aboutsummaryrefslogtreecommitdiffstats
path: root/tests/x509
diff options
context:
space:
mode:
authorAlex Gaynor <alex.gaynor@gmail.com>2018-08-31 18:25:52 -0500
committerPaul Kehrer <paul.l.kehrer@gmail.com>2018-08-31 19:25:52 -0400
commitdd6b78be80e9b31e07a9ef695aaa902ef042dcfd (patch)
treecaba9f7db963f92cd2d05a91ae356cc596409243 /tests/x509
parent33dbd9365f4018c6e010d99f702dd9cad3e7c5c6 (diff)
downloadcryptography-dd6b78be80e9b31e07a9ef695aaa902ef042dcfd.tar.gz
cryptography-dd6b78be80e9b31e07a9ef695aaa902ef042dcfd.tar.bz2
cryptography-dd6b78be80e9b31e07a9ef695aaa902ef042dcfd.zip
Fixes #4333 -- added support for precert poison extension (#4442)
* Fixes #4333 -- added support for precert poison extension * Make work on all OpenSSL versions * fixed flake8 + docs * fix for older OpenSSLs * document this * spell
Diffstat (limited to 'tests/x509')
-rw-r--r--tests/x509/test_x509_ext.py29
1 files changed, 29 insertions, 0 deletions
diff --git a/tests/x509/test_x509_ext.py b/tests/x509/test_x509_ext.py
index c052f859..7e0ae220 100644
--- a/tests/x509/test_x509_ext.py
+++ b/tests/x509/test_x509_ext.py
@@ -4442,6 +4442,35 @@ class TestInhibitAnyPolicyExtension(object):
@pytest.mark.requires_backend_interface(interface=RSABackend)
@pytest.mark.requires_backend_interface(interface=X509Backend)
+class TestPrecertPoisonExtension(object):
+ def test_load(self, backend):
+ cert = _load_cert(
+ os.path.join("x509", "cryptography.io.precert.pem"),
+ x509.load_pem_x509_certificate,
+ backend
+ )
+ poison = cert.extensions.get_extension_for_oid(
+ ExtensionOID.PRECERT_POISON
+ ).value
+ assert isinstance(poison, x509.PrecertPoison)
+ poison = cert.extensions.get_extension_for_class(
+ x509.PrecertPoison
+ ).value
+ assert isinstance(poison, x509.PrecertPoison)
+
+ def test_generate(self, backend):
+ private_key = RSA_KEY_2048.private_key(backend)
+ cert = _make_certbuilder(private_key).add_extension(
+ x509.PrecertPoison(), critical=True
+ ).sign(private_key, hashes.SHA256(), backend)
+ poison = cert.extensions.get_extension_for_oid(
+ ExtensionOID.PRECERT_POISON
+ ).value
+ assert isinstance(poison, x509.PrecertPoison)
+
+
+@pytest.mark.requires_backend_interface(interface=RSABackend)
+@pytest.mark.requires_backend_interface(interface=X509Backend)
class TestPrecertificateSignedCertificateTimestampsExtension(object):
def test_init(self):
with pytest.raises(TypeError):