diff options
| author | Alex Gaynor <alex.gaynor@gmail.com> | 2016-07-11 17:03:13 -0400 |
|---|---|---|
| committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2016-07-11 21:03:13 +0000 |
| commit | 3e3444fa96a3fa911e99e1c12f1a0d859563ce2c (patch) | |
| tree | 0e31161fc63ceb82586c9fcd37851c77a41731a5 /tests | |
| parent | dbb64bd2a4a63f6071b1ac982b96d5d07bbd8a63 (diff) | |
| download | cryptography-3e3444fa96a3fa911e99e1c12f1a0d859563ce2c.tar.gz cryptography-3e3444fa96a3fa911e99e1c12f1a0d859563ce2c.tar.bz2 cryptography-3e3444fa96a3fa911e99e1c12f1a0d859563ce2c.zip | |
Use a series of constants for OpenSSL version checks (#3037)
* Use a series of constants for OpenSSL version checks.
N.B. I removed several qualifiers that were being used to express beta vs. release in OpenSSL version numbers. Reviewers please look closely!
* Convert some python as well, also add the file
* flake8
* Simplify code, remove functionality that can be expressed more simply
* clean up the tests as well
* more constants
* wrap long lines
* reflect feedback
* unused
* add this back?
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/hazmat/backends/test_openssl.py | 16 | ||||
| -rw-r--r-- | tests/hazmat/bindings/test_openssl.py | 2 | ||||
| -rw-r--r-- | tests/test_x509.py | 8 | ||||
| -rw-r--r-- | tests/test_x509_crlbuilder.py | 4 |
4 files changed, 15 insertions, 15 deletions
diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py index 2d3bf245..38f11347 100644 --- a/tests/hazmat/backends/test_openssl.py +++ b/tests/hazmat/backends/test_openssl.py @@ -320,7 +320,7 @@ class TestOpenSSLRSA(object): key_size=256) @pytest.mark.skipif( - backend._lib.OPENSSL_VERSION_NUMBER >= 0x1000100f, + backend._lib.CRYPTOGRAPHY_OPENSSL_101_OR_GREATER, reason="Requires an older OpenSSL. Must be < 1.0.1" ) def test_non_sha1_pss_mgf1_hash_algorithm_on_old_openssl(self): @@ -495,7 +495,7 @@ class TestOpenSSLRSA(object): @pytest.mark.skipif( - backend._lib.OPENSSL_VERSION_NUMBER <= 0x10001000, + backend._lib.CRYPTOGRAPHY_OPENSSL_LESS_THAN_101, reason="Requires an OpenSSL version >= 1.0.1" ) class TestOpenSSLCMAC(object): @@ -506,7 +506,7 @@ class TestOpenSSLCMAC(object): class TestOpenSSLCreateX509CSR(object): @pytest.mark.skipif( - backend._lib.OPENSSL_VERSION_NUMBER >= 0x10001000, + backend._lib.CRYPTOGRAPHY_OPENSSL_101_OR_GREATER, reason="Requires an older OpenSSL. Must be < 1.0.1" ) def test_unsupported_dsa_keys(self): @@ -516,7 +516,7 @@ class TestOpenSSLCreateX509CSR(object): backend.create_x509_csr(object(), private_key, hashes.SHA1()) @pytest.mark.skipif( - backend._lib.OPENSSL_VERSION_NUMBER >= 0x10001000, + backend._lib.CRYPTOGRAPHY_OPENSSL_101_OR_GREATER, reason="Requires an older OpenSSL. Must be < 1.0.1" ) def test_unsupported_ec_keys(self): @@ -537,7 +537,7 @@ class TestOpenSSLSignX509Certificate(object): ) @pytest.mark.skipif( - backend._lib.OPENSSL_VERSION_NUMBER >= 0x10001000, + backend._lib.CRYPTOGRAPHY_OPENSSL_101_OR_GREATER, reason="Requires an older OpenSSL. Must be < 1.0.1" ) def test_sign_with_dsa_private_key_is_unsupported(self): @@ -561,7 +561,7 @@ class TestOpenSSLSignX509Certificate(object): builder.sign(private_key, hashes.SHA512(), backend) @pytest.mark.skipif( - backend._lib.OPENSSL_VERSION_NUMBER >= 0x10001000, + backend._lib.CRYPTOGRAPHY_OPENSSL_101_OR_GREATER, reason="Requires an older OpenSSL. Must be < 1.0.1" ) def test_sign_with_ec_private_key_is_unsupported(self): @@ -594,7 +594,7 @@ class TestOpenSSLSignX509CertificateRevocationList(object): backend.create_x509_crl(object(), private_key, hashes.SHA256()) @pytest.mark.skipif( - backend._lib.OPENSSL_VERSION_NUMBER >= 0x10001000, + backend._lib.CRYPTOGRAPHY_OPENSSL_101_OR_GREATER, reason="Requires an older OpenSSL. Must be < 1.0.1" ) def test_sign_with_dsa_private_key_is_unsupported(self): @@ -612,7 +612,7 @@ class TestOpenSSLSignX509CertificateRevocationList(object): builder.sign(private_key, hashes.SHA1(), backend) @pytest.mark.skipif( - backend._lib.OPENSSL_VERSION_NUMBER >= 0x10001000, + backend._lib.CRYPTOGRAPHY_OPENSSL_101_OR_GREATER, reason="Requires an older OpenSSL. Must be < 1.0.1" ) def test_sign_with_ec_private_key_is_unsupported(self): diff --git a/tests/hazmat/bindings/test_openssl.py b/tests/hazmat/bindings/test_openssl.py index 41c653b9..f41bcf35 100644 --- a/tests/hazmat/bindings/test_openssl.py +++ b/tests/hazmat/bindings/test_openssl.py @@ -138,7 +138,7 @@ class TestOpenSSL(object): def test_conditional_removal(self): b = Binding() - if b.lib.OPENSSL_VERSION_NUMBER >= 0x10001000: + if b.lib.CRYPTOGRAPHY_OPENSSL_101_OR_GREATER: assert b.lib.CMAC_Init else: with pytest.raises(AttributeError): diff --git a/tests/test_x509.py b/tests/test_x509.py index ebe6dc50..40efb6da 100644 --- a/tests/test_x509.py +++ b/tests/test_x509.py @@ -1935,7 +1935,7 @@ class TestCertificateBuilder(object): @pytest.mark.requires_backend_interface(interface=DSABackend) @pytest.mark.requires_backend_interface(interface=X509Backend) def test_build_cert_with_dsa_private_key(self, backend): - if backend._lib.OPENSSL_VERSION_NUMBER < 0x10001000: + if backend._lib.CRYPTOGRAPHY_OPENSSL_LESS_THAN_101: pytest.skip("Requires a newer OpenSSL. Must be >= 1.0.1") issuer_private_key = DSA_KEY_2048.private_key(backend) @@ -1983,7 +1983,7 @@ class TestCertificateBuilder(object): @pytest.mark.requires_backend_interface(interface=EllipticCurveBackend) @pytest.mark.requires_backend_interface(interface=X509Backend) def test_build_cert_with_ec_private_key(self, backend): - if backend._lib.OPENSSL_VERSION_NUMBER < 0x10001000: + if backend._lib.CRYPTOGRAPHY_OPENSSL_LESS_THAN_101: pytest.skip("Requires a newer OpenSSL. Must be >= 1.0.1") _skip_curve_unsupported(backend, ec.SECP256R1()) @@ -2537,7 +2537,7 @@ class TestCertificateSigningRequestBuilder(object): @pytest.mark.requires_backend_interface(interface=EllipticCurveBackend) def test_build_ca_request_with_ec(self, backend): - if backend._lib.OPENSSL_VERSION_NUMBER < 0x10001000: + if backend._lib.CRYPTOGRAPHY_OPENSSL_LESS_THAN_101: pytest.skip("Requires a newer OpenSSL. Must be >= 1.0.1") _skip_curve_unsupported(backend, ec.SECP256R1()) @@ -2567,7 +2567,7 @@ class TestCertificateSigningRequestBuilder(object): @pytest.mark.requires_backend_interface(interface=DSABackend) def test_build_ca_request_with_dsa(self, backend): - if backend._lib.OPENSSL_VERSION_NUMBER < 0x10001000: + if backend._lib.CRYPTOGRAPHY_OPENSSL_LESS_THAN_101: pytest.skip("Requires a newer OpenSSL. Must be >= 1.0.1") private_key = DSA_KEY_2048.private_key(backend) diff --git a/tests/test_x509_crlbuilder.py b/tests/test_x509_crlbuilder.py index 32a07487..96311ee6 100644 --- a/tests/test_x509_crlbuilder.py +++ b/tests/test_x509_crlbuilder.py @@ -309,7 +309,7 @@ class TestCertificateRevocationListBuilder(object): @pytest.mark.requires_backend_interface(interface=DSABackend) @pytest.mark.requires_backend_interface(interface=X509Backend) def test_sign_dsa_key(self, backend): - if backend._lib.OPENSSL_VERSION_NUMBER < 0x10001000: + if backend._lib.CRYPTOGRAPHY_OPENSSL_LESS_THAN_101: pytest.skip("Requires a newer OpenSSL. Must be >= 1.0.1") private_key = DSA_KEY_2048.private_key(backend) invalidity_date = x509.InvalidityDate( @@ -355,7 +355,7 @@ class TestCertificateRevocationListBuilder(object): @pytest.mark.requires_backend_interface(interface=EllipticCurveBackend) @pytest.mark.requires_backend_interface(interface=X509Backend) def test_sign_ec_key_unsupported(self, backend): - if backend._lib.OPENSSL_VERSION_NUMBER < 0x10001000: + if backend._lib.CRYPTOGRAPHY_OPENSSL_LESS_THAN_101: pytest.skip("Requires a newer OpenSSL. Must be >= 1.0.1") _skip_curve_unsupported(backend, ec.SECP256R1()) private_key = ec.generate_private_key(ec.SECP256R1(), backend) |