From 40f8338e986610f57ef905e510e0bf8f796e43e8 Mon Sep 17 00:00:00 2001
From: Paul Kehrer <paul.l.kehrer@gmail.com>
Date: Mon, 20 Apr 2015 15:00:16 -0500
Subject: Support Subject Alternative Name in the OpenSSL backend

Adds only DNS support first
---
 tests/test_x509_ext.py | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

(limited to 'tests')

diff --git a/tests/test_x509_ext.py b/tests/test_x509_ext.py
index 8516a339..2fa659ef 100644
--- a/tests/test_x509_ext.py
+++ b/tests/test_x509_ext.py
@@ -730,3 +730,24 @@ class TestSubjectAlternativeName(object):
         assert repr(san) == (
             "<SubjectAlternativeName([<DNSName(value=cryptography.io)>])>"
         )
+
+
+@pytest.mark.requires_backend_interface(interface=RSABackend)
+@pytest.mark.requires_backend_interface(interface=X509Backend)
+class TestRSASubjectAlternativeNameExtension(object):
+    def test_dns_name(self, backend):
+        cert = _load_cert(
+            os.path.join("x509", "cryptography.io.pem"),
+            x509.load_pem_x509_certificate,
+            backend
+        )
+        ext = cert.extensions.get_extension_for_oid(
+            x509.OID_SUBJECT_ALTERNATIVE_NAME
+        )
+        assert ext is not None
+        assert ext.critical is False
+
+        san = ext.value
+
+        dns = san.get_values_for_type(x509.DNSName)
+        assert dns == [u"www.cryptography.io", u"cryptography.io"]
-- 
cgit v1.2.3