diff options
| author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2018-08-30 10:41:32 -0400 |
|---|---|---|
| committer | Alex Gaynor <alex.gaynor@gmail.com> | 2018-08-30 10:41:32 -0400 |
| commit | 002fa75d6c57420ed1805e088e1d6ecbce880938 (patch) | |
| tree | da85fb85fd2e9ba73b180611270948c47d5696c4 /tests/x509 | |
| parent | 2284eea98847bd42d3ddf7dead504baf3d544d98 (diff) | |
| download | cryptography-002fa75d6c57420ed1805e088e1d6ecbce880938.tar.gz cryptography-002fa75d6c57420ed1805e088e1d6ecbce880938.tar.bz2 cryptography-002fa75d6c57420ed1805e088e1d6ecbce880938.zip | |
make an ocsp request (#4402)
* make an ocsp request
* update test, add docs
* make it an OCSPRequestBuilder
* review feedback and more tests
* make it a class
* empty commit to retrigger
* type check
Diffstat (limited to 'tests/x509')
| -rw-r--r-- | tests/x509/test_ocsp.py | 64 |
1 files changed, 64 insertions, 0 deletions
diff --git a/tests/x509/test_ocsp.py b/tests/x509/test_ocsp.py index 22f34df2..709ef6f4 100644 --- a/tests/x509/test_ocsp.py +++ b/tests/x509/test_ocsp.py @@ -4,14 +4,17 @@ from __future__ import absolute_import, division, print_function +import base64 import os import pytest +from cryptography import x509 from cryptography.exceptions import UnsupportedAlgorithm from cryptography.hazmat.primitives import hashes, serialization from cryptography.x509 import ocsp +from .test_x509 import _load_cert from ..utils import load_vectors_from_file @@ -23,6 +26,21 @@ def _load_data(filename, loader): ) +def _cert_and_issuer(): + from cryptography.hazmat.backends.openssl.backend import backend + cert = _load_cert( + os.path.join("x509", "cryptography.io.pem"), + x509.load_pem_x509_certificate, + backend + ) + issuer = _load_cert( + os.path.join("x509", "rapidssl_sha256_ca_g3.pem"), + x509.load_pem_x509_certificate, + backend + ) + return cert, issuer + + class TestOCSPRequest(object): def test_bad_request(self): with pytest.raises(ValueError): @@ -113,3 +131,49 @@ class TestOCSPRequest(object): req.public_bytes("invalid") with pytest.raises(ValueError): req.public_bytes(serialization.Encoding.PEM) + + +class TestOCSPRequestBuilder(object): + def test_create_ocsp_request_no_req(self): + builder = ocsp.OCSPRequestBuilder() + with pytest.raises(ValueError): + builder.build() + + def test_create_ocsp_request_invalid_alg(self): + cert, issuer = _cert_and_issuer() + builder = ocsp.OCSPRequestBuilder() + with pytest.raises(ValueError): + builder.add_request(cert, issuer, hashes.MD5()) + + def test_create_ocsp_request_invalid_cert(self): + cert, issuer = _cert_and_issuer() + builder = ocsp.OCSPRequestBuilder() + with pytest.raises(TypeError): + builder.add_request(b"notacert", issuer, hashes.SHA1()) + + with pytest.raises(TypeError): + builder.add_request(cert, b"notacert", hashes.SHA1()) + + def test_create_ocsp_request(self): + cert, issuer = _cert_and_issuer() + builder = ocsp.OCSPRequestBuilder() + builder = builder.add_request(cert, issuer, hashes.SHA1()) + req = builder.build() + serialized = req.public_bytes(serialization.Encoding.DER) + assert serialized == base64.b64decode( + b"MEMwQTA/MD0wOzAJBgUrDgMCGgUABBRAC0Z68eay0wmDug1gfn5ZN0gkxAQUw5zz" + b"/NNGCDS7zkZ/oHxb8+IIy1kCAj8g" + ) + + def test_create_ocsp_request_two_reqs(self): + builder = ocsp.OCSPRequestBuilder() + cert, issuer = _cert_and_issuer() + builder = builder.add_request(cert, issuer, hashes.SHA1()) + builder = builder.add_request(cert, issuer, hashes.SHA1()) + req = builder.build() + serialized = req.public_bytes(serialization.Encoding.DER) + assert serialized == base64.b64decode( + b"MIGDMIGAMH4wPTA7MAkGBSsOAwIaBQAEFEALRnrx5rLTCYO6DWB+flk3SCTEBBTD" + b"nPP800YINLvORn+gfFvz4gjLWQICPyAwPTA7MAkGBSsOAwIaBQAEFEALRnrx5rLT" + b"CYO6DWB+flk3SCTEBBTDnPP800YINLvORn+gfFvz4gjLWQICPyA=" + ) |