diff options
| author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2016-02-27 14:56:08 -0600 |
|---|---|---|
| committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2016-02-27 14:56:08 -0600 |
| commit | a69f925a501d6e079f89188f131bc2f4866aee0c (patch) | |
| tree | 61e1c5f00b175046f4f674dffb2c9036050a5edb /tests | |
| parent | ae16b479987b3cf0f187ce32919f2879fc058663 (diff) | |
| parent | ebb7fa14094ac39443f246885a02487fa529506b (diff) | |
| download | cryptography-a69f925a501d6e079f89188f131bc2f4866aee0c.tar.gz cryptography-a69f925a501d6e079f89188f131bc2f4866aee0c.tar.bz2 cryptography-a69f925a501d6e079f89188f131bc2f4866aee0c.zip | |
Merge pull request #2739 from alex/policy-constraints-parse
Fixed #2732 -- added support for x.509 policy constraints extension
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/test_x509_ext.py | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/tests/test_x509_ext.py b/tests/test_x509_ext.py index ceb11dfe..d85b4bbc 100644 --- a/tests/test_x509_ext.py +++ b/tests/test_x509_ext.py @@ -2280,6 +2280,39 @@ class TestPolicyConstraints(object): assert pc != object() +@pytest.mark.requires_backend_interface(interface=RSABackend) +@pytest.mark.requires_backend_interface(interface=X509Backend) +class TestPolicyConstraintsExtension(object): + def test_inhibit_policy_mapping(self, backend): + cert = _load_cert( + os.path.join("x509", "department-of-state-root.pem"), + x509.load_pem_x509_certificate, + backend + ) + ext = cert.extensions.get_extension_for_oid( + ExtensionOID.POLICY_CONSTRAINTS, + ) + assert ext.critical is True + + assert ext.value == x509.PolicyConstraints( + require_explicit_policy=None, inhibit_policy_mapping=0, + ) + + def test_require_explicit_policy(self, backend): + cert = _load_cert( + os.path.join("x509", "custom", "policy_constraints_explicit.pem"), + x509.load_pem_x509_certificate, + backend + ) + ext = cert.extensions.get_extension_for_oid( + ExtensionOID.POLICY_CONSTRAINTS + ) + assert ext.critical is True + assert ext.value == x509.PolicyConstraints( + require_explicit_policy=1, inhibit_policy_mapping=None, + ) + + class TestAuthorityInformationAccess(object): def test_invalid_descriptions(self): with pytest.raises(TypeError): |