From 1eb82a604175923acd6c0512e86a746df7acbb59 Mon Sep 17 00:00:00 2001
From: Paul Kehrer <paul.l.kehrer@gmail.com>
Date: Tue, 31 Mar 2015 20:00:33 -0500
Subject: add subjectkeyidentifier support

---
 tests/test_x509_ext.py | 72 ++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 72 insertions(+)

(limited to 'tests/test_x509_ext.py')

diff --git a/tests/test_x509_ext.py b/tests/test_x509_ext.py
index c1512d5f..4f0ad13b 100644
--- a/tests/test_x509_ext.py
+++ b/tests/test_x509_ext.py
@@ -4,6 +4,7 @@
 
 from __future__ import absolute_import, division, print_function
 
+import binascii
 import os
 
 import pytest
@@ -132,6 +133,45 @@ class TestKeyUsage(object):
             ku.decipher_only
 
 
+class TestSubjectKeyIdentifier(object):
+    def test_properties(self):
+        hexdigest = "092384932230498bc980aa8098456f6ff7ff3ac9"
+        value = binascii.unhexlify(hexdigest)
+        ski = x509.SubjectKeyIdentifier(value)
+        assert ski.digest == value
+        assert ski.hexdigest == hexdigest
+
+    def test_repr(self):
+        ski = x509.SubjectKeyIdentifier(
+            binascii.unhexlify("092384932230498bc980aa8098456f6ff7ff3ac9")
+        )
+        ext = x509.Extension(x509.OID_SUBJECT_KEY_IDENTIFIER, False, ski)
+        assert repr(ext) == (
+            "<Extension(oid=<ObjectIdentifier(oid=2.5.29.14, name=subjectKey"
+            "Identifier)>, critical=False, value=<SubjectKeyIdentifier("
+            "value=092384932230498bc980aa8098456f6ff7ff3ac9)>)>"
+        )
+
+    def test_eq(self):
+        ski = x509.SubjectKeyIdentifier(
+            binascii.unhexlify("092384932230498bc980aa8098456f6ff7ff3ac9")
+        )
+        ski2 = x509.SubjectKeyIdentifier(
+            binascii.unhexlify("092384932230498bc980aa8098456f6ff7ff3ac9")
+        )
+        assert ski == ski2
+
+    def test_ne(self):
+        ski = x509.SubjectKeyIdentifier(
+            binascii.unhexlify("092384932230498bc980aa8098456f6ff7ff3ac9")
+        )
+        ski2 = x509.SubjectKeyIdentifier(
+            binascii.unhexlify("aa8098456f6ff7ff3ac9092384932230498bc980")
+        )
+        assert ski != ski2
+        assert ski != object()
+
+
 class TestBasicConstraints(object):
     def test_ca_not_boolean(self):
         with pytest.raises(TypeError):
@@ -345,3 +385,35 @@ class TestBasicConstraintsExtension(object):
         assert ext is not None
         assert ext.critical is False
         assert ext.value.ca is False
+
+
+@pytest.mark.requires_backend_interface(interface=RSABackend)
+@pytest.mark.requires_backend_interface(interface=X509Backend)
+class TestSubjectKeyIdentifierExtension(object):
+    def test_subject_key_identifier(self, backend):
+        cert = _load_cert(
+            os.path.join("x509", "PKITS_data", "certs", "GoodCACert.crt"),
+            x509.load_der_x509_certificate,
+            backend
+        )
+        ext = cert.extensions.get_extension_for_oid(
+            x509.OID_SUBJECT_KEY_IDENTIFIER
+        )
+        ski = ext.value
+        assert ext is not None
+        assert ext.critical is False
+        assert ski.hexdigest == "580184241bbc2b52944a3da510721451f5af3ac9"
+        assert ski.digest == binascii.unhexlify(
+            "580184241bbc2b52944a3da510721451f5af3ac9"
+        )
+
+    def test_no_subject_key_identifier(self, backend):
+        cert = _load_cert(
+            os.path.join("x509", "custom", "bc_path_length_zero.pem"),
+            x509.load_pem_x509_certificate,
+            backend
+        )
+        with pytest.raises(x509.ExtensionNotFound):
+            cert.extensions.get_extension_for_oid(
+                x509.OID_SUBJECT_KEY_IDENTIFIER
+            )
-- 
cgit v1.2.3


From ee997266b9c88202e10772a687334d568c2de1f9 Mon Sep 17 00:00:00 2001
From: Paul Kehrer <paul.l.kehrer@gmail.com>
Date: Sat, 4 Apr 2015 12:20:28 -0500
Subject: python 3.2 you are terrible

---
 tests/test_x509_ext.py | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

(limited to 'tests/test_x509_ext.py')

diff --git a/tests/test_x509_ext.py b/tests/test_x509_ext.py
index 4f0ad13b..5728a896 100644
--- a/tests/test_x509_ext.py
+++ b/tests/test_x509_ext.py
@@ -136,14 +136,14 @@ class TestKeyUsage(object):
 class TestSubjectKeyIdentifier(object):
     def test_properties(self):
         hexdigest = "092384932230498bc980aa8098456f6ff7ff3ac9"
-        value = binascii.unhexlify(hexdigest)
+        value = binascii.unhexlify(hexdigest.encode('ascii'))
         ski = x509.SubjectKeyIdentifier(value)
         assert ski.digest == value
         assert ski.hexdigest == hexdigest
 
     def test_repr(self):
         ski = x509.SubjectKeyIdentifier(
-            binascii.unhexlify("092384932230498bc980aa8098456f6ff7ff3ac9")
+            binascii.unhexlify(b"092384932230498bc980aa8098456f6ff7ff3ac9")
         )
         ext = x509.Extension(x509.OID_SUBJECT_KEY_IDENTIFIER, False, ski)
         assert repr(ext) == (
@@ -154,19 +154,19 @@ class TestSubjectKeyIdentifier(object):
 
     def test_eq(self):
         ski = x509.SubjectKeyIdentifier(
-            binascii.unhexlify("092384932230498bc980aa8098456f6ff7ff3ac9")
+            binascii.unhexlify(b"092384932230498bc980aa8098456f6ff7ff3ac9")
         )
         ski2 = x509.SubjectKeyIdentifier(
-            binascii.unhexlify("092384932230498bc980aa8098456f6ff7ff3ac9")
+            binascii.unhexlify(b"092384932230498bc980aa8098456f6ff7ff3ac9")
         )
         assert ski == ski2
 
     def test_ne(self):
         ski = x509.SubjectKeyIdentifier(
-            binascii.unhexlify("092384932230498bc980aa8098456f6ff7ff3ac9")
+            binascii.unhexlify(b"092384932230498bc980aa8098456f6ff7ff3ac9")
         )
         ski2 = x509.SubjectKeyIdentifier(
-            binascii.unhexlify("aa8098456f6ff7ff3ac9092384932230498bc980")
+            binascii.unhexlify(b"aa8098456f6ff7ff3ac9092384932230498bc980")
         )
         assert ski != ski2
         assert ski != object()
@@ -404,7 +404,7 @@ class TestSubjectKeyIdentifierExtension(object):
         assert ext.critical is False
         assert ski.hexdigest == "580184241bbc2b52944a3da510721451f5af3ac9"
         assert ski.digest == binascii.unhexlify(
-            "580184241bbc2b52944a3da510721451f5af3ac9"
+            b"580184241bbc2b52944a3da510721451f5af3ac9"
         )
 
     def test_no_subject_key_identifier(self, backend):
-- 
cgit v1.2.3


From cbfb1015d9750a276456411a2b638585b6e4d7de Mon Sep 17 00:00:00 2001
From: Paul Kehrer <paul.l.kehrer@gmail.com>
Date: Fri, 10 Apr 2015 20:57:20 -0400
Subject: alter approach to just use digest, no hexdigest

---
 tests/test_x509_ext.py | 26 +++++++++++++++++---------
 1 file changed, 17 insertions(+), 9 deletions(-)

(limited to 'tests/test_x509_ext.py')

diff --git a/tests/test_x509_ext.py b/tests/test_x509_ext.py
index 5728a896..194b18c8 100644
--- a/tests/test_x509_ext.py
+++ b/tests/test_x509_ext.py
@@ -9,6 +9,8 @@ import os
 
 import pytest
 
+import six
+
 from cryptography import x509
 from cryptography.hazmat.backends.interfaces import RSABackend, X509Backend
 
@@ -135,22 +137,29 @@ class TestKeyUsage(object):
 
 class TestSubjectKeyIdentifier(object):
     def test_properties(self):
-        hexdigest = "092384932230498bc980aa8098456f6ff7ff3ac9"
-        value = binascii.unhexlify(hexdigest.encode('ascii'))
+        value = binascii.unhexlify(b"092384932230498bc980aa8098456f6ff7ff3ac9")
         ski = x509.SubjectKeyIdentifier(value)
         assert ski.digest == value
-        assert ski.hexdigest == hexdigest
 
     def test_repr(self):
         ski = x509.SubjectKeyIdentifier(
             binascii.unhexlify(b"092384932230498bc980aa8098456f6ff7ff3ac9")
         )
         ext = x509.Extension(x509.OID_SUBJECT_KEY_IDENTIFIER, False, ski)
-        assert repr(ext) == (
-            "<Extension(oid=<ObjectIdentifier(oid=2.5.29.14, name=subjectKey"
-            "Identifier)>, critical=False, value=<SubjectKeyIdentifier("
-            "value=092384932230498bc980aa8098456f6ff7ff3ac9)>)>"
-        )
+        if six.PY3:
+            assert repr(ext) == (
+                "<Extension(oid=<ObjectIdentifier(oid=2.5.29.14, name=subjectK"
+                "eyIdentifier)>, critical=False, value=<SubjectKeyIdentifier(d"
+                "igest=b\'\\t#\\x84\\x93\"0I\\x8b\\xc9\\x80\\xaa\\x80\\x98Eoo"
+                "\\xf7\\xff:\\xc9\')>)>"
+            )
+        else:
+            assert repr(ext) == (
+                "<Extension(oid=<ObjectIdentifier(oid=2.5.29.14, name=subjectK"
+                "eyIdentifier)>, critical=False, value=<SubjectKeyIdentifier(d"
+                "igest=\'\\t#\\x84\\x93\"0I\\x8b\\xc9\\x80\\xaa\\x80\\x98Eoo"
+                "\\xf7\\xff:\\xc9\')>)>"
+            )
 
     def test_eq(self):
         ski = x509.SubjectKeyIdentifier(
@@ -402,7 +411,6 @@ class TestSubjectKeyIdentifierExtension(object):
         ski = ext.value
         assert ext is not None
         assert ext.critical is False
-        assert ski.hexdigest == "580184241bbc2b52944a3da510721451f5af3ac9"
         assert ski.digest == binascii.unhexlify(
             b"580184241bbc2b52944a3da510721451f5af3ac9"
         )
-- 
cgit v1.2.3