diff options
| author | Alex Gaynor <alex.gaynor@gmail.com> | 2015-07-03 04:29:03 -0400 |
|---|---|---|
| committer | Alex Gaynor <alex.gaynor@gmail.com> | 2015-07-03 04:29:03 -0400 |
| commit | 887a40805a29b93907b48c9d27c38b4460f2e244 (patch) | |
| tree | 5bdab7833682e2ac6fb0b6392a22fc986a6ffda7 | |
| parent | 23cafe861f4da2d7261a41bc57801b226e6b8c1b (diff) | |
| download | cryptography-887a40805a29b93907b48c9d27c38b4460f2e244.tar.gz cryptography-887a40805a29b93907b48c9d27c38b4460f2e244.tar.bz2 cryptography-887a40805a29b93907b48c9d27c38b4460f2e244.zip | |
Added a test with two extensions, and added key usage support to the frontend
| -rw-r--r-- | src/cryptography/x509.py | 2 | ||||
| -rw-r--r-- | tests/test_x509.py | 13 |
2 files changed, 15 insertions, 0 deletions
diff --git a/src/cryptography/x509.py b/src/cryptography/x509.py index 668bc2ef..afd28f20 100644 --- a/src/cryptography/x509.py +++ b/src/cryptography/x509.py @@ -1472,6 +1472,8 @@ class CertificateSigningRequestBuilder(object): extension = Extension( OID_SUBJECT_ALTERNATIVE_NAME, critical, extension ) + elif isinstance(extension, KeyUsage): + extension = Extension(OID_KEY_USAGE, critical, extension) else: raise NotImplementedError('Unsupported X.509 extension.') # TODO: This is quadratic in the number of extensions diff --git a/tests/test_x509.py b/tests/test_x509.py index df315cc3..ac910392 100644 --- a/tests/test_x509.py +++ b/tests/test_x509.py @@ -866,6 +866,19 @@ class TestCertificateSigningRequestBuilder(object): ).add_extension( x509.SubjectAlternativeName([x509.DNSName(u"cryptography.io")]), critical=False, + ).add_extension( + x509.KeyUsage( + digital_signature=True, + content_commitment=True, + key_encipherment=False, + data_encipherment=False, + key_agreement=False, + key_cert_sign=True, + crl_sign=False, + encipher_only=False, + decipher_only=False + ), + critical=False ) with pytest.raises(NotImplementedError): builder.sign(private_key, hashes.SHA256(), backend) |