commit 3c6bba5729fa81475dd9e756b800a5e6eda4653b
author Paul Kehrer <paul.l.kehrer@gmail.com> Fri Jun 26 18:43:26 2015 -0500
committer Paul Kehrer <paul.l.kehrer@gmail.com> Fri Jun 26 19:57:47 2015 -0500
tree 24fbc4bdf35262502d1b6dee9b7efe97c8940e64
parent be7294e17f485909b8b94e6deaef7e0a4179e597

handle wildcard DNSNames with IDNA.

fixes #2054

tests/test_x509_ext.py

diff --git a/tests/test_x509_ext.py b/tests/test_x509_ext.py
index cacc057..6d91ba4 100644
--- a/tests/test_x509_ext.py
+++ b/tests/test_x509_ext.py
@@ -1351,6 +1351,37 @@
         dns = san.get_values_for_type(x509.DNSName)
         assert dns == [u"www.cryptography.io", u"cryptography.io"]
 
+    def test_wildcard_dns_name(self, backend):
+        cert = _load_cert(
+            os.path.join("x509", "wildcard_san.pem"),
+            x509.load_pem_x509_certificate,
+            backend
+        )
+        ext = cert.extensions.get_extension_for_oid(
+            x509.OID_SUBJECT_ALTERNATIVE_NAME
+        )
+
+        dns = ext.value.get_values_for_type(x509.DNSName)
+        assert dns == [
+            u'*.langui.sh',
+            u'langui.sh',
+            u'*.saseliminator.com',
+            u'saseliminator.com'
+        ]
+
+    def test_san_wildcard_idna_dns_name(self, backend):
+        cert = _load_cert(
+            os.path.join("x509", "custom", "san_wildcard_idna.pem"),
+            x509.load_pem_x509_certificate,
+            backend
+        )
+        ext = cert.extensions.get_extension_for_oid(
+            x509.OID_SUBJECT_ALTERNATIVE_NAME
+        )
+
+        dns = ext.value.get_values_for_type(x509.DNSName)
+        assert dns == [u'*.\u043f\u044b\u043a\u0430.cryptography']
+
     def test_unsupported_other_name(self, backend):
         cert = _load_cert(
             os.path.join(