diff options
author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2019-01-22 06:59:06 -0600 |
---|---|---|
committer | Alex Gaynor <alex.gaynor@gmail.com> | 2019-01-22 07:59:06 -0500 |
commit | 2e9c7df922edbc59981a2c0fdb6ea4f15fdd8afc (patch) | |
tree | b37d095c076db48ab3e7cf4e68a4f6894a30b6d6 /src/cryptography/x509/ocsp.py | |
parent | 767fa8511caade795457b23ea9d3d85af1ed12bb (diff) | |
download | cryptography-2e9c7df922edbc59981a2c0fdb6ea4f15fdd8afc.tar.gz cryptography-2e9c7df922edbc59981a2c0fdb6ea4f15fdd8afc.tar.bz2 cryptography-2e9c7df922edbc59981a2c0fdb6ea4f15fdd8afc.zip |
allow asn1 times of 1950-01-01 and later. (#4728)
* allow asn1 times of 1950-01-01 and later.
* add a test
* pretty up the test
Diffstat (limited to 'src/cryptography/x509/ocsp.py')
-rw-r--r-- | src/cryptography/x509/ocsp.py | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/src/cryptography/x509/ocsp.py b/src/cryptography/x509/ocsp.py index 97933b1f..aae9b626 100644 --- a/src/cryptography/x509/ocsp.py +++ b/src/cryptography/x509/ocsp.py @@ -13,7 +13,7 @@ import six from cryptography import x509 from cryptography.hazmat.primitives import hashes from cryptography.x509.base import ( - _UNIX_EPOCH, _convert_to_naive_utc_time, _reject_duplicate_extension + _EARLIEST_UTC_TIME, _convert_to_naive_utc_time, _reject_duplicate_extension ) @@ -154,9 +154,9 @@ class _SingleResponse(object): raise TypeError("revocation_time must be a datetime object") revocation_time = _convert_to_naive_utc_time(revocation_time) - if revocation_time <= _UNIX_EPOCH: - raise ValueError('The revocation_time must be after the unix' - ' epoch (1970 January 1).') + if revocation_time < _EARLIEST_UTC_TIME: + raise ValueError('The revocation_time must be on or after' + ' 1950 January 1.') if ( revocation_reason is not None and |