diff options
author | Vincent Pelletier <plr.vincent@gmail.com> | 2017-08-12 22:05:00 +0900 |
---|---|---|
committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2017-08-12 08:05:00 -0500 |
commit | 6c02ee85bcd68e1e4fc6770421699fbd07c9b3e9 (patch) | |
tree | 5bfb5a0966cd3e00810b0161276e26aac8fdf3bb /tests | |
parent | ca941bd00baa598cb83d91a4e88b4bbcec0fc265 (diff) | |
download | cryptography-6c02ee85bcd68e1e4fc6770421699fbd07c9b3e9.tar.gz cryptography-6c02ee85bcd68e1e4fc6770421699fbd07c9b3e9.tar.bz2 cryptography-6c02ee85bcd68e1e4fc6770421699fbd07c9b3e9.zip |
Add is_signature_valid method on CertificateRevocationList (#3849)
Diffstat (limited to 'tests')
-rw-r--r-- | tests/test_x509.py | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/tests/test_x509.py b/tests/test_x509.py index 58d3e546..52854363 100644 --- a/tests/test_x509.py +++ b/tests/test_x509.py @@ -336,6 +336,47 @@ class TestCertificateRevocationList(object): with pytest.raises(TypeError): crl.public_bytes('NotAnEncoding') + def test_verify_bad(self, backend): + crl = _load_cert( + os.path.join("x509", "custom", "invalid_signature.pem"), + x509.load_pem_x509_crl, + backend + ) + crt = _load_cert( + os.path.join("x509", "custom", "invalid_signature.pem"), + x509.load_pem_x509_certificate, + backend + ) + + assert not crl.is_signature_valid(crt.public_key()) + + def test_verify_good(self, backend): + crl = _load_cert( + os.path.join("x509", "custom", "valid_signature.pem"), + x509.load_pem_x509_crl, + backend + ) + crt = _load_cert( + os.path.join("x509", "custom", "valid_signature.pem"), + x509.load_pem_x509_certificate, + backend + ) + + assert crl.is_signature_valid(crt.public_key()) + + def test_verify_argument_must_be_a_public_key(self, backend): + crl = _load_cert( + os.path.join("x509", "custom", "valid_signature.pem"), + x509.load_pem_x509_crl, + backend + ) + + with pytest.raises(TypeError): + crl.is_signature_valid("not a public key") + + with pytest.raises(TypeError): + crl.is_signature_valid(object) + @pytest.mark.requires_backend_interface(interface=X509Backend) class TestRevokedCertificate(object): |