2 files changed, 55 insertions, 5 deletions

diff --git a/tests/test_x509.py b/tests/test_x509.py
index 2539be47..94eeab2b 100644
--- a/tests/test_x509.py
+++ b/tests/test_x509.py
@@ -13,7 +13,7 @@ import pytest
 
 import six
 
-from cryptography import x509
+from cryptography import utils, x509
 from cryptography.exceptions import UnsupportedAlgorithm
 from cryptography.hazmat.backends.interfaces import (
     DSABackend, EllipticCurveBackend, RSABackend, X509Backend
@@ -27,6 +27,14 @@ from .hazmat.primitives.test_ec import _skip_curve_unsupported
 from .utils import load_vectors_from_file
 
 
+@utils.register_interface(x509.GeneralName)
+class FakeGeneralName(object):
+    def __init__(self, value):
+        self._value = value
+
+    value = utils.read_only_property("_value")
+
+
 def _load_cert(filename, loader, backend):
     cert = load_vectors_from_file(
         filename=filename,
@@ -1011,6 +1019,12 @@ class TestCertificateSigningRequestBuilder(object):
                 x509.RFC822Name(u"test@example.com"),
                 x509.RFC822Name(u"email"),
                 x509.RFC822Name(u"email@em\xe5\xefl.com"),
+                x509.UniformResourceIdentifier(
+                    u"https://\u043f\u044b\u043a\u0430.cryptography"
+                ),
+                x509.UniformResourceIdentifier(
+                    u"gopher://cryptography:70/some/path"
+                ),
             ]),
             critical=False,
         ).sign(private_key, hashes.SHA256(), backend)
@@ -1040,6 +1054,12 @@ class TestCertificateSigningRequestBuilder(object):
             x509.RFC822Name(u"test@example.com"),
             x509.RFC822Name(u"email"),
             x509.RFC822Name(u"email@em\xe5\xefl.com"),
+            x509.UniformResourceIdentifier(
+                u"https://\u043f\u044b\u043a\u0430.cryptography"
+            ),
+            x509.UniformResourceIdentifier(
+                u"gopher://cryptography:70/some/path"
+            ),
         ]
 
     def test_invalid_asn1_othername(self, backend):
@@ -1069,13 +1089,11 @@ class TestCertificateSigningRequestBuilder(object):
                 x509.NameAttribute(x509.OID_COMMON_NAME, u"SAN"),
             ])
         ).add_extension(
-            x509.SubjectAlternativeName([
-                x509.UniformResourceIdentifier(u"http://test.com"),
-            ]),
+            x509.SubjectAlternativeName([FakeGeneralName("")]),
             critical=False,
         )
 
-        with pytest.raises(NotImplementedError):
+        with pytest.raises(ValueError):
             builder.sign(private_key, hashes.SHA256(), backend)
 
 
diff --git a/tests/test_x509_ext.py b/tests/test_x509_ext.py
index 84a40995..7b135828 100644
--- a/tests/test_x509_ext.py
+++ b/tests/test_x509_ext.py
@@ -1105,6 +1105,38 @@ class TestRFC822Name(object):
         assert gn._encoded == b"email@xn--eml-vla4c.com"
 
 
+class TestUniformResourceIdentifier(object):
+    def test_no_parsed_hostname(self):
+        gn = x509.UniformResourceIdentifier(u"singlelabel")
+        assert gn.value == u"singlelabel"
+
+    def test_with_port(self):
+        gn = x509.UniformResourceIdentifier(u"singlelabel:443/test")
+        assert gn.value == u"singlelabel:443/test"
+
+    def test_idna_no_port(self):
+        gn = x509.UniformResourceIdentifier(
+            u"http://\u043f\u044b\u043a\u0430.cryptography"
+        )
+        assert gn.value == u"http://\u043f\u044b\u043a\u0430.cryptography"
+        assert gn._encoded == b"http://xn--80ato2c.cryptography"
+
+    def test_idna_with_port(self):
+        gn = x509.UniformResourceIdentifier(
+            u"gopher://\u043f\u044b\u043a\u0430.cryptography:70/some/path"
+        )
+        assert gn.value == (
+            u"gopher://\u043f\u044b\u043a\u0430.cryptography:70/some/path"
+        )
+        assert gn._encoded == b"gopher://xn--80ato2c.cryptography:70/some/path"
+
+    def test_query_and_fragment(self):
+        gn = x509.UniformResourceIdentifier(
+            u"ldap://cryptography:90/path?query=true#somedata"
+        )
+        assert gn.value == u"ldap://cryptography:90/path?query=true#somedata"
+
+
 class TestRegisteredID(object):
     def test_not_oid(self):
         with pytest.raises(TypeError):