diff options
| author | Nick Bastin <nick.bastin@gmail.com> | 2015-12-12 18:32:59 -0800 |
|---|---|---|
| committer | Nick Bastin <nick.bastin@gmail.com> | 2015-12-20 08:15:56 -0800 |
| commit | d06763d9258115b2e1199296a18d7ec773d47ac3 (patch) | |
| tree | e8ccd2edc5a226919c10f2738ef8d53d44ab0624 | |
| parent | 4594773bdc8145aa599e18a2119948d061b50b13 (diff) | |
| download | cryptography-d06763d9258115b2e1199296a18d7ec773d47ac3.tar.gz cryptography-d06763d9258115b2e1199296a18d7ec773d47ac3.tar.bz2 cryptography-d06763d9258115b2e1199296a18d7ec773d47ac3.zip | |
Allow any OID for access_method, validate OIDs at creation time, fix tests.
| -rw-r--r-- | src/cryptography/x509/extensions.py | 7 | ||||
| -rw-r--r-- | tests/test_x509_ext.py | 3 |
2 files changed, 4 insertions, 6 deletions
diff --git a/src/cryptography/x509/extensions.py b/src/cryptography/x509/extensions.py index 46ba5a28..017e0989 100644 --- a/src/cryptography/x509/extensions.py +++ b/src/cryptography/x509/extensions.py @@ -238,11 +238,8 @@ class AuthorityInformationAccess(object): class AccessDescription(object): def __init__(self, access_method, access_location): - if not (access_method == AuthorityInformationAccessOID.OCSP or - access_method == AuthorityInformationAccessOID.CA_ISSUERS): - raise ValueError( - "access_method must be OID_OCSP or OID_CA_ISSUERS" - ) + if not isinstance(access_method, ObjectIdentifier): + raise TypeError("access_method must be an ObjectIdentifier") if not isinstance(access_location, GeneralName): raise TypeError("access_location must be a GeneralName") diff --git a/tests/test_x509_ext.py b/tests/test_x509_ext.py index 751de08d..511fad62 100644 --- a/tests/test_x509_ext.py +++ b/tests/test_x509_ext.py @@ -1861,7 +1861,8 @@ class TestExtendedKeyUsageExtension(object): class TestAccessDescription(object): def test_invalid_access_method(self): - with pytest.raises(ValueError): + # access_method can be *any* valid OID + with pytest.raises(TypeError): x509.AccessDescription("notanoid", x509.DNSName(u"test")) def test_invalid_access_location(self): |