From 6c02ee85bcd68e1e4fc6770421699fbd07c9b3e9 Mon Sep 17 00:00:00 2001 From: Vincent Pelletier Date: Sat, 12 Aug 2017 22:05:00 +0900 Subject: Add is_signature_valid method on CertificateRevocationList (#3849) --- tests/test_x509.py | 41 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) (limited to 'tests') diff --git a/tests/test_x509.py b/tests/test_x509.py index 58d3e546..52854363 100644 --- a/tests/test_x509.py +++ b/tests/test_x509.py @@ -336,6 +336,47 @@ class TestCertificateRevocationList(object): with pytest.raises(TypeError): crl.public_bytes('NotAnEncoding') + def test_verify_bad(self, backend): + crl = _load_cert( + os.path.join("x509", "custom", "invalid_signature.pem"), + x509.load_pem_x509_crl, + backend + ) + crt = _load_cert( + os.path.join("x509", "custom", "invalid_signature.pem"), + x509.load_pem_x509_certificate, + backend + ) + + assert not crl.is_signature_valid(crt.public_key()) + + def test_verify_good(self, backend): + crl = _load_cert( + os.path.join("x509", "custom", "valid_signature.pem"), + x509.load_pem_x509_crl, + backend + ) + crt = _load_cert( + os.path.join("x509", "custom", "valid_signature.pem"), + x509.load_pem_x509_certificate, + backend + ) + + assert crl.is_signature_valid(crt.public_key()) + + def test_verify_argument_must_be_a_public_key(self, backend): + crl = _load_cert( + os.path.join("x509", "custom", "valid_signature.pem"), + x509.load_pem_x509_crl, + backend + ) + + with pytest.raises(TypeError): + crl.is_signature_valid("not a public key") + + with pytest.raises(TypeError): + crl.is_signature_valid(object) + @pytest.mark.requires_backend_interface(interface=X509Backend) class TestRevokedCertificate(object): -- cgit v1.2.3