[tor-commits] [stem/master] Unit tests for KeyCertificate fields

Sat Oct 13 18:35:45 UTC 2012

commit 7986afa40937657391346dea5b4aa6aeb561c870
Author: Damian Johnson <atagar at torproject.org>
Date:   Sat Sep 29 11:13:34 2012 -0700

    Unit tests for KeyCertificate fields
    
    Remaining unit tests that I'm planning to do for the KeyCertificate. Oddly this
    is the first time that I've added a unit test for malformed content in a key
    block field (oops).
---
 stem/descriptor/__init__.py                        |    5 +-
 .../descriptor/networkstatus/key_certificate.py    |  109 ++++++++++++++++++++
 2 files changed, 112 insertions(+), 2 deletions(-)

diff --git a/stem/descriptor/__init__.py b/stem/descriptor/__init__.py
index b921058..9fa1f9e 100644
--- a/stem/descriptor/__init__.py
+++ b/stem/descriptor/__init__.py
@@ -340,15 +340,16 @@ def _get_pseudo_pgp_block(remaining_contents):
   if block_match:
     block_type = block_match.groups()[0]
     block_lines = []
+    end_line = PGP_BLOCK_END % block_type
     
     while True:
       if not remaining_contents:
-        raise ValueError("Unterminated pgp style block")
+        raise ValueError("Unterminated pgp style block (looking for '%s'):\n%s" % (end_line, "\n".join(block_lines)))
       
       line = remaining_contents.pop(0)
       block_lines.append(line)
       
-      if line == PGP_BLOCK_END % block_type:
+      if line == end_line:
         return "\n".join(block_lines)
   else:
     return None
diff --git a/test/unit/descriptor/networkstatus/key_certificate.py b/test/unit/descriptor/networkstatus/key_certificate.py
index e3f62e0..e37337b 100644
--- a/test/unit/descriptor/networkstatus/key_certificate.py
+++ b/test/unit/descriptor/networkstatus/key_certificate.py
@@ -77,4 +77,113 @@ class TestKeyCertificate(unittest.TestCase):
     
     certificate = get_key_certificate({"dir-key-published": "2011-11-28 21:51:04\n\n\n"})
     self.assertEqual(datetime.datetime(2011, 11, 28, 21, 51, 4), certificate.published)
+  
+  def test_version(self):
+    """
+    Parses the dir-key-certificate-version field, including trying to handle a
+    different certificate version with the v3 parser.
+    """
+    
+    certificate = get_key_certificate({"dir-key-certificate-version": "3"})
+    self.assertEquals(3, certificate.version)
+    
+    content = get_key_certificate({"dir-key-certificate-version": "4"}, content = True)
+    self.assertRaises(ValueError, KeyCertificate, content)
+    self.assertEquals(4, KeyCertificate(content, False).version)
+    
+    content = get_key_certificate({"dir-key-certificate-version": "boo"}, content = True)
+    self.assertRaises(ValueError, KeyCertificate, content)
+    self.assertEquals(None, KeyCertificate(content, False).version)
+  
+  def test_dir_address(self):
+    """
+    Parses the dir-address field.
+    """
+    
+    certificate = get_key_certificate({"dir-address": "127.0.0.1:80"})
+    self.assertEqual("127.0.0.1", certificate.address)
+    self.assertEqual(80, certificate.dir_port)
+    
+    test_values = (
+      ("", None, None),
+      ("   ", None, None),
+      ("127.0.0.1", None, None),
+      ("127.0.0.1:", None, None),
+      ("80", None, None),
+      (":80", "", 80),
+      ("127.0.0.1a:80", "127.0.0.1a", 80),
+      ("127.0.0.1:80a", None, None),
+    )
+    
+    for test_value, expected_address, expected_port in test_values:
+      content = get_key_certificate({"dir-address": test_value}, content = True)
+      self.assertRaises(ValueError, KeyCertificate, content)
+      
+      certificate = KeyCertificate(content, False)
+      self.assertEqual(expected_address, certificate.address)
+      self.assertEqual(expected_port, certificate.dir_port)
+  
+  def test_fingerprint(self):
+    """
+    Parses the fingerprint field.
+    """
+    
+    test_values = (
+      "",
+      "   ",
+      "27B6B5996C426270A5C95488AA5BCEB6BCC8695",
+      "27B6B5996C426270A5C95488AA5BCEB6BCC869568",
+    )
+    
+    for test_value in test_values:
+      content = get_key_certificate({"fingerprint": test_value}, content = True)
+      self.assertRaises(ValueError, KeyCertificate, content)
+      
+      certificate = KeyCertificate(content, False)
+      self.assertEqual(test_value.strip(), certificate.fingerprint)
+  
+  def test_time_fields(self):
+    """
+    Parses the dir-key-published and dir-key-expires fields, which both have
+    datetime content.
+    """
+    
+    test_values = (
+      "",
+      "   ",
+      "2012-12-12",
+      "2012-12-12 01:01:",
+      "2012-12-12 01:a1:01",
+    )
+    
+    for field, attr in (("dir-key-published", "published"), ("dir-key-expires", "expires")):
+      for test_value in test_values:
+        content = get_key_certificate({field: test_value}, content = True)
+        self.assertRaises(ValueError, KeyCertificate, content)
+        
+        certificate = KeyCertificate(content, False)
+        self.assertEquals(None, getattr(certificate, attr))
+  
+  def test_key_blocks(self):
+    """
+    Parses the dir-identity-key, dir-signing-key, dir-key-crosscert, and
+    dir-key-certification fields which all just have signature content.
+    """
+    
+    # the only non-mandatory field that we haven't exercised yet is dir-key-crosscert
+    
+    certificate = get_key_certificate({"dir-key-crosscert": "\n-----BEGIN ID SIGNATURE-----%s-----END ID SIGNATURE-----" % CRYPTO_BLOB})
+    self.assertTrue(CRYPTO_BLOB in certificate.crosscert)
+    
+    test_value = "\n-----BEGIN ID SIGNATURE-----%s-----END UGABUGA SIGNATURE-----" % CRYPTO_BLOB
+    
+    for field, attr in (('dir-identity-key', 'identity_key'),
+                       ('dir-signing-key', 'signing_key'),
+                       ('dir-key-crosscert', 'crosscert'),
+                       ('dir-key-certification', 'certification')):
+      content = get_key_certificate({field: test_value}, content = True)
+      self.assertRaises(ValueError, KeyCertificate, content)
+      
+      certificate = KeyCertificate(content, False)
+      self.assertEquals(None, getattr(certificate, attr))
 



