tests/test_crl.py

   1 # coding: utf-8
   2 # PyDERASN -- Python ASN.1 DER codec with abstract structures
   3 # Copyright (C) 2017-2020 Sergey Matveev <stargrave@stargrave.org>
   4 #
   5 # This program is free software: you can redistribute it and/or modify
   6 # it under the terms of the GNU Lesser General Public License as
   7 # published by the Free Software Foundation, version 3 of the License.
   8 #
   9 # This program is distributed in the hope that it will be useful,
  10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
  11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12 # GNU Lesser General Public License for more details.
  13 #
  14 # You should have received a copy of the GNU Lesser General Public
  15 # License along with this program.  If not, see
  16 # <http://www.gnu.org/licenses/>.
  17 """CRL related schemas, just to test the performance with them
  18 """
  19
  20 from os.path import exists
  21 from time import time
  22 from unittest import skipIf
  23 from unittest import TestCase
  24
  25 from six import PY2
  26
  27 from pyderasn import BitString
  28 from pyderasn import encode_cer
  29 from pyderasn import file_mmaped
  30 from pyderasn import Sequence
  31 from pyderasn import SequenceOf
  32 from pyderasn import tag_ctxc
  33
  34 from tests.test_crts import AlgorithmIdentifier
  35 from tests.test_crts import CertificateSerialNumber
  36 from tests.test_crts import Extensions
  37 from tests.test_crts import Name
  38 from tests.test_crts import Time
  39 from tests.test_crts import Version
  40
  41
  42 class RevokedCertificate(Sequence):
  43     schema = (
  44         ("userCertificate", CertificateSerialNumber()),
  45         ("revocationDate", Time()),
  46         ("crlEntryExtensions", Extensions(optional=True)),
  47     )
  48
  49
  50 class RevokedCertificates(SequenceOf):
  51     schema = RevokedCertificate()
  52
  53
  54 class TBSCertList(Sequence):
  55     schema = (
  56         ("version", Version(optional=True)),
  57         ("signature", AlgorithmIdentifier()),
  58         ("issuer", Name()),
  59         ("thisUpdate", Time()),
  60         ("nextUpdate", Time(optional=True)),
  61         ("revokedCertificates", RevokedCertificates(optional=True)),
  62         ("crlExtensions", Extensions(expl=tag_ctxc(0), optional=True)),
  63     )
  64
  65
  66 class CertificateList(Sequence):
  67     schema = (
  68         ("tbsCertList", TBSCertList()),
  69         ("signatureAlgorithm", AlgorithmIdentifier()),
  70         ("signatureValue", BitString()),
  71     )
  72
  73
  74 CRL_PATH = "revoke.crl"
  75
  76
  77 @skipIf(not exists(CRL_PATH), "CACert's revoke.crl not found")
  78 class TestCACert(TestCase):
  79     def test_cer(self):
  80         with open(CRL_PATH, "rb") as fd:
  81             raw = fd.read()
  82         print("DER read")
  83         start = time()
  84         crl1 = CertificateList().decod(raw)
  85         print("DER decoded", time() - start)
  86         start = time()
  87         cer_raw = encode_cer(crl1)
  88         print("CER encoded", time() - start)
  89         start = time()
  90         crl2 = CertificateList().decod(cer_raw, ctx={"bered": True})
  91         print("CER decoded", time() - start)
  92         self.assertEqual(crl2, crl1)
  93         start = time()
  94         der_raw = crl2.encode()
  95         print("DER encoded", time() - start)
  96         self.assertSequenceEqual(der_raw, raw)
  97
  98     @skipIf(PY2, "Py27 mmap does not implement buffer protocol")
  99     def test_mmaped(self):
 100         fd = open(CRL_PATH, "rb")
 101         start = time()
 102         CertificateList().decod(file_mmaped(fd))
 103         print("DER decoded", time() - start)
 104
 105     def test_evgens(self):
 106         fd = open(CRL_PATH, "rb")
 107         raw = memoryview(fd.read()) if PY2 else file_mmaped(fd)
 108         print("CRL opened")
 109         evgens_count = 0
 110         revoked_certs_count = 0
 111         start = time()
 112         for decode_path, _, _ in CertificateList().decode_evgen(raw):
 113             evgens_count += 1
 114             if (
 115                     len(decode_path) == 3 and
 116                     decode_path[:2] == ("tbsCertList", "revokedCertificates")
 117             ):
 118                 revoked_certs_count += 1
 119         print("CRL parsed", time() - start)
 120         evgens_upto_count = 0
 121         start = time()
 122         for decode_path, _, _ in CertificateList().decode_evgen(raw, ctx={
 123                 "evgen_mode_upto": (
 124                     (("tbsCertList", "revokedCertificates", any), True),
 125                 ),
 126         }):
 127             evgens_upto_count += 1
 128         print("CRL upto parsed", time() - start)
 129         self.assertEqual(
 130             float(evgens_count - evgens_upto_count) / revoked_certs_count,
 131             3,
 132         )