diff options
Diffstat (limited to 'tests')
-rw-r--r-- | tests/test_x509.py | 29 |
1 files changed, 12 insertions, 17 deletions
diff --git a/tests/test_x509.py b/tests/test_x509.py index 61e7a7d0..347ed1a6 100644 --- a/tests/test_x509.py +++ b/tests/test_x509.py @@ -153,17 +153,19 @@ class TestCertificateRevocationList(object): assert crl.next_update.isoformat() == "2016-01-01T00:00:00" assert crl.last_update.isoformat() == "2015-01-01T00:00:00" - def test_revoked_certs(self, backend): + def test_revoked_cert_retrieval(self, backend): crl = _load_cert( os.path.join("x509", "custom", "crl_all_reasons.pem"), x509.load_pem_x509_crl, backend ) - assert isinstance(crl.revoked_certificates, list) - for r in crl.revoked_certificates: + for r in crl: assert isinstance(r, x509.RevokedCertificate) + # Check that len() works for CRLs. + assert len(crl) == 12 + def test_extensions(self, backend): crl = _load_cert( os.path.join("x509", "custom", "crl_all_reasons.pem"), @@ -186,7 +188,7 @@ class TestRevokedCertificate(object): backend ) - for i, rev in enumerate(crl.revoked_certificates): + for i, rev in enumerate(crl): assert isinstance(rev, x509.RevokedCertificate) assert isinstance(rev.serial_number, int) assert isinstance(rev.revocation_date, datetime.datetime) @@ -204,7 +206,7 @@ class TestRevokedCertificate(object): # First revoked cert doesn't have extensions, test if it is handled # correctly. - rev0 = crl.revoked_certificates[0] + rev0 = crl[0] # It should return an empty Extensions object. assert isinstance(rev0.extensions, x509.Extensions) assert len(rev0.extensions) == 0 @@ -216,7 +218,7 @@ class TestRevokedCertificate(object): assert rev0.get_reason() is None # Test manual retrieval of extension values. - rev1 = crl.revoked_certificates[1] + rev1 = crl[1] assert isinstance(rev1.extensions, x509.Extensions) reason = rev1.extensions.get_extension_for_oid( @@ -232,18 +234,11 @@ class TestRevokedCertificate(object): assert rev1.get_invalidity_date().isoformat() == "2015-01-01T00:00:00" # Check if all reason flags can be found in the CRL. - # Also test if CRL as iterator works. flags = set(x509.ReasonFlags) for r in crl: flags.discard(r.get_reason()) assert len(flags) == 0 - # Check that len() works for CRLs. - assert len(crl) == 12 - - # Check that direct access to revoked cert in CRL works - assert isinstance(crl[0], x509.RevokedCertificate) - def test_duplicate_entry_ext(self, backend): crl = _load_cert( os.path.join("x509", "custom", "crl_dup_entry_ext.pem"), @@ -252,7 +247,7 @@ class TestRevokedCertificate(object): ) with pytest.raises(x509.DuplicateExtension): - crl.revoked_certificates[0].extensions + crl[0].extensions def test_unsupported_crit_entry_ext(self, backend): crl = _load_cert( @@ -264,7 +259,7 @@ class TestRevokedCertificate(object): ) with pytest.raises(x509.UnsupportedExtension): - crl.revoked_certificates[0].extensions + crl[0].extensions def test_unsupported_reason(self, backend): crl = _load_cert( @@ -276,7 +271,7 @@ class TestRevokedCertificate(object): ) with pytest.raises(ValueError): - crl.revoked_certificates[0].extensions + crl[0].extensions def test_cert_issuer_ext(self, backend): if backend._lib.OPENSSL_VERSION_NUMBER < 0x10000000: @@ -295,7 +290,7 @@ class TestRevokedCertificate(object): ])) ]) - rev = crl.revoked_certificates[1] + rev = crl[1] issuer = rev.extensions.get_extension_for_oid( x509.OID_CERTIFICATE_ISSUER).value assert issuer == exp_issuer |