MCPcopy Index your code
hub / github.com/RustPython/RustPython / test_load_cert_chain

Method test_load_cert_chain

Lib/test/test_ssl.py:1157–1244  ·  view source on GitHub ↗
(self)

Source from the content-addressed store, hash-verified

1155 ctx.verify_flags = None
1156
1157 def test_load_cert_chain(self):
1158 ctx = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
1159 # Combined key and cert in a single file
1160 ctx.load_cert_chain(CERTFILE, keyfile=None)
1161 ctx.load_cert_chain(CERTFILE, keyfile=CERTFILE)
1162 self.assertRaises(TypeError, ctx.load_cert_chain, keyfile=CERTFILE)
1163 with self.assertRaises(OSError) as cm:
1164 ctx.load_cert_chain(NONEXISTINGCERT)
1165 self.assertEqual(cm.exception.errno, errno.ENOENT)
1166 with self.assertRaisesRegex(ssl.SSLError, "PEM (lib|routines)"):
1167 ctx.load_cert_chain(BADCERT)
1168 with self.assertRaisesRegex(ssl.SSLError, "PEM (lib|routines)"):
1169 ctx.load_cert_chain(EMPTYCERT)
1170 # Separate key and cert
1171 ctx = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
1172 ctx.load_cert_chain(ONLYCERT, ONLYKEY)
1173 ctx.load_cert_chain(certfile=ONLYCERT, keyfile=ONLYKEY)
1174 ctx.load_cert_chain(certfile=BYTES_ONLYCERT, keyfile=BYTES_ONLYKEY)
1175 with self.assertRaisesRegex(ssl.SSLError, "PEM (lib|routines)"):
1176 ctx.load_cert_chain(ONLYCERT)
1177 with self.assertRaisesRegex(ssl.SSLError, "PEM (lib|routines)"):
1178 ctx.load_cert_chain(ONLYKEY)
1179 with self.assertRaisesRegex(ssl.SSLError, "PEM (lib|routines)"):
1180 ctx.load_cert_chain(certfile=ONLYKEY, keyfile=ONLYCERT)
1181 # Mismatching key and cert
1182 ctx = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
1183 # Allow for flexible libssl error messages.
1184 regex = re.compile(r"""(
1185 key values mismatch # OpenSSL
1186 |
1187 KEY_VALUES_MISMATCH # AWS-LC
1188 )""", re.X)
1189 with self.assertRaisesRegex(ssl.SSLError, regex):
1190 ctx.load_cert_chain(CAFILE_CACERT, ONLYKEY)
1191 # Password protected key and cert
1192 ctx.load_cert_chain(CERTFILE_PROTECTED, password=KEY_PASSWORD)
1193 ctx.load_cert_chain(CERTFILE_PROTECTED, password=KEY_PASSWORD.encode())
1194 ctx.load_cert_chain(CERTFILE_PROTECTED,
1195 password=bytearray(KEY_PASSWORD.encode()))
1196 ctx.load_cert_chain(ONLYCERT, ONLYKEY_PROTECTED, KEY_PASSWORD)
1197 ctx.load_cert_chain(ONLYCERT, ONLYKEY_PROTECTED, KEY_PASSWORD.encode())
1198 ctx.load_cert_chain(ONLYCERT, ONLYKEY_PROTECTED,
1199 bytearray(KEY_PASSWORD.encode()))
1200 with self.assertRaisesRegex(TypeError, "should be a string"):
1201 ctx.load_cert_chain(CERTFILE_PROTECTED, password=True)
1202 with self.assertRaises(ssl.SSLError):
1203 ctx.load_cert_chain(CERTFILE_PROTECTED, password="badpass")
1204 with self.assertRaisesRegex(ValueError, "cannot be longer"):
1205 # openssl has a fixed limit on the password buffer.
1206 # PEM_BUFSIZE is generally set to 1kb.
1207 # Return a string larger than this.
1208 ctx.load_cert_chain(CERTFILE_PROTECTED, password=b'a' * 102400)
1209 # Password callback
1210 def getpass_unicode():
1211 return KEY_PASSWORD
1212 def getpass_bytes():
1213 return KEY_PASSWORD.encode()
1214 def getpass_bytearray():

Callers

nothing calls this directly

Calls 7

GetPassCallableClass · 0.85
assertRaisesRegexMethod · 0.80
load_cert_chainMethod · 0.45
assertRaisesMethod · 0.45
assertEqualMethod · 0.45
compileMethod · 0.45
encodeMethod · 0.45

Tested by

no test coverage detected