removing caching mechanism for x509 properties

undo name change of CRLExtensionOID use custom parsing mechanism for certIssuer entry extension add new crl to vectors for testing invalid certIssuer entry ext
author: Erik Trauschke <erik.trauschke@gmail.com> 2015-10-15 14:45:38 -0700
committer: Erik Trauschke <erik.trauschke@gmail.com> 2015-10-15 14:45:38 -0700
commit: d4e7d43416077f18a37008298abdc566bd3f069d (patch)
tree: 8052c19063d69fe93ac301e1c3d03fda99e06086 /tests/test_x509.py
parent: 164bae538cfe5fcb320ebe5ee7e080598ad7ec5f (diff)
download: cryptography-d4e7d43416077f18a37008298abdc566bd3f069d.tar.gz
cryptography-d4e7d43416077f18a37008298abdc566bd3f069d.tar.bz2
cryptography-d4e7d43416077f18a37008298abdc566bd3f069d.zip
1 files changed, 18 insertions, 19 deletions
diff --git a/tests/test_x509.py b/tests/test_x509.py
index 347ed1a6..ded2f0ee 100644
--- a/tests/test_x509.py
+++ b/tests/test_x509.py
@@ -204,6 +204,13 @@ class TestRevokedCertificate(object):
             backend
         )
 
+        exp_issuer = x509.GeneralNames([
+            x509.DirectoryName(x509.Name([
+                x509.NameAttribute(x509.OID_COUNTRY_NAME, u"US"),
+                x509.NameAttribute(x509.OID_COMMON_NAME, u"cryptography.io"),
+            ]))
+        ])
+
         # First revoked cert doesn't have extensions, test if it is handled
         # correctly.
         rev0 = crl[0]
@@ -225,6 +232,10 @@ class TestRevokedCertificate(object):
             x509.OID_CRL_REASON).value
         assert reason == x509.ReasonFlags.unspecified
 
+        issuer = rev1.extensions.get_extension_for_oid(
+            x509.OID_CERTIFICATE_ISSUER).value
+        assert issuer == exp_issuer
+
         date = rev1.extensions.get_extension_for_oid(
             x509.OID_INVALIDITY_DATE).value
         assert isinstance(date, datetime.datetime)
@@ -232,6 +243,7 @@ class TestRevokedCertificate(object):
 
         # Test convenience function.
         assert rev1.get_invalidity_date().isoformat() == "2015-01-01T00:00:00"
+        assert rev1.get_certificate_issuer() == exp_issuer
 
         # Check if all reason flags can be found in the CRL.
         flags = set(x509.ReasonFlags)
@@ -273,30 +285,17 @@ class TestRevokedCertificate(object):
         with pytest.raises(ValueError):
             crl[0].extensions
 
-    def test_cert_issuer_ext(self, backend):
-        if backend._lib.OPENSSL_VERSION_NUMBER < 0x10000000:
-            pytest.skip("Requires a newer OpenSSL. Must be at least 1.0.0")
-
+    def test_invalid_cert_issuer_ext(self, backend):
         crl = _load_cert(
-            os.path.join("x509", "custom", "crl_all_reasons.pem"),
+            os.path.join(
+                "x509", "custom", "crl_inval_cert_issuer_entry_ext.pem"
+            ),
             x509.load_pem_x509_crl,
             backend
         )
 
-        exp_issuer = x509.GeneralNames([
-            x509.DirectoryName(x509.Name([
-                x509.NameAttribute(x509.OID_COUNTRY_NAME, u"US"),
-                x509.NameAttribute(x509.OID_COMMON_NAME, u"cryptography.io"),
-            ]))
-        ])
-
-        rev = crl[1]
-        issuer = rev.extensions.get_extension_for_oid(
-            x509.OID_CERTIFICATE_ISSUER).value
-        assert issuer == exp_issuer
-
-        # Test convenience function.
-        assert rev.get_certificate_issuer() == exp_issuer
+        with pytest.raises(ValueError):
+            crl[0].extensions
 
 
 @pytest.mark.requires_backend_interface(interface=RSABackend)
author	Erik Trauschke <erik.trauschke@gmail.com>	2015-10-15 14:45:38 -0700
committer	Erik Trauschke <erik.trauschke@gmail.com>	2015-10-15 14:45:38 -0700
commit	d4e7d43416077f18a37008298abdc566bd3f069d (patch)
tree	8052c19063d69fe93ac301e1c3d03fda99e06086 /tests/test_x509.py
parent	164bae538cfe5fcb320ebe5ee7e080598ad7ec5f (diff)
download	cryptography-d4e7d43416077f18a37008298abdc566bd3f069d.tar.gz cryptography-d4e7d43416077f18a37008298abdc566bd3f069d.tar.bz2 cryptography-d4e7d43416077f18a37008298abdc566bd3f069d.zip