mirror of
https://github.com/bunny-lab-io/Borealis.git
synced 2025-10-26 23:41:58 -06:00
66 lines
2.4 KiB
Python
66 lines
2.4 KiB
Python
from __future__ import annotations
|
|
|
|
import importlib
|
|
import os
|
|
import shutil
|
|
import ssl
|
|
import sys
|
|
import tempfile
|
|
import unittest
|
|
from pathlib import Path
|
|
|
|
from Data.Engine import runtime
|
|
|
|
|
|
class CertificateGenerationTests(unittest.TestCase):
|
|
def setUp(self) -> None:
|
|
self._tmpdir = Path(tempfile.mkdtemp(prefix="engine-cert-tests-"))
|
|
self.addCleanup(lambda: shutil.rmtree(self._tmpdir, ignore_errors=True))
|
|
|
|
self._previous_env: dict[str, str | None] = {}
|
|
for name in ("BOREALIS_CERTIFICATES_ROOT", "BOREALIS_SERVER_CERT_ROOT"):
|
|
self._previous_env[name] = os.environ.get(name)
|
|
os.environ[name] = str(self._tmpdir / name.lower())
|
|
|
|
runtime.certificates_root.cache_clear()
|
|
runtime.server_certificates_root.cache_clear()
|
|
|
|
module_name = "Data.Engine.services.crypto.certificates"
|
|
if module_name in sys.modules:
|
|
del sys.modules[module_name]
|
|
|
|
try:
|
|
self.certificates = importlib.import_module(module_name)
|
|
except ModuleNotFoundError as exc: # pragma: no cover - optional deps absent
|
|
self.skipTest(f"cryptography dependency unavailable: {exc}")
|
|
|
|
def tearDown(self) -> None: # pragma: no cover - environment cleanup
|
|
for name, value in self._previous_env.items():
|
|
if value is None:
|
|
os.environ.pop(name, None)
|
|
else:
|
|
os.environ[name] = value
|
|
runtime.certificates_root.cache_clear()
|
|
runtime.server_certificates_root.cache_clear()
|
|
|
|
def test_ensure_certificate_creates_material(self) -> None:
|
|
cert_path, key_path, bundle_path = self.certificates.ensure_certificate()
|
|
|
|
self.assertTrue(cert_path.exists(), "certificate was not generated")
|
|
self.assertTrue(key_path.exists(), "private key was not generated")
|
|
self.assertTrue(bundle_path.exists(), "bundle was not generated")
|
|
|
|
context = self.certificates.build_ssl_context()
|
|
self.assertIsInstance(context, ssl.SSLContext)
|
|
self.assertEqual(context.minimum_version, ssl.TLSVersion.TLSv1_3)
|
|
|
|
def test_certificate_paths_returns_strings(self) -> None:
|
|
cert_path, key_path, bundle_path = self.certificates.certificate_paths()
|
|
self.assertIsInstance(cert_path, str)
|
|
self.assertIsInstance(key_path, str)
|
|
self.assertIsInstance(bundle_path, str)
|
|
|
|
|
|
if __name__ == "__main__": # pragma: no cover - convenience
|
|
unittest.main()
|