aboutsummaryrefslogtreecommitdiffstats
path: root/tests/test_x509.py
diff options
context:
space:
mode:
authorPaul Kehrer <paul.l.kehrer@gmail.com>2015-07-10 20:51:36 -0500
committerPaul Kehrer <paul.l.kehrer@gmail.com>2015-07-11 22:20:45 -0500
commit500ed9dac5934f19da1440f47df4640681c5404a (patch)
treedb211b25df4c76bccb5a9ccf974733494f2c6a36 /tests/test_x509.py
parent22f5fbb4def79519becd5b247e32a87c9bd8adeb (diff)
downloadcryptography-500ed9dac5934f19da1440f47df4640681c5404a.tar.gz
cryptography-500ed9dac5934f19da1440f47df4640681c5404a.tar.bz2
cryptography-500ed9dac5934f19da1440f47df4640681c5404a.zip
raise a nice error if bad ASN.1 is provided
Diffstat (limited to 'tests/test_x509.py')
-rw-r--r--tests/test_x509.py19
1 files changed, 19 insertions, 0 deletions
diff --git a/tests/test_x509.py b/tests/test_x509.py
index fc1e7931..cb617268 100644
--- a/tests/test_x509.py
+++ b/tests/test_x509.py
@@ -1036,6 +1036,25 @@ class TestCertificateSigningRequestBuilder(object):
),
]
+ def test_invalid_asn1_othername(self, backend):
+ private_key = RSA_KEY_2048.private_key(backend)
+
+ builder = x509.CertificateSigningRequestBuilder().subject_name(
+ x509.Name([
+ x509.NameAttribute(x509.OID_COMMON_NAME, u"SAN"),
+ ])
+ ).add_extension(
+ x509.SubjectAlternativeName([
+ x509.OtherName(
+ type_id=x509.ObjectIdentifier("1.2.3.3.3.3"),
+ value=b"\x01\x02\x01\x05"
+ ),
+ ]),
+ critical=False,
+ )
+ with pytest.raises(ValueError):
+ builder.sign(private_key, hashes.SHA256(), backend)
+
def test_subject_alt_name_unsupported_general_name(self, backend):
private_key = RSA_KEY_2048.private_key(backend)
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-15 10:51:43 +0000