1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
|
# This file is dual licensed under the terms of the Apache License, Version
# 2.0, and the BSD License. See the LICENSE file in the root of this repository
# for complete details.
from __future__ import absolute_import, division, print_function
import os
import pytest
from cryptography.exceptions import UnsupportedAlgorithm
from cryptography.hazmat.primitives import hashes, serialization
from cryptography.x509 import ocsp
from ..utils import load_vectors_from_file
def _load_data(filename, loader):
return load_vectors_from_file(
filename=filename,
loader=lambda data: loader(data.read()),
mode="rb"
)
class TestOCSPRequest(object):
def test_bad_request(self):
with pytest.raises(ValueError):
ocsp.load_der_ocsp_request(b"invalid")
def test_load_request_one_item(self):
req = _load_data(
os.path.join("x509", "ocsp", "req-sha1.der"),
ocsp.load_der_ocsp_request,
)
assert len(req) == 1
assert req[0].issuer_name_hash == (b"8\xcaF\x8c\x07D\x8d\xf4\x81\x96"
b"\xc7mmLpQ\x9e`\xa7\xbd")
assert req[0].issuer_key_hash == (b"yu\xbb\x84:\xcb,\xdez\t\xbe1"
b"\x1bC\xbc\x1c*MSX")
assert isinstance(req[0].hash_algorithm, hashes.SHA1)
assert req[0].serial_number == int(
"98D9E5C0B4C373552DF77C5D0F1EB5128E4945F9", 16
)
def test_load_request_multiple_items(self):
req = _load_data(
os.path.join("x509", "ocsp", "req-multi-sha1.der"),
ocsp.load_der_ocsp_request,
)
assert len(req) == 2
assert req[0].issuer_name_hash == (b"8\xcaF\x8c\x07D\x8d\xf4\x81\x96"
b"\xc7mmLpQ\x9e`\xa7\xbd")
assert req[0].issuer_key_hash == (b"yu\xbb\x84:\xcb,\xdez\t\xbe1"
b"\x1bC\xbc\x1c*MSX")
assert isinstance(req[0].hash_algorithm, hashes.SHA1)
assert req[0].serial_number == int(
"98D9E5C0B4C373552DF77C5D0F1EB5128E4945F9", 16
)
assert req[1].issuer_name_hash == (b"8\xcaF\x8c\x07D\x8d\xf4\x81\x96"
b"\xc7mmLpQ\x9e`\xa7\xbd")
assert req[1].issuer_key_hash == (b"yu\xbb\x84:\xcb,\xdez\t\xbe1"
b"\x1bC\xbc\x1c*MSX")
assert isinstance(req[1].hash_algorithm, hashes.SHA1)
assert req[1].serial_number == int(
"98D9E5C0B4C373552DF77C5D0F1EB5128E4945F0", 16
)
def test_iter(self):
req = _load_data(
os.path.join("x509", "ocsp", "req-multi-sha1.der"),
ocsp.load_der_ocsp_request,
)
for request in req:
assert isinstance(request, ocsp.Request)
def test_indexing_ocsp_request(self):
req = _load_data(
os.path.join("x509", "ocsp", "req-multi-sha1.der"),
ocsp.load_der_ocsp_request,
)
assert req[1].serial_number == req[-1].serial_number
assert len(req[0:2]) == 2
assert req[1:2][0].serial_number == int(
"98D9E5C0B4C373552DF77C5D0F1EB5128E4945F0", 16
)
with pytest.raises(IndexError):
req[10]
def test_invalid_hash_algorithm(self):
req = _load_data(
os.path.join("x509", "ocsp", "req-invalid-hash-alg.der"),
ocsp.load_der_ocsp_request,
)
with pytest.raises(UnsupportedAlgorithm):
req[0].hash_algorithm
def test_serialize_request(self):
req_bytes = load_vectors_from_file(
filename=os.path.join("x509", "ocsp", "req-sha1.der"),
loader=lambda data: data.read(),
mode="rb"
)
req = ocsp.load_der_ocsp_request(req_bytes)
assert req.public_bytes(serialization.Encoding.DER) == req_bytes
def test_invalid_serialize_encoding(self):
req = _load_data(
os.path.join("x509", "ocsp", "req-sha1.der"),
ocsp.load_der_ocsp_request,
)
with pytest.raises(ValueError):
req.public_bytes("invalid")
with pytest.raises(ValueError):
req.public_bytes(serialization.Encoding.PEM)
|
