diff options
Diffstat (limited to 'tests/aaf/certservice/libraries/JksArtifactsValidator.py')
-rw-r--r-- | tests/aaf/certservice/libraries/JksArtifactsValidator.py | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/tests/aaf/certservice/libraries/JksArtifactsValidator.py b/tests/aaf/certservice/libraries/JksArtifactsValidator.py new file mode 100644 index 00000000..e2fdde91 --- /dev/null +++ b/tests/aaf/certservice/libraries/JksArtifactsValidator.py @@ -0,0 +1,45 @@ +import jks +from OpenSSL import crypto +from cryptography import x509 +from cryptography.hazmat.backends import default_backend +from EnvsReader import EnvsReader +from ArtifactParser import ArtifactParser + +class JksArtifactsValidator: + + def __init__(self, mount_path): + self.parser = ArtifactParser(mount_path, "jks") + + def get_and_compare_data_jks(self, path_to_env): + data = self.get_data_jks(path_to_env) + return data, self.parser.contains_expected_data(data) + + def get_keystore(self): + keystore = jks.KeyStore.load(self.parser.keystorePath, open(self.parser.keystorePassPath, 'rb').read()) + return keystore.private_keys['certificate'].cert_chain[0][1] + + def get_truststore(self): + truststore = jks.KeyStore.load(self.parser.truststorePath, open(self.parser.truststorePassPath, 'rb').read()) + return truststore.certs + + def can_open_keystore_and_truststore_with_pass_jks(self): + try: + jks.KeyStore.load(self.parser.keystorePath, open(self.parser.keystorePassPath, 'rb').read()) + jks.KeyStore.load(self.parser.truststorePath, open(self.parser.truststorePassPath, 'rb').read()) + return True + except: + return False + + def get_data_jks(self, path_to_env): + envs = self.parser.get_envs_as_dict(EnvsReader().read_env_list_from_file(path_to_env)) + certificate = self.get_keystore_certificate() + data = self.parser.get_owner_data_from_certificate(certificate) + data['SANS'] = self.parser.get_sans(certificate) + return type('', (object,), {"expectedData": envs, "actualData": data}) + + def get_keystore_certificate(self): + return crypto.X509.from_cryptography(self.load_x509_certificate(self.get_keystore())) + + def load_x509_certificate(self, data): + cert = x509.load_der_x509_certificate(data, default_backend()) + return cert |