From 3e3444fa96a3fa911e99e1c12f1a0d859563ce2c Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Mon, 11 Jul 2016 17:03:13 -0400 Subject: Use a series of constants for OpenSSL version checks (#3037) * Use a series of constants for OpenSSL version checks. N.B. I removed several qualifiers that were being used to express beta vs. release in OpenSSL version numbers. Reviewers please look closely! * Convert some python as well, also add the file * flake8 * Simplify code, remove functionality that can be expressed more simply * clean up the tests as well * more constants * wrap long lines * reflect feedback * unused * add this back? --- tests/hazmat/backends/test_openssl.py | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) (limited to 'tests/hazmat/backends') diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py index 2d3bf245..38f11347 100644 --- a/tests/hazmat/backends/test_openssl.py +++ b/tests/hazmat/backends/test_openssl.py @@ -320,7 +320,7 @@ class TestOpenSSLRSA(object): key_size=256) @pytest.mark.skipif( - backend._lib.OPENSSL_VERSION_NUMBER >= 0x1000100f, + backend._lib.CRYPTOGRAPHY_OPENSSL_101_OR_GREATER, reason="Requires an older OpenSSL. Must be < 1.0.1" ) def test_non_sha1_pss_mgf1_hash_algorithm_on_old_openssl(self): @@ -495,7 +495,7 @@ class TestOpenSSLRSA(object): @pytest.mark.skipif( - backend._lib.OPENSSL_VERSION_NUMBER <= 0x10001000, + backend._lib.CRYPTOGRAPHY_OPENSSL_LESS_THAN_101, reason="Requires an OpenSSL version >= 1.0.1" ) class TestOpenSSLCMAC(object): @@ -506,7 +506,7 @@ class TestOpenSSLCMAC(object): class TestOpenSSLCreateX509CSR(object): @pytest.mark.skipif( - backend._lib.OPENSSL_VERSION_NUMBER >= 0x10001000, + backend._lib.CRYPTOGRAPHY_OPENSSL_101_OR_GREATER, reason="Requires an older OpenSSL. Must be < 1.0.1" ) def test_unsupported_dsa_keys(self): @@ -516,7 +516,7 @@ class TestOpenSSLCreateX509CSR(object): backend.create_x509_csr(object(), private_key, hashes.SHA1()) @pytest.mark.skipif( - backend._lib.OPENSSL_VERSION_NUMBER >= 0x10001000, + backend._lib.CRYPTOGRAPHY_OPENSSL_101_OR_GREATER, reason="Requires an older OpenSSL. Must be < 1.0.1" ) def test_unsupported_ec_keys(self): @@ -537,7 +537,7 @@ class TestOpenSSLSignX509Certificate(object): ) @pytest.mark.skipif( - backend._lib.OPENSSL_VERSION_NUMBER >= 0x10001000, + backend._lib.CRYPTOGRAPHY_OPENSSL_101_OR_GREATER, reason="Requires an older OpenSSL. Must be < 1.0.1" ) def test_sign_with_dsa_private_key_is_unsupported(self): @@ -561,7 +561,7 @@ class TestOpenSSLSignX509Certificate(object): builder.sign(private_key, hashes.SHA512(), backend) @pytest.mark.skipif( - backend._lib.OPENSSL_VERSION_NUMBER >= 0x10001000, + backend._lib.CRYPTOGRAPHY_OPENSSL_101_OR_GREATER, reason="Requires an older OpenSSL. Must be < 1.0.1" ) def test_sign_with_ec_private_key_is_unsupported(self): @@ -594,7 +594,7 @@ class TestOpenSSLSignX509CertificateRevocationList(object): backend.create_x509_crl(object(), private_key, hashes.SHA256()) @pytest.mark.skipif( - backend._lib.OPENSSL_VERSION_NUMBER >= 0x10001000, + backend._lib.CRYPTOGRAPHY_OPENSSL_101_OR_GREATER, reason="Requires an older OpenSSL. Must be < 1.0.1" ) def test_sign_with_dsa_private_key_is_unsupported(self): @@ -612,7 +612,7 @@ class TestOpenSSLSignX509CertificateRevocationList(object): builder.sign(private_key, hashes.SHA1(), backend) @pytest.mark.skipif( - backend._lib.OPENSSL_VERSION_NUMBER >= 0x10001000, + backend._lib.CRYPTOGRAPHY_OPENSSL_101_OR_GREATER, reason="Requires an older OpenSSL. Must be < 1.0.1" ) def test_sign_with_ec_private_key_is_unsupported(self): -- cgit v1.2.3