diff options
| author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2019-09-09 20:15:44 +0800 |
|---|---|---|
| committer | Alex Gaynor <alex.gaynor@gmail.com> | 2019-09-09 07:15:44 -0500 |
| commit | 91f81c514d2d4426ba94cda4f6bcb5719843b760 (patch) | |
| tree | 8ba5936303453ff316a4075bf72059bb2f8b0fc9 /tests | |
| parent | 73114b39c1afe6061cc45acf02d185934ae08b04 (diff) | |
| download | cryptography-91f81c514d2d4426ba94cda4f6bcb5719843b760.tar.gz cryptography-91f81c514d2d4426ba94cda4f6bcb5719843b760.tar.bz2 cryptography-91f81c514d2d4426ba94cda4f6bcb5719843b760.zip | |
one more missing branch (#4992)
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/x509/test_ocsp.py | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/tests/x509/test_ocsp.py b/tests/x509/test_ocsp.py index 0b86943a..3e2923e1 100644 --- a/tests/x509/test_ocsp.py +++ b/tests/x509/test_ocsp.py @@ -762,6 +762,29 @@ class TestOCSPEdDSA(object): only_if=lambda backend: backend.ed25519_supported(), skip_message="Requires OpenSSL with Ed25519 support / OCSP" ) + def test_invalid_algorithm(self, backend): + builder = ocsp.OCSPResponseBuilder() + cert, issuer = _cert_and_issuer() + private_key = ed25519.Ed25519PrivateKey.generate() + root_cert, _ = _generate_root(private_key, None) + current_time = datetime.datetime.utcnow().replace(microsecond=0) + this_update = current_time - datetime.timedelta(days=1) + next_update = this_update + datetime.timedelta(days=7) + revoked_date = this_update - datetime.timedelta(days=300) + builder = builder.responder_id( + ocsp.OCSPResponderEncoding.NAME, root_cert + ).add_response( + cert, issuer, hashes.SHA1(), ocsp.OCSPCertStatus.REVOKED, + this_update, next_update, revoked_date, + x509.ReasonFlags.key_compromise + ) + with pytest.raises(ValueError): + builder.sign(private_key, hashes.SHA256()) + + @pytest.mark.supported( + only_if=lambda backend: backend.ed25519_supported(), + skip_message="Requires OpenSSL with Ed25519 support / OCSP" + ) def test_sign_ed25519(self, backend): builder = ocsp.OCSPResponseBuilder() cert, issuer = _cert_and_issuer() |