diff options
| author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2019-09-07 11:22:51 +0800 |
|---|---|---|
| committer | Alex Gaynor <alex.gaynor@gmail.com> | 2019-09-06 22:22:51 -0500 |
| commit | b5b6bd13a22ee48eec55817867a2c8737addeee0 (patch) | |
| tree | b35fea98a38ef18daa097d88a496c2f2502eea0f /tests | |
| parent | ca723c42d0e48c4a17aaed2505c2a5be80e1165f (diff) | |
| download | cryptography-b5b6bd13a22ee48eec55817867a2c8737addeee0.tar.gz cryptography-b5b6bd13a22ee48eec55817867a2c8737addeee0.tar.bz2 cryptography-b5b6bd13a22ee48eec55817867a2c8737addeee0.zip | |
fix coverage by adding two artificial DSA public keys (#4984)
* fix coverage by adding two artificial DSA public keys
One key removes the optional parameters from the structure to cover a
branch conditional, and the other key has its BITSTRING padding value
set to a non-zero value.
* lexicographic? never heard of it
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/x509/test_x509_ext.py | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/tests/x509/test_x509_ext.py b/tests/x509/test_x509_ext.py index 11e35207..cf757abd 100644 --- a/tests/x509/test_x509_ext.py +++ b/tests/x509/test_x509_ext.py @@ -9,6 +9,8 @@ import datetime import ipaddress import os +import pretend + import pytest import six @@ -20,6 +22,7 @@ from cryptography.hazmat.backends.interfaces import ( from cryptography.hazmat.primitives import hashes from cryptography.hazmat.primitives.asymmetric import ec from cryptography.x509 import DNSName, NameConstraints, SubjectAlternativeName +from cryptography.x509.extensions import _key_identifier_from_public_key from cryptography.x509.general_name import _lazy_import_idna from cryptography.x509.oid import ( AuthorityInformationAccessOID, ExtendedKeyUsageOID, ExtensionOID, @@ -29,6 +32,7 @@ from cryptography.x509.oid import ( from .test_x509 import _load_cert from ..hazmat.primitives.fixtures_rsa import RSA_KEY_2048 from ..hazmat.primitives.test_ec import _skip_curve_unsupported +from ..utils import load_vectors_from_file def _make_certbuilder(private_key): @@ -1591,6 +1595,34 @@ class TestSubjectKeyIdentifierExtension(object): ) assert ext.value == ski + @pytest.mark.requires_backend_interface(interface=DSABackend) + @pytest.mark.requires_backend_interface(interface=X509Backend) + def test_invalid_bit_string_padding_from_public_key(self, backend): + data = load_vectors_from_file( + filename=os.path.join( + "asymmetric", "DER_Serialization", + "dsa_public_key_invalid_bit_string.der" + ), loader=lambda data: data.read(), mode="rb" + ) + pretend_key = pretend.stub(public_bytes=lambda x, y: data) + with pytest.raises(ValueError): + _key_identifier_from_public_key(pretend_key) + + @pytest.mark.requires_backend_interface(interface=DSABackend) + @pytest.mark.requires_backend_interface(interface=X509Backend) + def test_no_optional_params_allowed_from_public_key(self, backend): + data = load_vectors_from_file( + filename=os.path.join( + "asymmetric", "DER_Serialization", + "dsa_public_key_no_params.der" + ), loader=lambda data: data.read(), mode="rb" + ) + pretend_key = pretend.stub(public_bytes=lambda x, y: data) + key_identifier = _key_identifier_from_public_key(pretend_key) + assert key_identifier == binascii.unhexlify( + b"24c0133a6a492f2c48a18c7648e515db5ac76749" + ) + @pytest.mark.requires_backend_interface(interface=EllipticCurveBackend) @pytest.mark.requires_backend_interface(interface=X509Backend) def test_from_ec_public_key(self, backend): |