aws-crt 0.1.5 → 0.1.6

data/aws-crt-ffi/crt/s2n/tests/integrationv2/configuration.py

@@ -52,7 +52,7 @@ ALL_TEST_CERTS = [
     Certificates.RSA_4096_SHA512,
     Certificates.ECDSA_256,
     Certificates.ECDSA_384,
-    Certificates.RSA_PSS_2048_SHA256,
+    Certificates.RSA_PSS_2048_SHA256
 ]
 
 
@@ -107,105 +107,105 @@ available_ports = AvailablePorts()
 # Server certificates used to test matching domain names client with server_name
 # ( cert_path, private_key_path, domains[] )
 SNI_CERTS = {
-    "alligator" : (
+    "alligator": (
         TEST_SNI_CERT_DIRECTORY + "alligator_cert.pem",
         TEST_SNI_CERT_DIRECTORY + "alligator_key.pem",
         ["www.alligator.com"]
     ),
-    "second_alligator_rsa" : (
+    "second_alligator_rsa": (
         TEST_SNI_CERT_DIRECTORY + "second_alligator_rsa_cert.pem",
         TEST_SNI_CERT_DIRECTORY + "second_alligator_rsa_key.pem",
         ["www.alligator.com"]
     ),
-    "alligator_ecdsa" : (
+    "alligator_ecdsa": (
         TEST_SNI_CERT_DIRECTORY + "alligator_ecdsa_cert.pem",
         TEST_SNI_CERT_DIRECTORY + "alligator_ecdsa_key.pem",
         ["www.alligator.com"]
     ),
-    "beaver" : (
+    "beaver": (
         TEST_SNI_CERT_DIRECTORY + "beaver_cert.pem",
         TEST_SNI_CERT_DIRECTORY + "beaver_key.pem",
         ["www.beaver.com"]
     ),
-    "many_animals" : (
+    "many_animals": (
         TEST_SNI_CERT_DIRECTORY + "many_animal_sans_rsa_cert.pem",
         TEST_SNI_CERT_DIRECTORY + "many_animal_sans_rsa_key.pem",
         ["www.catfish.com",
-        "www.dolphin.com",
-        "www.elephant.com",
-        "www.falcon.com",
-        "www.gorilla.com",
-        "www.horse.com",
-        "www.impala.com",
-        # "Simple hostname"
-        "Jackal",
-        "k.e.e.l.b.i.l.l.e.d.t.o.u.c.a.n",
-        # SAN on this cert is actually "ladybug.ladybug"
-        # Verify case insensitivity works as expected.
-        "LADYBUG.LADYBUG",
-        "com.penguin.macaroni"]
+         "www.dolphin.com",
+         "www.elephant.com",
+         "www.falcon.com",
+         "www.gorilla.com",
+         "www.horse.com",
+         "www.impala.com",
+         # "Simple hostname"
+         "Jackal",
+         "k.e.e.l.b.i.l.l.e.d.t.o.u.c.a.n",
+         # SAN on this cert is actually "ladybug.ladybug"
+         # Verify case insensitivity works as expected.
+         "LADYBUG.LADYBUG",
+         "com.penguin.macaroni"]
     ),
-    "narwhal_cn" : (
+    "narwhal_cn": (
         TEST_SNI_CERT_DIRECTORY + "narwhal_cn_cert.pem",
         TEST_SNI_CERT_DIRECTORY + "narwhal_cn_key.pem",
         ["www.narwhal.com"]
     ),
-    "octopus_cn_platypus_san" : (
+    "octopus_cn_platypus_san": (
         TEST_SNI_CERT_DIRECTORY + "octopus_cn_platypus_san_cert.pem",
         TEST_SNI_CERT_DIRECTORY + "octopus_cn_platypus_san_key.pem",
         ["www.platypus.com"]
     ),
-    "quail_cn_rattlesnake_cn" : (
+    "quail_cn_rattlesnake_cn": (
         TEST_SNI_CERT_DIRECTORY + "quail_cn_rattlesnake_cn_cert.pem",
         TEST_SNI_CERT_DIRECTORY + "quail_cn_rattlesnake_cn_key.pem",
         ["www.quail.com", "www.rattlesnake.com"]
     ),
-    "many_animals_mixed_case" : (
+    "many_animals_mixed_case": (
         TEST_SNI_CERT_DIRECTORY + "many_animal_sans_mixed_case_rsa_cert.pem",
         TEST_SNI_CERT_DIRECTORY + "many_animal_sans_mixed_case_rsa_key.pem",
         ["alligator.com",
-        "beaver.com",
-        "catFish.com",
-        "WWW.dolphin.COM",
-        "www.ELEPHANT.com",
-        "www.Falcon.Com",
-        "WWW.gorilla.COM",
-        "www.horse.com",
-        "WWW.IMPALA.COM",
-        "WwW.jAcKaL.cOm"]
+         "beaver.com",
+         "catFish.com",
+         "WWW.dolphin.COM",
+         "www.ELEPHANT.com",
+         "www.Falcon.Com",
+         "WWW.gorilla.COM",
+         "www.horse.com",
+         "WWW.IMPALA.COM",
+         "WwW.jAcKaL.cOm"]
     ),
-    "embedded_wildcard" : (
+    "embedded_wildcard": (
         TEST_SNI_CERT_DIRECTORY + "embedded_wildcard_rsa_cert.pem",
         TEST_SNI_CERT_DIRECTORY + "embedded_wildcard_rsa_key.pem",
         ["www.labelstart*labelend.com"]
     ),
-    "non_empty_label_wildcard" : (
+    "non_empty_label_wildcard": (
         TEST_SNI_CERT_DIRECTORY + "non_empty_label_wildcard_rsa_cert.pem",
         TEST_SNI_CERT_DIRECTORY + "non_empty_label_wildcard_rsa_key.pem",
         ["WILD*.middle.end"]
     ),
-    "trailing_wildcard" : (
+    "trailing_wildcard": (
         TEST_SNI_CERT_DIRECTORY + "trailing_wildcard_rsa_cert.pem",
         TEST_SNI_CERT_DIRECTORY + "trailing_wildcard_rsa_key.pem",
         ["the.prefix.*"]
     ),
-    "wildcard_insect" : (
+    "wildcard_insect": (
         TEST_SNI_CERT_DIRECTORY + "wildcard_insect_rsa_cert.pem",
         TEST_SNI_CERT_DIRECTORY + "wildcard_insect_rsa_key.pem",
         ["ant.insect.hexapod",
-        "BEE.insect.hexapod",
-        "wasp.INSECT.hexapod",
-        "butterfly.insect.hexapod"]
+         "BEE.insect.hexapod",
+         "wasp.INSECT.hexapod",
+         "butterfly.insect.hexapod"]
     ),
-    "termite" : (
+    "termite": (
         TEST_SNI_CERT_DIRECTORY + "termite_rsa_cert.pem",
         TEST_SNI_CERT_DIRECTORY + "termite_rsa_key.pem",
-        [ "termite.insect.hexapod" ]
+        ["termite.insect.hexapod"]
     ),
-    "underwing" : (
+    "underwing": (
         TEST_SNI_CERT_DIRECTORY + "underwing_ecdsa_cert.pem",
         TEST_SNI_CERT_DIRECTORY + "underwing_ecdsa_key.pem",
-        [ "underwing.insect.hexapod" ]
+        ["underwing.insect.hexapod"]
     )
 }
 
@@ -213,105 +213,117 @@ SNI_CERTS = {
 # Test cases for certificate selection.
 # Test inputs: server certificates to load into s2nd, client SNI and capabilities, outputs are selected server cert
 # and negotiated cipher.
-MultiCertTest = collections.namedtuple('MultiCertTest', 'description server_certs client_sni client_ciphers expected_cert expect_matching_hostname')
-MULTI_CERT_TEST_CASES= [
+MultiCertTest = collections.namedtuple(
+    'MultiCertTest', 'description server_certs client_sni client_ciphers expected_cert expect_matching_hostname')
+MULTI_CERT_TEST_CASES = [
     MultiCertTest(
         description="Test basic SNI match for default cert.",
-        server_certs=[SNI_CERTS["alligator"], SNI_CERTS["beaver"], SNI_CERTS["alligator_ecdsa"]],
+        server_certs=[SNI_CERTS["alligator"],
+                      SNI_CERTS["beaver"], SNI_CERTS["alligator_ecdsa"]],
         client_sni="www.alligator.com",
         client_ciphers=[Ciphers.ECDHE_RSA_AES128_SHA],
         expected_cert=SNI_CERTS["alligator"],
         expect_matching_hostname=True),
     MultiCertTest(
         description="Test basic SNI matches for non-default cert.",
-        server_certs=[SNI_CERTS["alligator"], SNI_CERTS["beaver"], SNI_CERTS["alligator_ecdsa"]],
+        server_certs=[SNI_CERTS["alligator"],
+                      SNI_CERTS["beaver"], SNI_CERTS["alligator_ecdsa"]],
         client_sni="www.beaver.com",
         client_ciphers=[Ciphers.ECDHE_RSA_AES128_SHA],
         expected_cert=SNI_CERTS["beaver"],
         expect_matching_hostname=True),
     MultiCertTest(
         description="Test default cert is selected when there are no SNI matches.",
-        server_certs=[SNI_CERTS["alligator"], SNI_CERTS["beaver"], SNI_CERTS["alligator_ecdsa"]],
+        server_certs=[SNI_CERTS["alligator"],
+                      SNI_CERTS["beaver"], SNI_CERTS["alligator_ecdsa"]],
         client_sni="not.a.match",
         client_ciphers=[Ciphers.ECDHE_RSA_AES128_SHA],
         expected_cert=SNI_CERTS["alligator"],
         expect_matching_hostname=False),
     MultiCertTest(
         description="Test default cert is selected when no SNI is sent.",
-        server_certs=[SNI_CERTS["alligator"], SNI_CERTS["beaver"], SNI_CERTS["alligator_ecdsa"]],
+        server_certs=[SNI_CERTS["alligator"],
+                      SNI_CERTS["beaver"], SNI_CERTS["alligator_ecdsa"]],
         client_sni=None,
         client_ciphers=[Ciphers.ECDHE_RSA_AES128_SHA],
         expected_cert=SNI_CERTS["alligator"],
         expect_matching_hostname=False),
     MultiCertTest(
         description="Test ECDSA cert is selected with matching domain and client only supports ECDSA.",
-        server_certs=[SNI_CERTS["alligator"], SNI_CERTS["beaver"], SNI_CERTS["alligator_ecdsa"]],
+        server_certs=[SNI_CERTS["alligator"],
+                      SNI_CERTS["beaver"], SNI_CERTS["alligator_ecdsa"]],
         client_sni="www.alligator.com",
         client_ciphers=[Ciphers.ECDHE_ECDSA_AES128_SHA],
         expected_cert=SNI_CERTS["alligator_ecdsa"],
         expect_matching_hostname=True),
     MultiCertTest(
-        description="Test ECDSA cert selected when: domain matches for both ECDSA+RSA, client supports ECDSA+RSA "\
+        description="Test ECDSA cert selected when: domain matches for both ECDSA+RSA, client supports ECDSA+RSA "
                     " ciphers, ECDSA is higher priority on server side.",
-        server_certs=[SNI_CERTS["alligator"], SNI_CERTS["beaver"], SNI_CERTS["alligator_ecdsa"]],
+        server_certs=[SNI_CERTS["alligator"],
+                      SNI_CERTS["beaver"], SNI_CERTS["alligator_ecdsa"]],
         client_sni="www.alligator.com",
-        client_ciphers=[Ciphers.ECDHE_RSA_AES128_SHA, Ciphers.ECDHE_ECDSA_AES128_SHA],
+        client_ciphers=[Ciphers.ECDHE_RSA_AES128_SHA,
+                        Ciphers.ECDHE_ECDSA_AES128_SHA],
         expected_cert=SNI_CERTS["alligator_ecdsa"],
         expect_matching_hostname=True),
     MultiCertTest(
-        description="Test domain match is highest priority. Domain matching ECDSA certificate should be selected"\
+        description="Test domain match is highest priority. Domain matching ECDSA certificate should be selected"
                     " even if domain mismatched RSA certificate is available and RSA cipher is higher priority.",
         server_certs=[SNI_CERTS["beaver"], SNI_CERTS["alligator_ecdsa"]],
         client_sni="www.alligator.com",
-        client_ciphers=[Ciphers.ECDHE_RSA_AES128_SHA256, Ciphers.ECDHE_ECDSA_AES128_SHA256],
+        client_ciphers=[Ciphers.ECDHE_RSA_AES128_SHA256,
+                        Ciphers.ECDHE_ECDSA_AES128_SHA256],
         expected_cert=SNI_CERTS["alligator_ecdsa"],
         expect_matching_hostname=True),
     MultiCertTest(
         description="Test certificate with single SAN entry matching is selected before mismatched multi SAN cert",
-        server_certs=[SNI_CERTS["many_animals"] , SNI_CERTS["alligator"]],
+        server_certs=[SNI_CERTS["many_animals"], SNI_CERTS["alligator"]],
         client_sni="www.alligator.com",
         client_ciphers=[Ciphers.ECDHE_RSA_AES128_SHA],
         expected_cert=SNI_CERTS["alligator"],
         expect_matching_hostname=True),
-        # many_animals was the first cert added
+    # many_animals was the first cert added
     MultiCertTest(
         description="Test default cert with multiple sans and no SNI sent.",
-        server_certs=[SNI_CERTS["many_animals"] , SNI_CERTS["alligator"]],
+        server_certs=[SNI_CERTS["many_animals"], SNI_CERTS["alligator"]],
         client_sni=None,
         client_ciphers=[Ciphers.ECDHE_RSA_AES128_SHA],
         expected_cert=SNI_CERTS["many_animals"],
         expect_matching_hostname=False),
     MultiCertTest(
         description="Test certificate match with CN",
-        server_certs=[ SNI_CERTS["alligator"], SNI_CERTS["narwhal_cn"] ],
+        server_certs=[SNI_CERTS["alligator"], SNI_CERTS["narwhal_cn"]],
         client_sni="www.narwhal.com",
         client_ciphers=[Ciphers.ECDHE_RSA_AES128_SHA],
         expected_cert=SNI_CERTS["narwhal_cn"],
         expect_matching_hostname=True),
     MultiCertTest(
         description="Test SAN+CN cert can match using SAN.",
-        server_certs=[ SNI_CERTS["alligator"], SNI_CERTS["octopus_cn_platypus_san"] ],
+        server_certs=[SNI_CERTS["alligator"],
+                      SNI_CERTS["octopus_cn_platypus_san"]],
         client_sni="www.platypus.com",
         client_ciphers=[Ciphers.ECDHE_RSA_AES128_SHA],
         expected_cert=SNI_CERTS["octopus_cn_platypus_san"],
         expect_matching_hostname=True),
     MultiCertTest(
         description="Test that CN is not considered for matching if the certificate contains SANs.",
-        server_certs=[ SNI_CERTS["alligator"], SNI_CERTS["octopus_cn_platypus_san"] ],
+        server_certs=[SNI_CERTS["alligator"],
+                      SNI_CERTS["octopus_cn_platypus_san"]],
         client_sni="www.octopus.com",
         client_ciphers=[Ciphers.ECDHE_RSA_AES128_SHA],
         expected_cert=SNI_CERTS["alligator"],
         expect_matching_hostname=False),
     MultiCertTest(
         description="Test certificate with multiple CNs can match.",
-        server_certs=[ SNI_CERTS["alligator"], SNI_CERTS["quail_cn_rattlesnake_cn"] ],
+        server_certs=[SNI_CERTS["alligator"],
+                      SNI_CERTS["quail_cn_rattlesnake_cn"]],
         client_sni="www.rattlesnake.com",
         client_ciphers=[Ciphers.ECDHE_RSA_AES128_SHA],
         expected_cert=SNI_CERTS["quail_cn_rattlesnake_cn"],
         expect_matching_hostname=False),
     MultiCertTest(
         description="Test cert with embedded wildcard is not treated as a wildcard.",
-        server_certs=[ SNI_CERTS["alligator"], SNI_CERTS["embedded_wildcard"] ],
+        server_certs=[SNI_CERTS["alligator"], SNI_CERTS["embedded_wildcard"]],
         client_sni="www.labelstartWILDCARDlabelend.com",
         client_ciphers=[Ciphers.ECDHE_RSA_AES128_SHA],
         expected_cert=SNI_CERTS["alligator"],
@@ -319,14 +331,15 @@ MULTI_CERT_TEST_CASES= [
     MultiCertTest(
         description="Test non empty left label wildcard cert is not treated as a wildcard."\
                     " s2n only supports wildcards with a single * as the left label",
-        server_certs=[ SNI_CERTS["alligator"], SNI_CERTS["non_empty_label_wildcard"] ],
+        server_certs=[SNI_CERTS["alligator"],
+                      SNI_CERTS["non_empty_label_wildcard"]],
         client_sni="WILDCARD.middle.end",
         client_ciphers=[Ciphers.ECDHE_RSA_AES128_SHA],
         expected_cert=SNI_CERTS["alligator"],
         expect_matching_hostname=False),
     MultiCertTest(
         description="Test cert with trailing * is not treated as wildcard.",
-        server_certs=[ SNI_CERTS["alligator"], SNI_CERTS["trailing_wildcard"] ],
+        server_certs=[SNI_CERTS["alligator"], SNI_CERTS["trailing_wildcard"]],
         client_sni="the.prefix.WILDCARD",
         client_ciphers=[Ciphers.ECDHE_RSA_AES128_SHA],
         expected_cert=SNI_CERTS["alligator"],
@@ -334,7 +347,8 @@ MULTI_CERT_TEST_CASES= [
     MultiCertTest(
         description="Certificate with exact sni match(termite.insect.hexapod) is preferred over wildcard"\
                     " *.insect.hexapod",
-        server_certs=[ SNI_CERTS["wildcard_insect"], SNI_CERTS["alligator"], SNI_CERTS["termite"] ],
+        server_certs=[SNI_CERTS["wildcard_insect"],
+                      SNI_CERTS["alligator"], SNI_CERTS["termite"]],
         client_sni="termite.insect.hexapod",
         client_ciphers=[Ciphers.ECDHE_RSA_AES128_SHA],
         expected_cert=SNI_CERTS["termite"],
@@ -342,46 +356,52 @@ MULTI_CERT_TEST_CASES= [
     MultiCertTest(
         description="ECDSA Certificate with exact sni match(underwing.insect.hexapod) is preferred over RSA wildcard"\
                     " *.insect.hexapod when RSA ciphers are higher priority than ECDSA in server preferences.",
-        server_certs=[ SNI_CERTS["wildcard_insect"], SNI_CERTS["alligator"], SNI_CERTS["underwing"] ],
+        server_certs=[SNI_CERTS["wildcard_insect"],
+                      SNI_CERTS["alligator"], SNI_CERTS["underwing"]],
         client_sni="underwing.insect.hexapod",
-        client_ciphers=[Ciphers.ECDHE_RSA_AES128_GCM_SHA256, Ciphers.ECDHE_ECDSA_AES128_GCM_SHA256],
+        client_ciphers=[Ciphers.ECDHE_RSA_AES128_GCM_SHA256,
+                        Ciphers.ECDHE_ECDSA_AES128_GCM_SHA256],
         expected_cert=SNI_CERTS["underwing"],
         expect_matching_hostname=True),
     MultiCertTest(
         description="Firstly loaded matching certificate should be selected among certificates with the same domain names",
-        server_certs=[ SNI_CERTS["alligator"], SNI_CERTS["second_alligator_rsa"] ],
+        server_certs=[SNI_CERTS["alligator"],
+                      SNI_CERTS["second_alligator_rsa"]],
         client_sni="www.alligator.com",
         client_ciphers=[Ciphers.AES128_GCM_SHA256],
         expected_cert=SNI_CERTS["alligator"],
         expect_matching_hostname=True),
     MultiCertTest(
         description="Firstly loaded matching certificate should be selected among matching+non-matching certificates",
-        server_certs=[ SNI_CERTS["beaver"], SNI_CERTS["alligator"], SNI_CERTS["second_alligator_rsa"] ],
+        server_certs=[SNI_CERTS["beaver"], SNI_CERTS["alligator"],
+                      SNI_CERTS["second_alligator_rsa"]],
         client_sni="www.alligator.com",
         client_ciphers=[Ciphers.AES128_GCM_SHA256],
         expected_cert=SNI_CERTS["alligator"],
         expect_matching_hostname=True)]
 # Positive test for wildcard matches
 MULTI_CERT_TEST_CASES.extend([MultiCertTest(
-        description="Test wildcard *.insect.hexapod matches subdomain " + specific_insect_domain,
-        server_certs=[ SNI_CERTS["alligator"], SNI_CERTS["wildcard_insect"] ],
-        client_sni=specific_insect_domain,
-        client_ciphers=[Ciphers.ECDHE_RSA_AES128_SHA],
-        expected_cert=SNI_CERTS["wildcard_insect"],
-        expect_matching_hostname=True) for specific_insect_domain in SNI_CERTS["wildcard_insect"][2]])
+    description="Test wildcard *.insect.hexapod matches subdomain " + specific_insect_domain,
+    server_certs=[SNI_CERTS["alligator"], SNI_CERTS["wildcard_insect"]],
+    client_sni=specific_insect_domain,
+    client_ciphers=[Ciphers.ECDHE_RSA_AES128_SHA],
+    expected_cert=SNI_CERTS["wildcard_insect"],
+    expect_matching_hostname=True) for specific_insect_domain in SNI_CERTS["wildcard_insect"][2]])
 # Positive test for basic SAN matches
 MULTI_CERT_TEST_CASES.extend([MultiCertTest(
-        description="Match SAN " + many_animal_domain + " in many_animals cert",
-        server_certs= [ SNI_CERTS["alligator"], SNI_CERTS["many_animals"] ],
-        client_sni=many_animal_domain,
-        client_ciphers=[Ciphers.ECDHE_RSA_AES128_SHA],
-        expected_cert=SNI_CERTS["many_animals"],
-        expect_matching_hostname=True) for many_animal_domain in SNI_CERTS["many_animals"][2]])
+    description="Match SAN " + many_animal_domain + " in many_animals cert",
+    server_certs=[SNI_CERTS["alligator"], SNI_CERTS["many_animals"]],
+    client_sni=many_animal_domain,
+    client_ciphers=[Ciphers.ECDHE_RSA_AES128_SHA],
+    expected_cert=SNI_CERTS["many_animals"],
+    expect_matching_hostname=True) for many_animal_domain in SNI_CERTS["many_animals"][2]])
 # Positive test for mixed cased SAN matches
 MULTI_CERT_TEST_CASES.extend([MultiCertTest(
-        description="Match SAN " + many_animal_domain + " in many_animals_mixed_case cert",
-        server_certs= [SNI_CERTS["alligator"] , SNI_CERTS["many_animals_mixed_case"]],
-        client_sni=many_animal_domain,
-        client_ciphers=[Ciphers.ECDHE_RSA_AES128_SHA],
-        expected_cert=SNI_CERTS["many_animals_mixed_case"],
-        expect_matching_hostname=True) for many_animal_domain in SNI_CERTS["many_animals_mixed_case"][2]])
+    description="Match SAN " + many_animal_domain +
+    " in many_animals_mixed_case cert",
+    server_certs=[SNI_CERTS["alligator"],
+                  SNI_CERTS["many_animals_mixed_case"]],
+    client_sni=many_animal_domain,
+    client_ciphers=[Ciphers.ECDHE_RSA_AES128_SHA],
+    expected_cert=SNI_CERTS["many_animals_mixed_case"],
+    expect_matching_hostname=True) for many_animal_domain in SNI_CERTS["many_animals_mixed_case"][2]])

data/aws-crt-ffi/crt/s2n/tests/integrationv2/conftest.py

@@ -3,9 +3,12 @@ from global_flags import set_flag, S2N_PROVIDER_VERSION, S2N_FIPS_MODE, S2N_NO_P
 
 
 def pytest_addoption(parser):
-    parser.addoption("--provider-version", action="store", dest="provider-version", default=None, type=str, help="Set the version of the TLS provider")
-    parser.addoption("--fips-mode", action="store", dest="fips-mode", default=False, type=int, help="S2N is running in FIPS mode")
-    parser.addoption("--no-pq", action="store", dest="no-pq", default=False, type=int, help="Turn off PQ support")
+    parser.addoption("--provider-version", action="store", dest="provider-version",
+                     default=None, type=str, help="Set the version of the TLS provider")
+    parser.addoption("--fips-mode", action="store", dest="fips-mode",
+                     default=False, type=int, help="S2N is running in FIPS mode")
+    parser.addoption("--no-pq", action="store", dest="no-pq",
+                     default=False, type=int, help="Turn off PQ support")
 
 
 def pytest_configure(config):

data/aws-crt-ffi/crt/s2n/tests/integrationv2/constants.py

@@ -1,5 +1,7 @@
-TEST_CERT_DIRECTORY="../pems/"
-TEST_SNI_CERT_DIRECTORY="../pems/sni/"
+TEST_CERT_DIRECTORY = "../pems/"
+TEST_SNI_CERT_DIRECTORY = "../pems/sni/"
+TEST_OCSP_DIRECTORY = "../pems/ocsp/"
 
-TRUST_STORE_BUNDLE=TEST_CERT_DIRECTORY + 'trust-store/ca-bundle.crt'
-TRUST_STORE_TRUSTED_BUNDLE=TEST_CERT_DIRECTORY + 'trust-store/ca-bundle.trust.crt'
+TRUST_STORE_BUNDLE = TEST_CERT_DIRECTORY + 'trust-store/ca-bundle.crt'
+TRUST_STORE_TRUSTED_BUNDLE = TEST_CERT_DIRECTORY + \
+    'trust-store/ca-bundle.trust.crt'

data/aws-crt-ffi/crt/s2n/tests/integrationv2/fixtures.py

@@ -21,7 +21,8 @@ def managed_process():
     """
     processes = []
 
-    def _fn(provider_class: Provider, options: ProviderOptions, timeout=5, send_marker=None, close_marker=None, expect_stderr=None):
+    def _fn(provider_class: Provider, options: ProviderOptions, timeout=5, send_marker=None, close_marker=None,
+            expect_stderr=None, kill_marker=None, send_with_newline=None):
         provider = provider_class(options)
         cmd_line = provider.get_cmd_line()
         # The process will default to send markers in the providers.py file
@@ -30,22 +31,29 @@ def managed_process():
             provider.ready_to_send_input_marker = send_marker
         if expect_stderr is None:
             expect_stderr = provider.expect_stderr
-        p = ManagedProcess(cmd_line,
-                provider.set_provider_ready,
-                wait_for_marker=provider.ready_to_test_marker,
-                send_marker_list=provider.ready_to_send_input_marker,
-                close_marker=close_marker,
-                data_source=options.data_to_send,
-                timeout=timeout,
-                env_overrides=options.env_overrides,
-                expect_stderr=expect_stderr)
+        if send_with_newline is None:
+            send_with_newline = provider.send_with_newline
+        p = ManagedProcess(
+            cmd_line,
+            provider.set_provider_ready,
+            wait_for_marker=provider.ready_to_test_marker,
+            send_marker_list=provider.ready_to_send_input_marker,
+            close_marker=close_marker,
+            data_source=options.data_to_send,
+            timeout=timeout,
+            env_overrides=options.env_overrides,
+            expect_stderr=expect_stderr,
+            kill_marker=kill_marker,
+            send_with_newline=send_with_newline
+        )
 
         processes.append(p)
         with p.ready_condition:
             p.start()
             with provider._provider_ready_condition:
                 # Don't continue processing until the provider has indicated it is ready.
-                provider._provider_ready_condition.wait_for(provider.is_provider_ready, timeout)
+                provider._provider_ready_condition.wait_for(
+                    provider.is_provider_ready, timeout)
         return p
 
     try:
@@ -66,7 +74,8 @@ def _swap_mtu(device, new_mtu):
     Return the original MTU so it can be reset later.
     """
     cmd = ["ip", "link", "show", device]
-    p = subprocess.Popen(cmd, stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+    p = subprocess.Popen(cmd, stdin=subprocess.PIPE,
+                         stdout=subprocess.PIPE, stderr=subprocess.PIPE)
     mtu = 65536
     for line in p.stdout.readlines():
         s = line.decode("utf-8")

data/aws-crt-ffi/crt/s2n/tests/integrationv2/global_flags.py

@@ -14,6 +14,7 @@ S2N_PROVIDER_VERSION = 's2n_provider_version'
 
 _flags = {}
 
+
 def get_flag(name, default=None):
     """Return the value of a flag"""
     return _flags.get(name, default)