diff options
author | Alex Gaynor <alex.gaynor@gmail.com> | 2015-06-27 00:03:00 -0400 |
---|---|---|
committer | Alex Gaynor <alex.gaynor@gmail.com> | 2015-06-27 00:03:00 -0400 |
commit | 7d85341b2143015756d44c278453c285e1518fbf (patch) | |
tree | 19618f1923839fe463425b8657cb2327065c4696 /tests | |
parent | b7c7b39bd15f552ebb6ea8ae74f4af2b8985b198 (diff) | |
parent | 666252ce9eb00b926437b49f17553097a8f813e9 (diff) | |
download | cryptography-7d85341b2143015756d44c278453c285e1518fbf.tar.gz cryptography-7d85341b2143015756d44c278453c285e1518fbf.tar.bz2 cryptography-7d85341b2143015756d44c278453c285e1518fbf.zip |
Merge pull request #2071 from reaperhulk/wildcard-oh-no
handle wildcard DNSNames with IDNA.
Diffstat (limited to 'tests')
-rw-r--r-- | tests/test_x509_ext.py | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/tests/test_x509_ext.py b/tests/test_x509_ext.py index cacc0573..6d91ba41 100644 --- a/tests/test_x509_ext.py +++ b/tests/test_x509_ext.py @@ -1351,6 +1351,37 @@ class TestRSASubjectAlternativeNameExtension(object): dns = san.get_values_for_type(x509.DNSName) assert dns == [u"www.cryptography.io", u"cryptography.io"] + def test_wildcard_dns_name(self, backend): + cert = _load_cert( + os.path.join("x509", "wildcard_san.pem"), + x509.load_pem_x509_certificate, + backend + ) + ext = cert.extensions.get_extension_for_oid( + x509.OID_SUBJECT_ALTERNATIVE_NAME + ) + + dns = ext.value.get_values_for_type(x509.DNSName) + assert dns == [ + u'*.langui.sh', + u'langui.sh', + u'*.saseliminator.com', + u'saseliminator.com' + ] + + def test_san_wildcard_idna_dns_name(self, backend): + cert = _load_cert( + os.path.join("x509", "custom", "san_wildcard_idna.pem"), + x509.load_pem_x509_certificate, + backend + ) + ext = cert.extensions.get_extension_for_oid( + x509.OID_SUBJECT_ALTERNATIVE_NAME + ) + + dns = ext.value.get_values_for_type(x509.DNSName) + assert dns == [u'*.\u043f\u044b\u043a\u0430.cryptography'] + def test_unsupported_other_name(self, backend): cert = _load_cert( os.path.join( |