
|
202 |
tFX61n8Rn1d1iw+whuYbrG6R3OhDw50vufb2RrRSHBOA7CcfiKQD6CT2p31msv+C |
|
203 |
iHbGmoHRFyt2CnRGy2FCX2Oizf5qxfjHaJEXu0tk/SdN2QIDAQABo3YwdDAdBgNV |
|
204 |
HQ4EFgQUlDrrh8KudeyeInXqios+Rdf9tQAwRQYDVR0jBD4wPIAUlDrrh8Kudeye |
|
205 |
InXqios+Rdf9tQChGaQXMBUxEzARBgNVBAoTCkVudHJvdXZlcnSCCQC4JjUkt7KV |
|
206 |
GjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAFHXBDW13NIiafS2cRP1 |
|
207 |
/KAMIfnB/kYINTUU7iv2oIOYtfpVR9yMmnLIVxTyN3rCWb7UV/ICkMotTHmKLDT8 |
|
208 |
Rp7tKc0zTQ+CQGFVYvfRAlz4kgW14DDx/oIBqr/yDv5mInFb8reSfP85cPrXp/wR |
|
209 |
ufewZ2WHikP2kWoHWDkw8MDd |
|
210 |
-----END CERTIFICATE-----''' |
|
211 |
key = '''-----BEGIN RSA PRIVATE KEY----- |
|
212 |
MIICXgIBAAKBgQCtTbDTe/LrD+gvK0Sgf/rnvAg4zcc/vJcEdsiGsJ3shTse7OPf |
|
213 |
5fIaD7lry+jmtFX61n8Rn1d1iw+whuYbrG6R3OhDw50vufb2RrRSHBOA7CcfiKQD |
|
214 |
6CT2p31msv+CiHbGmoHRFyt2CnRGy2FCX2Oizf5qxfjHaJEXu0tk/SdN2QIDAQAB |
|
215 |
AoGBAKlFVQ17540JAHPyAxnxZxSpaC5zb8YlYiwOCVblc5rtlw1hvEGYy5wA987+ |
|
216 |
YAHW6pQSphKEXFyG81Asst0c0vExgGVFjzAy/GFrBTnl0l5PtwPDDIAmGP6DQw4C |
|
217 |
lOHJePloKp0xjCo2nJ8XluxkPp1+XtJyJOhZWpQPDvF3uL+xAkEA3t58jg0SV55s |
|
218 |
E10R04QOJB0qIB9U4Nw29uhh5RXv8JRq41pw4iDmpi9I67nGqDeuxlDUQ/+5rLOE |
|
219 |
Ptp07BsFWwJBAMcQ7wiwhIYtRC8ff3WbWX9wcABDyX47uYvAMIiaEOmFmJyI41mW |
|
220 |
xlik821Aaid1Z45vgBN32hYkEbpWaaIVe9sCQQCX7mpQ2F5ptskMhkTxwbN2MR+X |
|
221 |
mGRfiiA6P/8EkejpQ/R+GxibPzydi9yVPidMY/FUpqOd24YzUonT408T6fPDAkEA |
|
222 |
pkkt86tIOLEtaNO97CcF/t+Un5QAh9MqLmQv5pwUDo4Lqo7qo1bAfyHjOlr5kdaP |
|
223 |
17qqWRjf82jT6jzu5nddywJAVQpxlZ8fIZUzTD2mRQeLf5O+rXmtH1LlwRRGCNaa |
|
224 |
8eM47A92x9uplD/sN550pTKM7XLhHBvEfLujUoGHpWQxGA== |
|
225 |
-----END RSA PRIVATE KEY-----''' |
|
226 |
assert(check_key_pair_consistency(cert, key)) |
|
227 |
assert(get_xmldsig_rsa_key_value(cert)) |
|
228 |
assert(len(decapsulate_pem_file(key).splitlines()) == len(key.splitlines()) - 2) |
|
229 |
tests/test_saml_x509utils.py | ||
---|---|---|
1 |
# authentic2 - versatile identity manager |
|
2 |
# Copyright (C) 2010-2020 Entr'ouvert |
|
3 |
# |
|
4 |
# This program is free software: you can redistribute it and/or modify it |
|
5 |
# under the terms of the GNU Affero General Public License as published |
|
6 |
# by the Free Software Foundation, either version 3 of the License, or |
|
7 |
# (at your option) any later version. |
|
8 |
# |
|
9 |
# This program is distributed in the hope that it will be useful, |
|
10 |
# but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
11 |
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
12 |
# GNU Affero General Public License for more details. |
|
13 |
# |
|
14 |
# You should have received a copy of the GNU Affero General Public License |
|
15 |
# along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
16 |
# authentic2 |
|
17 | ||
18 |
from authentic2.saml.x509utils import ( |
|
19 |
can_generate_rsa_key_pair, |
|
20 |
generate_rsa_keypair, |
|
21 |
check_key_pair_consistency, |
|
22 |
get_xmldsig_rsa_key_value, |
|
23 |
get_rsa_public_key_modulus, |
|
24 |
get_rsa_public_key_exponent, |
|
25 |
decapsulate_pem_file, |
|
26 |
) |
|
27 | ||
28 | ||
29 |
def test_x509utils(): |
|
30 |
assert can_generate_rsa_key_pair() |
|
31 |
publickey, privatekey = generate_rsa_keypair() |
|
32 |
assert publickey is not None and privatekey is not None |
|
33 |
assert check_key_pair_consistency(publickey, privatekey) |
|
34 |
_, privatekey = generate_rsa_keypair() |
|
35 |
assert not check_key_pair_consistency(publickey, privatekey) |
|
36 |
assert get_xmldsig_rsa_key_value(publickey) is not None |
|
37 |
assert get_rsa_public_key_modulus(publickey) is not None |
|
38 |
assert get_rsa_public_key_exponent(publickey) is not None |
|
39 |
# Certificate/key generated using |
|
40 |
# openssl req -x509 -newkey rsa:1024 -keyout key.pem -out req.pem |
|
41 |
cert = '''-----BEGIN CERTIFICATE----- |
|
42 |
MIICHjCCAYegAwIBAgIJALgmNSS3spUaMA0GCSqGSIb3DQEBBQUAMBUxEzARBgNV |
|
43 |
BAoTCkVudHJvdXZlcnQwHhcNMDkxMDI4MjIwODEzWhcNMDkxMTI3MjIwODEzWjAV |
|
44 |
MRMwEQYDVQQKEwpFbnRyb3V2ZXJ0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB |
|
45 |
gQCtTbDTe/LrD+gvK0Sgf/rnvAg4zcc/vJcEdsiGsJ3shTse7OPf5fIaD7lry+jm |
|
46 |
tFX61n8Rn1d1iw+whuYbrG6R3OhDw50vufb2RrRSHBOA7CcfiKQD6CT2p31msv+C |
|
47 |
iHbGmoHRFyt2CnRGy2FCX2Oizf5qxfjHaJEXu0tk/SdN2QIDAQABo3YwdDAdBgNV |
|
48 |
HQ4EFgQUlDrrh8KudeyeInXqios+Rdf9tQAwRQYDVR0jBD4wPIAUlDrrh8Kudeye |
|
49 |
InXqios+Rdf9tQChGaQXMBUxEzARBgNVBAoTCkVudHJvdXZlcnSCCQC4JjUkt7KV |
|
50 |
GjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAFHXBDW13NIiafS2cRP1 |
|
51 |
/KAMIfnB/kYINTUU7iv2oIOYtfpVR9yMmnLIVxTyN3rCWb7UV/ICkMotTHmKLDT8 |
|
52 |
Rp7tKc0zTQ+CQGFVYvfRAlz4kgW14DDx/oIBqr/yDv5mInFb8reSfP85cPrXp/wR |
|
53 |
ufewZ2WHikP2kWoHWDkw8MDd |
|
54 |
-----END CERTIFICATE-----''' |
|
55 |
key = '''-----BEGIN RSA PRIVATE KEY----- |
|
56 |
MIICXgIBAAKBgQCtTbDTe/LrD+gvK0Sgf/rnvAg4zcc/vJcEdsiGsJ3shTse7OPf |
|
57 |
5fIaD7lry+jmtFX61n8Rn1d1iw+whuYbrG6R3OhDw50vufb2RrRSHBOA7CcfiKQD |
|
58 |
6CT2p31msv+CiHbGmoHRFyt2CnRGy2FCX2Oizf5qxfjHaJEXu0tk/SdN2QIDAQAB |
|
59 |
AoGBAKlFVQ17540JAHPyAxnxZxSpaC5zb8YlYiwOCVblc5rtlw1hvEGYy5wA987+ |
|
60 |
YAHW6pQSphKEXFyG81Asst0c0vExgGVFjzAy/GFrBTnl0l5PtwPDDIAmGP6DQw4C |
|
61 |
lOHJePloKp0xjCo2nJ8XluxkPp1+XtJyJOhZWpQPDvF3uL+xAkEA3t58jg0SV55s |
|
62 |
E10R04QOJB0qIB9U4Nw29uhh5RXv8JRq41pw4iDmpi9I67nGqDeuxlDUQ/+5rLOE |
|
63 |
Ptp07BsFWwJBAMcQ7wiwhIYtRC8ff3WbWX9wcABDyX47uYvAMIiaEOmFmJyI41mW |
|
64 |
xlik821Aaid1Z45vgBN32hYkEbpWaaIVe9sCQQCX7mpQ2F5ptskMhkTxwbN2MR+X |
|
65 |
mGRfiiA6P/8EkejpQ/R+GxibPzydi9yVPidMY/FUpqOd24YzUonT408T6fPDAkEA |
|
66 |
pkkt86tIOLEtaNO97CcF/t+Un5QAh9MqLmQv5pwUDo4Lqo7qo1bAfyHjOlr5kdaP |
|
67 |
17qqWRjf82jT6jzu5nddywJAVQpxlZ8fIZUzTD2mRQeLf5O+rXmtH1LlwRRGCNaa |
|
68 |
8eM47A92x9uplD/sN550pTKM7XLhHBvEfLujUoGHpWQxGA== |
|
69 |
-----END RSA PRIVATE KEY-----''' |
|
70 |
assert check_key_pair_consistency(cert, key) |
|
71 |
assert get_xmldsig_rsa_key_value(cert) |
|
72 |
assert len(decapsulate_pem_file(key).splitlines()) == len(key.splitlines()) - 2 |
|
73 | ||
0 |
- |