1# coding: utf-8
2from __future__ import unicode_literals, division, absolute_import, print_function
3
4import unittest
5import sys
6import os
7from datetime import datetime
8
9from asn1crypto import ocsp, util
10from ._unittest_compat import patch
11
12patch()
13
14if sys.version_info < (3,):
15    byte_cls = str
16else:
17    byte_cls = bytes
18
19
20tests_root = os.path.dirname(__file__)
21fixtures_dir = os.path.join(tests_root, 'fixtures')
22
23
24class OCSPTests(unittest.TestCase):
25
26    def test_parse_request(self):
27        with open(os.path.join(fixtures_dir, 'ocsp_request'), 'rb') as f:
28            request = ocsp.OCSPRequest.load(f.read())
29
30        tbs_request = request['tbs_request']
31        request_list = tbs_request['request_list']
32        single_request = request_list[0]
33        req_cert = single_request['req_cert']
34
35        self.assertEqual(
36            'v1',
37            tbs_request['version'].native
38        )
39        self.assertEqual(
40            None,
41            tbs_request['requestor_name'].native
42        )
43        self.assertEqual(
44            'sha1',
45            req_cert['hash_algorithm']['algorithm'].native
46        )
47        self.assertEqual(
48            None,
49            req_cert['hash_algorithm']['parameters'].native
50        )
51        self.assertEqual(
52            b'\xAA\x2B\x03\x14\xAF\x64\x2E\x13\x0E\xD6\x92\x25\xE3\xFF\x2A\xBA\xD7\x3D\x62\x30',
53            req_cert['issuer_name_hash'].native
54        )
55        self.assertEqual(
56            b'\xDE\xCF\x5C\x50\xB7\xAE\x02\x1F\x15\x17\xAA\x16\xE8\x0D\xB5\x28\x9D\x6A\x5A\xF3',
57            req_cert['issuer_key_hash'].native
58        )
59        self.assertEqual(
60            130338219198307073574879940486642352162,
61            req_cert['serial_number'].native
62        )
63
64    def test_parse_response(self):
65        with open(os.path.join(fixtures_dir, 'ocsp_response'), 'rb') as f:
66            response = ocsp.OCSPResponse.load(f.read())
67
68        response_bytes = response['response_bytes']
69        basic_ocsp_response = response_bytes['response'].parsed
70        tbs_response_data = basic_ocsp_response['tbs_response_data']
71        responder_id = tbs_response_data['responder_id']
72        single_response = tbs_response_data['responses'][0]
73        cert_id = single_response['cert_id']
74        cert = basic_ocsp_response['certs'][0]
75
76        self.assertEqual(
77            'successful',
78            response['response_status'].native
79        )
80        self.assertEqual(
81            'basic_ocsp_response',
82            response_bytes['response_type'].native
83        )
84        self.assertEqual(
85            'sha1_rsa',
86            basic_ocsp_response['signature_algorithm']['algorithm'].native
87        )
88        self.assertEqual(
89            None,
90            basic_ocsp_response['signature_algorithm']['parameters'].native
91        )
92        self.assertEqual(
93            'v1',
94            tbs_response_data['version'].native
95        )
96        self.assertEqual(
97            b'\x4E\xC5\x63\xD6\xB2\x05\x05\xD7\x76\xF0\x07\xED\xAC\x7D\x5A\x56\x97\x7B\xBD\x3C',
98            responder_id.native
99        )
100        self.assertEqual(
101            'by_key',
102            responder_id.name
103        )
104        self.assertEqual(
105            datetime(2015, 5, 22, 16, 24, 8, tzinfo=util.timezone.utc),
106            tbs_response_data['produced_at'].native
107        )
108        self.assertEqual(
109            'sha1',
110            cert_id['hash_algorithm']['algorithm'].native
111        )
112        self.assertEqual(
113            None,
114            cert_id['hash_algorithm']['parameters'].native
115        )
116        self.assertEqual(
117            b'\xAA\x2B\x03\x14\xAF\x64\x2E\x13\x0E\xD6\x92\x25\xE3\xFF\x2A\xBA\xD7\x3D\x62\x30',
118            cert_id['issuer_name_hash'].native
119        )
120        self.assertEqual(
121            b'\xDE\xCF\x5C\x50\xB7\xAE\x02\x1F\x15\x17\xAA\x16\xE8\x0D\xB5\x28\x9D\x6A\x5A\xF3',
122            cert_id['issuer_key_hash'].native
123        )
124        self.assertEqual(
125            130338219198307073574879940486642352162,
126            cert_id['serial_number'].native
127        )
128        self.assertEqual(
129            datetime(2015, 5, 22, 16, 24, 8, tzinfo=util.timezone.utc),
130            single_response['this_update'].native
131        )
132        self.assertEqual(
133            datetime(2015, 5, 29, 16, 24, 8, tzinfo=util.timezone.utc),
134            single_response['next_update'].native
135        )
136        self.assertEqual(
137            None,
138            single_response['single_extensions'].native
139        )
140        self.assertEqual(
141            None,
142            tbs_response_data['response_extensions'].native
143        )
144        self.assertIsInstance(
145            basic_ocsp_response['certs'].native,
146            list
147        )
148        self.assertEqual(
149            1,
150            len(basic_ocsp_response['certs'])
151        )
152        self.assertEqual(
153            'v3',
154            cert['tbs_certificate']['version'].native
155        )
156
157    def test_cert_status_native(self):
158        status = ocsp.CertStatus.load(b'\x80\x00')
159        self.assertEqual('good', status.native)
160
161        status = ocsp.CertStatus(('good', ocsp.StatusGood()))
162        self.assertEqual('good', status.native)
163
164        with self.assertRaises(ValueError):
165            ocsp.StatusGood('unknown')
166
167        status = ocsp.CertStatus.load(
168            b'\xa1\x16\x18\x0f\x32\x30\x31\x38\x31\x30\x30\x33'
169            b'\x31\x34\x35\x33\x34\x37\x5a\xa0\x03\x0a\x01\x01'
170        )
171        self.assertIsInstance(
172            status.native,
173            util.OrderedDict
174        )
175
176        status = ocsp.CertStatus.load(b'\x82\x00')
177        self.assertEqual('unknown', status.native)
178
179        status = ocsp.CertStatus(('unknown', ocsp.StatusUnknown()))
180        self.assertEqual('unknown', status.native)
181
182        with self.assertRaises(ValueError):
183            ocsp.StatusUnknown('good')
184