diff --git a/pyas2lib/utils.py b/pyas2lib/utils.py index 40e985e..d289795 100644 --- a/pyas2lib/utils.py +++ b/pyas2lib/utils.py @@ -191,7 +191,9 @@ def verify_certificate_chain(cert_str, trusted_certs, ignore_self_signed=True): def extract_certificate_info(cert): """ Extract validity information from the certificate and return a dictionary. - Provide either key with certificate (private) or public certificate + + Provide either key with certificate (private) or public certificate. + :param cert: the certificate as byte string in PEM or DER format :return: a dictionary holding certificate information: valid_from (datetime) @@ -216,16 +218,21 @@ def extract_certificate_info(cert): # iterate through the list to find the certificate for _item in der: try: - # load the certificate. if element is key, exception is triggered and next element is tried + # load the certificate. if element is key, exception is triggered + # and next element is tried certificate = crypto.load_certificate(crypto.FILETYPE_ASN1, _item) # on successful load, extract the various fields into the dictionary - cert_info['valid_from'] = datetime.strptime(certificate.get_notBefore().decode('utf8'), "%Y%m%d%H%M%SZ") - cert_info['valid_to'] = datetime.strptime(certificate.get_notAfter().decode('utf8'), "%Y%m%d%H%M%SZ") - cert_info['subject'] = [tuple(item.decode('utf8') for item in sets) - for sets in certificate.get_subject().get_components()] - cert_info['issuer'] = [tuple(item.decode('utf8') for item in sets) - for sets in certificate.get_issuer().get_components()] + cert_info['valid_from'] = datetime.strptime( + certificate.get_notBefore().decode('utf8'), "%Y%m%d%H%M%SZ") + cert_info['valid_to'] = datetime.strptime( + certificate.get_notAfter().decode('utf8'), "%Y%m%d%H%M%SZ") + cert_info['subject'] = [ + tuple(item.decode('utf8') for item in sets) + for sets in certificate.get_subject().get_components()] + cert_info['issuer'] = [ + tuple(item.decode('utf8') for item in sets) + for sets in certificate.get_issuer().get_components()] cert_info['serial'] = certificate.get_serial_number() break except crypto.Error: diff --git a/tests/test_advanced.py b/tests/test_advanced.py index ce39ce3..06fd12f 100644 --- a/tests/test_advanced.py +++ b/tests/test_advanced.py @@ -4,6 +4,7 @@ import base64 import datetime + class TestAdvanced(Pyas2TestCase): def setUp(self): @@ -72,7 +73,7 @@ def test_partner_not_found(self): _, _, mdn = in_message.parse( raw_out_message, find_org_cb=self.find_org, - find_partner_cb=self.find_none, + find_partner_cb=lambda x: None, find_message_cb=lambda x, y: False ) @@ -88,7 +89,7 @@ def test_partner_not_found(self): in_message = as2.Message() _, _, mdn = in_message.parse( raw_out_message, - find_org_cb=self.find_none, + find_org_cb=lambda x: None, find_partner_cb=self.find_partner, find_message_cb=lambda x, y: False ) @@ -326,36 +327,43 @@ def test_load_private_key(self): self.fail('Failed to load pem private key: %s' % e) def test_extract_certificate_info(self): - """ Test case that extracts data from private and public certificates in PEM or DER format""" - - cert_info = {'valid_from': datetime.datetime(2019, 6, 3, 11, 32, 57), - 'valid_to': datetime.datetime(2029, 5, 31, 11, 32, 57), - 'subject': [('C', 'AU'), ('ST', 'Some-State'), ('O', 'pyas2lib'), ('CN', 'test')], - 'issuer': [('C', 'AU'), ('ST', 'Some-State'), ('O', 'pyas2lib'), ('CN', 'test')], - 'serial': 13747137503594840569} - cert_empty = {'valid_from': None, - 'valid_to': None, - 'subject': None, - 'issuer': None, - 'serial': None} + """ Test case that extracts data from private and public certificates + in PEM or DER format""" + + cert_info = { + 'valid_from': datetime.datetime(2019, 6, 3, 11, 32, 57), + 'valid_to': datetime.datetime(2029, 5, 31, 11, 32, 57), + 'subject': [('C', 'AU'), ('ST', 'Some-State'), + ('O', 'pyas2lib'), ('CN', 'test')], + 'issuer': [('C', 'AU'), ('ST', 'Some-State'), + ('O', 'pyas2lib'), ('CN', 'test')], + 'serial': 13747137503594840569 + } + cert_empty = { + 'valid_from': None, + 'valid_to': None, + 'subject': None, + 'issuer': None, + 'serial': None + } # compare result of function with cert_info dict. - self.assertEqual(utils.extract_certificate_info(self.private_pem), cert_info) - self.assertEqual(utils.extract_certificate_info(self.private_cer), cert_info) - self.assertEqual(utils.extract_certificate_info(self.public_pem), cert_info) - self.assertEqual(utils.extract_certificate_info(self.public_cer), cert_info) + self.assertEqual( + utils.extract_certificate_info(self.private_pem), cert_info) + self.assertEqual( + utils.extract_certificate_info(self.private_cer), cert_info) + self.assertEqual( + utils.extract_certificate_info(self.public_pem), cert_info) + self.assertEqual( + utils.extract_certificate_info(self.public_cer), cert_info) self.assertEqual(utils.extract_certificate_info(b''), cert_empty) - def find_org(self, headers): return self.org def find_partner(self, headers): return self.partner - def find_none(self, as2_id): - return None - def find_message(self, message_id, message_recipient): return self.out_message