diff options
author | Alex Gaynor <alex.gaynor@gmail.com> | 2015-07-03 10:26:37 -0400 |
---|---|---|
committer | Alex Gaynor <alex.gaynor@gmail.com> | 2015-07-03 10:26:37 -0400 |
commit | 37b82df9e4c1397df1d878b0ee4ee7d1c3ad0ce7 (patch) | |
tree | 276944b125d305ddbd5ac53f607d018eda59183b | |
parent | 122b5ed88ce7697a3ad7baed1172a09944a2ba25 (diff) | |
download | cryptography-37b82df9e4c1397df1d878b0ee4ee7d1c3ad0ce7.tar.gz cryptography-37b82df9e4c1397df1d878b0ee4ee7d1c3ad0ce7.tar.bz2 cryptography-37b82df9e4c1397df1d878b0ee4ee7d1c3ad0ce7.zip |
Added support for SANs in CSRs
-rw-r--r-- | src/cryptography/hazmat/backends/openssl/x509.py | 1 | ||||
-rw-r--r-- | tests/test_x509.py | 14 |
2 files changed, 15 insertions, 0 deletions
diff --git a/src/cryptography/hazmat/backends/openssl/x509.py b/src/cryptography/hazmat/backends/openssl/x509.py index c7ca2ad1..80e5f2b1 100644 --- a/src/cryptography/hazmat/backends/openssl/x509.py +++ b/src/cryptography/hazmat/backends/openssl/x509.py @@ -770,5 +770,6 @@ _CSR_EXTENSION_PARSER = _X509ExtensionParser( get_ext=lambda backend, x, i: backend._lib.sk_X509_EXTENSION_value(x, i), handlers={ x509.OID_BASIC_CONSTRAINTS: _decode_basic_constraints, + x509.OID_SUBJECT_ALTERNATIVE_NAME: _decode_subject_alt_name, } ) diff --git a/tests/test_x509.py b/tests/test_x509.py index ac910392..1e0c9cdc 100644 --- a/tests/test_x509.py +++ b/tests/test_x509.py @@ -592,6 +592,20 @@ class TestRSACertificateRequest(object): ), ] + def test_subject_alt_name(self, backend): + request = _load_cert( + os.path.join("x509", "requests", "san_rsa_sha1.pem"), + x509.load_pem_x509_csr, + backend, + ) + ext = request.extensions.get_extension_for_oid( + x509.OID_SUBJECT_ALTERNATIVE_NAME + ) + assert list(ext.value) == [ + x509.DNSName(u"cryptography.io"), + x509.DNSName(u"sub.cryptography.io"), + ] + def test_public_bytes_pem(self, backend): # Load an existing CSR. request = _load_cert( |