diff options
| author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2015-02-13 12:06:57 -0600 |
|---|---|---|
| committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2015-02-14 10:12:25 -0600 |
| commit | 8802a5bae7138d10c289361e5204fb1ea72fc099 (patch) | |
| tree | 75fa780a9209b960c4393a1b7b40c811fc3c9b53 /tests/test_x509.py | |
| parent | b01622d15441068324af7ac68e1a1e26a4757704 (diff) | |
| download | cryptography-8802a5bae7138d10c289361e5204fb1ea72fc099.tar.gz cryptography-8802a5bae7138d10c289361e5204fb1ea72fc099.tar.bz2 cryptography-8802a5bae7138d10c289361e5204fb1ea72fc099.zip | |
implement signature_hash_algorithm instead
Diffstat (limited to 'tests/test_x509.py')
| -rw-r--r-- | tests/test_x509.py | 18 |
1 files changed, 14 insertions, 4 deletions
diff --git a/tests/test_x509.py b/tests/test_x509.py index 613263d1..8f00eeed 100644 --- a/tests/test_x509.py +++ b/tests/test_x509.py @@ -13,6 +13,7 @@ import pytest import six from cryptography import x509 +from cryptography.exceptions import UnsupportedAlgorithm from cryptography.hazmat.backends.interfaces import ( DSABackend, EllipticCurveBackend, RSABackend, X509Backend ) @@ -45,7 +46,7 @@ class TestRSACertificate(object): assert cert.serial == 11559813051657483483 fingerprint = binascii.hexlify(cert.fingerprint(hashes.SHA1())) assert fingerprint == b"2b619ed04bfc9c3b08eb677d272192286a0947a8" - assert cert.signature_algorithm == x509.OID_SHA1_WITH_RSA + assert isinstance(cert.signature_hash_algorithm, hashes.SHA1) def test_load_der_cert(self, backend): cert = _load_cert( @@ -57,7 +58,7 @@ class TestRSACertificate(object): assert cert.serial == 2 fingerprint = binascii.hexlify(cert.fingerprint(hashes.SHA1())) assert fingerprint == b"6f49779533d565e8b7c1062503eab41492c38e4d" - assert cert.signature_algorithm == x509.OID_SHA256_WITH_RSA + assert isinstance(cert.signature_hash_algorithm, hashes.SHA256) def test_issuer(self, backend): cert = _load_cert( @@ -330,6 +331,15 @@ class TestRSACertificate(object): with pytest.raises(ValueError): x509.load_der_x509_certificate(b"notacert", backend) + def test_unsupported_signature_hash_algorithm_cert(self, backend): + cert = _load_cert( + os.path.join("x509", "verisign_md2_root.pem"), + x509.load_pem_x509_certificate, + backend + ) + with pytest.raises(UnsupportedAlgorithm): + cert.signature_hash_algorithm + @pytest.mark.requires_backend_interface(interface=DSABackend) @pytest.mark.requires_backend_interface(interface=X509Backend) @@ -340,7 +350,7 @@ class TestDSACertificate(object): x509.load_pem_x509_certificate, backend ) - assert cert.signature_algorithm == x509.OID_DSA_WITH_SHA1 + assert isinstance(cert.signature_hash_algorithm, hashes.SHA1) public_key = cert.public_key() assert isinstance(public_key, interfaces.DSAPublicKey) if isinstance(public_key, interfaces.DSAPublicKeyWithNumbers): @@ -393,7 +403,7 @@ class TestECDSACertificate(object): x509.load_pem_x509_certificate, backend ) - assert cert.signature_algorithm == x509.OID_ECDSA_WITH_SHA384 + assert isinstance(cert.signature_hash_algorithm, hashes.SHA384) public_key = cert.public_key() assert isinstance(public_key, interfaces.EllipticCurvePublicKey) if isinstance( |