diff options
| author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2018-10-07 10:10:09 +0800 |
|---|---|---|
| committer | Alex Gaynor <alex.gaynor@gmail.com> | 2018-10-06 22:10:09 -0400 |
| commit | 0c07580a216d4b75bfdca22254803cf48c602079 (patch) | |
| tree | e308db30d277fab192a5b647037b12cb901c2129 /tests/x509 | |
| parent | ff7e3971d8d1106a4377f6c8d436c4005c883066 (diff) | |
| download | cryptography-0c07580a216d4b75bfdca22254803cf48c602079.tar.gz cryptography-0c07580a216d4b75bfdca22254803cf48c602079.tar.bz2 cryptography-0c07580a216d4b75bfdca22254803cf48c602079.zip | |
support extensions in the OCSP request builder (#4481)
* support extensions in the OCSP request builder
* cover a missed branch
* refactor to use new func
* review feedback
Diffstat (limited to 'tests/x509')
| -rw-r--r-- | tests/x509/test_ocsp.py | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/tests/x509/test_ocsp.py b/tests/x509/test_ocsp.py index 0d98ac29..d680e07f 100644 --- a/tests/x509/test_ocsp.py +++ b/tests/x509/test_ocsp.py @@ -129,6 +129,17 @@ class TestOCSPRequestBuilder(object): with pytest.raises(ValueError): builder.add_certificate(cert, issuer, hashes.MD5()) + def test_add_extension_twice(self): + builder = ocsp.OCSPRequestBuilder() + builder = builder.add_extension(x509.OCSPNonce(b"123"), False) + with pytest.raises(ValueError): + builder.add_extension(x509.OCSPNonce(b"123"), False) + + def test_add_invalid_extension(self): + builder = ocsp.OCSPRequestBuilder() + with pytest.raises(TypeError): + builder.add_extension("notanext", False) + def test_create_ocsp_request_invalid_cert(self): cert, issuer = _cert_and_issuer() builder = ocsp.OCSPRequestBuilder() @@ -149,6 +160,27 @@ class TestOCSPRequestBuilder(object): b"/NNGCDS7zkZ/oHxb8+IIy1kCAj8g" ) + @pytest.mark.parametrize( + ("ext", "critical"), + [ + [x509.OCSPNonce(b"0000"), False], + [x509.OCSPNonce(b"\x00\x01\x02"), True], + ] + ) + def test_create_ocsp_request_with_extension(self, ext, critical): + cert, issuer = _cert_and_issuer() + builder = ocsp.OCSPRequestBuilder() + builder = builder.add_certificate( + cert, issuer, hashes.SHA1() + ).add_extension( + ext, critical + ) + req = builder.build() + assert len(req.extensions) == 1 + assert req.extensions[0].value == ext + assert req.extensions[0].oid == ext.oid + assert req.extensions[0].critical is critical + class TestOCSPResponse(object): def test_bad_response(self): |