Blame - tests/aaf/certservice/libraries/JksFilesValidator.py - onap/integration/csit

blob: 8c150de408ad69008233cce966b0340b6371e492 [file] [log] [blame]

Joanna Jeremicz	9c14f19	2020-03-19 14:51:51 +0100	[diff] [blame]	1	from OpenSSL import crypto
				2	from cryptography.x509.oid import ExtensionOID
				3	from cryptography import x509
				4	from EnvsReader import EnvsReader
				5
				6	class JksFilesValidator:
				7
				8	def __init__(self, mount_path):
				9	self.keystorePassPath = mount_path + '/keystore.pass'
				10	self.keystoreJksPath = mount_path + '/keystore.jks'
				11	self.truststorePassPath = mount_path + '/truststore.pass'
				12	self.truststoreJksPath = mount_path + '/truststore.jks'
				13
				14	def get_and_compare_data(self, path_to_env):
				15	data = self.get_data(path_to_env)
				16	return data, self.contains_expected_data(data)
				17
				18	def can_open_keystore_and_truststore_with_pass(self):
				19	can_open_keystore = self.can_open_jks_file_with_pass_file(self.keystorePassPath, self.keystoreJksPath)
				20	can_open_truststore = self.can_open_jks_file_with_pass_file(self.truststorePassPath, self.truststoreJksPath)
				21
				22	return can_open_keystore & can_open_truststore
				23
				24	def can_open_jks_file_with_pass_file(self, pass_file_path, jks_file_path):
				25	try:
				26	self.get_certificate(pass_file_path, jks_file_path)
				27	return True
				28	except:
				29	return False
				30
				31	def get_data(self, path_to_env):
				32	envs = self.get_envs_as_dict(EnvsReader().read_env_list_from_file(path_to_env))
				33	certificate = self.get_certificate(self.keystorePassPath, self.keystoreJksPath)
				34	data = self.get_owner_data_from_certificate(certificate)
				35	data['SANS'] = self.get_sans(certificate)
				36	return type('', (object,), {"expectedData": envs, "actualData": data})
				37
				38	def contains_expected_data(self, data):
				39	expectedData = data.expectedData
				40	actualData = data.actualData
				41	return cmp(expectedData, actualData) == 0
				42
				43	def get_owner_data_from_certificate(self, certificate):
				44	list = certificate.get_subject().get_components()
				45	return dict((k, v) for k, v in list)
				46
				47	def get_certificate(self, pass_file_path, jks_file_path):
				48	password = open(pass_file_path, 'rb').read()
				49	crypto.load_pkcs12(open(jks_file_path, 'rb').read(), password)
				50	return crypto.load_pkcs12(open(jks_file_path, 'rb').read(), password).get_certificate()
				51
				52	def get_sans(self, cert):
				53	extension = cert.to_cryptography().extensions.get_extension_for_oid(ExtensionOID.SUBJECT_ALTERNATIVE_NAME)
				54	dnsList = extension.value.get_values_for_type(x509.DNSName)
				55	return ':'.join(map(lambda dns: dns.encode('ascii','ignore'), dnsList))
				56
				57	def get_envs_as_dict(self, list):
				58	envs = self.get_list_of_pairs_by_mappings(list)
				59	return self.remove_nones_from_dict(envs)
				60
				61	def remove_nones_from_dict(self, dictionary):
				62	return dict((k, v) for k, v in dictionary.iteritems() if k is not None)
				63
				64	def get_list_of_pairs_by_mappings(self, list):
				65	mappings = self.get_mappings()
				66	listOfEnvs = map(lambda k: k.split('='), list)
				67	return dict((mappings.get(a[0]), a[1]) for a in listOfEnvs)
				68
				69	def get_mappings(self):
				70	return {'COMMON_NAME':'CN', 'ORGANIZATION':'O', 'ORGANIZATION_UNIT':'OU', 'LOCATION':'L', 'STATE':'ST', 'COUNTRY':'C', 'SANS':'SANS'}