diff options
| author | Alex Gaynor <alex.gaynor@gmail.com> | 2015-10-27 07:31:25 -0400 |
|---|---|---|
| committer | Alex Gaynor <alex.gaynor@gmail.com> | 2015-10-27 07:31:25 -0400 |
| commit | d9849599346dd245c175221114b8d559d9d2124f (patch) | |
| tree | 5dcdc3a3c1c5544f6aeae054eb2a07d73b96a6ce /tests | |
| parent | 9c72a6bb3868979cf9416cfa526ea2fc066f854d (diff) | |
| parent | 8fdd1d3a00ea2c1de04a214314e20a39009c7c29 (diff) | |
| download | cryptography-d9849599346dd245c175221114b8d559d9d2124f.tar.gz cryptography-d9849599346dd245c175221114b8d559d9d2124f.tar.bz2 cryptography-d9849599346dd245c175221114b8d559d9d2124f.zip | |
Merge pull request #2435 from reaperhulk/fix-2407
encode countryName with PrintableString
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/test_x509.py | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/tests/test_x509.py b/tests/test_x509.py index a54cdc56..4072ef15 100644 --- a/tests/test_x509.py +++ b/tests/test_x509.py @@ -9,6 +9,10 @@ import datetime import ipaddress import os +from pyasn1.codec.der import decoder + +from pyasn1_modules import rfc2459 + import pytest import six @@ -1083,6 +1087,43 @@ class TestRSACertificateRequest(object): x509.DNSName(u"cryptography.io"), ] + def test_build_cert_printable_string_country_name(self, backend): + issuer_private_key = RSA_KEY_2048.private_key(backend) + subject_private_key = RSA_KEY_2048.private_key(backend) + + not_valid_before = datetime.datetime(2002, 1, 1, 12, 1) + not_valid_after = datetime.datetime(2030, 12, 31, 8, 30) + + builder = x509.CertificateBuilder().serial_number( + 777 + ).issuer_name(x509.Name([ + x509.NameAttribute(NameOID.COUNTRY_NAME, u'US'), + x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, u'Texas'), + ])).subject_name(x509.Name([ + x509.NameAttribute(NameOID.COUNTRY_NAME, u'US'), + x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, u'Texas'), + ])).public_key( + subject_private_key.public_key() + ).not_valid_before( + not_valid_before + ).not_valid_after( + not_valid_after + ) + + cert = builder.sign(issuer_private_key, hashes.SHA256(), backend) + + parsed, _ = decoder.decode( + cert.public_bytes(serialization.Encoding.DER), + asn1Spec=rfc2459.Certificate() + ) + tbs_cert = parsed.getComponentByName('tbsCertificate') + subject = tbs_cert.getComponentByName('subject') + issuer = tbs_cert.getComponentByName('issuer') + # \x13 is printable string. The first byte of the value of the + # node corresponds to the ASN.1 string type. + assert subject[0][0][0][1][0] == b"\x13"[0] + assert issuer[0][0][0][1][0] == b"\x13"[0] + class TestCertificateBuilder(object): @pytest.mark.requires_backend_interface(interface=RSABackend) |