diff options
| -rw-r--r-- | src/cryptography/x509/extensions.py | 7 | ||||
| -rw-r--r-- | tests/test_x509_ext.py | 3 |
2 files changed, 4 insertions, 6 deletions
diff --git a/src/cryptography/x509/extensions.py b/src/cryptography/x509/extensions.py index 46ba5a28..017e0989 100644 --- a/src/cryptography/x509/extensions.py +++ b/src/cryptography/x509/extensions.py @@ -238,11 +238,8 @@ class AuthorityInformationAccess(object): class AccessDescription(object): def __init__(self, access_method, access_location): - if not (access_method == AuthorityInformationAccessOID.OCSP or - access_method == AuthorityInformationAccessOID.CA_ISSUERS): - raise ValueError( - "access_method must be OID_OCSP or OID_CA_ISSUERS" - ) + if not isinstance(access_method, ObjectIdentifier): + raise TypeError("access_method must be an ObjectIdentifier") if not isinstance(access_location, GeneralName): raise TypeError("access_location must be a GeneralName") diff --git a/tests/test_x509_ext.py b/tests/test_x509_ext.py index 751de08d..511fad62 100644 --- a/tests/test_x509_ext.py +++ b/tests/test_x509_ext.py @@ -1861,7 +1861,8 @@ class TestExtendedKeyUsageExtension(object): class TestAccessDescription(object): def test_invalid_access_method(self): - with pytest.raises(ValueError): + # access_method can be *any* valid OID + with pytest.raises(TypeError): x509.AccessDescription("notanoid", x509.DNSName(u"test")) def test_invalid_access_location(self): |