From 73114b39c1afe6061cc45acf02d185934ae08b04 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Mon, 9 Sep 2019 13:23:35 +0800 Subject: fix coverage, small cleanups in tests (#4990) --- tests/hazmat/backends/test_openssl.py | 10 +++++++ tests/x509/test_ocsp.py | 4 +-- tests/x509/test_x509.py | 56 +++++++++++++++++------------------ 3 files changed, 40 insertions(+), 30 deletions(-) (limited to 'tests') diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py index 8e765dd4..44fd3db4 100644 --- a/tests/hazmat/backends/test_openssl.py +++ b/tests/hazmat/backends/test_openssl.py @@ -453,6 +453,16 @@ class TestOpenSSLSignX509Certificate(object): ) +class TestOpenSSLSignX509CSR(object): + def test_requires_csr_builder(self): + private_key = RSA_KEY_2048.private_key(backend) + + with pytest.raises(TypeError): + backend.create_x509_csr( + object(), private_key, DummyHashAlgorithm() + ) + + class TestOpenSSLSignX509CertificateRevocationList(object): def test_invalid_builder(self): private_key = RSA_KEY_2048.private_key(backend) diff --git a/tests/x509/test_ocsp.py b/tests/x509/test_ocsp.py index ab3752a2..0b86943a 100644 --- a/tests/x509/test_ocsp.py +++ b/tests/x509/test_ocsp.py @@ -766,7 +766,7 @@ class TestOCSPEdDSA(object): builder = ocsp.OCSPResponseBuilder() cert, issuer = _cert_and_issuer() private_key = ed25519.Ed25519PrivateKey.generate() - root_cert, private_key = _generate_root(private_key, None) + root_cert, _ = _generate_root(private_key, None) current_time = datetime.datetime.utcnow().replace(microsecond=0) this_update = current_time - datetime.timedelta(days=1) next_update = this_update + datetime.timedelta(days=7) @@ -799,7 +799,7 @@ class TestOCSPEdDSA(object): builder = ocsp.OCSPResponseBuilder() cert, issuer = _cert_and_issuer() private_key = ed448.Ed448PrivateKey.generate() - root_cert = _generate_root(private_key, None)[0] + root_cert, _ = _generate_root(private_key, None) current_time = datetime.datetime.utcnow().replace(microsecond=0) this_update = current_time - datetime.timedelta(days=1) next_update = this_update + datetime.timedelta(days=7) diff --git a/tests/x509/test_x509.py b/tests/x509/test_x509.py index 8a8507bd..07a6019b 100644 --- a/tests/x509/test_x509.py +++ b/tests/x509/test_x509.py @@ -2234,20 +2234,6 @@ class TestCertificateBuilder(object): with pytest.raises(ValueError): builder.sign(private_key, hashes.SHA256(), backend) - @pytest.mark.supported( - only_if=lambda backend: backend.ed25519_supported(), - skip_message="Requires OpenSSL with Ed25519 support" - ) - @pytest.mark.requires_backend_interface(interface=X509Backend) - def test_request_with_unsupported_hash_ed25519(self, backend): - private_key = ed25519.Ed25519PrivateKey.generate() - builder = x509.CertificateSigningRequestBuilder().subject_name( - x509.Name([x509.NameAttribute(NameOID.COUNTRY_NAME, u'US')]) - ) - - with pytest.raises(ValueError): - builder.sign(private_key, hashes.SHA256(), backend) - @pytest.mark.supported( only_if=lambda backend: backend.ed448_supported(), skip_message="Requires OpenSSL with Ed448 support" @@ -2272,20 +2258,6 @@ class TestCertificateBuilder(object): with pytest.raises(ValueError): builder.sign(private_key, hashes.SHA256(), backend) - @pytest.mark.supported( - only_if=lambda backend: backend.ed448_supported(), - skip_message="Requires OpenSSL with Ed448 support" - ) - @pytest.mark.requires_backend_interface(interface=X509Backend) - def test_request_with_unsupported_hash_ed448(self, backend): - private_key = ed448.Ed448PrivateKey.generate() - builder = x509.CertificateSigningRequestBuilder().subject_name( - x509.Name([x509.NameAttribute(NameOID.COUNTRY_NAME, u'US')]) - ) - - with pytest.raises(ValueError): - builder.sign(private_key, hashes.SHA256(), backend) - @pytest.mark.requires_backend_interface(interface=RSABackend) @pytest.mark.requires_backend_interface(interface=X509Backend) @pytest.mark.supported( @@ -3097,6 +3069,34 @@ class TestCertificateSigningRequestBuilder(object): with pytest.raises(TypeError): builder.sign(private_key, 'NotAHash', backend) + @pytest.mark.supported( + only_if=lambda backend: backend.ed25519_supported(), + skip_message="Requires OpenSSL with Ed25519 support" + ) + @pytest.mark.requires_backend_interface(interface=X509Backend) + def test_request_with_unsupported_hash_ed25519(self, backend): + private_key = ed25519.Ed25519PrivateKey.generate() + builder = x509.CertificateSigningRequestBuilder().subject_name( + x509.Name([x509.NameAttribute(NameOID.COUNTRY_NAME, u'US')]) + ) + + with pytest.raises(ValueError): + builder.sign(private_key, hashes.SHA256(), backend) + + @pytest.mark.supported( + only_if=lambda backend: backend.ed448_supported(), + skip_message="Requires OpenSSL with Ed448 support" + ) + @pytest.mark.requires_backend_interface(interface=X509Backend) + def test_request_with_unsupported_hash_ed448(self, backend): + private_key = ed448.Ed448PrivateKey.generate() + builder = x509.CertificateSigningRequestBuilder().subject_name( + x509.Name([x509.NameAttribute(NameOID.COUNTRY_NAME, u'US')]) + ) + + with pytest.raises(ValueError): + builder.sign(private_key, hashes.SHA256(), backend) + @pytest.mark.requires_backend_interface(interface=RSABackend) @pytest.mark.supported( only_if=lambda backend: backend.hash_supported(hashes.MD5()), -- cgit v1.2.3