Merge pull request #2193 from reaperhulk/encode-aia

Support AuthorityInformationAccess in CertificateBuilder
author: Alex Gaynor <alex.gaynor@gmail.com> 2015-08-03 21:32:45 -0400
committer: Alex Gaynor <alex.gaynor@gmail.com> 2015-08-03 21:32:45 -0400
commit: 2d135b759139ef470b753a4c92ec0aa93f6cdff4 (patch)
tree: 9979699d3d0bc949036d9ae6b9233913a85ed091 /tests
parent: e886575a26fdc686d8f47ae3f6e29d9b68de92fa (diff)
parent: 3b54ce272df125430907f27c61c86d27531b7f33 (diff)
download: cryptography-2d135b759139ef470b753a4c92ec0aa93f6cdff4.tar.gz
cryptography-2d135b759139ef470b753a4c92ec0aa93f6cdff4.tar.bz2
cryptography-2d135b759139ef470b753a4c92ec0aa93f6cdff4.zip
1 files changed, 43 insertions, 0 deletions
diff --git a/tests/test_x509.py b/tests/test_x509.py
index 668a3bad..e31b57f4 100644
--- a/tests/test_x509.py
+++ b/tests/test_x509.py
@@ -1652,6 +1652,49 @@ class TestCertificateSigningRequestBuilder(object):
 
         assert str(exc.value) == "Digest too big for RSA key"
 
+    @pytest.mark.requires_backend_interface(interface=RSABackend)
+    @pytest.mark.requires_backend_interface(interface=X509Backend)
+    def test_build_cert_with_aia(self, backend):
+        issuer_private_key = RSA_KEY_2048.private_key(backend)
+        subject_private_key = RSA_KEY_2048.private_key(backend)
+
+        not_valid_before = datetime.datetime(2002, 1, 1, 12, 1)
+        not_valid_after = datetime.datetime(2030, 12, 31, 8, 30)
+
+        aia = x509.AuthorityInformationAccess([
+            x509.AccessDescription(
+                x509.OID_OCSP,
+                x509.UniformResourceIdentifier(u"http://ocsp.domain.com")
+            ),
+            x509.AccessDescription(
+                x509.OID_CA_ISSUERS,
+                x509.UniformResourceIdentifier(u"http://domain.com/ca.crt")
+            )
+        ])
+
+        builder = x509.CertificateBuilder().serial_number(
+            777
+        ).issuer_name(x509.Name([
+            x509.NameAttribute(x509.OID_COUNTRY_NAME, u'US'),
+        ])).subject_name(x509.Name([
+            x509.NameAttribute(x509.OID_COUNTRY_NAME, u'US'),
+        ])).public_key(
+            subject_private_key.public_key()
+        ).add_extension(
+            aia, critical=False
+        ).not_valid_before(
+            not_valid_before
+        ).not_valid_after(
+            not_valid_after
+        )
+
+        cert = builder.sign(issuer_private_key, hashes.SHA1(), backend)
+
+        ext = cert.extensions.get_extension_for_oid(
+            x509.OID_AUTHORITY_INFORMATION_ACCESS
+        )
+        assert ext.value == aia
+
 
 @pytest.mark.requires_backend_interface(interface=DSABackend)
 @pytest.mark.requires_backend_interface(interface=X509Backend)
author	Alex Gaynor <alex.gaynor@gmail.com>	2015-08-03 21:32:45 -0400
committer	Alex Gaynor <alex.gaynor@gmail.com>	2015-08-03 21:32:45 -0400
commit	2d135b759139ef470b753a4c92ec0aa93f6cdff4 (patch)
tree	9979699d3d0bc949036d9ae6b9233913a85ed091 /tests
parent	e886575a26fdc686d8f47ae3f6e29d9b68de92fa (diff)
parent	3b54ce272df125430907f27c61c86d27531b7f33 (diff)
download	cryptography-2d135b759139ef470b753a4c92ec0aa93f6cdff4.tar.gz cryptography-2d135b759139ef470b753a4c92ec0aa93f6cdff4.tar.bz2 cryptography-2d135b759139ef470b753a4c92ec0aa93f6cdff4.zip