diff options
| author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2015-12-20 12:07:02 -0600 |
|---|---|---|
| committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2015-12-20 12:07:02 -0600 |
| commit | 45b8752fd2e7c40dcdbe655461815206d3372baf (patch) | |
| tree | 0cd97e7f01345cf128c1658bec3f8425c4f5d289 /tests | |
| parent | fc504fee938a5223e790e4c221c20177bca6aa14 (diff) | |
| parent | 7b0c6940cf95c0444b192c3864f8b85f343b011e (diff) | |
| download | cryptography-45b8752fd2e7c40dcdbe655461815206d3372baf.tar.gz cryptography-45b8752fd2e7c40dcdbe655461815206d3372baf.tar.bz2 cryptography-45b8752fd2e7c40dcdbe655461815206d3372baf.zip | |
Merge pull request #2525 from nbastin/20151112-access-method
issue-2524
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/test_x509.py | 30 | ||||
| -rw-r--r-- | tests/test_x509_ext.py | 13 |
2 files changed, 40 insertions, 3 deletions
diff --git a/tests/test_x509.py b/tests/test_x509.py index 67066f04..1a4c484b 100644 --- a/tests/test_x509.py +++ b/tests/test_x509.py @@ -1295,6 +1295,36 @@ class TestCertificateBuilder(object): @pytest.mark.requires_backend_interface(interface=RSABackend) @pytest.mark.requires_backend_interface(interface=X509Backend) + def test_encode_nonstandard_aia(self, backend): + private_key = RSA_KEY_2048.private_key(backend) + + aia = x509.AuthorityInformationAccess([ + x509.AccessDescription( + x509.ObjectIdentifier("2.999.7"), + x509.UniformResourceIdentifier(u"http://example.com") + ), + ]) + + builder = x509.CertificateBuilder().subject_name(x509.Name([ + x509.NameAttribute(NameOID.COUNTRY_NAME, u'US'), + ])).issuer_name(x509.Name([ + x509.NameAttribute(NameOID.COUNTRY_NAME, u'US'), + ])).public_key( + private_key.public_key() + ).serial_number( + 777 + ).not_valid_before( + datetime.datetime(1999, 1, 1) + ).not_valid_after( + datetime.datetime(2020, 1, 1) + ).add_extension( + aia, False + ) + + builder.sign(private_key, hashes.SHA256(), backend) + + @pytest.mark.requires_backend_interface(interface=RSABackend) + @pytest.mark.requires_backend_interface(interface=X509Backend) def test_no_subject_name(self, backend): subject_private_key = RSA_KEY_2048.private_key(backend) builder = x509.CertificateBuilder().serial_number( diff --git a/tests/test_x509_ext.py b/tests/test_x509_ext.py index 751de08d..83145cd0 100644 --- a/tests/test_x509_ext.py +++ b/tests/test_x509_ext.py @@ -18,8 +18,8 @@ from cryptography.hazmat.backends.interfaces import ( ) from cryptography.hazmat.primitives.asymmetric import ec from cryptography.x509.oid import ( - AuthorityInformationAccessOID, ExtendedKeyUsageOID, - ExtensionOID, NameOID + AuthorityInformationAccessOID, ExtendedKeyUsageOID, ExtensionOID, + NameOID, ObjectIdentifier ) from .hazmat.primitives.test_ec import _skip_curve_unsupported @@ -1861,7 +1861,7 @@ class TestExtendedKeyUsageExtension(object): class TestAccessDescription(object): def test_invalid_access_method(self): - with pytest.raises(ValueError): + with pytest.raises(TypeError): x509.AccessDescription("notanoid", x509.DNSName(u"test")) def test_invalid_access_location(self): @@ -1870,6 +1870,13 @@ class TestAccessDescription(object): AuthorityInformationAccessOID.CA_ISSUERS, "invalid" ) + def test_valid_nonstandard_method(self): + ad = x509.AccessDescription( + ObjectIdentifier("2.999.1"), + x509.UniformResourceIdentifier(u"http://example.com") + ) + assert ad is not None + def test_repr(self): ad = x509.AccessDescription( AuthorityInformationAccessOID.OCSP, |